Examples with OIDProviderRequest org.wso2.carbon.identity.discovery.OIDProviderRequest used on opensource projects

Example 1 with OIDProviderRequest

use of org.wso2.carbon.identity.discovery.OIDProviderRequest in project identity-inbound-auth-oauth by wso2-extensions.

the class DefaultOIDCProcessor method getResponse.

public OIDProviderConfigResponse getResponse(HttpServletRequest request, String tenantDomain) throws OIDCDiscoveryEndPointException, ServerConfigurationException {
    OIDCProviderRequestBuilder requestBuilder = new DefaultOIDCProviderRequestBuilder();
    OIDProviderRequest requestObject = requestBuilder.buildRequest(request, tenantDomain);
    ProviderConfigBuilder responseBuilder = new ProviderConfigBuilder();
    return responseBuilder.buildOIDProviderConfig(requestObject);
}

Example 2 with OIDProviderRequest

use of org.wso2.carbon.identity.discovery.OIDProviderRequest in project identity-inbound-auth-oauth by wso2-extensions.

the class DefaultOIDCProviderRequestBuilderTest method testBuildRequest.

@Test(dataProvider = "test1")
public void testBuildRequest(String value, String output) throws Exception {
    when(mockHttpServletRequest.getRequestURI()).thenReturn("https://test.com");
    DefaultOIDCProviderRequestBuilder defaultOIDCProviderRequestBuilder = new DefaultOIDCProviderRequestBuilder();
    OIDProviderRequest oidProviderRequest = defaultOIDCProviderRequestBuilder.buildRequest(mockHttpServletRequest, value);
    assertEquals(oidProviderRequest.getUri(), "https://test.com", "Result URI is different from " + "the expected URI");
    assertEquals(oidProviderRequest.getTenantDomain(), output, "Error in tenant domain");
}

Example 3 with OIDProviderRequest

use of org.wso2.carbon.identity.discovery.OIDProviderRequest in project identity-inbound-auth-oauth by wso2-extensions.

the class DefaultOIDCProviderRequestBuilder method buildRequest.

@Override
public OIDProviderRequest buildRequest(HttpServletRequest request, String tenant) throws OIDCDiscoveryEndPointException {
    OIDProviderRequest requestObject = new OIDProviderRequest();
    requestObject.setUri(request.getRequestURI());
    if (StringUtils.isNotBlank(tenant)) {
        requestObject.setTenantDomain(tenant);
    } else {
        requestObject.setTenantDomain(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME);
    }
    return requestObject;
}

Example 4 with OIDProviderRequest

use of org.wso2.carbon.identity.discovery.OIDProviderRequest in project identity-inbound-auth-oauth by wso2-extensions.

the class ProviderConfigBuilder method buildOIDProviderConfig.

public OIDProviderConfigResponse buildOIDProviderConfig(OIDProviderRequest request) throws OIDCDiscoveryEndPointException, ServerConfigurationException {
    OIDProviderConfigResponse providerConfig = new OIDProviderConfigResponse();
    String tenantDomain = request.getTenantDomain();
    if (isUseEntityIdAsIssuerInOidcDiscovery()) {
        try {
            providerConfig.setIssuer(OAuth2Util.getIdTokenIssuer(tenantDomain));
        } catch (IdentityOAuth2Exception e) {
            throw new ServerConfigurationException(String.format("Error while retrieving OIDC Id token issuer " + "value for tenant domain: %s", tenantDomain), e);
        }
    } else {
        providerConfig.setIssuer(OAuth2Util.getIDTokenIssuer());
    }
    providerConfig.setAuthorizationEndpoint(OAuth2Util.OAuthURL.getOAuth2AuthzEPUrl());
    providerConfig.setTokenEndpoint(OAuth2Util.OAuthURL.getOAuth2TokenEPUrl());
    providerConfig.setUserinfoEndpoint(OAuth2Util.OAuthURL.getOAuth2UserInfoEPUrl());
    providerConfig.setRevocationEndpoint(OAuth2Util.OAuthURL.getOAuth2RevocationEPUrl());
    providerConfig.setRevocationEndpointAuthMethodsSupported(OAuth2Util.getSupportedClientAuthenticationMethods().toArray(new String[0]));
    providerConfig.setResponseModesSupported(OAuth2Util.getSupportedResponseModes().toArray(new String[0]));
    providerConfig.setIntrospectionEndpointAuthMethodsSupported(OAuth2Util.getSupportedClientAuthenticationMethods().toArray(new String[0]));
    providerConfig.setCodeChallengeMethodsSupported(OAuth2Util.getSupportedCodeChallengeMethods().toArray(new String[0]));
    try {
        providerConfig.setIntrospectionEndpoint(OAuth2Util.OAuthURL.getOAuth2IntrospectionEPUrl(tenantDomain));
        providerConfig.setRegistrationEndpoint(OAuth2Util.OAuthURL.getOAuth2DCREPUrl(tenantDomain));
        providerConfig.setJwksUri(OAuth2Util.OAuthURL.getOAuth2JWKSPageUrl(tenantDomain));
    } catch (URISyntaxException e) {
        throw new ServerConfigurationException("Error while building tenant specific url", e);
    }
    List<String> scopes = OAuth2Util.getOIDCScopes(tenantDomain);
    providerConfig.setScopesSupported(scopes.toArray(new String[scopes.size()]));
    try {
        List<ExternalClaim> claims = OIDCDiscoveryDataHolder.getInstance().getClaimManagementService().getExternalClaims(OIDC_CLAIM_DIALECT, tenantDomain);
        String[] claimArray = new String[claims.size() + 2];
        int i;
        for (i = 0; i < claims.size(); i++) {
            claimArray[i] = claims.get(i).getClaimURI();
        }
        claimArray[i++] = "iss";
        claimArray[i] = "acr";
        providerConfig.setClaimsSupported(claimArray);
    } catch (ClaimMetadataException e) {
        throw new ServerConfigurationException("Error while retrieving OIDC claim dialect", e);
    }
    try {
        providerConfig.setIdTokenSigningAlgValuesSupported(new String[] { OAuth2Util.mapSignatureAlgorithmForJWSAlgorithm(OAuthServerConfiguration.getInstance().getIdTokenSignatureAlgorithm()).getName() });
    } catch (IdentityOAuth2Exception e) {
        throw new ServerConfigurationException("Unsupported signature algorithm configured.", e);
    }
    Set<String> supportedResponseTypeNames = OAuthServerConfiguration.getInstance().getSupportedResponseTypeNames();
    providerConfig.setResponseTypesSupported(supportedResponseTypeNames.toArray(new String[supportedResponseTypeNames.size()]));
    providerConfig.setSubjectTypesSupported(new String[] { "public" });
    providerConfig.setCheckSessionIframe(buildServiceUrl(IdentityConstants.OAuth.CHECK_SESSION, IdentityUtil.getProperty(IdentityConstants.OAuth.OIDC_CHECK_SESSION_EP_URL)));
    providerConfig.setEndSessionEndpoint(buildServiceUrl(IdentityConstants.OAuth.LOGOUT, IdentityUtil.getProperty(IdentityConstants.OAuth.OIDC_LOGOUT_EP_URL)));
    try {
        providerConfig.setUserinfoSigningAlgValuesSupported(new String[] { OAuth2Util.mapSignatureAlgorithmForJWSAlgorithm(OAuthServerConfiguration.getInstance().getUserInfoJWTSignatureAlgorithm()).getName() });
    } catch (IdentityOAuth2Exception e) {
        throw new ServerConfigurationException("Unsupported signature algorithm configured.", e);
    }
    providerConfig.setTokenEndpointAuthMethodsSupported(OAuth2Util.getSupportedClientAuthenticationMethods().stream().toArray(String[]::new));
    providerConfig.setGrantTypesSupported(OAuth2Util.getSupportedGrantTypes().stream().toArray(String[]::new));
    providerConfig.setRequestParameterSupported(Boolean.valueOf(OAuth2Util.isRequestParameterSupported()));
    providerConfig.setClaimsParameterSupported(Boolean.valueOf(OAuth2Util.isClaimsParameterSupported()));
    providerConfig.setRequestObjectSigningAlgValuesSupported(OAuth2Util.getRequestObjectSigningAlgValuesSupported().stream().toArray(String[]::new));
    providerConfig.setBackchannelLogoutSupported(Boolean.TRUE);
    providerConfig.setBackchannelLogoutSessionSupported(Boolean.TRUE);
    return providerConfig;
}