private OIDCProviderMetadata retrieveOidcProviderMetadata(final String discoveryUri) throws IOException, ParseException { final URL url = new URL(discoveryUri); final HTTPRequest httpRequest = new HTTPRequest(HTTPRequest.Method.GET, url); httpRequest.setConnectTimeout(oidcConnectTimeout); httpRequest.setReadTimeout(oidcReadTimeout); final HTTPResponse httpResponse = httpRequest.send(); if (httpResponse.getStatusCode() != 200) { throw new IOException("Unable to download OpenId Connect Provider metadata from " + url + ": Status code " + httpResponse.getStatusCode()); } final JSONObject jsonObject = httpResponse.getContentAsJSONObject(); return OIDCProviderMetadata.parse(jsonObject); }
tokenHttpRequest.setConnectTimeout(oidcConnectTimeout); tokenHttpRequest.setReadTimeout(oidcReadTimeout); final UserInfoResponse response = UserInfoResponse.parse(request.toHTTPRequest().send());
httpRequest.setAccept(MediaType.APPLICATION_JSON_VALUE); httpRequest.setConnectTimeout(30000); httpRequest.setReadTimeout(30000); tokenResponse = com.nimbusds.oauth2.sdk.TokenResponse.parse(httpRequest.send()); } catch (ParseException | IOException ex) { OAuth2Error oauth2Error = new OAuth2Error(INVALID_TOKEN_RESPONSE_ERROR_CODE,
HTTPResponse createResponse(final HttpURLConnection conn, final String out) throws IOException { final HTTPResponse response = new HTTPResponse(conn.getResponseCode()); final String location = conn.getHeaderField("Location"); if (!StringHelper.isBlank(location)) { response.setLocation(new URL(location)); } try { response.setContentType(conn.getContentType()); } catch (final ParseException e) { throw new IOException("Couldn't parse Content-Type header: " + e.getMessage(), e); } response.setCacheControl(conn.getHeaderField("Cache-Control")); response.setPragma(conn.getHeaderField("Pragma")); response.setWWWAuthenticate(conn.getHeaderField("WWW-Authenticate")); if (!StringHelper.isBlank(out)) { response.setContent(out); } return response; }
this.clientAuthentication, new AuthorizationCodeGrant(code, new URI(computedCallbackUrl))); HTTPRequest tokenHttpRequest = request.toHTTPRequest(); tokenHttpRequest.setConnectTimeout(configuration.getConnectTimeout()); tokenHttpRequest.setReadTimeout(configuration.getReadTimeout()); final HTTPResponse httpResponse = tokenHttpRequest.send(); logger.debug("Token response: status={}, content={}", httpResponse.getStatusCode(), httpResponse.getContent());
@Override public void applyTo(HTTPRequest httpRequest) throws SerializeException { if (httpRequest.getMethod() != HTTPRequest.Method.POST) throw new SerializeException("The HTTP request method must be POST"); ContentType ct = httpRequest.getContentType(); if (ct == null) throw new SerializeException("Missing HTTP Content-Type header"); if (!ct.match(CommonContentTypes.APPLICATION_URLENCODED)) throw new SerializeException( "The HTTP Content-Type header must be " + CommonContentTypes.APPLICATION_URLENCODED); Map<String, String> params = httpRequest.getQueryParameters(); params.putAll(toParameters()); String queryString = URLUtils.serializeParameters(params); httpRequest.setQuery(queryString); }
private JWTClaimsSet fetchOidcProfile(BearerAccessToken accessToken) { final UserInfoRequest userInfoRequest = new UserInfoRequest(configuration.findProviderMetadata().getUserInfoEndpointURI(), accessToken); final HTTPRequest userInfoHttpRequest = userInfoRequest.toHTTPRequest(); try { final HTTPResponse httpResponse = userInfoHttpRequest.send(); logger.debug("Token response: status={}, content={}", httpResponse.getStatusCode(), httpResponse.getContent()); final UserInfoResponse userInfoResponse = UserInfoResponse.parse(httpResponse); if (userInfoResponse instanceof UserInfoErrorResponse) { logger.error("Bad User Info response, error={}", ((UserInfoErrorResponse) userInfoResponse).getErrorObject()); throw new AuthenticationException(); } else { final UserInfoSuccessResponse userInfoSuccessResponse = (UserInfoSuccessResponse) userInfoResponse; final JWTClaimsSet userInfoClaimsSet; if (userInfoSuccessResponse.getUserInfo() != null) { userInfoClaimsSet = userInfoSuccessResponse.getUserInfo().toJWTClaimsSet(); } else { userInfoClaimsSet = userInfoSuccessResponse.getUserInfoJWT().getJWTClaimsSet(); } return userInfoClaimsSet; } } catch (IOException | ParseException | java.text.ParseException | AuthenticationException e) { throw new TechnicalException(e); } } }
/** * * @param httpResponse * @return * @throws ParseException */ static AdalAccessTokenResponse parseHttpResponse( final HTTPResponse httpResponse) throws ParseException { httpResponse.ensureStatusCode(HTTPResponse.SC_OK); final JSONObject jsonObject = httpResponse.getContentAsJSONObject(); return parseJsonObject(jsonObject); }
public void revoke(@FormParam("token") String token, @FormParam("token_type_hint") String tokenTypeHint, HttpServletRequest servletRequest, HttpServletResponse servletResponse) throws IOException { if (token == null) { ServletUtils.applyHTTPResponse(new TokenErrorResponse(OAuth2Error.INVALID_GRANT).toHTTPResponse(), servletResponse); return; } ClientID clientId = null; try { ClientAuthentication clientAuth = ClientAuthentication.parse(FixedServletUtils.createHTTPRequest(servletRequest)); if (clientAuth != null) { clientId = clientAuth.getClientID(); } } catch (ParseException e) { // ignore; no clientid given } if ("login_session".equals(tokenTypeHint)) { LoginSessionToken loginSessionToken = new LoginSessionToken(token); tokenStore.remove(loginSessionToken); tokenStore.invalidateLoginSession(loginSessionToken); } else { tokenStore.remove(token, clientId); } HTTPResponse httpResponse = new HTTPResponse(HTTPResponse.SC_OK); httpResponse.setHeader("Content-Type", "text/plain"); httpResponse.setHeader("Pragma", "no-cache"); httpResponse.setHeader("Cache-Control", "no-store"); ServletUtils.applyHTTPResponse(httpResponse, servletResponse); }
userInfoRequest = UserInfoRequest.parse(FixedServletUtils.createHTTPRequest(servletRequest)); } catch (Exception e) { ServletUtils.applyHTTPResponse( new UserInfoErrorResponse(BearerTokenError.INVALID_REQUEST).toHTTPResponse(), servletResponse); ServletUtils.applyHTTPResponse( new UserInfoErrorResponse(BearerTokenError.INVALID_TOKEN).toHTTPResponse(), servletResponse); ServletUtils.applyHTTPResponse( new UserInfoErrorResponse(BearerTokenError.INVALID_TOKEN).toHTTPResponse(), servletResponse); httpResponse.setCacheControl("s-maxage=" + cacheLiveTime); ServletUtils.applyHTTPResponse(httpResponse, servletResponse);
public void token(HttpServletRequest servletRequest, HttpServletResponse servletResponse) throws IOException { TokenRequest request; try { request = TokenRequest.parse(FixedServletUtils.createHTTPRequest(servletRequest)); } catch (ParseException e) { ServletUtils.applyHTTPResponse( new TokenErrorResponse(OAuth2Error.UNSUPPORTED_GRANT_TYPE).toHTTPResponse(), servletResponse); return; } LOG.debug("tokenRequest {}", request); AuthorizationGrant authorizationGrant = request.getAuthorizationGrant(); if (authorizationGrant.getType() == GrantType.AUTHORIZATION_CODE) { doAuthorizationCodeGrantFlow(request, servletRequest, servletResponse); return; } if (authorizationGrant.getType() == GrantType.PASSWORD) { doResourceOwnerPasswordCredentialFlow(request, servletRequest, servletResponse); return; } if (authorizationGrant.getType() == GrantType.REFRESH_TOKEN) { doRefreshTokenGrantFlow(request, servletRequest, servletResponse); return; } ServletUtils.applyHTTPResponse( new TokenErrorResponse(OAuth2Error.UNSUPPORTED_GRANT_TYPE).toHTTPResponse(), servletResponse); }
private OIDCProviderMetadata retrieveOidcProviderMetadata(final String discoveryUri) throws IOException, ParseException { final URL url = new URL(discoveryUri); final HTTPRequest httpRequest = new HTTPRequest(HTTPRequest.Method.GET, url); httpRequest.setConnectTimeout(oidcConnectTimeout); httpRequest.setReadTimeout(oidcReadTimeout); final HTTPResponse httpResponse = httpRequest.send(); if (httpResponse.getStatusCode() != 200) { throw new IOException("Unable to download OpenId Connect Provider metadata from " + url + ": Status code " + httpResponse.getStatusCode()); } final JSONObject jsonObject = httpResponse.getContentAsJSONObject(); return OIDCProviderMetadata.parse(jsonObject); }
HTTPResponse createResponse(final HttpURLConnection conn, final String out) throws IOException { final HTTPResponse response = new HTTPResponse(conn.getResponseCode()); final String location = conn.getHeaderField("Location"); if (!StringHelper.isBlank(location)) { try { response.setLocation(new URI(location)); } catch (URISyntaxException e) { throw new IOException("Invalid location URI " + location, e); } } try { response.setContentType(conn.getContentType()); } catch (final ParseException e) { throw new IOException("Couldn't parse Content-Type header: " + e.getMessage(), e); } response.setCacheControl(conn.getHeaderField("Cache-Control")); response.setPragma(conn.getHeaderField("Pragma")); response.setWWWAuthenticate(conn.getHeaderField("WWW-Authenticate")); if (!StringHelper.isBlank(out)) { response.setContent(out); } return response; }
tokenHttpRequest.setConnectTimeout(oidcConnectTimeout); tokenHttpRequest.setReadTimeout(oidcReadTimeout); final TokenResponse response = OIDCTokenResponseParser.parse(tokenHttpRequest.send());
@Override public void applyTo(HTTPRequest httpRequest) throws SerializeException { if (httpRequest.getMethod() != HTTPRequest.Method.POST) throw new SerializeException("The HTTP request method must be POST"); ContentType ct = httpRequest.getContentType(); if (ct == null) throw new SerializeException("Missing HTTP Content-Type header"); if (!ct.match(CommonContentTypes.APPLICATION_URLENCODED)) throw new SerializeException( "The HTTP Content-Type header must be " + CommonContentTypes.APPLICATION_URLENCODED); Map<String, String> params = httpRequest.getQueryParameters(); params.putAll(toParameters()); String queryString = URLUtils.serializeParameters(params); httpRequest.setQuery(queryString); }
/** * * @param httpResponse * @return * @throws ParseException */ static AdalAccessTokenResponse parseHttpResponse( final HTTPResponse httpResponse) throws ParseException { httpResponse.ensureStatusCode(HTTPResponse.SC_OK); final JSONObject jsonObject = httpResponse.getContentAsJSONObject(); return parseJsonObject(jsonObject); }
private void doResourceOwnerPasswordCredentialFlow(TokenRequest request, HttpServletRequest servletRequest, HttpServletResponse servletResponse) throws IOException { UserInfo userInfo = userInfoFactory.createUserInfo(servletRequest); LOG.debug(userInfo.toJSONObject().toJSONString()); RefreshToken refreshToken = new RefreshToken(); LOG.debug("request.getClientAuthentication() {}", request.getClientAuthentication()); tokenStore.addRefreshToken(refreshToken, userInfo, request.getClientAuthentication().getClientID(), null, refreshTokenLifetime); BearerAccessToken accessToken = new BearerAccessToken(tokenLifetime, request.getScope()); LOG.debug("resourceOwnerPasswordCredentialFlow {}", accessToken.toJSONString()); tokenStore.addAccessToken(accessToken, userInfo, request.getClientAuthentication().getClientID(), refreshToken); LOG.debug("accessToken {}", accessToken.toJSONString()); ServletUtils.applyHTTPResponse( new AccessTokenResponse(new Tokens(accessToken, refreshToken)).toHTTPResponse(), servletResponse); }
HTTPResponse createResponse(final HttpURLConnection conn, final String out) throws IOException { final HTTPResponse response = new HTTPResponse(conn.getResponseCode()); final String location = conn.getHeaderField("Location"); if (!StringHelper.isBlank(location)) { try { response.setLocation(new URI(location)); } catch (URISyntaxException e) { throw new IOException("Invalid location URI " + location, e); } } try { response.setContentType(conn.getContentType()); } catch (final ParseException e) { throw new IOException("Couldn't parse Content-Type header: " + e.getMessage(), e); } response.setCacheControl(conn.getHeaderField("Cache-Control")); response.setPragma(conn.getHeaderField("Pragma")); response.setWWWAuthenticate(conn.getHeaderField("WWW-Authenticate")); if (!StringHelper.isBlank(out)) { response.setContent(out); } return response; }
@Override public void applyTo(HTTPRequest httpRequest) throws SerializeException { if (httpRequest.getMethod() != HTTPRequest.Method.POST) throw new SerializeException("The HTTP request method must be POST"); ContentType ct = httpRequest.getContentType(); if (ct == null) throw new SerializeException("Missing HTTP Content-Type header"); if (!ct.match(CommonContentTypes.APPLICATION_URLENCODED)) throw new SerializeException( "The HTTP Content-Type header must be " + CommonContentTypes.APPLICATION_URLENCODED); Map<String, String> params = httpRequest.getQueryParameters(); params.putAll(toParameters()); String queryString = URLUtils.serializeParameters(params); httpRequest.setQuery(queryString); }
/** * * @param httpResponse * @return * @throws ParseException */ static AdalAccessTokenResponse parseHttpResponse( final HTTPResponse httpResponse) throws ParseException { httpResponse.ensureStatusCode(HTTPResponse.SC_OK); final JSONObject jsonObject = httpResponse.getContentAsJSONObject(); return parseJsonObject(jsonObject); }