use of org.codelibs.fess.app.web.base.login.OpenIdConnectCredential in project fess by codelibs.
the class OpenIdConnectAuthenticator method processCallback.
protected LoginCredential processCallback(final HttpServletRequest request, final String code) {
try {
final TokenResponse tr = getTokenUrl(code);
final String[] jwt = ((String) tr.get("id_token")).split("\\.");
final String jwtHeader = new String(Base64.decodeBase64(jwt[0]), Constants.UTF_8_CHARSET);
final String jwtClaim = new String(Base64.decodeBase64(jwt[1]), Constants.UTF_8_CHARSET);
final String jwtSigniture = new String(Base64.decodeBase64(jwt[2]), Constants.UTF_8_CHARSET);
if (logger.isDebugEnabled()) {
logger.debug("jwtHeader: " + jwtHeader);
logger.debug("jwtClaim: " + jwtClaim);
logger.debug("jwtSigniture: " + jwtSigniture);
}
// TODO validate signiture
final Map<String, Object> attributes = new HashMap<>();
attributes.put("accesstoken", tr.getAccessToken());
attributes.put("refreshtoken", tr.getRefreshToken() == null ? "null" : tr.getRefreshToken());
attributes.put("tokentype", tr.getTokenType());
attributes.put("expire", tr.getExpiresInSeconds());
attributes.put("jwtheader", jwtHeader);
attributes.put("jwtclaim", jwtClaim);
attributes.put("jwtsign", jwtSigniture);
parseJwtClaim(jwtClaim, attributes);
return new OpenIdConnectCredential(attributes);
} catch (final IOException e) {
if (logger.isDebugEnabled()) {
logger.debug("Failed to process callbacked request.", e);
}
}
return null;
}
Aggregations