Example 1 with AuthzResponse
use of ru.ratauth.interaction.AuthzResponse in project ratauth by alfa-laboratory.
the class OpenIdAuthorizeService method buildResponse.
@SneakyThrows
private static AuthzResponse buildResponse(RelyingParty relyingParty, Session session, VerifyResult verifyResult, TokenCache tokenCache, AuthzRequest authzRequest) {
String redirectUri = authzRequest.getRedirectURI();
final String targetRedirectURI = createRedirectURI(relyingParty, redirectUri);
// in case of autCode sent by authProvider
if (session == null || CollectionUtils.isEmpty(session.getEntries())) {
AuthzResponse resp = AuthzResponse.builder().location(relyingParty.getAuthorizationRedirectURI()).data(verifyResult.getData()).redirectURI(targetRedirectURI).build();
return resp;
}
AuthEntry entry = session.getEntry(relyingParty.getName()).get();
AuthzResponse resp = AuthzResponse.builder().location(entry.getRedirectUrl()).sessionToken(session.getSessionToken()).acrValues(verifyResult.getAcrValues()).data(verifyResult.getData()).build();
final Optional<Token> tokenOptional = entry.getLatestToken();
// implicit auth
if (tokenOptional.isPresent()) {
final Token token = tokenOptional.get();
resp.setToken(token.getToken());
if (tokenCache != null)
resp.setIdToken(tokenCache.getIdToken());
resp.setTokenType(TokenType.BEARER);
resp.setRefreshToken(token.getRefreshToken());
resp.setExpiresIn(token.getExpiresIn().getTime());
} else {
generateAuthCode(relyingParty, session, authzRequest, targetRedirectURI, entry, resp);
}
return resp;
}
Also used :
AuthzResponse(ru.ratauth.interaction.AuthzResponse)
Token(ru.ratauth.entities.Token)
AuthEntry(ru.ratauth.entities.AuthEntry)
SneakyThrows(lombok.SneakyThrows)
Aggregations
SneakyThrows (lombok.SneakyThrows)1
AuthEntry (ru.ratauth.entities.AuthEntry)1
Token (ru.ratauth.entities.Token)1
AuthzResponse (ru.ratauth.interaction.AuthzResponse)1
