Examples with UserInfoResponse org.xdi.oxauth.client.UserInfoResponse used on opensource projects

Search in sources :

Example 1 with UserInfoResponse

use of org.xdi.oxauth.client.UserInfoResponse in project oxTrust by GluuFederation.

the class OpenIdClient method getUserProfile.

/**
 * {@InheritDoc}
 */
@Override
public UserProfile getUserProfile(final OpenIdCredentials credential, final WebContext context) {
    init();
    try {
        final String accessToken = getAccessToken(credential);
        final UserInfoResponse userInfoResponse = getUserInfo(accessToken);
        final UserProfile profile = retrieveUserProfileFromUserInfoResponse(context, userInfoResponse);
        logger.debug("User profile: '{}'", profile);
        return profile;
    } catch (final Exception ex) {
        throw new CommunicationException(ex);
    }
}
Also used : UserProfile(org.gluu.oxauth.client.auth.user.UserProfile) CommunicationException(org.gluu.oxauth.client.exception.CommunicationException) UserInfoResponse(org.xdi.oxauth.client.UserInfoResponse) EncryptionException(org.xdi.util.security.StringEncrypter.EncryptionException) ConfigurationException(org.xdi.util.exception.ConfigurationException) CommunicationException(org.gluu.oxauth.client.exception.CommunicationException)

Example 2 with UserInfoResponse

use of org.xdi.oxauth.client.UserInfoResponse in project oxTrust by GluuFederation.

the class OpenIdClient method getUserInfo.

private UserInfoResponse getUserInfo(final String accessToken) {
    logger.debug("Session validation successful. Getting user information");
    final UserInfoClient userInfoClient = new UserInfoClient(this.openIdConfiguration.getUserInfoEndpoint());
    final UserInfoResponse userInfoResponse = userInfoClient.execUserInfo(accessToken);
    logger.trace("userInfoResponse.getStatus(): '{}'", userInfoResponse.getStatus());
    logger.trace("userInfoResponse.getErrorType(): '{}'", userInfoResponse.getErrorType());
    logger.debug("userInfoResponse.getClaims(): '{}'", userInfoResponse.getClaims());
    return userInfoResponse;
}
Also used : UserInfoResponse(org.xdi.oxauth.client.UserInfoResponse) UserInfoClient(org.xdi.oxauth.client.UserInfoClient)

Example 3 with UserInfoResponse

use of org.xdi.oxauth.client.UserInfoResponse in project oxAuth by GluuFederation.

the class RpDemoServlet method doGet.

@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
    try {
        resp.setContentType("text/html;charset=utf-8");
        PrintWriter pw = resp.getWriter();
        pw.println("<h1>RP Demo</h1>");
        pw.println("<br/><br/>");
        String accessToken = (String) req.getSession().getAttribute("access_token");
        String userInfoEndpoint = (String) req.getSession().getAttribute("userinfo_endpoint");
        LOG.trace("access_token: " + accessToken + ", userinfo_endpoint: " + userInfoEndpoint);
        UserInfoClient userInfoClient = new UserInfoClient(userInfoEndpoint);
        userInfoClient.setExecutor(Utils.createTrustAllExecutor());
        UserInfoResponse response = userInfoClient.execUserInfo(accessToken);
        LOG.trace("UserInfo response: " + response);
        if (response.getStatus() != 200) {
            pw.print("Failed to fetch user info claims");
            return;
        }
        pw.println("<h2>User Info Claims:</h2>");
        pw.println("<br/>");
        for (Map.Entry<String, List<String>> entry : response.getClaims().entrySet()) {
            pw.print("Name: " + entry.getKey() + " Value: " + entry.getValue());
            pw.println("<br/>");
        }
    } catch (Exception e) {
        LOG.error(e.getMessage(), e);
        throw new RuntimeException(e);
    }
}
Also used : List(java.util.List) UserInfoResponse(org.xdi.oxauth.client.UserInfoResponse) Map(java.util.Map) UserInfoClient(org.xdi.oxauth.client.UserInfoClient) ServletException(javax.servlet.ServletException) IOException(java.io.IOException) PrintWriter(java.io.PrintWriter)

Example 4 with UserInfoResponse

use of org.xdi.oxauth.client.UserInfoResponse in project oxTrust by GluuFederation.

the class OAuthValidationFilter method getOAuthData.

private OAuthData getOAuthData(HttpSession session, HttpServletRequest request, String authorizationCode) throws Exception {
    // Check state
    String authorizationState = request.getParameter(Configuration.OAUTH_STATE);
    final String stateSession = session != null ? (String) session.getAttribute(Configuration.SESSION_AUTH_STATE) : null;
    if (!StringHelper.equals(stateSession, authorizationState)) {
        log.error("Login failed, oxTrust wasn't allow to access user data");
        return null;
    }
    String oAuthAuthorizeUrl = getPropertyFromInitParams(null, Configuration.OAUTH_PROPERTY_AUTHORIZE_URL, null);
    String oAuthHost = getOAuthHost(oAuthAuthorizeUrl);
    String oAuthTokenUrl = getPropertyFromInitParams(null, Configuration.OAUTH_PROPERTY_TOKEN_URL, null);
    String oAuthUserInfoUrl = getPropertyFromInitParams(null, Configuration.OAUTH_PROPERTY_USERINFO_URL, null);
    String oAuthClientId = getPropertyFromInitParams(null, Configuration.OAUTH_PROPERTY_CLIENT_ID, null);
    String oAuthClientPassword = getPropertyFromInitParams(null, Configuration.OAUTH_PROPERTY_CLIENT_PASSWORD, null);
    if (oAuthClientPassword != null) {
        try {
            oAuthClientPassword = StringEncrypter.defaultInstance().decrypt(oAuthClientPassword, Configuration.instance().getCryptoPropertyValue());
        } catch (EncryptionException ex) {
            log.error("Failed to decrypt property: " + Configuration.OAUTH_PROPERTY_CLIENT_PASSWORD, ex);
        }
    }
    String scopes = getParameter(request, Configuration.OAUTH_SCOPE);
    log.trace("scopes : " + scopes);
    // 1. Request access token using the authorization code
    log.trace("Getting access token");
    TokenClient tokenClient1 = new TokenClient(oAuthTokenUrl);
    String redirectURL = constructRedirectUrl(request);
    TokenResponse tokenResponse = tokenClient1.execAuthorizationCode(authorizationCode, redirectURL, oAuthClientId, oAuthClientPassword);
    if (tokenResponse == null) {
        log.error("Get empty token response. User can't log into application");
        return null;
    }
    log.trace("tokenResponse : " + tokenResponse);
    log.trace("tokenResponse.getErrorType() : " + tokenResponse.getErrorType());
    String accessToken = tokenResponse.getAccessToken();
    String idToken = tokenResponse.getIdToken();
    log.trace("accessToken : " + accessToken);
    log.trace("idToken : " + idToken);
    // Parse JWT
    Jwt jwt;
    try {
        jwt = Jwt.parse(idToken);
    } catch (InvalidJwtException ex) {
        log.error("Failed to parse id_token");
        return null;
    }
    // Check nonce
    String nonceResponse = (String) jwt.getClaims().getClaim(JwtClaimName.NONCE);
    final String nonceSession = session != null ? (String) session.getAttribute(Configuration.SESSION_AUTH_NONCE) : null;
    if (!StringHelper.equals(nonceSession, nonceResponse)) {
        log.error("User info response :  nonce is not matching.");
        return null;
    }
    log.info("Session validation successful. User is logged in");
    UserInfoClient userInfoClient = new UserInfoClient(oAuthUserInfoUrl);
    UserInfoResponse userInfoResponse = userInfoClient.execUserInfo(accessToken);
    if (userInfoResponse == null) {
        log.error("Get empty user info response. User can't log into application");
        return null;
    }
    OAuthData oAuthData = new OAuthData();
    oAuthData.setHost(oAuthHost);
    // Determine uid
    List<String> uidValues = userInfoResponse.getClaims().get(JwtClaimName.USER_NAME);
    if ((uidValues == null) || (uidValues.size() == 0)) {
        log.error("User infor response doesn't contains uid claim");
        return null;
    }
    oAuthData.setUserUid(uidValues.get(0));
    oAuthData.setAccessToken(accessToken);
    oAuthData.setAccessTokenExpirationInSeconds(tokenResponse.getExpiresIn());
    oAuthData.setScopes(scopes);
    oAuthData.setIdToken(idToken);
    log.trace("User uid: " + oAuthData.getUserUid());
    return oAuthData;
}
Also used : InvalidJwtException(org.xdi.oxauth.model.exception.InvalidJwtException) TokenResponse(org.xdi.oxauth.client.TokenResponse) Jwt(org.xdi.oxauth.model.jwt.Jwt) EncryptionException(org.xdi.util.security.StringEncrypter.EncryptionException) UserInfoResponse(org.xdi.oxauth.client.UserInfoResponse) TokenClient(org.xdi.oxauth.client.TokenClient) UserInfoClient(org.xdi.oxauth.client.UserInfoClient) OAuthData(org.gluu.oxauth.client.session.OAuthData)

Aggregations

UserInfoResponse (org.xdi.oxauth.client.UserInfoResponse)4 UserInfoClient (org.xdi.oxauth.client.UserInfoClient)3 EncryptionException (org.xdi.util.security.StringEncrypter.EncryptionException)2 IOException (java.io.IOException)1 PrintWriter (java.io.PrintWriter)1 List (java.util.List)1 Map (java.util.Map)1 ServletException (javax.servlet.ServletException)1 UserProfile (org.gluu.oxauth.client.auth.user.UserProfile)1 CommunicationException (org.gluu.oxauth.client.exception.CommunicationException)1 OAuthData (org.gluu.oxauth.client.session.OAuthData)1 TokenClient (org.xdi.oxauth.client.TokenClient)1 TokenResponse (org.xdi.oxauth.client.TokenResponse)1 InvalidJwtException (org.xdi.oxauth.model.exception.InvalidJwtException)1 Jwt (org.xdi.oxauth.model.jwt.Jwt)1 ConfigurationException (org.xdi.util.exception.ConfigurationException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial