change oauth2 tokens to oidc tokens

d4169efa · benjamin.ertl · b50ac6fc · d4169efa · d4169efa
Commit d4169efa authored Jan 20, 2016 by benjamin.ertl
Showing with 24 additions and 7 deletions

src/main/java/edu/kit/scc/RestServiceController.java src/main/java/edu/kit/scc/RestServiceController.java +19 -2

src/main/java/edu/kit/scc/oidc/OidcClient.java src/main/java/edu/kit/scc/oidc/OidcClient.java +5 -5

No files found.
--- a/src/main/java/edu/kit/scc/RestServiceController.java
+++ b/src/main/java/edu/kit/scc/RestServiceController.java
 package edu.kit.scc;

+import java.text.ParseException;
+
 import org.apache.commons.codec.binary.Base64;
 import org.json.JSONObject;
 import org.slf4j.Logger;
@@ -15,6 +17,10 @@ import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.ResponseStatus;
 import org.springframework.web.bind.annotation.RestController;

+import com.nimbusds.jwt.JWT;
+import com.nimbusds.jwt.JWTClaimsSet;
+import com.nimbusds.openid.connect.sdk.token.OIDCTokens;
+
 import edu.kit.scc.http.HttpClient;
 import edu.kit.scc.http.HttpResponse;
 import edu.kit.scc.ldap.LdapClient;
@@ -74,12 +80,20 @@ public class RestServiceController {
 		}

 		// OIDC
-		JSONObject oidcJson = null;
+		JSONObject oidcJson = new JSONObject();
 		try {
 			String token = body.split("=")[1];
-			oidcJson = oidcClient.requestUserInfo(token);
+			// oidcJson = oidcClient.requestUserInfo(token);
+			OIDCTokens tokens = oidcClient.requestTokens(token);
+			JWT jwt = tokens.getIDToken();
+			JWTClaimsSet claimsSet = jwt.getJWTClaimsSet();
+			log.debug(claimsSet.toJSONObject().toJSONString());
+
 		} catch (ArrayIndexOutOfBoundsException e) {
 			throw new UnauthorizedException();
+		} catch (ParseException e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
 		}

 		if (oidcJson != null && !oidcJson.isNull("error")) {
@@ -91,6 +105,9 @@ public class RestServiceController {
 		JSONObject scimJson = scimClient.getUser(name);

 		// we are looking for "roles" in the SCIM response and sync with LDAP
+
+		// if nothing succeeded, fail
+		throw new UnauthorizedException();
 	}

 	@ResponseStatus(value = HttpStatus.UNAUTHORIZED)

--- a/src/main/java/edu/kit/scc/oidc/OidcClient.java
+++ b/src/main/java/edu/kit/scc/oidc/OidcClient.java
@@ -32,6 +32,7 @@ import com.nimbusds.oauth2.sdk.token.Tokens;
 import com.nimbusds.openid.connect.sdk.OIDCTokenResponse;
 import com.nimbusds.openid.connect.sdk.OIDCTokenResponseParser;
 import com.nimbusds.openid.connect.sdk.UserInfoRequest;
+import com.nimbusds.openid.connect.sdk.token.OIDCTokens;

 import edu.kit.scc.http.CustomSSLContext;
 import edu.kit.scc.http.NullHostNameVerifier;
@@ -126,10 +127,10 @@ public class OidcClient {
 	 *            the OAuth2 authorization code
 	 * @return a {@link Tokens} bundle with all OIDC tokens
 	 */
-	public Tokens requestTokens(String authorizationCode) {
+	public OIDCTokens requestTokens(String authorizationCode) {
 		AuthorizationCode code = new AuthorizationCode(authorizationCode);

-		Tokens tokens = null;
+		OIDCTokens tokens = null;

 		try {
 			URI redirectUri = new URI(this.redirectUri);
@@ -162,10 +163,9 @@ public class OidcClient {

 			OIDCTokenResponse oidcTokenResponse = (OIDCTokenResponse) response;

-			tokens = oidcTokenResponse.getTokens();
-
-			log.debug(tokens.toJSONObject().toJSONString());
+			tokens = oidcTokenResponse.getOIDCTokens();

+			log.debug(oidcTokenResponse.getOIDCTokens().toJSONObject().toJSONString());
 			return tokens;
 		} catch (ParseException e) {
 			e.printStackTrace();