Commit d4169efa authored by benjamin.ertl's avatar benjamin.ertl

change oauth2 tokens to oidc tokens

parent b50ac6fc
package edu.kit.scc;
import java.text.ParseException;
import org.apache.commons.codec.binary.Base64;
import org.json.JSONObject;
import org.slf4j.Logger;
......@@ -15,6 +17,10 @@ import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;
import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.openid.connect.sdk.token.OIDCTokens;
import edu.kit.scc.http.HttpClient;
import edu.kit.scc.http.HttpResponse;
import edu.kit.scc.ldap.LdapClient;
......@@ -74,12 +80,20 @@ public class RestServiceController {
}
// OIDC
JSONObject oidcJson = null;
JSONObject oidcJson = new JSONObject();
try {
String token = body.split("=")[1];
oidcJson = oidcClient.requestUserInfo(token);
// oidcJson = oidcClient.requestUserInfo(token);
OIDCTokens tokens = oidcClient.requestTokens(token);
JWT jwt = tokens.getIDToken();
JWTClaimsSet claimsSet = jwt.getJWTClaimsSet();
log.debug(claimsSet.toJSONObject().toJSONString());
} catch (ArrayIndexOutOfBoundsException e) {
throw new UnauthorizedException();
} catch (ParseException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
if (oidcJson != null && !oidcJson.isNull("error")) {
......@@ -91,6 +105,9 @@ public class RestServiceController {
JSONObject scimJson = scimClient.getUser(name);
// we are looking for "roles" in the SCIM response and sync with LDAP
// if nothing succeeded, fail
throw new UnauthorizedException();
}
@ResponseStatus(value = HttpStatus.UNAUTHORIZED)
......
......@@ -32,6 +32,7 @@ import com.nimbusds.oauth2.sdk.token.Tokens;
import com.nimbusds.openid.connect.sdk.OIDCTokenResponse;
import com.nimbusds.openid.connect.sdk.OIDCTokenResponseParser;
import com.nimbusds.openid.connect.sdk.UserInfoRequest;
import com.nimbusds.openid.connect.sdk.token.OIDCTokens;
import edu.kit.scc.http.CustomSSLContext;
import edu.kit.scc.http.NullHostNameVerifier;
......@@ -126,10 +127,10 @@ public class OidcClient {
* the OAuth2 authorization code
* @return a {@link Tokens} bundle with all OIDC tokens
*/
public Tokens requestTokens(String authorizationCode) {
public OIDCTokens requestTokens(String authorizationCode) {
AuthorizationCode code = new AuthorizationCode(authorizationCode);
Tokens tokens = null;
OIDCTokens tokens = null;
try {
URI redirectUri = new URI(this.redirectUri);
......@@ -162,10 +163,9 @@ public class OidcClient {
OIDCTokenResponse oidcTokenResponse = (OIDCTokenResponse) response;
tokens = oidcTokenResponse.getTokens();
log.debug(tokens.toJSONObject().toJSONString());
tokens = oidcTokenResponse.getOIDCTokens();
log.debug(oidcTokenResponse.getOIDCTokens().toJSONObject().toJSONString());
return tokens;
} catch (ParseException e) {
e.printStackTrace();
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment