/** * The Access Token if present parsed as a JsonObject * @return JSON */ public JsonObject accessToken() { if (cached_0 != null) { return cached_0; } JsonObject ret = delegate.accessToken(); cached_0 = ret; return ret; }
/** * Check if the access token is expired or not. * @return */ public boolean expired() { boolean ret = delegate.expired(); return ret; }
assertNotNull(token.principal()); assertNotNull(token.accessToken()); assertNotNull(token.refreshToken()); token.userInfo(res2 -> { if (res2.failed()) { fail(res2.cause().getMessage()); token.logout(res3 -> { if (res3.failed()) { fail(res3.cause().getMessage());
should.assertNotNull(token.accessToken()); token.isAuthorized(role, authz -> { should.assertTrue(authz.succeeded()); should.assertTrue(authz.result());
if (oauth2Token.accessToken() == null || jwt.isUnsecure()) { oauth2Token.introspect(introspect -> { if (introspect.failed()) { resultHandler.handle(Future.failedFuture(introspect.cause())); if (oauth2Token.expired()) { resultHandler.handle(Future.failedFuture("Expired token")); return; if (oauth2Token.expired()) { resultHandler.handle(Future.failedFuture("Expired Token")); } else {
/** * Load the user info as per OIDC spec. * @param callback - The callback function returning the results. * @return */ public io.vertx.rxjava.ext.auth.oauth2.AccessToken userInfo(Handler<AsyncResult<JsonObject>> callback) { delegate.userInfo(callback); return this; }
/** * Fetches a JSON resource using this Access Token. * @param resource - the resource to fetch. * @param callback - The callback function returning the results. * @return */ public io.vertx.rxjava.ext.auth.oauth2.AccessToken fetch(String resource, Handler<AsyncResult<io.vertx.rxjava.ext.auth.oauth2.OAuth2Response>> callback) { delegate.fetch(resource, new Handler<AsyncResult<io.vertx.ext.auth.oauth2.OAuth2Response>>() { public void handle(AsyncResult<io.vertx.ext.auth.oauth2.OAuth2Response> ar) { if (ar.succeeded()) { callback.handle(io.vertx.core.Future.succeededFuture(io.vertx.rxjava.ext.auth.oauth2.OAuth2Response.newInstance(ar.result()))); } else { callback.handle(io.vertx.core.Future.failedFuture(ar.cause())); } } }); return this; }
if (ar.succeeded() && ar.result() instanceof AccessToken) { final AccessToken accessToken = (AccessToken) ar.result(); accessToken.setTrustJWT(true); final JsonObject user = accessToken.idToken(); final String id = user.getString("sub"); final String email = user.getString("email"); session.put("token", accessToken.opaqueAccessToken()); session.put("id", id); session.put("email", email);
@Override public OAuth2Auth introspectToken(String token, String tokenType, Handler<AsyncResult<AccessToken>> handler) { try { // attempt to create a token object from the given string representation final AccessToken accessToken = new OAuth2TokenImpl(this, new JsonObject().put(tokenType, token)); // if token is expired avoid going to the server if (accessToken.expired()) { handler.handle(Future.failedFuture("Expired token")); return this; } // perform the introspection accessToken.introspect(introspect -> { if (introspect.failed()) { handler.handle(Future.failedFuture(introspect.cause())); return; } // the access token object should have updated it's claims/authorities plus expiration, recheck if (accessToken.expired()) { handler.handle(Future.failedFuture("Expired token")); return; } // return self handler.handle(Future.succeededFuture(accessToken)); }); } catch (RuntimeException e) { handler.handle(Future.failedFuture(e)); } return this; }
/** * Introspect access token. This is an OAuth2 extension that allow to verify if an access token is still valid. * @param callback - The callback function returning the results. * @return */ public io.vertx.rxjava.ext.auth.oauth2.AccessToken introspect(Handler<AsyncResult<Void>> callback) { delegate.introspect(callback); return this; }
/** * The RAW String if available for the Access Token * @return String */ public String opaqueAccessToken() { String ret = delegate.opaqueAccessToken(); return ret; }
assertNotNull(token); JsonObject principal = token.principal().copy(); token.isAuthorized("profile", res0 -> { if (res0.failed()) { fail(res0.cause().getMessage()); token.introspect(v -> { if (v.failed()) { fail(v.cause());
/** * The Refresh Token if present parsed as a JsonObject * @return JSON */ public JsonObject refreshToken() { if (cached_1 != null) { return cached_1; } JsonObject ret = delegate.refreshToken(); cached_1 = ret; return ret; }
/** * The Id Token if present parsed as a JsonObject * @return JSON */ public JsonObject idToken() { if (cached_2 != null) { return cached_2; } JsonObject ret = delegate.idToken(); cached_2 = ret; return ret; }
@Test public void shouldRefreshAToken(TestContext should) { final Async test = should.async(); keycloak.authenticate(new JsonObject().put("username", "test-user").put("password", "tiger"), authn -> { should.assertTrue(authn.succeeded()); should.assertNotNull(authn.result()); // generate a access token from the user AccessToken token = (AccessToken) authn.result(); final String origToken = token.opaqueAccessToken(); token.refresh(refresh -> { should.assertTrue(refresh.succeeded()); should.assertNotEquals(origToken, token.opaqueAccessToken()); test.complete(); }); }); }
@Test public void tokenShouldBeExpiredWhenExpirationDateIsInThePast() { config = oauthConfig; oauth2.authenticate(tokenConfig, res -> { if (res.failed()) { fail(res.cause().getMessage()); } else { AccessToken token = (AccessToken) res.result(); // hack the token to set the expires_at (to yesterday) token.principal().put("expires_at", System.currentTimeMillis() - 24 * 60 * 60 * 1000); assertTrue(token.expired()); testComplete(); } }); await(); }
/** * Revoke refresh token and calls the logout endpoint. This is a openid-connect extension and might not be * available on all providers. * @param callback - The callback function returning the results. * @return */ public io.vertx.rxjava.ext.auth.oauth2.AccessToken logout(Handler<AsyncResult<Void>> callback) { delegate.logout(callback); return this; }
@Test public void itShouldNotFailForMissingGroupsField(TestContext should) { final Async test = should.async(); String accessToken = jwt.sign( new JsonObject( "{\n" + " \"iss\": \"https://server.example.com\",\n" + " \"aud\": \"s6BhdRkqt3\",\n" + " \"jti\": \"a-123\",\n" + " \"exp\": 999999999999,\n" + " \"iat\": 1311280970,\n" + " \"sub\": \"24400320\"\n" + "}"), new JWTOptions().setAlgorithm("RS256")); AccessToken token = new OAuth2TokenImpl( oauth, new JsonObject().put("access_token", accessToken).put("type_type", "Bearer")); // we ensure that the sign/decode is working as espected should.assertNotNull(token.accessToken()); token.isAuthorized("admin", authz -> { should.assertTrue(authz.succeeded()); should.assertFalse(authz.result()); test.complete(); }); }
/** * Load the user info as per OIDC spec. * @param callback - The callback function returning the results. * @return */ public io.vertx.rxjava.ext.auth.oauth2.AccessToken userInfo(Handler<AsyncResult<JsonObject>> callback) { delegate.userInfo(callback); return this; }