use of org.wso2.carbon.identity.oauth2.RequestObjectException in project identity-inbound-auth-oauth by wso2-extensions.
the class RequestObject method processClaimObject.
/**
* To process the claim object which comes with the request object.
*
* @param jsonObjectRequestedClaims requested claims of the request object
* @throws ParseException
*/
private void processClaimObject(JSONObject jsonObjectRequestedClaims) throws RequestObjectException {
try {
Map<String, List<RequestedClaim>> claimsforClaimRequestor = new HashMap<>();
if (jsonObjectRequestedClaims.get(CLAIMS) != null) {
JSONObject jsonObjectClaim = (JSONObject) jsonObjectRequestedClaims.get(CLAIMS);
// To iterate the claims json object to fetch the claim requestor and all requested claims.
for (Map.Entry<String, Object> requesterClaimsMap : jsonObjectClaim.entrySet()) {
List<RequestedClaim> requestedClaimsList = new ArrayList();
if (jsonObjectClaim.get(requesterClaimsMap.getKey()) != null) {
// Get requested claim object
Object requestedClaimObject = jsonObjectClaim.get(requesterClaimsMap.getKey());
// Extract all requested claims if attribute is an JSONObject
if (requestedClaimObject instanceof JSONObject) {
JSONObject jsonObjectAllRequestedClaims = (JSONObject) jsonObjectClaim.get(requesterClaimsMap.getKey());
if (jsonObjectAllRequestedClaims != null) {
for (Map.Entry<String, Object> requestedClaims : jsonObjectAllRequestedClaims.entrySet()) {
JSONObject jsonObjectClaimAttributes = null;
if (jsonObjectAllRequestedClaims.get(requestedClaims.getKey()) != null) {
jsonObjectClaimAttributes = (JSONObject) jsonObjectAllRequestedClaims.get(requestedClaims.getKey());
}
populateRequestedClaimValues(requestedClaimsList, jsonObjectClaimAttributes, requestedClaims.getKey(), requesterClaimsMap.getKey());
}
}
}
}
claimsforClaimRequestor.put(requesterClaimsMap.getKey(), requestedClaimsList);
}
this.setRequestedClaims(claimsforClaimRequestor);
}
} catch (ClassCastException e) {
throw new RequestObjectException(OAuth2ErrorCodes.INVALID_REQUEST, "Requested \"claims\" in Request " + "Object is in invalid format.");
}
}
use of org.wso2.carbon.identity.oauth2.RequestObjectException in project identity-inbound-auth-oauth by wso2-extensions.
the class RequestObject method setPlainJWT.
/**
* Extract jwtclaimset from plain jwt and extract claimsforClaimRequestor
*
* @param plainJWT
* @throws ParseException
*/
public void setPlainJWT(PlainJWT plainJWT) throws RequestObjectException {
this.plainJWT = plainJWT;
try {
this.setClaimSet(plainJWT.getJWTClaimsSet());
} catch (ParseException e) {
throw new RequestObjectException(OAuth2ErrorCodes.INVALID_REQUEST, "Unable to parse Claim Set in " + "the Request Object.");
}
if (this.claimsSet.getClaim(CLAIMS) != null) {
JSONObject claims = this.claimsSet.toJSONObject();
processClaimObject(claims);
}
}
use of org.wso2.carbon.identity.oauth2.RequestObjectException in project identity-inbound-auth-oauth by wso2-extensions.
the class RequestObject method setSignedJWT.
/**
* Mark the object as signed.
* Extract jwtclaimset from signed jwt and extract claimsforClaimRequestor
*
* @param signedJWT
* @throws ParseException
*/
public void setSignedJWT(SignedJWT signedJWT) throws RequestObjectException {
this.signedJWT = signedJWT;
try {
setClaimSet(signedJWT.getJWTClaimsSet());
} catch (ParseException e) {
throw new RequestObjectException(OAuth2ErrorCodes.INVALID_REQUEST, "Unable to parse Claim Set in " + "the Request Object.");
}
if (this.claimsSet.getClaim(CLAIMS) != null) {
JSONObject claims = this.claimsSet.toJSONObject();
processClaimObject(claims);
}
}
use of org.wso2.carbon.identity.oauth2.RequestObjectException in project identity-inbound-auth-oauth by wso2-extensions.
the class TestUtils method getSignedAndEncryptedJWT.
private static String getSignedAndEncryptedJWT(Key publicKey, RSAPrivateKey privateKey, JWTClaimsSet jwtClaimsSet) throws RequestObjectException {
SignedJWT signedJWT = getSignedJWT(jwtClaimsSet, privateKey);
// Create JWE object with signed JWT as payload
JWEHeader jweHeader = new JWEHeader(JWEAlgorithm.RSA_OAEP_256, EncryptionMethod.A256GCM);
JWEObject jweObject = new JWEObject(jweHeader, new Payload(signedJWT.serialize()));
// Perform encryption
try {
jweObject.encrypt(new RSAEncrypter((RSAPublicKey) publicKey));
return jweObject.serialize();
} catch (JOSEException e) {
throw new RequestObjectException("error_building_jwd", "Error occurred while creating JWE.");
}
}
use of org.wso2.carbon.identity.oauth2.RequestObjectException in project identity-inbound-auth-oauth by wso2-extensions.
the class TestUtils method getEncryptedJWT.
private static String getEncryptedJWT(RSAPublicKey publicKey, JWTClaimsSet jwtClaimsSet) throws RequestObjectException {
// Request JWT encrypted with RSA-OAEP-256 and 128-bit AES/GCM
JWEHeader header = new JWEHeader(JWEAlgorithm.RSA_OAEP, EncryptionMethod.A128GCM);
// Create the encrypted JWT object
EncryptedJWT jwt = new EncryptedJWT(header, jwtClaimsSet);
try {
// Create an encrypter with the specified public RSA key
RSAEncrypter encrypter = new RSAEncrypter(publicKey);
// Do the actual encryption
jwt.encrypt(encrypter);
} catch (JOSEException e) {
throw new RequestObjectException("error_building_jwd", "Error occurred while creating JWE JWT.");
}
return jwt.serialize();
}
Aggregations