private OIDCProviderMetadata retrieveOidcProviderMetadata(final String discoveryUri) throws IOException, ParseException { final URL url = new URL(discoveryUri); final HTTPRequest httpRequest = new HTTPRequest(HTTPRequest.Method.GET, url); httpRequest.setConnectTimeout(oidcConnectTimeout); httpRequest.setReadTimeout(oidcReadTimeout); final HTTPResponse httpResponse = httpRequest.send(); if (httpResponse.getStatusCode() != 200) { throw new IOException("Unable to download OpenId Connect Provider metadata from " + url + ": Status code " + httpResponse.getStatusCode()); } final JSONObject jsonObject = httpResponse.getContentAsJSONObject(); return OIDCProviderMetadata.parse(jsonObject); }
HTTPResponse createResponse(final HttpURLConnection conn, final String out) throws IOException { final HTTPResponse response = new HTTPResponse(conn.getResponseCode()); final String location = conn.getHeaderField("Location"); if (!StringHelper.isBlank(location)) { response.setLocation(new URL(location)); } try { response.setContentType(conn.getContentType()); } catch (final ParseException e) { throw new IOException("Couldn't parse Content-Type header: " + e.getMessage(), e); } response.setCacheControl(conn.getHeaderField("Cache-Control")); response.setPragma(conn.getHeaderField("Pragma")); response.setWWWAuthenticate(conn.getHeaderField("WWW-Authenticate")); if (!StringHelper.isBlank(out)) { response.setContent(out); } return response; }
private JWTClaimsSet fetchOidcProfile(BearerAccessToken accessToken) { final UserInfoRequest userInfoRequest = new UserInfoRequest(configuration.findProviderMetadata().getUserInfoEndpointURI(), accessToken); final HTTPRequest userInfoHttpRequest = userInfoRequest.toHTTPRequest(); try { final HTTPResponse httpResponse = userInfoHttpRequest.send(); logger.debug("Token response: status={}, content={}", httpResponse.getStatusCode(), httpResponse.getContent()); final UserInfoResponse userInfoResponse = UserInfoResponse.parse(httpResponse); if (userInfoResponse instanceof UserInfoErrorResponse) { logger.error("Bad User Info response, error={}", ((UserInfoErrorResponse) userInfoResponse).getErrorObject()); throw new AuthenticationException(); } else { final UserInfoSuccessResponse userInfoSuccessResponse = (UserInfoSuccessResponse) userInfoResponse; final JWTClaimsSet userInfoClaimsSet; if (userInfoSuccessResponse.getUserInfo() != null) { userInfoClaimsSet = userInfoSuccessResponse.getUserInfo().toJWTClaimsSet(); } else { userInfoClaimsSet = userInfoSuccessResponse.getUserInfoJWT().getJWTClaimsSet(); } return userInfoClaimsSet; } } catch (IOException | ParseException | java.text.ParseException | AuthenticationException e) { throw new TechnicalException(e); } } }
/** * * @param httpResponse * @return * @throws ParseException */ static AdalAccessTokenResponse parseHttpResponse( final HTTPResponse httpResponse) throws ParseException { httpResponse.ensureStatusCode(HTTPResponse.SC_OK); final JSONObject jsonObject = httpResponse.getContentAsJSONObject(); return parseJsonObject(jsonObject); }
servletRequest.removeAttribute("loginSession"); tokenStore.removeLoginSession(loginSession); HTTPResponse httpResponse = new HTTPResponse(303); httpResponse.setLocation(request.toURI()); ServletUtils.applyHTTPResponse(httpResponse, resp); return; LOG.debug("location {}", response.getHeader("location"));
public void revoke(@FormParam("token") String token, @FormParam("token_type_hint") String tokenTypeHint, HttpServletRequest servletRequest, HttpServletResponse servletResponse) throws IOException { if (token == null) { ServletUtils.applyHTTPResponse(new TokenErrorResponse(OAuth2Error.INVALID_GRANT).toHTTPResponse(), servletResponse); return; } ClientID clientId = null; try { ClientAuthentication clientAuth = ClientAuthentication.parse(FixedServletUtils.createHTTPRequest(servletRequest)); if (clientAuth != null) { clientId = clientAuth.getClientID(); } } catch (ParseException e) { // ignore; no clientid given } if ("login_session".equals(tokenTypeHint)) { LoginSessionToken loginSessionToken = new LoginSessionToken(token); tokenStore.remove(loginSessionToken); tokenStore.invalidateLoginSession(loginSessionToken); } else { tokenStore.remove(token, clientId); } HTTPResponse httpResponse = new HTTPResponse(HTTPResponse.SC_OK); httpResponse.setHeader("Content-Type", "text/plain"); httpResponse.setHeader("Pragma", "no-cache"); httpResponse.setHeader("Cache-Control", "no-store"); ServletUtils.applyHTTPResponse(httpResponse, servletResponse); }
httpResponse = adalOAuthHttpRequest.send(); if (httpResponse.getStatusCode() == HTTPResponse.SC_OK) { final AdalAccessTokenResponse response = AdalAccessTokenResponse .parseHttpResponse(httpResponse);
httpResponse.setCacheControl("s-maxage=" + cacheLiveTime);
HTTPResponse createResponse(final HttpURLConnection conn, final String out) throws IOException { final HTTPResponse response = new HTTPResponse(conn.getResponseCode()); final String location = conn.getHeaderField("Location"); if (!StringHelper.isBlank(location)) { try { response.setLocation(new URI(location)); } catch (URISyntaxException e) { throw new IOException("Invalid location URI " + location, e); } } try { response.setContentType(conn.getContentType()); } catch (final ParseException e) { throw new IOException("Couldn't parse Content-Type header: " + e.getMessage(), e); } response.setCacheControl(conn.getHeaderField("Cache-Control")); response.setPragma(conn.getHeaderField("Pragma")); response.setWWWAuthenticate(conn.getHeaderField("WWW-Authenticate")); if (!StringHelper.isBlank(out)) { response.setContent(out); } return response; }
logger.debug("Token response: status={}, content={}", httpResponse.getStatusCode(), httpResponse.getContent());
/** * * @param httpResponse * @return * @throws ParseException */ static AdalAccessTokenResponse parseHttpResponse( final HTTPResponse httpResponse) throws ParseException { httpResponse.ensureStatusCode(HTTPResponse.SC_OK); final JSONObject jsonObject = httpResponse.getContentAsJSONObject(); return parseJsonObject(jsonObject); }
HTTPResponse createResponse(final HttpURLConnection conn, final String out) throws IOException { final HTTPResponse response = new HTTPResponse(conn.getResponseCode()); final String location = conn.getHeaderField("Location"); if (!StringHelper.isBlank(location)) { try { response.setLocation(new URI(location)); } catch (URISyntaxException e) { throw new IOException("Invalid location URI " + location, e); } } try { response.setContentType(conn.getContentType()); } catch (final ParseException e) { throw new IOException("Couldn't parse Content-Type header: " + e.getMessage(), e); } response.setCacheControl(conn.getHeaderField("Cache-Control")); response.setPragma(conn.getHeaderField("Pragma")); response.setWWWAuthenticate(conn.getHeaderField("WWW-Authenticate")); if (!StringHelper.isBlank(out)) { response.setContent(out); } return response; }
userInfoHttpRequest.setReadTimeout(configuration.getReadTimeout()); final HTTPResponse httpResponse = userInfoHttpRequest.send(); logger.debug("Token response: status={}, content={}", httpResponse.getStatusCode(), httpResponse.getContent());
private OIDCProviderMetadata retrieveOidcProviderMetadata(final String discoveryUri) throws IOException, ParseException { final URL url = new URL(discoveryUri); final HTTPRequest httpRequest = new HTTPRequest(HTTPRequest.Method.GET, url); httpRequest.setConnectTimeout(oidcConnectTimeout); httpRequest.setReadTimeout(oidcReadTimeout); final HTTPResponse httpResponse = httpRequest.send(); if (httpResponse.getStatusCode() != 200) { throw new IOException("Unable to download OpenId Connect Provider metadata from " + url + ": Status code " + httpResponse.getStatusCode()); } final JSONObject jsonObject = httpResponse.getContentAsJSONObject(); return OIDCProviderMetadata.parse(jsonObject); }
/** * * @param httpResponse * @return * @throws ParseException */ static AdalAccessTokenResponse parseHttpResponse( final HTTPResponse httpResponse) throws ParseException { httpResponse.ensureStatusCode(HTTPResponse.SC_OK); final JSONObject jsonObject = httpResponse.getContentAsJSONObject(); return parseJsonObject(jsonObject); }
httpResponse = adalOAuthHttpRequest.send(); if (httpResponse.getStatusCode() == HTTPResponse.SC_OK) { final AdalAccessTokenResponse response = AdalAccessTokenResponse .parseHttpResponse(httpResponse); .equals(errorObject.getCode())){ throw new AdalClaimsChallengeException(errorResponse.toJSONObject() .toJSONString(), getClaims(httpResponse.getContent()));
httpResponse = adalOAuthHttpRequest.send(); if (httpResponse.getStatusCode() == HTTPResponse.SC_OK) { final AdalAccessTokenResponse response = AdalAccessTokenResponse .parseHttpResponse(httpResponse); .equals(errorObject.getCode())){ throw new AdalClaimsChallengeException(errorResponse.toJSONObject() .toJSONString(), getClaims(httpResponse.getContent()));