private AccessTokenValidation convertIntrospectionToValidation(TokenIntrospection response) { AccessTokenValidation atv = new AccessTokenValidation(); atv.setInitialValidationSuccessful(response.isActive()); if (response.getClientId() != null) { atv.setClientId(response.getClientId()); if (response.getIat() != null) { atv.setTokenIssuedAt(response.getIat()); } else { Instant now = Instant.now(); atv.setTokenIssuedAt(now.toEpochMilli()); if (response.getExp() != null) { atv.setTokenLifetime(response.getExp() - atv.getTokenIssuedAt()); if (response.getNbf() != null) { atv.setTokenNotBefore(response.getNbf()); if (!StringUtils.isEmpty(response.getAud())) { atv.setAudiences(response.getAud()); if (response.getIss() != null) { atv.setTokenIssuer(response.getIss()); if (response.getScope() != null) { String[] scopes = response.getScope().split(" "); List<OAuthPermission> perms = new LinkedList<>(); for (String s : scopes) { if (response.getUsername() != null) {
private Object fromMapToTokenIntrospection(InputStream is) throws IOException { TokenIntrospection resp = new TokenIntrospection(); Map<String, Object> params = new JsonMapObjectReaderWriter().fromJson(is); resp.setActive((Boolean)params.get("active")); String clientId = (String)params.get(OAuthConstants.CLIENT_ID); if (clientId != null) { resp.setClientId(clientId); resp.setUsername(username); resp.setScope(scope); resp.setTokenType(tokenType); resp.setAud(Collections.singletonList((String)aud)); } else { @SuppressWarnings("unchecked") List<String> auds = (List<String>)aud; resp.setAud(auds); resp.setIss(iss); resp.setIat(iat); resp.setExp(exp); resp.setNbf(nbf); String thumbprint = (String)cnf.get(JoseConstants.HEADER_X509_THUMBPRINT_SHA256); if (thumbprint != null) {
assertEquals(tokenIntrospection.isActive(), true); assertEquals(tokenIntrospection.getUsername(), "alice"); assertEquals(tokenIntrospection.getClientId(), "consumer-id"); assertEquals(tokenIntrospection.getScope(), accessToken.getApprovedScope()); Long validity = tokenIntrospection.getExp() - tokenIntrospection.getIat(); assertTrue(validity == accessToken.getExpiresIn()); Long nbf = tokenIntrospection.getNbf(); long now = System.currentTimeMillis() / 1000L; assertTrue(nbf < now);
assertEquals(tokenIntrospection.isActive(), false);
assertEquals(tokenIntrospection.isActive(), true); assertEquals(tokenIntrospection.getUsername(), "alice"); assertEquals(tokenIntrospection.getClientId(), "consumer-id-aud"); assertEquals(tokenIntrospection.getScope(), accessToken.getApprovedScope()); Long validity = tokenIntrospection.getExp() - tokenIntrospection.getIat(); assertTrue(validity == accessToken.getExpiresIn()); assertEquals(tokenIntrospection.getAud().get(0), audience);
private AccessTokenValidation convertIntrospectionToValidation(TokenIntrospection response) { AccessTokenValidation atv = new AccessTokenValidation(); atv.setInitialValidationSuccessful(response.isActive()); if (response.getClientId() != null) { atv.setClientId(response.getClientId()); if (response.getIat() != null) { atv.setTokenIssuedAt(response.getIat()); } else { Instant now = Instant.now(); atv.setTokenIssuedAt(now.toEpochMilli()); if (response.getExp() != null) { atv.setTokenLifetime(response.getExp() - atv.getTokenIssuedAt()); if (response.getNbf() != null) { atv.setTokenNotBefore(response.getNbf()); if (!StringUtils.isEmpty(response.getAud())) { atv.setAudiences(response.getAud()); if (response.getIss() != null) { atv.setTokenIssuer(response.getIss()); if (response.getScope() != null) { String[] scopes = response.getScope().split(" "); List<OAuthPermission> perms = new LinkedList<>(); for (String s : scopes) { if (response.getUsername() != null) {
assertEquals(tokenIntrospection.isActive(), true); assertEquals(tokenIntrospection.getUsername(), "alice"); assertEquals(tokenIntrospection.getClientId(), "consumer-id"); assertEquals(tokenIntrospection.getScope(), accessToken.getApprovedScope()); Long validity = tokenIntrospection.getExp() - tokenIntrospection.getIat(); assertTrue(validity == accessToken.getExpiresIn());
private Object fromMapToTokenIntrospection(InputStream is) throws IOException { TokenIntrospection resp = new TokenIntrospection(); Map<String, Object> params = new JsonMapObjectReaderWriter().fromJson(is); resp.setActive((Boolean)params.get("active")); String clientId = (String)params.get(OAuthConstants.CLIENT_ID); if (clientId != null) { resp.setClientId(clientId); resp.setUsername(username); resp.setScope(scope); resp.setTokenType(tokenType); resp.setAud(Collections.singletonList((String)aud)); } else { @SuppressWarnings("unchecked") List<String> auds = (List<String>)aud; resp.setAud(auds); resp.setIss(iss); resp.setIat(iat); resp.setExp(exp); resp.setNbf(nbf); String thumbprint = (String)cnf.get(JoseConstants.HEADER_X509_THUMBPRINT_SHA256); if (thumbprint != null) {
private void writeTokenIntrospection(TokenIntrospection obj, OutputStream os) throws IOException { StringBuilder sb = new StringBuilder(); sb.append("{"); appendJsonPair(sb, "active", obj.isActive(), false); if (obj.isActive()) { if (obj.getClientId() != null) { sb.append(","); appendJsonPair(sb, OAuthConstants.CLIENT_ID, obj.getClientId()); if (obj.getUsername() != null) { sb.append(","); appendJsonPair(sb, "username", obj.getUsername()); if (obj.getTokenType() != null) { sb.append(","); appendJsonPair(sb, OAuthConstants.ACCESS_TOKEN_TYPE, obj.getTokenType()); if (obj.getScope() != null) { sb.append(","); appendJsonPair(sb, OAuthConstants.SCOPE, obj.getScope()); if (!StringUtils.isEmpty(obj.getAud())) { sb.append(","); if (obj.getAud().size() == 1) { appendJsonPair(sb, "aud", obj.getAud().get(0)); } else { StringBuilder arr = new StringBuilder(); arr.append("["); List<String> auds = obj.getAud(); for (int i = 0; i < auds.size(); i++) {
tokenId = token.getClaims().getTokenId(); } catch (JwtException ex) { return new TokenIntrospection(false); return new TokenIntrospection(false); TokenIntrospection response = new TokenIntrospection(true); response.setClientId(at.getClient().getClientId()); if (!at.getScopes().isEmpty()) { response.setScope(OAuthUtils.convertPermissionsToScope(at.getScopes())); response.setUsername(at.getSubject().getLogin()); if (userSubject.getId() != null) { response.setSub(userSubject.getId()); response.setAud(at.getAudiences()); response.setIss(at.getIssuer()); response.setIat(at.getIssuedAt()); if (at.getExpiresIn() > 0) { response.setExp(at.getIssuedAt() + at.getExpiresIn()); response.setNbf(at.getNotBefore()); response.setTokenType(at.getTokenType()); response.getExtensions().putAll(at.getExtraProperties());
private void writeTokenIntrospection(TokenIntrospection obj, OutputStream os) throws IOException { StringBuilder sb = new StringBuilder(); sb.append("{"); appendJsonPair(sb, "active", obj.isActive(), false); if (obj.isActive()) { if (obj.getClientId() != null) { sb.append(","); appendJsonPair(sb, OAuthConstants.CLIENT_ID, obj.getClientId()); if (obj.getUsername() != null) { sb.append(","); appendJsonPair(sb, "username", obj.getUsername()); if (obj.getTokenType() != null) { sb.append(","); appendJsonPair(sb, OAuthConstants.ACCESS_TOKEN_TYPE, obj.getTokenType()); if (obj.getScope() != null) { sb.append(","); appendJsonPair(sb, OAuthConstants.SCOPE, obj.getScope()); if (!StringUtils.isEmpty(obj.getAud())) { sb.append(","); if (obj.getAud().size() == 1) { appendJsonPair(sb, "aud", obj.getAud().get(0)); } else { StringBuilder arr = new StringBuilder(); arr.append("["); List<String> auds = obj.getAud(); for (int i = 0; i < auds.size(); i++) {
tokenId = token.getClaims().getTokenId(); } catch (JwtException ex) { return new TokenIntrospection(false); return new TokenIntrospection(false); TokenIntrospection response = new TokenIntrospection(true); response.setClientId(at.getClient().getClientId()); if (!at.getScopes().isEmpty()) { response.setScope(OAuthUtils.convertPermissionsToScope(at.getScopes())); response.setUsername(at.getSubject().getLogin()); if (userSubject.getId() != null) { response.setSub(userSubject.getId()); response.setAud(at.getAudiences()); response.setIss(at.getIssuer()); response.setIat(at.getIssuedAt()); if (at.getExpiresIn() > 0) { response.setExp(at.getIssuedAt() + at.getExpiresIn()); response.setNbf(at.getNotBefore()); response.setTokenType(at.getTokenType()); response.getExtensions().putAll(at.getExtraProperties());