use of org.keycloak.representations.account.AccountLinkUriRepresentation in project keycloak by keycloak.
the class LinkedAccountsResource method buildLinkedAccountURI.
@GET
@Path("/{providerId}")
@Produces(MediaType.APPLICATION_JSON)
@Deprecated
public Response buildLinkedAccountURI(@PathParam("providerId") String providerId, @QueryParam("redirectUri") String redirectUri) {
auth.require(AccountRoles.MANAGE_ACCOUNT);
if (redirectUri == null) {
ErrorResponse.error(Messages.INVALID_REDIRECT_URI, Response.Status.BAD_REQUEST);
}
String errorMessage = checkCommonPreconditions(providerId);
if (errorMessage != null) {
return ErrorResponse.error(errorMessage, Response.Status.BAD_REQUEST);
}
if (auth.getSession() == null) {
return ErrorResponse.error(Messages.SESSION_NOT_ACTIVE, Response.Status.BAD_REQUEST);
}
try {
String nonce = UUID.randomUUID().toString();
MessageDigest md = MessageDigest.getInstance("SHA-256");
String input = nonce + auth.getSession().getId() + ACCOUNT_CONSOLE_CLIENT_ID + providerId;
byte[] check = md.digest(input.getBytes(StandardCharsets.UTF_8));
String hash = Base64Url.encode(check);
URI linkUri = Urls.identityProviderLinkRequest(this.session.getContext().getUri().getBaseUri(), providerId, realm.getName());
linkUri = UriBuilder.fromUri(linkUri).queryParam("nonce", nonce).queryParam("hash", hash).queryParam("client_id", ACCOUNT_CONSOLE_CLIENT_ID).queryParam("redirect_uri", redirectUri).build();
AccountLinkUriRepresentation rep = new AccountLinkUriRepresentation();
rep.setAccountLinkUri(linkUri);
rep.setHash(hash);
rep.setNonce(nonce);
return Cors.add(request, Response.ok(rep)).auth().allowedOrigins(auth.getToken()).build();
} catch (Exception spe) {
spe.printStackTrace();
return ErrorResponse.error(Messages.FAILED_TO_PROCESS_RESPONSE, Response.Status.INTERNAL_SERVER_ERROR);
}
}
use of org.keycloak.representations.account.AccountLinkUriRepresentation in project keycloak by keycloak.
the class LinkedAccountsRestServiceTest method testBuildLinkedAccountUri.
@Test
@AuthServerContainerExclude(AuthServer.REMOTE)
public void testBuildLinkedAccountUri() throws IOException {
AccountLinkUriRepresentation rep = SimpleHttp.doGet(getAccountUrl("linked-accounts/github?redirectUri=phonyUri"), client).auth(tokenUtil.getToken()).asJson(new TypeReference<AccountLinkUriRepresentation>() {
});
URI brokerUri = rep.getAccountLinkUri();
assertTrue(brokerUri.getPath().endsWith("/auth/realms/test/broker/github/link"));
List<NameValuePair> queryParams = URLEncodedUtils.parse(brokerUri, Charset.defaultCharset());
assertEquals(4, queryParams.size());
for (NameValuePair nvp : queryParams) {
switch(nvp.getName()) {
case "nonce":
{
assertNotNull(nvp.getValue());
assertEquals(rep.getNonce(), nvp.getValue());
break;
}
case "hash":
{
assertNotNull(nvp.getValue());
assertEquals(rep.getHash(), nvp.getValue());
break;
}
case "client_id":
assertEquals(ACCOUNT_CONSOLE_CLIENT_ID, nvp.getValue());
break;
case "redirect_uri":
assertEquals("phonyUri", nvp.getValue());
}
}
}
Aggregations