Example 1 with HttpRequestHeaderHandler
use of org.wso2.carbon.identity.oauth2.model.HttpRequestHeaderHandler in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2AuthzEndpoint method handleUserConsent.
private String handleUserConsent(OAuthMessage oAuthMessage, String consent, OIDCSessionState sessionState) throws OAuthSystemException {
OAuth2Parameters oauth2Params = getOauth2Params(oAuthMessage);
storeUserConsent(oAuthMessage, consent);
OAuthResponse oauthResponse;
String responseType = oauth2Params.getResponseType();
HttpRequestHeaderHandler httpRequestHeaderHandler = new HttpRequestHeaderHandler(oAuthMessage.getRequest());
// authorizing the request
OAuth2AuthorizeRespDTO authzRespDTO = authorize(oauth2Params, oAuthMessage.getSessionDataCacheEntry(), httpRequestHeaderHandler);
if (isSuccessfulAuthorization(authzRespDTO)) {
oauthResponse = handleSuccessAuthorization(oAuthMessage, sessionState, oauth2Params, responseType, authzRespDTO);
} else if (isFailureAuthorizationWithErorrCode(authzRespDTO)) {
// Authorization failure due to various reasons
return handleFailureAuthorization(oAuthMessage, sessionState, oauth2Params, authzRespDTO);
} else {
// Authorization failure due to various reasons
return handleServerErrorAuthorization(oAuthMessage, sessionState, oauth2Params);
}
// When response_mode equals to form_post, body parameter is passed back.
if (isFormPostModeAndResponseBodyExists(oauth2Params, oauthResponse)) {
return oauthResponse.getBody();
} else {
// as per the specification: http://openid.net/specs/openid-connect-core-1_0.html#HybridCallback
if (hasIDTokenInResponseType(responseType)) {
return buildOIDCResponseWithURIFragment(oauthResponse, authzRespDTO);
} else {
return appendAuthenticatedIDPs(oAuthMessage.getSessionDataCacheEntry(), oauthResponse.getLocationUri());
}
}
}
Also used :
OAuth2Parameters(org.wso2.carbon.identity.oauth2.model.OAuth2Parameters)
HttpRequestHeaderHandler(org.wso2.carbon.identity.oauth2.model.HttpRequestHeaderHandler)
OAuth2AuthorizeRespDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AuthorizeRespDTO)
OAuthResponse(org.apache.oltu.oauth2.common.message.OAuthResponse)
Example 2 with HttpRequestHeaderHandler
use of org.wso2.carbon.identity.oauth2.model.HttpRequestHeaderHandler in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuth2AuthzEndpoint method buildAuthRequest.
private OAuth2AuthorizeReqDTO buildAuthRequest(OAuth2Parameters oauth2Params, SessionDataCacheEntry sessionDataCacheEntry, HttpRequestHeaderHandler httpRequestHeaderHandler) {
OAuth2AuthorizeReqDTO authzReqDTO = new OAuth2AuthorizeReqDTO();
authzReqDTO.setCallbackUrl(oauth2Params.getRedirectURI());
authzReqDTO.setConsumerKey(oauth2Params.getClientId());
authzReqDTO.setResponseType(oauth2Params.getResponseType());
authzReqDTO.setScopes(oauth2Params.getScopes().toArray(new String[oauth2Params.getScopes().size()]));
authzReqDTO.setUser(sessionDataCacheEntry.getLoggedInUser());
authzReqDTO.setACRValues(oauth2Params.getACRValues());
authzReqDTO.setNonce(oauth2Params.getNonce());
authzReqDTO.setPkceCodeChallenge(oauth2Params.getPkceCodeChallenge());
authzReqDTO.setPkceCodeChallengeMethod(oauth2Params.getPkceCodeChallengeMethod());
authzReqDTO.setTenantDomain(oauth2Params.getTenantDomain());
authzReqDTO.setAuthTime(sessionDataCacheEntry.getAuthTime());
authzReqDTO.setMaxAge(oauth2Params.getMaxAge());
authzReqDTO.setEssentialClaims(oauth2Params.getEssentialClaims());
authzReqDTO.setSessionDataKey(oauth2Params.getSessionDataKey());
authzReqDTO.setRequestObjectFlow(oauth2Params.isRequestObjectFlow());
authzReqDTO.setIdpSessionIdentifier(sessionDataCacheEntry.getSessionContextIdentifier());
authzReqDTO.setLoggedInTenantDomain(oauth2Params.getLoginTenantDomain());
if (sessionDataCacheEntry.getParamMap() != null && sessionDataCacheEntry.getParamMap().get(OAuthConstants.AMR) != null) {
authzReqDTO.addProperty(OAuthConstants.AMR, sessionDataCacheEntry.getParamMap().get(OAuthConstants.AMR));
}
// Set Selected acr value.
String[] sessionIds = sessionDataCacheEntry.getParamMap().get(FrameworkConstants.SESSION_DATA_KEY);
if (ArrayUtils.isNotEmpty(sessionIds)) {
String commonAuthSessionId = sessionIds[0];
SessionContext sessionContext = FrameworkUtils.getSessionContextFromCache(commonAuthSessionId, oauth2Params.getLoginTenantDomain());
if (sessionContext != null && sessionContext.getSessionAuthHistory() != null) {
authzReqDTO.setSelectedAcr(sessionContext.getSessionAuthHistory().getSelectedAcrValue());
}
}
// Adding Httprequest headers and cookies in AuthzDTO.
authzReqDTO.setHttpRequestHeaders(httpRequestHeaderHandler.getHttpRequestHeaders());
authzReqDTO.setCookie(httpRequestHeaderHandler.getCookies());
return authzReqDTO;
}
Also used :
OAuth2AuthorizeReqDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AuthorizeReqDTO)
SessionContext(org.wso2.carbon.identity.application.authentication.framework.context.SessionContext)
Aggregations
OAuthResponse (org.apache.oltu.oauth2.common.message.OAuthResponse)1
SessionContext (org.wso2.carbon.identity.application.authentication.framework.context.SessionContext)1
OAuth2AuthorizeReqDTO (org.wso2.carbon.identity.oauth2.dto.OAuth2AuthorizeReqDTO)1
OAuth2AuthorizeRespDTO (org.wso2.carbon.identity.oauth2.dto.OAuth2AuthorizeRespDTO)1
HttpRequestHeaderHandler (org.wso2.carbon.identity.oauth2.model.HttpRequestHeaderHandler)1
OAuth2Parameters (org.wso2.carbon.identity.oauth2.model.OAuth2Parameters)1
