Search in sources :

Example 1 with OpenIdConfigurationClient

use of org.xdi.oxauth.client.OpenIdConfigurationClient in project oxTrust by GluuFederation.

the class OpenIdService method loadOpenIdConfiguration.

private void loadOpenIdConfiguration() {
    String openIdProvider = appConfiguration.getOxAuthIssuer();
    if (StringHelper.isEmpty(openIdProvider)) {
        throw new ConfigurationException("OpenIdProvider Url is invalid");
    }
    openIdProvider = openIdProvider + "/.well-known/openid-configuration";
    final OpenIdConfigurationClient openIdConfigurationClient = new OpenIdConfigurationClient(openIdProvider);
    final OpenIdConfigurationResponse response = openIdConfigurationClient.execOpenIdConfiguration();
    if ((response == null) || (response.getStatus() != 200)) {
        throw new ConfigurationException("Failed to load oxAuth configuration");
    }
    log.info("Successfully loaded oxAuth configuration");
    this.openIdConfiguration = response;
}
Also used : OpenIdConfigurationClient(org.xdi.oxauth.client.OpenIdConfigurationClient) ConfigurationException(org.xdi.util.exception.ConfigurationException) OpenIdConfigurationResponse(org.xdi.oxauth.client.OpenIdConfigurationResponse)

Example 2 with OpenIdConfigurationClient

use of org.xdi.oxauth.client.OpenIdConfigurationClient in project oxTrust by GluuFederation.

the class AppInitializer method initOpenIdConfiguration.

@Produces
@ApplicationScoped
@Named("openIdConfiguration")
public OpenIdConfigurationResponse initOpenIdConfiguration() throws OxIntializationException {
    String oxAuthIssuer = this.configurationFactory.getAppConfiguration().getOxAuthIssuer();
    if (StringHelper.isEmpty(oxAuthIssuer)) {
        log.info("oxAuth issuer isn't specified");
        return null;
    }
    log.debug("Attempting to determine configuration endpoint URL");
    OpenIdConnectDiscoveryClient openIdConnectDiscoveryClient;
    try {
        openIdConnectDiscoveryClient = new OpenIdConnectDiscoveryClient(oxAuthIssuer);
    } catch (URISyntaxException ex) {
        throw new OxIntializationException("OpenId discovery response is invalid!", ex);
    }
    OpenIdConnectDiscoveryResponse openIdConnectDiscoveryResponse = openIdConnectDiscoveryClient.exec();
    if ((openIdConnectDiscoveryResponse.getStatus() != 200) || (openIdConnectDiscoveryResponse.getSubject() == null) || (openIdConnectDiscoveryResponse.getLinks().size() == 0)) {
        throw new OxIntializationException("OpenId discovery response is invalid!");
    }
    log.debug("Attempting to load OpenID configuration");
    String configurationEndpoint = openIdConnectDiscoveryResponse.getLinks().get(0).getHref() + "/.well-known/openid-configuration";
    OpenIdConfigurationClient client = new OpenIdConfigurationClient(configurationEndpoint);
    OpenIdConfigurationResponse openIdConfiguration = client.execOpenIdConfiguration();
    if (openIdConfiguration.getStatus() != 200) {
        throw new OxIntializationException("OpenId configuration response is invalid!");
    }
    return openIdConfiguration;
}
Also used : OpenIdConnectDiscoveryClient(org.xdi.oxauth.client.OpenIdConnectDiscoveryClient) OpenIdConfigurationClient(org.xdi.oxauth.client.OpenIdConfigurationClient) OpenIdConnectDiscoveryResponse(org.xdi.oxauth.client.OpenIdConnectDiscoveryResponse) OpenIdConfigurationResponse(org.xdi.oxauth.client.OpenIdConfigurationResponse) URISyntaxException(java.net.URISyntaxException) OxIntializationException(org.xdi.exception.OxIntializationException) Named(javax.inject.Named) Produces(javax.enterprise.inject.Produces) ApplicationScoped(javax.enterprise.context.ApplicationScoped)

Example 3 with OpenIdConfigurationClient

use of org.xdi.oxauth.client.OpenIdConfigurationClient in project oxAuth by GluuFederation.

the class OpenIdConnectDiscoveryAction method exec.

public void exec() {
    try {
        ClientExecutor clientExecutor = null;
        if (acceptUntrustedCertificate) {
            HttpClient httpClient = new SslDefaultHttpClient(new TrustAllTrustManager());
            clientExecutor = new ApacheHttpClient4Executor(httpClient);
        }
        OpenIdConnectDiscoveryRequest openIdConnectDiscoveryRequest = new OpenIdConnectDiscoveryRequest(resource);
        host = openIdConnectDiscoveryRequest.getHost();
        rel = REL_VALUE;
        OpenIdConnectDiscoveryClient openIdConnectDiscoveryClient = new OpenIdConnectDiscoveryClient(resource);
        OpenIdConnectDiscoveryResponse openIdConnectDiscoveryResponse;
        if (clientExecutor == null) {
            openIdConnectDiscoveryResponse = openIdConnectDiscoveryClient.exec();
        } else {
            openIdConnectDiscoveryResponse = openIdConnectDiscoveryClient.exec(clientExecutor);
        }
        showResults = true;
        requestString1 = openIdConnectDiscoveryClient.getRequestAsString();
        responseString1 = openIdConnectDiscoveryClient.getResponseAsString();
        if (openIdConnectDiscoveryResponse.getStatus() == 200) {
            String openIdConfigurationUrl = openIdConnectDiscoveryResponse.getLinks().get(0).getHref() + "/.well-known/openid-configuration";
            OpenIdConfigurationClient openIdConfigurationClient = new OpenIdConfigurationClient(openIdConfigurationUrl);
            OpenIdConfigurationResponse openIdConfigurationResponse;
            if (clientExecutor == null) {
                openIdConfigurationResponse = openIdConfigurationClient.execOpenIdConfiguration();
            } else {
                openIdConfigurationResponse = openIdConfigurationClient.execOpenIdConfiguration(clientExecutor);
            }
            requestString2 = openIdConfigurationClient.getRequestAsString();
            responseString2 = openIdConfigurationClient.getResponseAsString();
            registrationAction.setRegistrationEndpoint(openIdConfigurationResponse.getRegistrationEndpoint());
            authorizationAction.setAuthorizationEndpoint(openIdConfigurationResponse.getAuthorizationEndpoint());
            authorizationAction.setJwksUri(openIdConfigurationResponse.getJwksUri());
            tokenAction.setTokenEndpoint(openIdConfigurationResponse.getTokenEndpoint());
            userInfoAction.setUserInfoEndpoint(openIdConfigurationResponse.getUserInfoEndpoint());
            checkSessionAction.setCheckSessionEndpoint(openIdConfigurationResponse.getCheckSessionIFrame());
            endSessionAction.setEndSessionEndpoint(openIdConfigurationResponse.getEndSessionEndpoint());
        }
    } catch (IllegalArgumentException e) {
        log.error(e.getMessage(), e);
    } catch (URISyntaxException e) {
        log.error(e.getMessage(), e);
    } catch (Exception e) {
        log.error(e.getMessage(), e);
    }
}
Also used : SslDefaultHttpClient(org.xdi.net.SslDefaultHttpClient) ApacheHttpClient4Executor(org.jboss.resteasy.client.core.executors.ApacheHttpClient4Executor) OpenIdConnectDiscoveryClient(org.xdi.oxauth.client.OpenIdConnectDiscoveryClient) ClientExecutor(org.jboss.resteasy.client.ClientExecutor) OpenIdConnectDiscoveryResponse(org.xdi.oxauth.client.OpenIdConnectDiscoveryResponse) TrustAllTrustManager(org.xdi.net.TrustAllTrustManager) URISyntaxException(java.net.URISyntaxException) URISyntaxException(java.net.URISyntaxException) OpenIdConnectDiscoveryRequest(org.xdi.oxauth.client.OpenIdConnectDiscoveryRequest) OpenIdConfigurationClient(org.xdi.oxauth.client.OpenIdConfigurationClient) SslDefaultHttpClient(org.xdi.net.SslDefaultHttpClient) HttpClient(org.apache.http.client.HttpClient) OpenIdConfigurationResponse(org.xdi.oxauth.client.OpenIdConfigurationResponse)

Example 4 with OpenIdConfigurationClient

use of org.xdi.oxauth.client.OpenIdConfigurationClient in project oxAuth by GluuFederation.

the class ConfigurationRestWebServiceHttpTest method requestOpenIdConfiguration.

@Test
@Parameters({ "swdResource" })
public void requestOpenIdConfiguration(final String resource) throws Exception {
    showTitle("OpenID Connect Discovery");
    OpenIdConnectDiscoveryClient openIdConnectDiscoveryClient = new OpenIdConnectDiscoveryClient(resource);
    OpenIdConnectDiscoveryResponse openIdConnectDiscoveryResponse = openIdConnectDiscoveryClient.exec(new ApacheHttpClient4Executor(createHttpClient(HostnameVerifierType.ALLOW_ALL)));
    showClient(openIdConnectDiscoveryClient);
    assertEquals(openIdConnectDiscoveryResponse.getStatus(), 200, "Unexpected response code");
    assertNotNull(openIdConnectDiscoveryResponse.getSubject());
    assertTrue(openIdConnectDiscoveryResponse.getLinks().size() > 0);
    String configurationEndpoint = openIdConnectDiscoveryResponse.getLinks().get(0).getHref() + "/.well-known/openid-configuration";
    showTitle("OpenID Connect Configuration");
    OpenIdConfigurationClient client = new OpenIdConfigurationClient(configurationEndpoint);
    OpenIdConfigurationResponse response = client.execOpenIdConfiguration();
    showClient(client);
    assertEquals(response.getStatus(), 200, "Unexpected response code");
    assertNotNull(response.getIssuer(), "The issuer is null");
    assertNotNull(response.getAuthorizationEndpoint(), "The authorizationEndpoint is null");
    assertNotNull(response.getTokenEndpoint(), "The tokenEndpoint is null");
    assertNotNull(response.getUserInfoEndpoint(), "The userInfoEndPoint is null");
    assertNotNull(response.getClientInfoEndpoint(), "The clientInfoEndPoint is null");
    assertNotNull(response.getCheckSessionIFrame(), "The checkSessionIFrame is null");
    assertNotNull(response.getEndSessionEndpoint(), "The endSessionEndpoint is null");
    assertNotNull(response.getJwksUri(), "The jwksUri is null");
    assertNotNull(response.getRegistrationEndpoint(), "The registrationEndpoint is null");
    assertNotNull(response.getIntrospectionEndpoint(), "The introspectionEndpoint is null");
    assertNotNull(response.getIdGenerationEndpoint(), "The idGenerationEndpoint is null");
    assertTrue(response.getScopesSupported().size() > 0, "The scopesSupported is empty");
    assertTrue(response.getScopeToClaimsMapping().size() > 0, "The scope to claims mapping is empty");
    assertTrue(response.getResponseTypesSupported().size() > 0, "The responseTypesSupported is empty");
    assertTrue(response.getGrantTypesSupported().size() > 0, "The grantTypesSupported is empty");
    assertTrue(response.getAcrValuesSupported().size() >= 0, "The acrValuesSupported is empty");
    assertTrue(response.getSubjectTypesSupported().size() > 0, "The subjectTypesSupported is empty");
    assertTrue(response.getUserInfoSigningAlgValuesSupported().size() > 0, "The userInfoSigningAlgValuesSupported is empty");
    assertTrue(response.getUserInfoEncryptionAlgValuesSupported().size() > 0, "The userInfoEncryptionAlgValuesSupported is empty");
    assertTrue(response.getUserInfoEncryptionEncValuesSupported().size() > 0, "The userInfoEncryptionEncValuesSupported is empty");
    assertTrue(response.getIdTokenSigningAlgValuesSupported().size() > 0, "The idTokenSigningAlgValuesSupported is empty");
    assertTrue(response.getIdTokenEncryptionAlgValuesSupported().size() > 0, "The idTokenEncryptionAlgValuesSupported is empty");
    assertTrue(response.getIdTokenEncryptionEncValuesSupported().size() > 0, "The idTokenEncryptionEncValuesSupported is empty");
    assertTrue(response.getRequestObjectSigningAlgValuesSupported().size() > 0, "The requestObjectSigningAlgValuesSupported is empty");
    assertTrue(response.getRequestObjectEncryptionAlgValuesSupported().size() > 0, "The requestObjectEncryptionAlgValuesSupported is empty");
    assertTrue(response.getRequestObjectEncryptionEncValuesSupported().size() > 0, "The requestObjectEncryptionEncValuesSupported is empty");
    assertTrue(response.getTokenEndpointAuthMethodsSupported().size() > 0, "The tokenEndpointAuthMethodsSupported is empty");
    assertTrue(response.getTokenEndpointAuthSigningAlgValuesSupported().size() > 0, "The tokenEndpointAuthSigningAlgValuesSupported is empty");
    assertTrue(response.getDisplayValuesSupported().size() > 0, "The displayValuesSupported is empty");
    assertTrue(response.getClaimTypesSupported().size() > 0, "The claimTypesSupported is empty");
    assertTrue(response.getClaimsSupported().size() > 0, "The claimsSupported is empty");
    assertNotNull(response.getServiceDocumentation(), "The serviceDocumentation is null");
    assertTrue(response.getClaimsLocalesSupported().size() > 0, "The claimsLocalesSupported is empty");
    assertTrue(response.getUiLocalesSupported().size() > 0, "The uiLocalesSupported is empty");
    assertTrue(response.getClaimsParameterSupported(), "The claimsParameterSupported is false");
    assertTrue(response.getRequestParameterSupported(), "The requestParameterSupported is false");
    assertTrue(response.getRequestUriParameterSupported(), "The requestUriParameterSupported is false");
    assertFalse(response.getRequireRequestUriRegistration(), "The requireRequestUriRegistration is true");
    assertNotNull(response.getOpPolicyUri(), "The opPolicyUri is null");
    assertNotNull(response.getOpTosUri(), "The opTosUri is null");
}
Also used : OpenIdConnectDiscoveryClient(org.xdi.oxauth.client.OpenIdConnectDiscoveryClient) ApacheHttpClient4Executor(org.jboss.resteasy.client.core.executors.ApacheHttpClient4Executor) OpenIdConfigurationClient(org.xdi.oxauth.client.OpenIdConfigurationClient) OpenIdConnectDiscoveryResponse(org.xdi.oxauth.client.OpenIdConnectDiscoveryResponse) OpenIdConfigurationResponse(org.xdi.oxauth.client.OpenIdConfigurationResponse) Parameters(org.testng.annotations.Parameters) Test(org.testng.annotations.Test) BaseTest(org.xdi.oxauth.BaseTest)

Example 5 with OpenIdConfigurationClient

use of org.xdi.oxauth.client.OpenIdConfigurationClient in project oxTrust by GluuFederation.

the class OpenIdClient method loadOpenIdConfiguration.

private void loadOpenIdConfiguration() {
    String openIdProvider = appConfiguration.getOpenIdProviderUrl();
    if (StringHelper.isEmpty(openIdProvider)) {
        throw new ConfigurationException("OpenIdProvider Url is invalid");
    }
    final OpenIdConfigurationClient openIdConfigurationClient = new OpenIdConfigurationClient(openIdProvider);
    final OpenIdConfigurationResponse response = openIdConfigurationClient.execOpenIdConfiguration();
    if ((response == null) || (response.getStatus() != 200)) {
        throw new ConfigurationException("Failed to load oxAuth configuration");
    }
    logger.info("Successfully loaded oxAuth configuration");
    this.openIdConfiguration = response;
}
Also used : OpenIdConfigurationClient(org.xdi.oxauth.client.OpenIdConfigurationClient) ConfigurationException(org.xdi.util.exception.ConfigurationException) OpenIdConfigurationResponse(org.xdi.oxauth.client.OpenIdConfigurationResponse)

Aggregations

OpenIdConfigurationClient (org.xdi.oxauth.client.OpenIdConfigurationClient)5 OpenIdConfigurationResponse (org.xdi.oxauth.client.OpenIdConfigurationResponse)5 OpenIdConnectDiscoveryClient (org.xdi.oxauth.client.OpenIdConnectDiscoveryClient)3 OpenIdConnectDiscoveryResponse (org.xdi.oxauth.client.OpenIdConnectDiscoveryResponse)3 URISyntaxException (java.net.URISyntaxException)2 ApacheHttpClient4Executor (org.jboss.resteasy.client.core.executors.ApacheHttpClient4Executor)2 ConfigurationException (org.xdi.util.exception.ConfigurationException)2 ApplicationScoped (javax.enterprise.context.ApplicationScoped)1 Produces (javax.enterprise.inject.Produces)1 Named (javax.inject.Named)1 HttpClient (org.apache.http.client.HttpClient)1 ClientExecutor (org.jboss.resteasy.client.ClientExecutor)1 Parameters (org.testng.annotations.Parameters)1 Test (org.testng.annotations.Test)1 OxIntializationException (org.xdi.exception.OxIntializationException)1 SslDefaultHttpClient (org.xdi.net.SslDefaultHttpClient)1 TrustAllTrustManager (org.xdi.net.TrustAllTrustManager)1 BaseTest (org.xdi.oxauth.BaseTest)1 OpenIdConnectDiscoveryRequest (org.xdi.oxauth.client.OpenIdConnectDiscoveryRequest)1