Example 6 with JsonWebResponse
use of org.gluu.oxauth.model.token.JsonWebResponse in project oxAuth by GluuFederation.
the class EndSessionRestWebServiceImpl method backChannel.
private void backChannel(Map<String, Client> backchannelUris, AuthorizationGrant grant, SessionId session) throws InterruptedException {
if (backchannelUris.isEmpty()) {
return;
}
log.trace("backchannel_redirect_uri's: " + backchannelUris);
User user = grant != null ? grant.getUser() : null;
if (user == null) {
user = sessionIdService.getUser(session);
}
final ExecutorService executorService = EndSessionUtils.getExecutorService();
for (final Map.Entry<String, Client> entry : backchannelUris.entrySet()) {
final JsonWebResponse logoutToken = logoutTokenFactory.createLogoutToken(entry.getValue(), session.getOutsideSid(), user);
if (logoutToken == null) {
log.error("Failed to create logout_token for client: " + entry.getValue().getClientId());
return;
}
executorService.execute(() -> EndSessionUtils.callRpWithBackchannelUri(entry.getKey(), logoutToken.toString()));
}
executorService.shutdown();
executorService.awaitTermination(30, TimeUnit.SECONDS);
log.trace("Finished backchannel calls.");
}
Also used :
User(org.gluu.oxauth.model.common.User)
JsonWebResponse(org.gluu.oxauth.model.token.JsonWebResponse)
ExecutorService(java.util.concurrent.ExecutorService)
Client(org.gluu.oxauth.model.registration.Client)
Map(java.util.Map)
Example 7 with JsonWebResponse
use of org.gluu.oxauth.model.token.JsonWebResponse in project oxAuth by GluuFederation.
the class LogoutTokenFactory method createLogoutToken.
public JsonWebResponse createLogoutToken(Client rpClient, String outsideSid, User user) {
try {
Preconditions.checkNotNull(rpClient);
JsonWebResponse jwr = jwrService.createJwr(rpClient);
fillClaims(jwr, rpClient, outsideSid, user);
jwrService.encode(jwr, rpClient);
return jwr;
} catch (Exception e) {
log.error("Failed to create logout_token for client:" + rpClient.getClientId());
return null;
}
}
Also used :
JsonWebResponse(org.gluu.oxauth.model.token.JsonWebResponse)
Example 8 with JsonWebResponse
use of org.gluu.oxauth.model.token.JsonWebResponse in project oxAuth by GluuFederation.
the class UserInfoRestWebServiceImpl method getJSonResponse.
/**
* Builds a JSon String with the response parameters.
*/
public String getJSonResponse(User user, AuthorizationGrant authorizationGrant, Collection<String> scopes) throws Exception {
log.trace("Building JSON reponse with next scopes {0} for user {1} and user custom attributes {0}", scopes, user.getUserId(), user.getCustomAttributes());
JsonWebResponse jsonWebResponse = new JsonWebResponse();
// Claims
List<Scope> dynamicScopes = new ArrayList<Scope>();
for (String scopeName : scopes) {
org.oxauth.persistence.model.Scope scope = scopeService.getScopeById(scopeName);
if ((scope != null) && (org.gluu.oxauth.model.common.ScopeType.DYNAMIC == scope.getScopeType())) {
dynamicScopes.add(scope);
continue;
}
Map<String, Object> claims = scopeService.getClaims(user, scope);
if (claims == null) {
continue;
}
if (scope != null && Boolean.TRUE.equals(scope.isOxAuthGroupClaims())) {
JwtSubClaimObject groupClaim = new JwtSubClaimObject();
groupClaim.setName(scope.getId());
for (Map.Entry<String, Object> entry : claims.entrySet()) {
String key = entry.getKey();
Object value = entry.getValue();
if (value instanceof List) {
groupClaim.setClaim(key, (List<String>) value);
} else {
groupClaim.setClaim(key, String.valueOf(value));
}
}
jsonWebResponse.getClaims().setClaim(scope.getId(), groupClaim);
} else {
for (Map.Entry<String, Object> entry : claims.entrySet()) {
String key = entry.getKey();
Object value = entry.getValue();
if (value instanceof List) {
jsonWebResponse.getClaims().setClaim(key, (List<String>) value);
} else if (value instanceof Boolean) {
jsonWebResponse.getClaims().setClaim(key, (Boolean) value);
} else if (value instanceof Date) {
jsonWebResponse.getClaims().setClaim(key, ((Date) value).getTime() / 1000);
} else {
jsonWebResponse.getClaims().setClaim(key, String.valueOf(value));
}
}
}
}
if (authorizationGrant.getClaims() != null) {
JSONObject claimsObj = new JSONObject(authorizationGrant.getClaims());
if (claimsObj.has("userinfo")) {
JSONObject userInfoObj = claimsObj.getJSONObject("userinfo");
for (Iterator<String> it = userInfoObj.keys(); it.hasNext(); ) {
String claimName = it.next();
// ClaimValueType.OPTIONAL.equals(claim.getClaimValue().getClaimValueType());
boolean optional = true;
GluuAttribute gluuAttribute = attributeService.getByClaimName(claimName);
if (gluuAttribute != null) {
String ldapClaimName = gluuAttribute.getName();
Object attribute = user.getAttribute(ldapClaimName, optional, gluuAttribute.getOxMultiValuedAttribute());
jsonWebResponse.getClaims().setClaimFromJsonObject(claimName, attribute);
}
}
}
}
if (authorizationGrant.getJwtAuthorizationRequest() != null && authorizationGrant.getJwtAuthorizationRequest().getUserInfoMember() != null) {
for (Claim claim : authorizationGrant.getJwtAuthorizationRequest().getUserInfoMember().getClaims()) {
// ClaimValueType.OPTIONAL.equals(claim.getClaimValue().getClaimValueType());
boolean optional = true;
GluuAttribute gluuAttribute = attributeService.getByClaimName(claim.getName());
if (gluuAttribute != null) {
Client client = authorizationGrant.getClient();
if (validateRequesteClaim(gluuAttribute, client.getClaims(), scopes)) {
String ldapClaimName = gluuAttribute.getName();
Object attribute = user.getAttribute(ldapClaimName, optional, gluuAttribute.getOxMultiValuedAttribute());
jsonWebResponse.getClaims().setClaimFromJsonObject(claim.getName(), attribute);
}
}
}
}
jsonWebResponse.getClaims().setSubjectIdentifier(authorizationGrant.getSub());
if ((dynamicScopes.size() > 0) && externalDynamicScopeService.isEnabled()) {
final UnmodifiableAuthorizationGrant unmodifiableAuthorizationGrant = new UnmodifiableAuthorizationGrant(authorizationGrant);
DynamicScopeExternalContext dynamicScopeContext = new DynamicScopeExternalContext(dynamicScopes, jsonWebResponse, unmodifiableAuthorizationGrant);
externalDynamicScopeService.executeExternalUpdateMethods(dynamicScopeContext);
}
return jsonWebResponse.toString();
}
Also used :
JsonWebResponse(org.gluu.oxauth.model.token.JsonWebResponse)
DynamicScopeExternalContext(org.gluu.oxauth.service.external.context.DynamicScopeExternalContext)
JwtSubClaimObject(org.gluu.oxauth.model.jwt.JwtSubClaimObject)
GluuAttribute(org.gluu.model.GluuAttribute)
Scope(org.oxauth.persistence.model.Scope)
JSONObject(org.json.JSONObject)
JwtSubClaimObject(org.gluu.oxauth.model.jwt.JwtSubClaimObject)
JSONObject(org.json.JSONObject)
Client(org.gluu.oxauth.model.registration.Client)
Claim(org.gluu.oxauth.model.authorize.Claim)
Scope(org.oxauth.persistence.model.Scope)
Aggregations
JsonWebResponse (org.gluu.oxauth.model.token.JsonWebResponse)8
Client (org.gluu.oxauth.model.registration.Client)4
WebApplicationException (javax.ws.rs.WebApplicationException)3
ExternalUpdateTokenContext (org.gluu.oxauth.service.external.context.ExternalUpdateTokenContext)3
Date (java.util.Date)2
ResponseBuilder (javax.ws.rs.core.Response.ResponseBuilder)2
OAuth2AuditLog (org.gluu.oxauth.model.audit.OAuth2AuditLog)2
JSONObject (org.json.JSONObject)2
Function (com.google.common.base.Function)1
Strings (com.google.common.base.Strings)1
Arrays (java.util.Arrays)1
Map (java.util.Map)1
ExecutorService (java.util.concurrent.ExecutorService)1
Inject (javax.inject.Inject)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
HttpServletResponse (javax.servlet.http.HttpServletResponse)1
Path (javax.ws.rs.Path)1
MediaType (javax.ws.rs.core.MediaType)1
Response (javax.ws.rs.core.Response)1
SecurityContext (javax.ws.rs.core.SecurityContext)1
