Commit d4169efa authored by benjamin.ertl's avatar benjamin.ertl
Browse files

change oauth2 tokens to oidc tokens

parent b50ac6fc
package edu.kit.scc; package edu.kit.scc;
import java.text.ParseException;
import org.apache.commons.codec.binary.Base64; import org.apache.commons.codec.binary.Base64;
import org.json.JSONObject; import org.json.JSONObject;
import org.slf4j.Logger; import org.slf4j.Logger;
...@@ -15,6 +17,10 @@ import org.springframework.web.bind.annotation.RequestMethod; ...@@ -15,6 +17,10 @@ import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseStatus; import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController; import org.springframework.web.bind.annotation.RestController;
import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.openid.connect.sdk.token.OIDCTokens;
import edu.kit.scc.http.HttpClient; import edu.kit.scc.http.HttpClient;
import edu.kit.scc.http.HttpResponse; import edu.kit.scc.http.HttpResponse;
import edu.kit.scc.ldap.LdapClient; import edu.kit.scc.ldap.LdapClient;
...@@ -74,12 +80,20 @@ public class RestServiceController { ...@@ -74,12 +80,20 @@ public class RestServiceController {
} }
// OIDC // OIDC
JSONObject oidcJson = null; JSONObject oidcJson = new JSONObject();
try { try {
String token = body.split("=")[1]; String token = body.split("=")[1];
oidcJson = oidcClient.requestUserInfo(token); // oidcJson = oidcClient.requestUserInfo(token);
OIDCTokens tokens = oidcClient.requestTokens(token);
JWT jwt = tokens.getIDToken();
JWTClaimsSet claimsSet = jwt.getJWTClaimsSet();
log.debug(claimsSet.toJSONObject().toJSONString());
} catch (ArrayIndexOutOfBoundsException e) { } catch (ArrayIndexOutOfBoundsException e) {
throw new UnauthorizedException(); throw new UnauthorizedException();
} catch (ParseException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} }
if (oidcJson != null && !oidcJson.isNull("error")) { if (oidcJson != null && !oidcJson.isNull("error")) {
...@@ -91,6 +105,9 @@ public class RestServiceController { ...@@ -91,6 +105,9 @@ public class RestServiceController {
JSONObject scimJson = scimClient.getUser(name); JSONObject scimJson = scimClient.getUser(name);
// we are looking for "roles" in the SCIM response and sync with LDAP // we are looking for "roles" in the SCIM response and sync with LDAP
// if nothing succeeded, fail
throw new UnauthorizedException();
} }
@ResponseStatus(value = HttpStatus.UNAUTHORIZED) @ResponseStatus(value = HttpStatus.UNAUTHORIZED)
......
...@@ -32,6 +32,7 @@ import com.nimbusds.oauth2.sdk.token.Tokens; ...@@ -32,6 +32,7 @@ import com.nimbusds.oauth2.sdk.token.Tokens;
import com.nimbusds.openid.connect.sdk.OIDCTokenResponse; import com.nimbusds.openid.connect.sdk.OIDCTokenResponse;
import com.nimbusds.openid.connect.sdk.OIDCTokenResponseParser; import com.nimbusds.openid.connect.sdk.OIDCTokenResponseParser;
import com.nimbusds.openid.connect.sdk.UserInfoRequest; import com.nimbusds.openid.connect.sdk.UserInfoRequest;
import com.nimbusds.openid.connect.sdk.token.OIDCTokens;
import edu.kit.scc.http.CustomSSLContext; import edu.kit.scc.http.CustomSSLContext;
import edu.kit.scc.http.NullHostNameVerifier; import edu.kit.scc.http.NullHostNameVerifier;
...@@ -126,10 +127,10 @@ public class OidcClient { ...@@ -126,10 +127,10 @@ public class OidcClient {
* the OAuth2 authorization code * the OAuth2 authorization code
* @return a {@link Tokens} bundle with all OIDC tokens * @return a {@link Tokens} bundle with all OIDC tokens
*/ */
public Tokens requestTokens(String authorizationCode) { public OIDCTokens requestTokens(String authorizationCode) {
AuthorizationCode code = new AuthorizationCode(authorizationCode); AuthorizationCode code = new AuthorizationCode(authorizationCode);
Tokens tokens = null; OIDCTokens tokens = null;
try { try {
URI redirectUri = new URI(this.redirectUri); URI redirectUri = new URI(this.redirectUri);
...@@ -162,10 +163,9 @@ public class OidcClient { ...@@ -162,10 +163,9 @@ public class OidcClient {
OIDCTokenResponse oidcTokenResponse = (OIDCTokenResponse) response; OIDCTokenResponse oidcTokenResponse = (OIDCTokenResponse) response;
tokens = oidcTokenResponse.getTokens(); tokens = oidcTokenResponse.getOIDCTokens();
log.debug(tokens.toJSONObject().toJSONString());
log.debug(oidcTokenResponse.getOIDCTokens().toJSONObject().toJSONString());
return tokens; return tokens;
} catch (ParseException e) { } catch (ParseException e) {
e.printStackTrace(); e.printStackTrace();
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment