use of org.pac4j.oidc.config.OidcConfiguration in project pac4j by pac4j.
the class RunCasOidcWrapper method getClient.
@Override
protected IndirectClient getClient() {
final OidcConfiguration configuration = new OidcConfiguration();
configuration.setClientId(CLIENT_ID);
configuration.setSecret("secret");
// configuration.setDiscoveryURI("https://casserverpac4j.herokuapp.com/oidc/.well-known/openid-configuration");
configuration.setDiscoveryURI("http://localhost:8888/cas/oidc/.well-known/openid-configuration");
final OidcClient client = new OidcClient(configuration);
client.setCallbackUrl(PAC4J_BASE_URL);
return client;
}
use of org.pac4j.oidc.config.OidcConfiguration in project pac4j by pac4j.
the class RunGoogleOidcClient method getClient.
@Override
protected IndirectClient getClient() {
final OidcConfiguration configuration = new OidcConfiguration();
configuration.setClientId("682158564078-ndcjc83kp5v7vudikqu1fudtkcs2odeb.apps.googleusercontent.com");
configuration.setSecret("gLB2U7LPYBFTxqYtyG81AhLH");
final GoogleOidcClient client = new GoogleOidcClient(configuration);
client.setCallbackUrl(PAC4J_BASE_URL);
return client;
}
use of org.pac4j.oidc.config.OidcConfiguration in project pac4j by pac4j.
the class RunIdentityServer4 method getClient.
@Override
protected IndirectClient getClient() {
final OidcConfiguration configuration = new OidcConfiguration();
configuration.setClientId("test");
configuration.setSecret("secret");
configuration.setDiscoveryURI("http://localhost:1941/.well-known/openid-configuration");
if (flow == Flow.IMPLICIT_FLOW) {
// AllowedGrantTypes = GrantTypes.ImplicitAndClientCredentials,
configuration.setResponseType("id_token");
configuration.setResponseMode("form_post");
configuration.setUseNonce(true);
logger.warn("For the implicit flow, copy / paste the form body parameters after a ? as the returned url");
} else if (flow == Flow.IMPLICIT_FLOW_CLIENT_SIDE) {
// this flow can not be used in fact (as data ae passed as anchor parameters, only on client side)
// AllowedGrantTypes = GrantTypes.ImplicitAndClientCredentials,
configuration.setResponseType("id_token");
configuration.setUseNonce(true);
/*} else if (flow == Flow.AUTHORIZATION_CODE) {
AllowedGrantTypes = GrantTypes.CodeAndClientCredentials,*/
} else if (flow == Flow.HYBRID_FLOW) {
// AllowAccessTokensViaBrowser = true, AllowedGrantTypes = GrantTypes.HybridAndClientCredentials,
configuration.setResponseType("code id_token token");
configuration.setUseNonce(true);
} else if (flow != Flow.AUTHORIZATION_CODE) {
throw new TechnicalException("Unsupported flow for tests");
}
final OidcClient client = new OidcClient(configuration);
client.setCallbackUrl(PAC4J_BASE_URL);
return client;
}
use of org.pac4j.oidc.config.OidcConfiguration in project pac4j by pac4j.
the class OidcClientBuilder method tryCreateOidcClient.
public void tryCreateOidcClient(final List<Client> clients) {
for (int i = 0; i <= MAX_NUM_CLIENTS; i++) {
final String id = getProperty(OIDC_ID, i);
final String secret = getProperty(OIDC_SECRET, i);
if (isNotBlank(id) && isNotBlank(secret)) {
final OidcConfiguration configuration = new OidcConfiguration();
configuration.setClientId(id);
configuration.setSecret(secret);
final String scope = getProperty(OIDC_SCOPE, i);
if (isNotBlank(scope)) {
configuration.setScope(scope);
}
final String discoveryUri = getProperty(OIDC_DISCOVERY_URI, i);
if (isNotBlank(discoveryUri)) {
configuration.setDiscoveryURI(discoveryUri);
}
final String useNonce = getProperty(OIDC_USE_NONCE, i);
if (isNotBlank(useNonce)) {
configuration.setUseNonce(Boolean.parseBoolean(useNonce));
}
final String jwsAlgo = getProperty(OIDC_PREFERRED_JWS_ALGORITHM, i);
if (isNotBlank(jwsAlgo)) {
configuration.setPreferredJwsAlgorithm(JWSAlgorithm.parse(jwsAlgo));
}
final String maxClockSkew = getProperty(OIDC_MAX_CLOCK_SKEW, i);
if (isNotBlank(maxClockSkew)) {
configuration.setMaxClockSkew(Integer.parseInt(maxClockSkew));
}
final String clientAuthenticationMethod = getProperty(OIDC_CLIENT_AUTHENTICATION_METHOD, i);
if (isNotBlank(clientAuthenticationMethod)) {
configuration.setClientAuthenticationMethod(ClientAuthenticationMethod.parse(clientAuthenticationMethod));
}
for (int j = 1; j <= MAX_NUM_CUSTOM_PROPERTIES; j++) {
if (containsProperty(OIDC_CUSTOM_PARAM_KEY + j, i)) {
configuration.addCustomParam(getProperty(OIDC_CUSTOM_PARAM_KEY + j, i), getProperty(OIDC_CUSTOM_PARAM_VALUE + j, i));
}
}
final String type = getProperty(OIDC_TYPE, i);
final OidcClient oidcClient;
if (OIDC_AZURE_TYPE.equalsIgnoreCase(type)) {
oidcClient = new AzureAdClient(new AzureAdOidcConfiguration(configuration));
} else if (OIDC_GOOGLE_TYPE.equalsIgnoreCase(type)) {
oidcClient = new GoogleOidcClient(configuration);
} else {
oidcClient = new OidcClient(configuration);
}
oidcClient.setName(concat(oidcClient.getName(), i));
clients.add(oidcClient);
}
}
}
use of org.pac4j.oidc.config.OidcConfiguration in project ddf by codice.
the class OidcRealmTest method setup.
@Before
public void setup() throws Exception {
realm = new OidcRealm();
// Generate the RSA key pair
KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA");
gen.initialize(2048);
KeyPair keyPair = gen.generateKeyPair();
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
validAlgorithm = Algorithm.RSA256(publicKey, privateKey);
invalidAlgorithm = Algorithm.HMAC256("WRONG");
JWK sigJwk = new RSAKey.Builder(publicKey).privateKey(privateKey).keyUse(KeyUse.SIGNATURE).keyID(UUID.randomUUID().toString()).build();
String jwk = "{\"keys\": [" + sigJwk.toPublicJWK().toJSONString() + "] }";
OIDCProviderMetadata oidcProviderMetadata = mock(OIDCProviderMetadata.class);
when(oidcProviderMetadata.getIDTokenJWSAlgs()).thenReturn(ImmutableList.of(JWSAlgorithm.RS256));
when(oidcProviderMetadata.getIssuer()).thenReturn(new Issuer("http://localhost:8080/auth/realms/master"));
when(oidcProviderMetadata.getJWKSetURI()).thenReturn(new URI("http://localhost:8080/auth/realms/master/protocol/openid-connect/certs"));
ResourceRetriever resourceRetriever = mock(ResourceRetriever.class);
Resource resource = new Resource(jwk, APPLICATION_JSON);
when(resourceRetriever.retrieveResource(any())).thenReturn(resource);
OidcConfiguration configuration = mock(OidcConfiguration.class);
when(configuration.getClientId()).thenReturn("ddf-client");
when(configuration.getSecret()).thenReturn("secret");
when(configuration.isUseNonce()).thenReturn(true);
when(configuration.getResponseType()).thenReturn("code");
when(configuration.findProviderMetadata()).thenReturn(oidcProviderMetadata);
when(configuration.findResourceRetriever()).thenReturn(resourceRetriever);
OidcHandlerConfiguration handlerConfiguration = mock(OidcHandlerConfiguration.class);
when(handlerConfiguration.getOidcConfiguration()).thenReturn(configuration);
when(handlerConfiguration.getOidcClient(any())).thenReturn(mock(OidcClient.class));
realm.setOidcHandlerConfiguration(handlerConfiguration);
realm.setUsernameAttributeList(Collections.singletonList("preferred_username"));
JWT jwt = mock(JWT.class);
AccessToken accessToken = new BearerAccessToken(getAccessTokenBuilder().sign(validAlgorithm));
AuthorizationCode authorizationCode = new AuthorizationCode();
WebContext webContext = getWebContext();
oidcCredentials = mock(OidcCredentials.class);
when(oidcCredentials.getIdToken()).thenReturn(jwt);
when(oidcCredentials.getIdToken()).thenReturn(jwt);
when(oidcCredentials.getAccessToken()).thenReturn(accessToken);
when(oidcCredentials.getCode()).thenReturn(authorizationCode);
authenticationToken = mock(OidcAuthenticationToken.class);
when(authenticationToken.getCredentials()).thenReturn(oidcCredentials);
when(authenticationToken.getContext()).thenReturn(webContext);
}
Aggregations