• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

Java IDTokenClaimsSet类代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了Java中com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet的典型用法代码示例。如果您正苦于以下问题:Java IDTokenClaimsSet类的具体用法?Java IDTokenClaimsSet怎么用?Java IDTokenClaimsSet使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。



IDTokenClaimsSet类属于com.nimbusds.openid.connect.sdk.claims包,在下文中一共展示了IDTokenClaimsSet类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。

示例1: doExecute

import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet; //导入依赖的package包/类
/** {@inheritDoc} */
@Override
protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext) {

    if (getOidcResponseContext().getIDToken() == null) {
        log.error("{} No id token", getLogPrefix());
        ActionSupport.buildEvent(profileRequestContext, EventIds.INVALID_MSG_CTX);
        return;
    }
    if (getOidcResponseContext().getAuthTime() != null) {
        log.debug("{} Setting auth_time to id token", getLogPrefix());
        getOidcResponseContext().getIDToken().setClaim(IDTokenClaimsSet.AUTH_TIME_CLAIM_NAME,
                getOidcResponseContext().getAuthTime().getTime() / 1000);
        log.debug("{} Updated token {}", getLogPrefix(), getOidcResponseContext().getIDToken().toJSONObject()
                .toJSONString());
    }

}
 
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:19,代码来源:AddAuthTimeToIDToken.java


示例2: validate

import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet; //导入依赖的package包/类
@Override
public IDTokenClaimsSet validate(final JWT idToken, final Nonce expectedNonce) throws BadJOSEException, JOSEException {
    try {
        if (originalIssuer.contains("%7Btenantid%7D")) {
            Object tid = idToken.getJWTClaimsSet().getClaim("tid");
            if (tid == null) {
                throw new BadJWTException("ID token does not contain the 'tid' claim");
            }
            base = new IDTokenValidator(new Issuer(originalIssuer.replace("%7Btenantid%7D", tid.toString())),
                    base.getClientID(), base.getJWSKeySelector(), base.getJWEKeySelector());
            base.setMaxClockSkew(getMaxClockSkew());
        }
    } catch (ParseException e) {
        throw new BadJWTException(e.getMessage(), e);
    }
    return base.validate(idToken, expectedNonce);
}
 
开发者ID:yaochi,项目名称:pac4j-plus,代码行数:18,代码来源:AzureAdIdTokenValidator.java


示例3: updateUserInfoAsync

import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet; //导入依赖的package包/类
public void updateUserInfoAsync() throws MalformedURLException, URISyntaxException
{
    final URI userInfoEndpoint = this.configuration.getUserInfoOIDCEndpoint();
    final IDTokenClaimsSet idToken = this.configuration.getIdToken();
    final BearerAccessToken accessToken = this.configuration.getAccessToken();

    this.executor.execute(new ExecutionContextRunnable(new Runnable()
    {
        @Override
        public void run()
        {
            try {
                updateUserInfo(userInfoEndpoint, idToken, accessToken);
            } catch (Exception e) {
                logger.error("Failed to update user informations", e);
            }
        }
    }, this.componentManager));
}
 
开发者ID:xwiki-contrib,项目名称:oidc,代码行数:20,代码来源:OIDCUserManager.java


示例4: updateUserInfo

import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet; //导入依赖的package包/类
public Principal updateUserInfo(URI userInfoEndpoint, IDTokenClaimsSet idToken, BearerAccessToken accessToken)
    throws IOException, ParseException, OIDCException, XWikiException, QueryException
{
    // Get OIDC user info
    UserInfoRequest userinfoRequest = new UserInfoRequest(userInfoEndpoint, accessToken);
    HTTPRequest userinfoHTTP = userinfoRequest.toHTTPRequest();
    userinfoHTTP.setHeader("User-Agent", this.getClass().getPackage().getImplementationTitle() + '/'
        + this.getClass().getPackage().getImplementationVersion());
    HTTPResponse httpResponse = userinfoHTTP.send();
    UserInfoResponse userinfoResponse = UserInfoResponse.parse(httpResponse);

    if (!userinfoResponse.indicatesSuccess()) {
        UserInfoErrorResponse error = (UserInfoErrorResponse) userinfoResponse;
        throw new OIDCException("Failed to get user info", error.getErrorObject());
    }

    UserInfoSuccessResponse userinfoSuccessResponse = (UserInfoSuccessResponse) userinfoResponse;
    UserInfo userInfo = userinfoSuccessResponse.getUserInfo();

    // Update/Create XWiki user
    return updateUser(idToken, userInfo);
}
 
开发者ID:xwiki-contrib,项目名称:oidc,代码行数:23,代码来源:OIDCUserManager.java


示例5: doPreExecute

import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet; //导入依赖的package包/类
/** {@inheritDoc} */
@Override
protected boolean doPreExecute(@Nonnull final ProfileRequestContext profileRequestContext) {
    if (!super.doPreExecute(profileRequestContext)) {
        log.error("{} pre-execute failed", getLogPrefix());
        return false;
    }
    acrValues = getAuthenticationRequest().getACRValues();
    if (getAuthenticationRequest().getClaims() != null
            && getAuthenticationRequest().getClaims().getIDTokenClaims() != null) {
        for (Entry entry : getAuthenticationRequest().getClaims().getIDTokenClaims()) {
            if (IDTokenClaimsSet.ACR_CLAIM_NAME.equals(entry.getClaimName())) {
                acrClaim = entry;
                break;
            }
        }
    }
    if ((acrValues == null || acrValues.isEmpty())
            && (acrClaim == null || (acrClaim.getValues() == null && acrClaim.getValue() == null))) {
        log.debug("No acr values nor acr claim values in request, nothing to do");
        return false;
    }
    authenticationContext = profileRequestContext.getSubcontext(AuthenticationContext.class, false);
    if (authenticationContext == null) {
        log.error("{} No authentication context", getLogPrefix());
        ActionSupport.buildEvent(profileRequestContext, EventIds.INVALID_PROFILE_CTX);
        return false;
    }
    return true;
}
 
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:31,代码来源:ProcessRequestedAuthnContext.java


示例6: testSetters

import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet; //导入依赖的package包/类
@Test
public void testSetters() throws URISyntaxException, ParseException {
    ctx.setAcr("acrValue");
    ctx.setAuthTime(1);
    ctx.setExp(2);
    Issuer issuer = new Issuer("iss");
    Subject sub = new Subject("sub");
    List<Audience> aud = new ArrayList<Audience>();
    aud.add(new Audience("aud"));
    IDTokenClaimsSet token = new IDTokenClaimsSet(issuer, sub, aud, new Date(), new Date());
    ctx.setIDToken(token);
    NameID id = new MockNameID();
    ctx.setNameId(id);
    URI uri = new URI("https://example.org");
    ctx.setRedirectURI(uri);
    ctx.setRequestedSubject("sub");
    Scope scope = new Scope();
    ctx.setScope(scope);
    JWSHeader header = new JWSHeader(JWSAlgorithm.ES256);
    SignedJWT sJWT = new SignedJWT(header, token.toJWTClaimsSet());
    ctx.setSignedIDToken(sJWT);
    Assert.assertEquals(ctx.getAcr().toString(), "acrValue");
    ctx.setAcr(null);
    Assert.assertNull(ctx.getAcr());
    Assert.assertEquals(ctx.getAuthTime(), new Date(1));
    Assert.assertEquals(ctx.getExp(), new Date(2));
    Assert.assertEquals(ctx.getIDToken(), token);
    Assert.assertEquals(ctx.getNameId(), id);
    Assert.assertEquals(ctx.getSignedIDToken(), sJWT);
    Assert.assertEquals(ctx.getRedirectURI(), uri);
    Assert.assertEquals(ctx.getRequestedSubject(), "sub");
    Assert.assertEquals(ctx.getScope(), scope);
}
 
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:34,代码来源:OIDCAuthenticationResponseContextTest.java


示例7: validateToken

import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet; //导入依赖的package包/类
private IDTokenClaimsSet validateToken(OAuthProvider provider, OAuthLoginRequestDTO oAuthLoginRequestDTO) throws MalformedURLException, ParseException, BadJOSEException, JOSEException {
    Issuer iss = new Issuer(provider.getIssuer());
    ClientID clientID = new ClientID(provider.getClientID());
    Nonce nonce = new Nonce(oAuthLoginRequestDTO.getNonce());
    URL jwkSetURL = new URL(provider.getJwkSetURL());
    JWSAlgorithm jwsAlg = JWSAlgorithm.parse(provider.getJwsAlgorithm());
    IDTokenValidator validator = new IDTokenValidator(iss, clientID, jwsAlg, jwkSetURL);
    JWT idToken = JWTParser.parse(oAuthLoginRequestDTO.getIdToken());
    return validator.validate(idToken, nonce);
}
 
开发者ID:polarsys,项目名称:eplmp,代码行数:11,代码来源:AuthResource.java


示例8: createdIdToken

import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet; //导入依赖的package包/类
/**
 * Generate an OIDC ID Token.
 * 
 * @param clientID the client id
 * @param userReference the reference of the user
 * @param nonce the nonce
 * @param claims the custom fields to return
 * @return the id token
 * @throws ParseException when failing to create the id token
 * @throws MalformedURLException when failing to get issuer
 * @since 1.3
 */
public JWT createdIdToken(ClientID clientID, DocumentReference userReference, Nonce nonce, ClaimsRequest claims)
    throws ParseException, MalformedURLException
{
    Issuer issuer = getIssuer();
    Subject subject = getSubject(userReference);
    List<Audience> audiences =
        clientID != null ? Arrays.asList(new Audience(clientID)) : Collections.<Audience>emptyList();

    LocalDateTime now = LocalDateTime.now();
    LocalDateTime now1year = now.plusYears(1);

    IDTokenClaimsSet idTokenClaimSet =
        new IDTokenClaimsSet(issuer, subject, audiences, now1year.toDate(), now.toDate());

    idTokenClaimSet.setNonce(nonce);

    // Add custom claims
    if (claims != null) {
        for (Entry claim : claims.getIDTokenClaims()) {
            switch (claim.getClaimName()) {
                case OIDCIdToken.CLAIM_XWIKI_INSTANCE_ID:
                    idTokenClaimSet.setClaim(OIDCIdToken.CLAIM_XWIKI_INSTANCE_ID, this.instance.getInstanceId());
                    break;

                default:
                    break;
            }
        }
    }

    // Convert to JWT
    return new PlainJWT(idTokenClaimSet.toJWTClaimsSet());
}
 
开发者ID:xwiki-contrib,项目名称:oidc,代码行数:46,代码来源:OIDCManager.java


示例9: formatUserName

import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet; //导入依赖的package包/类
private String formatUserName(IDTokenClaimsSet idToken, UserInfo userInfo)
{
    Map<String, String> map = new HashMap<>();

    // User informations
    putVariable(map, "oidc.user.subject", userInfo.getSubject().getValue());
    putVariable(map, "oidc.user.mail", userInfo.getEmail() == null ? "" : userInfo.getEmail().getAddress());
    putVariable(map, "oidc.user.familyName", userInfo.getFamilyName());
    putVariable(map, "oidc.user.givenName", userInfo.getGivenName());

    // Provider (only XWiki OIDC providers)
    URL providerURL = this.configuration.getXWikiProvider();
    if (providerURL != null) {
        putVariable(map, "oidc.provider", providerURL.toString());
        putVariable(map, "oidc.provider.host", providerURL.getHost());
        putVariable(map, "oidc.provider.path", providerURL.getPath());
        putVariable(map, "oidc.provider.protocol", providerURL.getProtocol());
        putVariable(map, "oidc.provider.port", String.valueOf(providerURL.getPort()));
    }

    // Issuer
    putVariable(map, "oidc.issuer", idToken.getIssuer().getValue());
    try {
        URI issuerURI = new URI(idToken.getIssuer().getValue());
        putVariable(map, "oidc.issuer.host", issuerURI.getHost());
        putVariable(map, "oidc.issuer.path", issuerURI.getPath());
        putVariable(map, "oidc.issuer.scheme", issuerURI.getScheme());
        putVariable(map, "oidc.issuer.port", String.valueOf(issuerURI.getPort()));
    } catch (URISyntaxException e) {
        // TODO: log something ?
    }

    StrSubstitutor substitutor = new StrSubstitutor(map);

    return substitutor.replace(this.configuration.getUserNameFormater());
}
 
开发者ID:xwiki-contrib,项目名称:oidc,代码行数:37,代码来源:OIDCUserManager.java


示例10: doExecute

import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet; //导入依赖的package包/类
/** {@inheritDoc} */
@Override
protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext) {

    /**
     * aud REQUIRED. Audience(s) that this ID Token is intended for. It MUST contain
     * the OAuth 2.0 client_id of the Relying Party as an audience value. It MAY
     * also contain identifiers for other audiences. In the general case, the aud
     * value is an array of case sensitive strings. In the common special case when
     * there is one audience, the aud value MAY be a single case sensitive string.
     * 
     * NOTE. TODO. We allow only single value in this first version.
     */
    List<Audience> aud = new ArrayList<Audience>();
    aud.add(new Audience(rpCtx.getRelyingPartyId()));
    /**
     * exp REQUIRED. Expiration time on or after which the ID Token MUST NOT be
     * accepted for processing. The processing of this parameter requires that the
     * current date/time MUST be before the expiration date/time listed in the
     * value. Implementers MAY provide for some small leeway, usually no more than a
     * few minutes, to account for clock skew. Its value is a JSON number
     * representing the number of seconds from 1970-01-01T0:0:0Z as measured in UTC
     * until the date/time. See RFC 3339 [RFC3339] for details regarding date/times
     * in general and UTC in particular.
     * 
     * NOTE. We set here exp to +180s unless set in response context.
     */

    // NOTE: There is no control for id token exp, always +180s
    // TODO: The purpose and mechanism how to control id token exp
    Date exp = getOidcResponseContext().getExp();
    if (exp == null) {
        Calendar calExp = Calendar.getInstance();
        calExp.add(Calendar.SECOND, 180);
        exp = calExp.getTime();
    }

    /**
     * iss REQUIRED. Issuer Identifier for the Issuer of the response. The iss value
     * is a case sensitive URL using the https scheme that contains scheme, host,
     * and optionally, port number and path components and no query or fragment
     * components.
     * 
     */

    /**
     * sub REQUIRED. Subject Identifier. A locally unique and never reassigned
     * identifier within the Issuer for the End-User, which is intended to be
     * consumed by the Client, e.g., 24400320 or
     * AItOawmwtWwcT0k51BayewNvutrJUqsvl6qs7A4. It MUST NOT exceed 255 ASCII
     * characters in length. The sub value is a case sensitive string.
     * 
     * 
     * Note. We use Name ID based value as the sub.
     * 
     */

    /**
     * iat REQUIRED. Time at which the JWT was issued. Its value is a JSON number
     * representing the number of seconds from 1970-01-01T0:0:0Z as measured in UTC
     * until the date/time.
     * 
     * Note. We consider time of idtoken shell generation as iat.
     */
    IDTokenClaimsSet idToken = new IDTokenClaimsSet(new Issuer(issuerId),
            new Subject(getOidcResponseContext().getNameId().getValue()), aud, exp, new Date());
    log.debug("{} Setting id token shell to response context {}", getLogPrefix(),
            idToken.toJSONObject().toJSONString());
    getOidcResponseContext().setIDToken(idToken);
}
 
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:71,代码来源:AddIDTokenShell.java


示例11: setIdTokenToResponseContext

import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet; //导入依赖的package包/类
protected void setIdTokenToResponseContext(String iss, String sub, String aud, Date exp, Date iat) {
    List<Audience> audience = new ArrayList<Audience>();
    audience.add(new Audience(aud));
    IDTokenClaimsSet idToken = new IDTokenClaimsSet(new Issuer(iss), new Subject(sub), audience, exp, iat);
    respCtx.setIDToken(idToken);
}
 
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:7,代码来源:BaseOIDCResponseActionTest.java


示例12: createIdToken

import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet; //导入依赖的package包/类
@Override
public JWT createIdToken(IdTokenRequest idTokenRequest) {
	Instant now = Instant.now();
	Subject subject = idTokenRequest.getSubject();
	OIDCClientInformation client = idTokenRequest.getClient();
	ClientID clientId = client.getID();
	JWSAlgorithm algorithm = client.getOIDCMetadata().getIDTokenJWSAlg();
	UserInfo userInfo = this.claimSource.load(subject, resolveClaims(idTokenRequest));
	List<Audience> audience = Audience.create(clientId.getValue());
	Date expirationTime = Date.from(now.plus(this.idTokenLifetime));
	Date issueTime = Date.from(now);

	IDTokenClaimsSet claimsSet = new IDTokenClaimsSet(this.issuer, userInfo.getSubject(), audience, expirationTime,
			issueTime);
	claimsSet.setAuthenticationTime(Date.from(idTokenRequest.getAuthenticationTime()));
	claimsSet.setNonce(idTokenRequest.getNonce());
	claimsSet.setACR(idTokenRequest.getAcr());
	claimsSet.setAMR(Collections.singletonList(idTokenRequest.getAmr()));
	claimsSet.setAuthorizedParty(new AuthorizedParty(clientId.getValue()));
	claimsSet.putAll(userInfo);

	if (this.frontChannelLogoutEnabled) {
		SessionID sessionId = idTokenRequest.getSessionId();
		claimsSet.setSessionID(sessionId);
	}

	AccessToken accessToken = idTokenRequest.getAccessToken();

	if (accessToken != null) {
		AccessTokenHash accessTokenHash = AccessTokenHash.compute(accessToken, algorithm);
		claimsSet.setAccessTokenHash(accessTokenHash);
	}

	AuthorizationCode code = idTokenRequest.getCode();

	if (code != null) {
		CodeHash codeHash = CodeHash.compute(code, algorithm);
		claimsSet.setCodeHash(codeHash);
	}

	try {
		JWTAssertionDetails details = JWTAssertionDetails.parse(claimsSet.toJWTClaimsSet());

		if (JWSAlgorithm.Family.HMAC_SHA.contains(algorithm)) {
			Secret secret = client.getSecret();

			return JWTAssertionFactory.create(details, algorithm, secret);
		}
		else if (JWSAlgorithm.Family.RSA.contains(algorithm)) {
			RSAKey rsaKey = (RSAKey) resolveJwk(algorithm);

			return JWTAssertionFactory.create(details, algorithm, rsaKey.toRSAPrivateKey(), rsaKey.getKeyID(),
					jcaProvider);
		}
		else if (JWSAlgorithm.Family.EC.contains(algorithm)) {
			ECKey ecKey = (ECKey) resolveJwk(algorithm);

			return JWTAssertionFactory.create(details, algorithm, ecKey.toECPrivateKey(), ecKey.getKeyID(),
					jcaProvider);
		}

		throw new KeyException("Unsupported algorithm: " + algorithm);
	}
	catch (ParseException | JOSEException e) {
		throw new RuntimeException(e);
	}
}
 
开发者ID:vpavic,项目名称:simple-openid-provider,代码行数:68,代码来源:DefaultTokenService.java


示例13: claims

import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet; //导入依赖的package包/类
private List<String> claims() {
	return Arrays.asList(IDTokenClaimsSet.ISS_CLAIM_NAME, IDTokenClaimsSet.SUB_CLAIM_NAME,
			IDTokenClaimsSet.AUD_CLAIM_NAME, IDTokenClaimsSet.EXP_CLAIM_NAME, IDTokenClaimsSet.IAT_CLAIM_NAME,
			IDTokenClaimsSet.AUTH_TIME_CLAIM_NAME, IDTokenClaimsSet.NONCE_CLAIM_NAME,
			IDTokenClaimsSet.ACR_CLAIM_NAME, IDTokenClaimsSet.AMR_CLAIM_NAME, IDTokenClaimsSet.AZP_CLAIM_NAME);
}
 
开发者ID:vpavic,项目名称:simple-openid-provider,代码行数:7,代码来源:DiscoveryConfiguration.java


示例14: create

import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet; //导入依赖的package包/类
@Override
@SuppressWarnings("unchecked")
public U create(final OidcCredentials credentials, final WebContext context) throws HttpAction {
    init(context);

    final AccessToken accessToken = credentials.getAccessToken();

    // Create profile
    final U profile = getProfileFactory().get();
    profile.setAccessToken(accessToken);
    final JWT idToken = credentials.getIdToken();
    profile.setIdTokenString(idToken.getParsedString());
    // Check if there is a refresh token
    final RefreshToken refreshToken = credentials.getRefreshToken();
    if (refreshToken != null && !refreshToken.getValue().isEmpty()) {
        profile.setRefreshToken(refreshToken);
        logger.debug("Refresh Token successful retrieved");
    }

    try {

        // check idToken
        final Nonce nonce;
        if (configuration.isUseNonce()) {
            nonce = new Nonce((String) context.getSessionAttribute(OidcConfiguration.NONCE_SESSION_ATTRIBUTE));
        } else {
            nonce = null;
        }
        // Check ID Token
        final IDTokenClaimsSet claimsSet = this.idTokenValidator.validate(idToken, nonce);
        assertNotNull("claimsSet", claimsSet);
        profile.setId(claimsSet.getSubject());

        // User Info request
        if (configuration.getProviderMetadata().getUserInfoEndpointURI() != null && accessToken != null) {
            final UserInfoRequest userInfoRequest = new UserInfoRequest(configuration.getProviderMetadata().getUserInfoEndpointURI(), (BearerAccessToken) accessToken);
            final HTTPRequest userInfoHttpRequest = userInfoRequest.toHTTPRequest();
            userInfoHttpRequest.setConnectTimeout(configuration.getConnectTimeout());
            userInfoHttpRequest.setReadTimeout(configuration.getReadTimeout());
            final HTTPResponse httpResponse = userInfoHttpRequest.send();
            logger.debug("Token response: status={}, content={}", httpResponse.getStatusCode(),
                    httpResponse.getContent());

            final UserInfoResponse userInfoResponse = UserInfoResponse.parse(httpResponse);
            if (userInfoResponse instanceof UserInfoErrorResponse) {
                logger.error("Bad User Info response, error={}",
                        ((UserInfoErrorResponse) userInfoResponse).getErrorObject());
            } else {
                final UserInfoSuccessResponse userInfoSuccessResponse = (UserInfoSuccessResponse) userInfoResponse;
                final UserInfo userInfo = userInfoSuccessResponse.getUserInfo();
                if (userInfo != null) {
                    profile.addAttributes(userInfo.toJWTClaimsSet().getClaims());
                }
            }
        }

        // add attributes of the ID token if they don't already exist
        for (final Map.Entry<String, Object> entry : idToken.getJWTClaimsSet().getClaims().entrySet()) {
            final String key = entry.getKey();
            final Object value = entry.getValue();
            if (profile.getAttribute(key) == null) {
                profile.addAttribute(key, value);
            }
        }

        return profile;

    } catch (final IOException | ParseException | JOSEException | BadJOSEException | java.text.ParseException e) {
        throw new TechnicalException(e);
    }
}
 
开发者ID:yaochi,项目名称:pac4j-plus,代码行数:72,代码来源:OidcProfileCreator.java


示例15: getIdToken

import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet; //导入依赖的package包/类
/**
 * @since 1.2
 */
public IDTokenClaimsSet getIdToken()
{
    return getSessionAttribute(PROP_SESSION_IDTOKEN);
}
 
开发者ID:xwiki-contrib,项目名称:oidc,代码行数:8,代码来源:OIDCClientConfiguration.java


示例16: setIdToken

import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet; //导入依赖的package包/类
/**
 * @since 1.2
 */
public void setIdToken(IDTokenClaimsSet idToken)
{
    setSessionAttribute(PROP_SESSION_IDTOKEN, idToken);
}
 
开发者ID:xwiki-contrib,项目名称:oidc,代码行数:8,代码来源:OIDCClientConfiguration.java


示例17: NimbusOIDCIdToken

import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet; //导入依赖的package包/类
/**
 * @param idToken the Nimbus SDK id token
 */
public NimbusOIDCIdToken(IDTokenClaimsSet idToken)
{
    super(idToken);
}
 
开发者ID:xwiki-contrib,项目名称:oidc,代码行数:8,代码来源:NimbusOIDCIdToken.java


示例18: handle

import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet; //导入依赖的package包/类
@Override
public Response handle(HTTPRequest httpRequest, OIDCResourceReference reference) throws Exception
{
    // Parse the request
    AuthorizationResponse authorizationResponse = AuthorizationResponse.parse(httpRequest);

    // Validate state
    State state = authorizationResponse.getState();
    if (!Objects.equal(state, this.configuration.getSessionState())) {
        throw new OIDCException("Invalid state [" + state + "]");
    }
    // TODO: remove the state from the session ?

    // Deal with errors
    if (!authorizationResponse.indicatesSuccess()) {
        // Cast to error response
        AuthorizationErrorResponse errorResponse = (AuthorizationErrorResponse) authorizationResponse;

        // If impossible to authenticate without prompt, just ignore and redirect
        if (OIDCError.INTERACTION_REQUIRED.getCode().equals(errorResponse.getErrorObject().getCode())
            || OIDCError.LOGIN_REQUIRED.getCode().equals(errorResponse.getErrorObject().getCode())) {
            // Redirect to original request
            return new RedirectResponse(new URI(authorizationResponse.getState().getValue()));
        }
    }

    // Cast to success response
    AuthorizationSuccessResponse successResponse = (AuthorizationSuccessResponse) authorizationResponse;

    // Get authorization code
    AuthorizationCode code = successResponse.getAuthorizationCode();

    // Generate callback URL
    URI callback = this.oidc.createEndPointURI(CallbackOIDCEndpoint.HINT);

    // Get access token
    AuthorizationGrant authorizationGrant = new AuthorizationCodeGrant(code, callback);
    // TODO: setup some client authentication, secret, all that
    TokenRequest tokeRequest = new TokenRequest(this.configuration.getTokenOIDCEndpoint(),
        this.configuration.getClientID(), authorizationGrant);
    HTTPRequest tokenHTTP = tokeRequest.toHTTPRequest();
    tokenHTTP.setHeader("User-Agent", this.getClass().getPackage().getImplementationTitle() + '/'
        + this.getClass().getPackage().getImplementationVersion());
    HTTPResponse httpResponse = tokenHTTP.send();

    if (httpResponse.getStatusCode() != HTTPResponse.SC_OK) {
        TokenErrorResponse error = TokenErrorResponse.parse(httpResponse);
        throw new OIDCException("Failed to get access token", error.getErrorObject());
    }

    OIDCTokenResponse tokenResponse = OIDCTokenResponse.parse(httpResponse);

    IDTokenClaimsSet idToken = new IDTokenClaimsSet(tokenResponse.getOIDCTokens().getIDToken().getJWTClaimsSet());
    BearerAccessToken accessToken = tokenResponse.getTokens().getBearerAccessToken();

    HttpSession session = ((ServletSession) this.container.getSession()).getHttpSession();

    // Store the access token in the session
    this.configuration.setIdToken(idToken);
    this.configuration.setAccessToken(accessToken);

    // Update/Create XWiki user
    Principal principal = this.users.updateUserInfo(accessToken);

    // Remember user in the session
    session.setAttribute(SecurityRequestWrapper.PRINCIPAL_SESSION_KEY, principal);

    // TODO: put enough information in the cookie to automatically authenticate when coming back

    // Redirect to original request
    return new RedirectResponse(this.configuration.getSuccessRedirectURI());
}
 
开发者ID:xwiki-contrib,项目名称:oidc,代码行数:73,代码来源:CallbackOIDCEndpoint.java


示例19: doExecute

import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet; //导入依赖的package包/类
/** {@inheritDoc} */
@Override
protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext) {
    try {
        if (idTokenHint != null && idTokenHint.getJWTClaimsSet() != null) {
            log.debug("{} Using requested sub claim value", getLogPrefix());
            getOidcResponseContext().setRequestedSubject(idTokenHint.getJWTClaimsSet().getSubject());
        }
    } catch (ParseException e) {
        log.error("{} error parsing id token hint", getLogPrefix(), e);
        ActionSupport.buildEvent(profileRequestContext, EventIds.INVALID_PROFILE_CTX);
        return;
    }
    if (idTokenClaims != null && !idTokenClaims.isEmpty()) {
        for (Entry entry : idTokenClaims) {
            if (IDTokenClaimsSet.SUB_CLAIM_NAME.equals(entry.getClaimName())) {
                log.debug("{} Setting requested sub claim value {} ", getLogPrefix(), entry.getValue());
                getOidcResponseContext().setRequestedSubject(entry.getValue());
            }
        }
    }
}
 
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:23,代码来源:SetRequestedSubjectToResponseContext.java


示例20: getIDToken

import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet; //导入依赖的package包/类
/**
 * Get the id token.
 * 
 * @return The id token.
 */
@Nullable
public IDTokenClaimsSet getIDToken() {
    return idToken;
}
 
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:10,代码来源:OIDCAuthenticationResponseContext.java



注:本文中的com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。


鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
Java DatabaseSequenceFilter类代码示例发布时间:2022-05-22
下一篇:
Java Edge类代码示例发布时间:2022-05-22
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap