use of org.wso2.carbon.identity.oauth.ciba.model.CibaAuthCodeResponse in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2CibaEndpoint method ciba.
@POST
@Path("/")
@Consumes("application/x-www-form-urlencoded")
@Produces("application/json")
public Response ciba(@Context HttpServletRequest request, @Context HttpServletResponse response, MultivaluedMap paramMap) {
OAuthClientAuthnContext oAuthClientAuthnContext = getClientAuthnContext(request);
if (!oAuthClientAuthnContext.isAuthenticated()) {
return getErrorResponse(new CibaAuthFailureException(OAuth2ErrorCodes.UNAUTHORIZED_CLIENT, "Client authentication required"));
}
request = new OAuthRequestWrapper(request, (Map<String, List<String>>) paramMap);
if (log.isDebugEnabled()) {
log.debug("Authentication request has hit Client Initiated Back-channel Authentication EndPoint.");
}
try {
// Check whether request has the 'request' parameter.
checkForRequestParam(request);
// Capturing authentication request.
String authRequest = request.getParameter(CibaConstants.REQUEST);
// Validate authentication request.
validateAuthenticationRequest(authRequest, oAuthClientAuthnContext.getClientId());
// Prepare RequestDTO with validated parameters.
cibaAuthCodeRequest = getCibaAuthCodeRequest(authRequest);
// Obtain Response from service layer of CIBA.
cibaAuthCodeResponse = getCibaAuthCodeResponse(cibaAuthCodeRequest);
// Create an internal authorize call to the authorize endpoint.
generateAuthorizeCall(request, response, cibaAuthCodeResponse);
// Create and return Ciba Authentication Response.
return getAuthResponse(response, cibaAuthCodeResponse);
} catch (CibaAuthFailureException e) {
// Returning error response.
return getErrorResponse(e);
}
}
use of org.wso2.carbon.identity.oauth.ciba.model.CibaAuthCodeResponse in project identity-inbound-auth-oauth by wso2-extensions.
the class CibaAuthResponseHandler method createAuthResponse.
/**
* Creates CIBA AuthenticationResponse.
*
* @param cibaAuthCodeResponse CIBA Authentication Request Data Transfer Object.
* @return Response for AuthenticationRequest.
*/
public Response createAuthResponse(@Context HttpServletResponse response, CibaAuthCodeResponse cibaAuthCodeResponse) {
// Set the ExpiryTime.
long expiresIn = cibaAuthCodeResponse.getExpiresIn();
if (log.isDebugEnabled()) {
log.debug("Setting ExpiryTime for the response to the request made by client with clientID : " + cibaAuthCodeResponse.getClientId() + ".");
}
// Create authentication response.
response.setContentType(MediaType.APPLICATION_JSON);
// Creating authentication response for the request.
JSONObject cibaAuthResponse = new JSONObject();
cibaAuthResponse.put(CibaConstants.AUTH_REQ_ID, cibaAuthCodeResponse.getAuthReqId());
cibaAuthResponse.put(CibaConstants.EXPIRES_IN, expiresIn);
cibaAuthResponse.put(CibaConstants.INTERVAL, CibaConstants.INTERVAL_DEFAULT_VALUE_IN_SEC);
if (log.isDebugEnabled()) {
log.debug("Creating CIBA Authentication response to the request made by client with clientID : " + cibaAuthCodeResponse.getClientId() + ".");
}
Response.ResponseBuilder respBuilder = Response.status(HttpServletResponse.SC_OK);
if (log.isDebugEnabled()) {
log.debug("Returning CIBA Authentication Response for the request made by client with clientID : " + cibaAuthCodeResponse.getClientId() + ".");
}
return respBuilder.entity(cibaAuthResponse.toString()).build();
}
use of org.wso2.carbon.identity.oauth.ciba.model.CibaAuthCodeResponse in project identity-inbound-auth-oauth by wso2-extensions.
the class CibaAuthzHandler method initiateAuthzRequest.
/**
* Trigger authorize request after building the url.
*
* @param authCodeResponse AuthorizeRequest Data Transfer Object..
* @throws CibaAuthFailureException CibaAuthentication related exception.
*/
public void initiateAuthzRequest(CibaAuthCodeResponse authCodeResponse, @Context HttpServletRequest request, @Context HttpServletResponse response) throws CibaAuthFailureException {
// Add custom parameters to the request by wrapping.
CibaAuthRequestWrapper cibaAuthRequestWrapper = new CibaAuthRequestWrapper(request);
cibaAuthRequestWrapper.setParameter(Constants.SCOPE, OAuth2Util.buildScopeString(authCodeResponse.getScopes()));
cibaAuthRequestWrapper.setParameter(Constants.RESPONSE_TYPE, CibaConstants.RESPONSE_TYPE_VALUE);
cibaAuthRequestWrapper.setParameter(Constants.NONCE, authCodeResponse.getAuthReqId());
cibaAuthRequestWrapper.setParameter(Constants.REDIRECT_URI, authCodeResponse.getCallBackUrl());
cibaAuthRequestWrapper.setParameter(Constants.CLIENT_ID, authCodeResponse.getClientId());
cibaAuthRequestWrapper.setParameter(CibaConstants.USER_IDENTITY, authCodeResponse.getUserHint());
cibaAuthRequestWrapper.setParameter(REQUEST_OBJECT, request.getParameter(CibaConstants.REQUEST));
cibaAuthRequestWrapper.setParameter(Constants.LOGIN_HINT, authCodeResponse.getUserHint());
if (!StringUtils.isBlank(authCodeResponse.getBindingMessage())) {
cibaAuthRequestWrapper.setParameter(CibaConstants.BINDING_MESSAGE, authCodeResponse.getBindingMessage());
}
if (!StringUtils.isBlank(authCodeResponse.getTransactionContext())) {
cibaAuthRequestWrapper.setParameter(CibaConstants.TRANSACTION_CONTEXT, authCodeResponse.getTransactionContext());
}
// Create an instance of response.
CibaAuthResponseWrapper commonAuthResponseWrapper = new CibaAuthResponseWrapper(response);
if (log.isDebugEnabled()) {
log.debug("Building AuthorizeRequest wrapper from CIBA component for the user : " + authCodeResponse.getUserHint() + " to continue the authentication request made by client with " + "clientID : " + authCodeResponse.getClientId());
}
// Fire authorize request and forget.
fireAuthzReq(cibaAuthRequestWrapper, commonAuthResponseWrapper);
}
use of org.wso2.carbon.identity.oauth.ciba.model.CibaAuthCodeResponse in project identity-inbound-auth-oauth by wso2-extensions.
the class CibaAuthServiceImpl method buildAuthCodeResponse.
/**
* Builds and returns CibaAuthCodeResponse.
*
* @param cibaAuthCodeDO DO with information regarding authenticationRequest.
* @param cibaAuthCodeRequest Auth Code request object.
* @throws CibaCoreException Exception thrown from CibaCore Component.
* @throws CibaClientException Client exception thrown from CibaCore Component.
*/
private CibaAuthCodeResponse buildAuthCodeResponse(CibaAuthCodeRequest cibaAuthCodeRequest, CibaAuthCodeDO cibaAuthCodeDO) throws CibaCoreException, CibaClientException {
String clientID = cibaAuthCodeRequest.getIssuer();
try {
CibaAuthCodeResponse cibaAuthCodeResponse = new CibaAuthCodeResponse();
String user = cibaAuthCodeRequest.getUserHint();
OAuthAppDO appDO = OAuth2Util.getAppInformationByClientId(clientID);
String callbackUri = appDO.getCallbackUrl();
cibaAuthCodeResponse.setAuthReqId(cibaAuthCodeDO.getAuthReqId());
cibaAuthCodeResponse.setCallBackUrl(callbackUri);
cibaAuthCodeResponse.setUserHint(user);
cibaAuthCodeResponse.setClientId(clientID);
cibaAuthCodeResponse.setScopes(cibaAuthCodeRequest.getScopes());
cibaAuthCodeResponse.setExpiresIn(cibaAuthCodeDO.getExpiresIn());
if (StringUtils.isNotBlank(cibaAuthCodeRequest.getBindingMessage())) {
cibaAuthCodeResponse.setBindingMessage(cibaAuthCodeRequest.getBindingMessage());
}
if (StringUtils.isNotBlank(cibaAuthCodeRequest.getTransactionContext())) {
cibaAuthCodeResponse.setTransactionDetails(cibaAuthCodeRequest.getTransactionContext());
}
if (log.isDebugEnabled()) {
log.debug("Successful in creating AuthCodeResponse for the client: " + clientID);
}
return cibaAuthCodeResponse;
} catch (IdentityOAuth2Exception e) {
throw new CibaCoreException("Error in creating AuthCodeResponse for the client: " + clientID, e);
} catch (InvalidOAuthClientException e) {
throw new CibaClientException("Error in creating AuthCodeResponse for the client: " + clientID, e);
}
}
use of org.wso2.carbon.identity.oauth.ciba.model.CibaAuthCodeResponse in project identity-inbound-auth-oauth by wso2-extensions.
the class CibaAuthServiceImpl method generateAuthCodeResponse.
@Override
public CibaAuthCodeResponse generateAuthCodeResponse(CibaAuthCodeRequest cibaAuthCodeRequest) throws CibaCoreException, CibaClientException {
CibaAuthCodeDO cibaAuthCodeDO = generateCibaAuthCodeDO(cibaAuthCodeRequest);
CibaDAOFactory.getInstance().getCibaAuthMgtDAO().persistCibaAuthCode(cibaAuthCodeDO);
return buildAuthCodeResponse(cibaAuthCodeRequest, cibaAuthCodeDO);
}
Aggregations