use of org.keycloak.rar.AuthorizationRequestContext in project keycloak by keycloak.
the class TokenEndpoint method getRequestedScopes.
private String getRequestedScopes() {
String scope = formParams.getFirst(OAuth2Constants.SCOPE);
boolean validScopes;
if (Profile.isFeatureEnabled(Profile.Feature.DYNAMIC_SCOPES)) {
AuthorizationRequestContext authorizationRequestContext = AuthorizationContextUtil.getAuthorizationRequestContextFromScopes(session, scope);
validScopes = TokenManager.isValidScope(scope, authorizationRequestContext, client);
} else {
validScopes = TokenManager.isValidScope(scope, client);
}
if (!validScopes) {
event.error(Errors.INVALID_REQUEST);
throw new CorsErrorResponseException(cors, OAuthErrorException.INVALID_SCOPE, "Invalid scopes: " + scope, Status.BAD_REQUEST);
}
return scope;
}
use of org.keycloak.rar.AuthorizationRequestContext in project keycloak by keycloak.
the class AuthorizationContextUtil method getAuthorizationRequestContextFromScopesWithClient.
/**
* An extension of {@link AuthorizationContextUtil#getAuthorizationRequestContextFromScopes} that appends the current context's client
* @param session
* @param scope
* @return an {@link AuthorizationRequestContext} with scope entries and a ClientModel
*/
public static AuthorizationRequestContext getAuthorizationRequestContextFromScopesWithClient(KeycloakSession session, String scope) {
AuthorizationRequestContext authorizationRequestContext = getAuthorizationRequestContextFromScopes(session, scope);
authorizationRequestContext.getAuthorizationDetailEntries().add(new AuthorizationDetails(session.getContext().getClient()));
return authorizationRequestContext;
}
Aggregations