Search in sources :

Example 6 with RequestObjectException

use of org.wso2.carbon.identity.oauth2.RequestObjectException in project identity-inbound-auth-oauth by wso2-extensions.

the class RequestObject method processClaimObject.

/**
 * To process the claim object which comes with the request object.
 *
 * @param jsonObjectRequestedClaims requested claims of the request object
 * @throws ParseException
 */
private void processClaimObject(JSONObject jsonObjectRequestedClaims) throws RequestObjectException {
    try {
        Map<String, List<RequestedClaim>> claimsforClaimRequestor = new HashMap<>();
        if (jsonObjectRequestedClaims.get(CLAIMS) != null) {
            JSONObject jsonObjectClaim = (JSONObject) jsonObjectRequestedClaims.get(CLAIMS);
            // To iterate the claims json object to fetch the claim requestor and all requested claims.
            for (Map.Entry<String, Object> requesterClaimsMap : jsonObjectClaim.entrySet()) {
                List<RequestedClaim> requestedClaimsList = new ArrayList();
                if (jsonObjectClaim.get(requesterClaimsMap.getKey()) != null) {
                    // Get requested claim object
                    Object requestedClaimObject = jsonObjectClaim.get(requesterClaimsMap.getKey());
                    // Extract all requested claims if attribute is an JSONObject
                    if (requestedClaimObject instanceof JSONObject) {
                        JSONObject jsonObjectAllRequestedClaims = (JSONObject) jsonObjectClaim.get(requesterClaimsMap.getKey());
                        if (jsonObjectAllRequestedClaims != null) {
                            for (Map.Entry<String, Object> requestedClaims : jsonObjectAllRequestedClaims.entrySet()) {
                                JSONObject jsonObjectClaimAttributes = null;
                                if (jsonObjectAllRequestedClaims.get(requestedClaims.getKey()) != null) {
                                    jsonObjectClaimAttributes = (JSONObject) jsonObjectAllRequestedClaims.get(requestedClaims.getKey());
                                }
                                populateRequestedClaimValues(requestedClaimsList, jsonObjectClaimAttributes, requestedClaims.getKey(), requesterClaimsMap.getKey());
                            }
                        }
                    }
                }
                claimsforClaimRequestor.put(requesterClaimsMap.getKey(), requestedClaimsList);
            }
            this.setRequestedClaims(claimsforClaimRequestor);
        }
    } catch (ClassCastException e) {
        throw new RequestObjectException(OAuth2ErrorCodes.INVALID_REQUEST, "Requested \"claims\" in Request " + "Object is in invalid format.");
    }
}
Also used : RequestObjectException(org.wso2.carbon.identity.oauth2.RequestObjectException) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) JSONObject(net.minidev.json.JSONObject) ArrayList(java.util.ArrayList) List(java.util.List) JSONObject(net.minidev.json.JSONObject) HashMap(java.util.HashMap) Map(java.util.Map)

Example 7 with RequestObjectException

use of org.wso2.carbon.identity.oauth2.RequestObjectException in project identity-inbound-auth-oauth by wso2-extensions.

the class RequestObject method setPlainJWT.

/**
 * Extract jwtclaimset from plain jwt and extract claimsforClaimRequestor
 *
 * @param plainJWT
 * @throws ParseException
 */
public void setPlainJWT(PlainJWT plainJWT) throws RequestObjectException {
    this.plainJWT = plainJWT;
    try {
        this.setClaimSet(plainJWT.getJWTClaimsSet());
    } catch (ParseException e) {
        throw new RequestObjectException(OAuth2ErrorCodes.INVALID_REQUEST, "Unable to parse Claim Set in " + "the Request Object.");
    }
    if (this.claimsSet.getClaim(CLAIMS) != null) {
        JSONObject claims = this.claimsSet.toJSONObject();
        processClaimObject(claims);
    }
}
Also used : RequestObjectException(org.wso2.carbon.identity.oauth2.RequestObjectException) JSONObject(net.minidev.json.JSONObject) ParseException(java.text.ParseException)

Example 8 with RequestObjectException

use of org.wso2.carbon.identity.oauth2.RequestObjectException in project identity-inbound-auth-oauth by wso2-extensions.

the class RequestObject method setSignedJWT.

/**
 * Mark the object as signed.
 * Extract jwtclaimset from signed jwt and extract claimsforClaimRequestor
 *
 * @param signedJWT
 * @throws ParseException
 */
public void setSignedJWT(SignedJWT signedJWT) throws RequestObjectException {
    this.signedJWT = signedJWT;
    try {
        setClaimSet(signedJWT.getJWTClaimsSet());
    } catch (ParseException e) {
        throw new RequestObjectException(OAuth2ErrorCodes.INVALID_REQUEST, "Unable to parse Claim Set in " + "the Request Object.");
    }
    if (this.claimsSet.getClaim(CLAIMS) != null) {
        JSONObject claims = this.claimsSet.toJSONObject();
        processClaimObject(claims);
    }
}
Also used : RequestObjectException(org.wso2.carbon.identity.oauth2.RequestObjectException) JSONObject(net.minidev.json.JSONObject) ParseException(java.text.ParseException)

Example 9 with RequestObjectException

use of org.wso2.carbon.identity.oauth2.RequestObjectException in project identity-inbound-auth-oauth by wso2-extensions.

the class TestUtils method getSignedAndEncryptedJWT.

private static String getSignedAndEncryptedJWT(Key publicKey, RSAPrivateKey privateKey, JWTClaimsSet jwtClaimsSet) throws RequestObjectException {
    SignedJWT signedJWT = getSignedJWT(jwtClaimsSet, privateKey);
    // Create JWE object with signed JWT as payload
    JWEHeader jweHeader = new JWEHeader(JWEAlgorithm.RSA_OAEP_256, EncryptionMethod.A256GCM);
    JWEObject jweObject = new JWEObject(jweHeader, new Payload(signedJWT.serialize()));
    // Perform encryption
    try {
        jweObject.encrypt(new RSAEncrypter((RSAPublicKey) publicKey));
        return jweObject.serialize();
    } catch (JOSEException e) {
        throw new RequestObjectException("error_building_jwd", "Error occurred while creating JWE.");
    }
}
Also used : RequestObjectException(org.wso2.carbon.identity.oauth2.RequestObjectException) JWEHeader(com.nimbusds.jose.JWEHeader) RSAPublicKey(java.security.interfaces.RSAPublicKey) JWEObject(com.nimbusds.jose.JWEObject) RSAEncrypter(com.nimbusds.jose.crypto.RSAEncrypter) Payload(com.nimbusds.jose.Payload) SignedJWT(com.nimbusds.jwt.SignedJWT) JOSEException(com.nimbusds.jose.JOSEException)

Example 10 with RequestObjectException

use of org.wso2.carbon.identity.oauth2.RequestObjectException in project identity-inbound-auth-oauth by wso2-extensions.

the class TestUtils method getEncryptedJWT.

private static String getEncryptedJWT(RSAPublicKey publicKey, JWTClaimsSet jwtClaimsSet) throws RequestObjectException {
    // Request JWT encrypted with RSA-OAEP-256 and 128-bit AES/GCM
    JWEHeader header = new JWEHeader(JWEAlgorithm.RSA_OAEP, EncryptionMethod.A128GCM);
    // Create the encrypted JWT object
    EncryptedJWT jwt = new EncryptedJWT(header, jwtClaimsSet);
    try {
        // Create an encrypter with the specified public RSA key
        RSAEncrypter encrypter = new RSAEncrypter(publicKey);
        // Do the actual encryption
        jwt.encrypt(encrypter);
    } catch (JOSEException e) {
        throw new RequestObjectException("error_building_jwd", "Error occurred while creating JWE JWT.");
    }
    return jwt.serialize();
}
Also used : RequestObjectException(org.wso2.carbon.identity.oauth2.RequestObjectException) JWEHeader(com.nimbusds.jose.JWEHeader) RSAEncrypter(com.nimbusds.jose.crypto.RSAEncrypter) EncryptedJWT(com.nimbusds.jwt.EncryptedJWT) JOSEException(com.nimbusds.jose.JOSEException)

Aggregations

RequestObjectException (org.wso2.carbon.identity.oauth2.RequestObjectException)23 RequestObject (org.wso2.carbon.identity.openidconnect.model.RequestObject)9 HashMap (java.util.HashMap)7 IdentityOAuth2Exception (org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception)6 JOSEException (com.nimbusds.jose.JOSEException)4 ArrayList (java.util.ArrayList)4 OAuth2Parameters (org.wso2.carbon.identity.oauth2.model.OAuth2Parameters)4 SignedJWT (com.nimbusds.jwt.SignedJWT)3 ParseException (java.text.ParseException)3 Map (java.util.Map)3 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)3 JSONObject (net.minidev.json.JSONObject)3 ClaimMetaData (org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.ClaimMetaData)3 RequestedClaim (org.wso2.carbon.identity.openidconnect.model.RequestedClaim)3 JWEHeader (com.nimbusds.jose.JWEHeader)2 JWEObject (com.nimbusds.jose.JWEObject)2 RSAEncrypter (com.nimbusds.jose.crypto.RSAEncrypter)2 EncryptedJWT (com.nimbusds.jwt.EncryptedJWT)2 List (java.util.List)2 JSONObject (org.json.JSONObject)2