Example 1 with CommunicationException
use of org.gluu.oxauth.client.exception.CommunicationException in project oxTrust by GluuFederation.
the class OpenIdClient method retrieveUserProfileFromUserInfoResponse.
protected CommonProfile retrieveUserProfileFromUserInfoResponse(final WebContext context, final UserInfoResponse userInfoResponse) {
final CommonProfile profile = new CommonProfile();
String nonceResponse = getFirstClaim(userInfoResponse, JwtClaimName.NONCE);
final String nonceSession = (String) context.getSessionAttribute(getName() + NONCE_PARAMETER);
logger.debug("Session nonce: '{}'", nonceSession);
if (!StringHelper.equals(nonceSession, nonceResponse)) {
logger.error("User info response: nonce is not matching.");
throw new CommunicationException("Nonce is not match");
}
String id = getFirstClaim(userInfoResponse, JwtClaimName.USER_NAME);
if (StringHelper.isEmpty(id)) {
id = getFirstClaim(userInfoResponse, JwtClaimName.SUBJECT_IDENTIFIER);
}
profile.setId(id);
List<ClaimToAttributeMapping> claimMappings = this.appConfiguration.getOpenIdClaimMapping();
if ((claimMappings == null) || (claimMappings.size() == 0)) {
logger.info("Using default claims to attributes mapping");
profile.setUserName(id);
profile.setEmail(getFirstClaim(userInfoResponse, JwtClaimName.EMAIL));
profile.setDisplayName(getFirstClaim(userInfoResponse, JwtClaimName.NAME));
profile.setFirstName(getFirstClaim(userInfoResponse, JwtClaimName.GIVEN_NAME));
profile.setFamilyName(getFirstClaim(userInfoResponse, JwtClaimName.FAMILY_NAME));
profile.setZone(getFirstClaim(userInfoResponse, JwtClaimName.ZONEINFO));
profile.setLocale(getFirstClaim(userInfoResponse, JwtClaimName.LOCALE));
} else {
for (ClaimToAttributeMapping mapping : claimMappings) {
String attribute = mapping.getAttribute();
String value = getFirstClaim(userInfoResponse, mapping.getClaim());
profile.addAttribute(attribute, value);
logger.trace("Adding attribute '{}' with value '{}'", attribute, value);
}
}
return profile;
}
Also used :
CommunicationException(org.gluu.oxauth.client.exception.CommunicationException)
CommonProfile(org.gluu.oxauth.client.auth.user.CommonProfile)
ClaimToAttributeMapping(org.gluu.oxauth.client.conf.ClaimToAttributeMapping)
Example 2 with CommunicationException
use of org.gluu.oxauth.client.exception.CommunicationException in project oxTrust by GluuFederation.
the class OpenIdClient method retrieveUserProfileFromUserInfoResponse.
protected CommonProfile retrieveUserProfileFromUserInfoResponse(final WebContext context, final Jwt jwt, final UserInfoResponse userInfoResponse) {
final CommonProfile profile = new CommonProfile();
String nonceResponse = (String) jwt.getClaims().getClaim(JwtClaimName.NONCE);
final String nonceSession = (String) context.getSessionAttribute(getName() + SESSION_NONCE_PARAMETER);
logger.debug("Session nonce: '{}'", nonceSession);
if (!StringHelper.equals(nonceSession, nonceResponse)) {
logger.error("User info response: nonce is not matching.");
throw new CommunicationException("Nonce is not match" + nonceResponse + " : " + nonceSession);
}
String id = getFirstClaim(userInfoResponse, JwtClaimName.USER_NAME);
if (StringHelper.isEmpty(id)) {
id = getFirstClaim(userInfoResponse, JwtClaimName.SUBJECT_IDENTIFIER);
}
profile.setId(id);
String acrResponse = (String) jwt.getClaims().getClaim(JwtClaimName.AUTHENTICATION_CONTEXT_CLASS_REFERENCE);
logger.debug("Authentication ACR: '{}'", acrResponse);
profile.setUsedAcr(acrResponse);
List<ClaimToAttributeMapping> claimMappings = this.appConfiguration.getOpenIdClaimMapping();
if ((claimMappings == null) || (claimMappings.size() == 0)) {
logger.info("Using default claims to attributes mapping");
profile.setUserName(id);
profile.setEmail(getFirstClaim(userInfoResponse, JwtClaimName.EMAIL));
profile.setDisplayName(getFirstClaim(userInfoResponse, JwtClaimName.NAME));
profile.setFirstName(getFirstClaim(userInfoResponse, JwtClaimName.GIVEN_NAME));
profile.setFamilyName(getFirstClaim(userInfoResponse, JwtClaimName.FAMILY_NAME));
profile.setZone(getFirstClaim(userInfoResponse, JwtClaimName.ZONEINFO));
profile.setLocale(getFirstClaim(userInfoResponse, JwtClaimName.LOCALE));
} else {
for (ClaimToAttributeMapping mapping : claimMappings) {
String attribute = mapping.getAttribute();
String value = getFirstClaim(userInfoResponse, mapping.getClaim());
profile.addAttribute(attribute, value);
logger.trace("Adding attribute '{}' with value '{}'", attribute, value);
}
}
return profile;
}
Also used :
CommunicationException(org.gluu.oxauth.client.exception.CommunicationException)
CommonProfile(org.gluu.oxauth.client.auth.user.CommonProfile)
ClaimToAttributeMapping(org.gluu.conf.model.ClaimToAttributeMapping)
Example 3 with CommunicationException
use of org.gluu.oxauth.client.exception.CommunicationException in project oxTrust by GluuFederation.
the class OpenIdClient method getUserProfile.
@Override
public UserProfile getUserProfile(final OpenIdCredentials credential, final WebContext context) {
init();
try {
// Request access token using the authorization code
logger.debug("Getting access token");
final TokenClient tokenClient = new TokenClient(this.openIdConfiguration.getTokenEndpoint());
final TokenResponse tokenResponse = tokenClient.execAuthorizationCode(credential.getAuthorizationCode(), this.appConfiguration.getOpenIdRedirectUrl(), this.clientId, this.clientSecret);
logger.trace("tokenResponse.getStatus(): '{}'", tokenResponse.getStatus());
logger.trace("tokenResponse.getErrorType(): '{}'", tokenResponse.getErrorType());
final String accessToken = tokenResponse.getAccessToken();
logger.trace("accessToken : " + accessToken);
final String idToken = tokenResponse.getIdToken();
logger.trace("idToken : " + idToken);
// Store id_token in session
context.setSessionAttribute(getName() + SESSION_ID_TOKEN_PARAMETER, idToken);
// Parse JWT
Jwt jwt;
try {
jwt = Jwt.parse(idToken);
} catch (InvalidJwtException ex) {
logger.error("Failed to parse id_token: {}", idToken);
throw new CommunicationException("Failed to parse id_token");
}
final UserInfoResponse userInfoResponse = getUserInfo(accessToken);
final UserProfile profile = retrieveUserProfileFromUserInfoResponse(context, jwt, userInfoResponse);
logger.debug("User profile: '{}'", profile);
return profile;
} catch (final Exception ex) {
throw new CommunicationException(ex);
}
}
Also used :
InvalidJwtException(org.gluu.oxauth.model.exception.InvalidJwtException)
TokenResponse(org.gluu.oxauth.client.TokenResponse)
CommunicationException(org.gluu.oxauth.client.exception.CommunicationException)
UserProfile(org.gluu.oxauth.client.auth.user.UserProfile)
Jwt(org.gluu.oxauth.model.jwt.Jwt)
UserInfoResponse(org.gluu.oxauth.client.UserInfoResponse)
TokenClient(org.gluu.oxauth.client.TokenClient)
CommunicationException(org.gluu.oxauth.client.exception.CommunicationException)
InvalidJwtException(org.gluu.oxauth.model.exception.InvalidJwtException)
EncryptionException(org.gluu.util.security.StringEncrypter.EncryptionException)
IOException(java.io.IOException)
ConfigurationException(org.gluu.util.exception.ConfigurationException)
Aggregations
CommunicationException (org.gluu.oxauth.client.exception.CommunicationException)3
CommonProfile (org.gluu.oxauth.client.auth.user.CommonProfile)2
IOException (java.io.IOException)1
ClaimToAttributeMapping (org.gluu.conf.model.ClaimToAttributeMapping)1
TokenClient (org.gluu.oxauth.client.TokenClient)1
TokenResponse (org.gluu.oxauth.client.TokenResponse)1
UserInfoResponse (org.gluu.oxauth.client.UserInfoResponse)1
UserProfile (org.gluu.oxauth.client.auth.user.UserProfile)1
ClaimToAttributeMapping (org.gluu.oxauth.client.conf.ClaimToAttributeMapping)1
InvalidJwtException (org.gluu.oxauth.model.exception.InvalidJwtException)1
Jwt (org.gluu.oxauth.model.jwt.Jwt)1
ConfigurationException (org.gluu.util.exception.ConfigurationException)1
EncryptionException (org.gluu.util.security.StringEncrypter.EncryptionException)1
