Search in sources :

Example 1 with CibaAuthCodeResponse

use of org.wso2.carbon.identity.oauth.ciba.model.CibaAuthCodeResponse in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2CibaEndpoint method ciba.

@POST
@Path("/")
@Consumes("application/x-www-form-urlencoded")
@Produces("application/json")
public Response ciba(@Context HttpServletRequest request, @Context HttpServletResponse response, MultivaluedMap paramMap) {
    OAuthClientAuthnContext oAuthClientAuthnContext = getClientAuthnContext(request);
    if (!oAuthClientAuthnContext.isAuthenticated()) {
        return getErrorResponse(new CibaAuthFailureException(OAuth2ErrorCodes.UNAUTHORIZED_CLIENT, "Client authentication required"));
    }
    request = new OAuthRequestWrapper(request, (Map<String, List<String>>) paramMap);
    if (log.isDebugEnabled()) {
        log.debug("Authentication request has hit Client Initiated Back-channel Authentication EndPoint.");
    }
    try {
        // Check whether request has the 'request' parameter.
        checkForRequestParam(request);
        // Capturing authentication request.
        String authRequest = request.getParameter(CibaConstants.REQUEST);
        // Validate authentication request.
        validateAuthenticationRequest(authRequest, oAuthClientAuthnContext.getClientId());
        // Prepare RequestDTO with validated parameters.
        cibaAuthCodeRequest = getCibaAuthCodeRequest(authRequest);
        // Obtain Response from service layer of CIBA.
        cibaAuthCodeResponse = getCibaAuthCodeResponse(cibaAuthCodeRequest);
        // Create an internal authorize call to the authorize endpoint.
        generateAuthorizeCall(request, response, cibaAuthCodeResponse);
        // Create and return Ciba Authentication Response.
        return getAuthResponse(response, cibaAuthCodeResponse);
    } catch (CibaAuthFailureException e) {
        // Returning error response.
        return getErrorResponse(e);
    }
}
Also used : OAuthRequestWrapper(org.wso2.carbon.identity.oauth.endpoint.OAuthRequestWrapper) CibaAuthFailureException(org.wso2.carbon.identity.oauth.endpoint.exception.CibaAuthFailureException) OAuthClientAuthnContext(org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext) Map(java.util.Map) MultivaluedMap(javax.ws.rs.core.MultivaluedMap) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces)

Example 2 with CibaAuthCodeResponse

use of org.wso2.carbon.identity.oauth.ciba.model.CibaAuthCodeResponse in project identity-inbound-auth-oauth by wso2-extensions.

the class CibaAuthResponseHandler method createAuthResponse.

/**
 * Creates CIBA AuthenticationResponse.
 *
 * @param cibaAuthCodeResponse CIBA Authentication Request Data Transfer Object.
 * @return Response for AuthenticationRequest.
 */
public Response createAuthResponse(@Context HttpServletResponse response, CibaAuthCodeResponse cibaAuthCodeResponse) {
    // Set the ExpiryTime.
    long expiresIn = cibaAuthCodeResponse.getExpiresIn();
    if (log.isDebugEnabled()) {
        log.debug("Setting ExpiryTime for the response to the  request made by client with clientID : " + cibaAuthCodeResponse.getClientId() + ".");
    }
    // Create authentication response.
    response.setContentType(MediaType.APPLICATION_JSON);
    // Creating authentication response for the request.
    JSONObject cibaAuthResponse = new JSONObject();
    cibaAuthResponse.put(CibaConstants.AUTH_REQ_ID, cibaAuthCodeResponse.getAuthReqId());
    cibaAuthResponse.put(CibaConstants.EXPIRES_IN, expiresIn);
    cibaAuthResponse.put(CibaConstants.INTERVAL, CibaConstants.INTERVAL_DEFAULT_VALUE_IN_SEC);
    if (log.isDebugEnabled()) {
        log.debug("Creating CIBA Authentication response to the request made by client with clientID : " + cibaAuthCodeResponse.getClientId() + ".");
    }
    Response.ResponseBuilder respBuilder = Response.status(HttpServletResponse.SC_OK);
    if (log.isDebugEnabled()) {
        log.debug("Returning CIBA Authentication Response for the request made by client with clientID : " + cibaAuthCodeResponse.getClientId() + ".");
    }
    return respBuilder.entity(cibaAuthResponse.toString()).build();
}
Also used : Response(javax.ws.rs.core.Response) HttpServletResponse(javax.servlet.http.HttpServletResponse) CibaAuthCodeResponse(org.wso2.carbon.identity.oauth.ciba.model.CibaAuthCodeResponse) JSONObject(net.minidev.json.JSONObject)

Example 3 with CibaAuthCodeResponse

use of org.wso2.carbon.identity.oauth.ciba.model.CibaAuthCodeResponse in project identity-inbound-auth-oauth by wso2-extensions.

the class CibaAuthzHandler method initiateAuthzRequest.

/**
 * Trigger authorize request after building the url.
 *
 * @param authCodeResponse AuthorizeRequest Data Transfer Object..
 * @throws CibaAuthFailureException CibaAuthentication related exception.
 */
public void initiateAuthzRequest(CibaAuthCodeResponse authCodeResponse, @Context HttpServletRequest request, @Context HttpServletResponse response) throws CibaAuthFailureException {
    // Add custom parameters to the request by wrapping.
    CibaAuthRequestWrapper cibaAuthRequestWrapper = new CibaAuthRequestWrapper(request);
    cibaAuthRequestWrapper.setParameter(Constants.SCOPE, OAuth2Util.buildScopeString(authCodeResponse.getScopes()));
    cibaAuthRequestWrapper.setParameter(Constants.RESPONSE_TYPE, CibaConstants.RESPONSE_TYPE_VALUE);
    cibaAuthRequestWrapper.setParameter(Constants.NONCE, authCodeResponse.getAuthReqId());
    cibaAuthRequestWrapper.setParameter(Constants.REDIRECT_URI, authCodeResponse.getCallBackUrl());
    cibaAuthRequestWrapper.setParameter(Constants.CLIENT_ID, authCodeResponse.getClientId());
    cibaAuthRequestWrapper.setParameter(CibaConstants.USER_IDENTITY, authCodeResponse.getUserHint());
    cibaAuthRequestWrapper.setParameter(REQUEST_OBJECT, request.getParameter(CibaConstants.REQUEST));
    cibaAuthRequestWrapper.setParameter(Constants.LOGIN_HINT, authCodeResponse.getUserHint());
    if (!StringUtils.isBlank(authCodeResponse.getBindingMessage())) {
        cibaAuthRequestWrapper.setParameter(CibaConstants.BINDING_MESSAGE, authCodeResponse.getBindingMessage());
    }
    if (!StringUtils.isBlank(authCodeResponse.getTransactionContext())) {
        cibaAuthRequestWrapper.setParameter(CibaConstants.TRANSACTION_CONTEXT, authCodeResponse.getTransactionContext());
    }
    // Create an instance of response.
    CibaAuthResponseWrapper commonAuthResponseWrapper = new CibaAuthResponseWrapper(response);
    if (log.isDebugEnabled()) {
        log.debug("Building AuthorizeRequest wrapper from CIBA component for the user : " + authCodeResponse.getUserHint() + " to continue the authentication request made by client with " + "clientID : " + authCodeResponse.getClientId());
    }
    // Fire authorize request and forget.
    fireAuthzReq(cibaAuthRequestWrapper, commonAuthResponseWrapper);
}
Also used : CibaAuthRequestWrapper(org.wso2.carbon.identity.oauth.ciba.wrappers.CibaAuthRequestWrapper) CibaAuthResponseWrapper(org.wso2.carbon.identity.oauth.ciba.wrappers.CibaAuthResponseWrapper)

Example 4 with CibaAuthCodeResponse

use of org.wso2.carbon.identity.oauth.ciba.model.CibaAuthCodeResponse in project identity-inbound-auth-oauth by wso2-extensions.

the class CibaAuthServiceImpl method buildAuthCodeResponse.

/**
 * Builds and returns CibaAuthCodeResponse.
 *
 * @param cibaAuthCodeDO      DO with information regarding authenticationRequest.
 * @param cibaAuthCodeRequest Auth Code request object.
 * @throws CibaCoreException   Exception thrown from CibaCore Component.
 * @throws CibaClientException Client exception thrown from CibaCore Component.
 */
private CibaAuthCodeResponse buildAuthCodeResponse(CibaAuthCodeRequest cibaAuthCodeRequest, CibaAuthCodeDO cibaAuthCodeDO) throws CibaCoreException, CibaClientException {
    String clientID = cibaAuthCodeRequest.getIssuer();
    try {
        CibaAuthCodeResponse cibaAuthCodeResponse = new CibaAuthCodeResponse();
        String user = cibaAuthCodeRequest.getUserHint();
        OAuthAppDO appDO = OAuth2Util.getAppInformationByClientId(clientID);
        String callbackUri = appDO.getCallbackUrl();
        cibaAuthCodeResponse.setAuthReqId(cibaAuthCodeDO.getAuthReqId());
        cibaAuthCodeResponse.setCallBackUrl(callbackUri);
        cibaAuthCodeResponse.setUserHint(user);
        cibaAuthCodeResponse.setClientId(clientID);
        cibaAuthCodeResponse.setScopes(cibaAuthCodeRequest.getScopes());
        cibaAuthCodeResponse.setExpiresIn(cibaAuthCodeDO.getExpiresIn());
        if (StringUtils.isNotBlank(cibaAuthCodeRequest.getBindingMessage())) {
            cibaAuthCodeResponse.setBindingMessage(cibaAuthCodeRequest.getBindingMessage());
        }
        if (StringUtils.isNotBlank(cibaAuthCodeRequest.getTransactionContext())) {
            cibaAuthCodeResponse.setTransactionDetails(cibaAuthCodeRequest.getTransactionContext());
        }
        if (log.isDebugEnabled()) {
            log.debug("Successful in creating AuthCodeResponse for the client: " + clientID);
        }
        return cibaAuthCodeResponse;
    } catch (IdentityOAuth2Exception e) {
        throw new CibaCoreException("Error in creating AuthCodeResponse for the client: " + clientID, e);
    } catch (InvalidOAuthClientException e) {
        throw new CibaClientException("Error in creating AuthCodeResponse for the client: " + clientID, e);
    }
}
Also used : OAuthAppDO(org.wso2.carbon.identity.oauth.dao.OAuthAppDO) IdentityOAuth2Exception(org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception) CibaClientException(org.wso2.carbon.identity.oauth.ciba.exceptions.CibaClientException) CibaAuthCodeResponse(org.wso2.carbon.identity.oauth.ciba.model.CibaAuthCodeResponse) CibaCoreException(org.wso2.carbon.identity.oauth.ciba.exceptions.CibaCoreException) InvalidOAuthClientException(org.wso2.carbon.identity.oauth.common.exception.InvalidOAuthClientException)

Example 5 with CibaAuthCodeResponse

use of org.wso2.carbon.identity.oauth.ciba.model.CibaAuthCodeResponse in project identity-inbound-auth-oauth by wso2-extensions.

the class CibaAuthServiceImpl method generateAuthCodeResponse.

@Override
public CibaAuthCodeResponse generateAuthCodeResponse(CibaAuthCodeRequest cibaAuthCodeRequest) throws CibaCoreException, CibaClientException {
    CibaAuthCodeDO cibaAuthCodeDO = generateCibaAuthCodeDO(cibaAuthCodeRequest);
    CibaDAOFactory.getInstance().getCibaAuthMgtDAO().persistCibaAuthCode(cibaAuthCodeDO);
    return buildAuthCodeResponse(cibaAuthCodeRequest, cibaAuthCodeDO);
}
Also used : CibaAuthCodeDO(org.wso2.carbon.identity.oauth.ciba.model.CibaAuthCodeDO)

Aggregations

CibaAuthCodeResponse (org.wso2.carbon.identity.oauth.ciba.model.CibaAuthCodeResponse)2 Map (java.util.Map)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 Consumes (javax.ws.rs.Consumes)1 POST (javax.ws.rs.POST)1 Path (javax.ws.rs.Path)1 Produces (javax.ws.rs.Produces)1 MultivaluedMap (javax.ws.rs.core.MultivaluedMap)1 Response (javax.ws.rs.core.Response)1 JSONObject (net.minidev.json.JSONObject)1 CibaClientException (org.wso2.carbon.identity.oauth.ciba.exceptions.CibaClientException)1 CibaCoreException (org.wso2.carbon.identity.oauth.ciba.exceptions.CibaCoreException)1 CibaAuthCodeDO (org.wso2.carbon.identity.oauth.ciba.model.CibaAuthCodeDO)1 CibaAuthRequestWrapper (org.wso2.carbon.identity.oauth.ciba.wrappers.CibaAuthRequestWrapper)1 CibaAuthResponseWrapper (org.wso2.carbon.identity.oauth.ciba.wrappers.CibaAuthResponseWrapper)1 InvalidOAuthClientException (org.wso2.carbon.identity.oauth.common.exception.InvalidOAuthClientException)1 OAuthAppDO (org.wso2.carbon.identity.oauth.dao.OAuthAppDO)1 OAuthRequestWrapper (org.wso2.carbon.identity.oauth.endpoint.OAuthRequestWrapper)1 CibaAuthFailureException (org.wso2.carbon.identity.oauth.endpoint.exception.CibaAuthFailureException)1 IdentityOAuth2Exception (org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception)1