Examples with ClientAssertionType org.xdi.oxauth.model.token.ClientAssertionType used on opensource projects

Search in sources :

Example 1 with ClientAssertionType

use of org.xdi.oxauth.model.token.ClientAssertionType in project oxAuth by GluuFederation.

the class AuthenticationFilter method processJwtAuth.

private void processJwtAuth(HttpServletRequest servletRequest, HttpServletResponse servletResponse, FilterChain filterChain) {
    boolean authorized = false;
    try {
        if (servletRequest.getParameter("client_assertion") != null && servletRequest.getParameter("client_assertion_type") != null) {
            String clientId = servletRequest.getParameter("client_id");
            ClientAssertionType clientAssertionType = ClientAssertionType.fromString(servletRequest.getParameter("client_assertion_type"));
            String encodedAssertion = servletRequest.getParameter("client_assertion");
            if (clientAssertionType == ClientAssertionType.JWT_BEARER) {
                ClientAssertion clientAssertion = new ClientAssertion(appConfiguration, clientId, clientAssertionType, encodedAssertion);
                String username = clientAssertion.getSubjectIdentifier();
                String password = clientAssertion.getClientSecret();
                // Identity.username and user isn't authenticated
                if (!username.equals(identity.getCredentials().getUsername()) || !identity.isLoggedIn()) {
                    identity.getCredentials().setUsername(username);
                    identity.getCredentials().setPassword(password);
                    authenticator.authenticateWebService(true);
                    authorized = true;
                }
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    } catch (ServletException ex) {
        log.info("JWT authentication failed: {}", ex);
    } catch (IOException ex) {
        log.info("JWT authentication failed: {}", ex);
    } catch (InvalidJwtException ex) {
        log.info("JWT authentication failed: {}", ex);
    }
    try {
        if (!authorized) {
            sendError(servletResponse);
        }
    } catch (IOException ex) {
    }
}
Also used : ServletException(javax.servlet.ServletException) InvalidJwtException(org.xdi.oxauth.model.exception.InvalidJwtException) ClientAssertionType(org.xdi.oxauth.model.token.ClientAssertionType) IOException(java.io.IOException) ClientAssertion(org.xdi.oxauth.model.token.ClientAssertion)

Aggregations

IOException (java.io.IOException)1 ServletException (javax.servlet.ServletException)1 InvalidJwtException (org.xdi.oxauth.model.exception.InvalidJwtException)1 ClientAssertion (org.xdi.oxauth.model.token.ClientAssertion)1 ClientAssertionType (org.xdi.oxauth.model.token.ClientAssertionType)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial