Examples with RequestObject org.wso2.carbon.identity.openidconnect.model.RequestObject used on opensource projects

Search in sources :

Example 11 with RequestObject

use of org.wso2.carbon.identity.openidconnect.model.RequestObject in project identity-inbound-auth-oauth by wso2-extensions.

the class DefaultWebFingerProcessor method getResponse.

public WebFingerResponse getResponse(HttpServletRequest request) throws WebFingerEndpointException, ServerConfigurationException {
    WebFingerRequestBuilder requestBuilder = new DefaultWebFingerRequestBuilder();
    WebFingerRequest requestObject = requestBuilder.buildRequest(request);
    WebFingerOIDCResponseBuilder responseBuilder = new WebFingerOIDCResponseBuilder();
    return responseBuilder.buildWebFingerResponse(requestObject);
}
Also used : DefaultWebFingerRequestBuilder(org.wso2.carbon.identity.webfinger.builders.DefaultWebFingerRequestBuilder) WebFingerOIDCResponseBuilder(org.wso2.carbon.identity.webfinger.builders.WebFingerOIDCResponseBuilder) DefaultWebFingerRequestBuilder(org.wso2.carbon.identity.webfinger.builders.DefaultWebFingerRequestBuilder) WebFingerRequestBuilder(org.wso2.carbon.identity.webfinger.builders.WebFingerRequestBuilder)

Example 12 with RequestObject

use of org.wso2.carbon.identity.openidconnect.model.RequestObject in project identity-inbound-auth-oauth by wso2-extensions.

the class RequestParamRequestObjectBuilderTest method buildRequestObjectTest.

@Test(dataProvider = "TestBuildRequestObjectTest")
public void buildRequestObjectTest(String requestObjectString, Map<String, Object> claims, boolean isSigned, boolean isEncrypted, boolean exceptionNotExpected, String errorMsg) throws Exception {
    mockStatic(IdentityUtil.class);
    mockStatic(IdentityTenantUtil.class);
    when(IdentityTenantUtil.getTenantId(anyString())).thenReturn(-1234);
    IdentityEventService eventServiceMock = mock(IdentityEventService.class);
    mockStatic(CentralLogMgtServiceComponentHolder.class);
    when(CentralLogMgtServiceComponentHolder.getInstance()).thenReturn(centralLogMgtServiceComponentHolderMock);
    when(centralLogMgtServiceComponentHolderMock.getIdentityEventService()).thenReturn(eventServiceMock);
    PowerMockito.doNothing().when(eventServiceMock).handleEvent(any());
    when(IdentityUtil.getServerURL(anyString(), anyBoolean(), anyBoolean())).thenReturn("some-server-url");
    OAuth2Parameters oAuth2Parameters = new OAuth2Parameters();
    oAuth2Parameters.setTenantDomain("carbon.super");
    oAuth2Parameters.setClientId(TEST_CLIENT_ID_1);
    OAuthServerConfiguration oauthServerConfigurationMock = mock(OAuthServerConfiguration.class);
    mockStatic(OAuthServerConfiguration.class);
    when(OAuthServerConfiguration.getInstance()).thenReturn(oauthServerConfigurationMock);
    mockStatic(RequestObjectValidatorImpl.class);
    PowerMockito.spy(RequestObjectValidatorImpl.class);
    rsaPrivateKey = (RSAPrivateKey) wso2KeyStore.getKey("wso2carbon", "wso2carbon".toCharArray());
    mockStatic(OAuth2Util.class);
    when(OAuth2Util.getTenantId("carbon.super")).thenReturn(-1234);
    when((OAuth2Util.getPrivateKey(anyString(), anyInt()))).thenReturn(rsaPrivateKey);
    when(OAuth2Util.getX509CertOfOAuthApp(TEST_CLIENT_ID_1, MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)).thenReturn(clientKeyStore.getCertificate("wso2carbon"));
    RequestObjectValidator requestObjectValidator = new RequestObjectValidatorImpl();
    when((oauthServerConfigurationMock.getRequestObjectValidator())).thenReturn(requestObjectValidator);
    RequestObject requestObject;
    RequestParamRequestObjectBuilder requestParamRequestObjectBuilder = new RequestParamRequestObjectBuilder();
    try {
        requestObject = requestParamRequestObjectBuilder.buildRequestObject(requestObjectString, oAuth2Parameters);
        Assert.assertEquals(requestObject.isSigned(), isSigned, errorMsg);
        if (claims != null && !claims.isEmpty()) {
            for (Map.Entry entry : claims.entrySet()) {
                Assert.assertEquals(requestObject.getClaim(entry.getKey().toString()), entry.getValue(), "Request object claim:" + entry.getKey() + " is not properly set.");
            }
        }
    } catch (RequestObjectException e) {
        Assert.assertFalse(exceptionNotExpected, errorMsg + "Building failed due to " + e.getMessage());
    }
}
Also used : OAuth2Parameters(org.wso2.carbon.identity.oauth2.model.OAuth2Parameters) RequestObjectException(org.wso2.carbon.identity.oauth2.RequestObjectException) OAuthServerConfiguration(org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration) Map(java.util.Map) IdentityEventService(org.wso2.carbon.identity.event.services.IdentityEventService) RequestObject(org.wso2.carbon.identity.openidconnect.model.RequestObject) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Example 13 with RequestObject

use of org.wso2.carbon.identity.openidconnect.model.RequestObject in project identity-inbound-auth-oauth by wso2-extensions.

the class RequestObjectValidatorUtil method validateSignature.

/**
 * Validate the signature of the request object
 * @param requestObject Request Object
 * @param oAuth2Parameters OAuth2 Parameters
 * @return is signature valid
 * @throws RequestObjectException
 */
public static boolean validateSignature(RequestObject requestObject, OAuth2Parameters oAuth2Parameters) throws RequestObjectException {
    boolean isVerified;
    Certificate certificate = null;
    SignedJWT jwt = requestObject.getSignedJWT();
    try {
        certificate = getCertificateForAlias(oAuth2Parameters.getTenantDomain(), oAuth2Parameters.getClientId());
    } catch (RequestObjectException e) {
        String message = "Error retrieving public certificate for service provider, checking whether a jwks " + "endpoint is configured for the service provider with client_id: " + oAuth2Parameters.getClientId();
        log.warn(message);
        if (log.isDebugEnabled()) {
            log.debug(message, e);
        }
    }
    if (certificate == null) {
        if (log.isDebugEnabled()) {
            log.debug("Public certificate not configured for Service Provider with " + "client_id: " + oAuth2Parameters.getClientId() + " of tenantDomain: " + oAuth2Parameters.getTenantDomain() + ". Fetching the jwks endpoint for validating request object");
        }
        String jwksUri = getJWKSEndpoint(oAuth2Parameters);
        isVerified = isSignatureVerified(jwt, jwksUri);
    } else {
        if (log.isDebugEnabled()) {
            log.debug("Public certificate configured for Service Provider with " + "client_id: " + oAuth2Parameters.getClientId() + " of tenantDomain: " + oAuth2Parameters.getTenantDomain() + ". Using public certificate  for validating request object");
        }
        isVerified = isSignatureVerified(jwt, certificate);
    }
    requestObject.setIsSignatureValid(isVerified);
    return isVerified;
}
Also used : RequestObjectException(org.wso2.carbon.identity.oauth2.RequestObjectException) SignedJWT(com.nimbusds.jwt.SignedJWT) Certificate(java.security.cert.Certificate)

Example 14 with RequestObject

use of org.wso2.carbon.identity.openidconnect.model.RequestObject in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2AuthzEndpoint method getAcrValues.

/**
 * To get the value(s) for "acr" from request object.
 *
 * @param requestObject {@link RequestObject}
 * @return list of acr value(s)
 */
private List<String> getAcrValues(RequestObject requestObject) {
    List<String> acrRequestedValues = null;
    if (requestObject != null) {
        Map<String, List<RequestedClaim>> requestedClaims = requestObject.getRequestedClaims();
        List<RequestedClaim> requestedClaimsForIdToken = requestedClaims.get(OIDCConstants.ID_TOKEN);
        if (CollectionUtils.isNotEmpty(requestedClaimsForIdToken)) {
            for (RequestedClaim requestedClaim : requestedClaimsForIdToken) {
                if (OAuthConstants.ACR.equalsIgnoreCase(requestedClaim.getName()) && requestedClaim.isEssential()) {
                    acrRequestedValues = requestedClaim.getValues();
                    if (CollectionUtils.isEmpty(acrRequestedValues) && StringUtils.isNotEmpty(requestedClaim.getValue())) {
                        acrRequestedValues = Collections.singletonList(requestedClaim.getValue());
                    }
                    break;
                }
            }
        }
    }
    return acrRequestedValues;
}
Also used : RequestedClaim(org.wso2.carbon.identity.openidconnect.model.RequestedClaim) ArrayList(java.util.ArrayList) List(java.util.List)

Example 15 with RequestObject

use of org.wso2.carbon.identity.openidconnect.model.RequestObject in project identity-inbound-auth-oauth by wso2-extensions.

the class RequestObjectValidatorImpl method checkExpirationTime.

private boolean checkExpirationTime(RequestObject requestObject) throws RequestObjectException {
    Date expirationTime = requestObject.getClaimsSet().getExpirationTime();
    if (expirationTime != null) {
        long timeStampSkewMillis = OAuthServerConfiguration.getInstance().getTimeStampSkewInSeconds() * 1000;
        long expirationTimeInMillis = expirationTime.getTime();
        long currentTimeInMillis = System.currentTimeMillis();
        if ((currentTimeInMillis + timeStampSkewMillis) > expirationTimeInMillis) {
            String msg = "Request Object is expired." + ", Expiration Time(ms) : " + expirationTimeInMillis + ", TimeStamp Skew : " + timeStampSkewMillis + ", Current Time : " + currentTimeInMillis + ". Token Rejected.";
            logAndReturnFalse(msg);
            if (LoggerUtils.isDiagnosticLogsEnabled()) {
                Map<String, Object> params = new HashMap<>();
                params.put("requestObjectExpirationTime", expirationTime);
                LoggerUtils.triggerDiagnosticLogEvent(OAuthConstants.LogConstants.OAUTH_INBOUND_SERVICE, params, OAuthConstants.LogConstants.FAILED, "Request Object is Expired.", "validate-request-object", null);
            }
            throw new RequestObjectException(RequestObjectException.ERROR_CODE_INVALID_REQUEST, "Request Object " + "is Expired.");
        }
    }
    return true;
}
Also used : RequestObjectException(org.wso2.carbon.identity.oauth2.RequestObjectException) HashMap(java.util.HashMap) RequestObject(org.wso2.carbon.identity.openidconnect.model.RequestObject) Date(java.util.Date)

Aggregations

RequestObject (org.wso2.carbon.identity.openidconnect.model.RequestObject)11 RequestObjectException (org.wso2.carbon.identity.oauth2.RequestObjectException)8 HashMap (java.util.HashMap)5 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)4 BeforeTest (org.testng.annotations.BeforeTest)4 Test (org.testng.annotations.Test)4 OAuth2Parameters (org.wso2.carbon.identity.oauth2.model.OAuth2Parameters)4 Map (java.util.Map)3 OAuthServerConfiguration (org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration)3 JsonObject (com.google.gson.JsonObject)2 ArrayList (java.util.ArrayList)2 List (java.util.List)2 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)2 Matchers.anyString (org.mockito.Matchers.anyString)2 Property (org.wso2.carbon.identity.application.common.model.Property)2 InvalidRequestException (org.wso2.carbon.identity.oauth.endpoint.exception.InvalidRequestException)2 IdentityOAuth2Exception (org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception)2 JsonElement (com.google.gson.JsonElement)1 JsonParseException (com.google.gson.JsonParseException)1 JsonParser (com.google.gson.JsonParser)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial