com.nimbusds.oauth2.sdk.auth.Secret Java Examples

The following examples show how to use com.nimbusds.oauth2.sdk.auth.Secret. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: OpenIdClient.java    From timbuctoo with GNU General Public License v3.0 6 votes vote down vote up
public Optional<Tokens> getUserTokens(String code) throws IOException, ParseException {
  final ClientAuthentication basicAuth = new ClientSecretBasic(new ClientID(clientId), new Secret(clientSecret));
  final URI redirectUri = fromUri(redirectUrl).build();
  final AuthorizationCodeGrant authzGrant = new AuthorizationCodeGrant(new AuthorizationCode(code), redirectUri);
  final TokenRequest tokenRequest = new TokenRequest(getTokenUrl(discoveryUrl), basicAuth, authzGrant);
  final TokenResponse response = OIDCTokenResponseParser.parse(tokenRequest.toHTTPRequest().send());

  if (response.indicatesSuccess()) {
    final Tokens tokens = response.toSuccessResponse().getTokens();

    // TODO check if the id is not fake
    return Optional.of(tokens);
  } else {
    LOG.error("Could not retrieve client token: {}", response.toErrorResponse().getErrorObject());
    return Optional.empty();
  }
}
 
Example #2
Source File: OpenIdConnector.java    From onedev with MIT License 4 votes vote down vote up
@Override
public SsoAuthenticated processLoginResponse() {
	HttpServletRequest request = (HttpServletRequest) RequestCycle.get().getRequest().getContainerRequest();
	try {
		AuthenticationResponse authenticationResponse = AuthenticationResponseParser.parse(
				new URI(request.getRequestURI() + "?" + request.getQueryString()));
		if (authenticationResponse instanceof AuthenticationErrorResponse) {
			throw buildException(((AuthenticationErrorResponse)authenticationResponse).getErrorObject()); 
		} else {
			AuthenticationSuccessResponse authenticationSuccessResponse = 
					(AuthenticationSuccessResponse)authenticationResponse;
			
			String state = (String) Session.get().getAttribute(SESSION_ATTR_STATE);
			
			if (state == null || !state.equals(authenticationSuccessResponse.getState().getValue()))
				throw new AuthenticationException("Unsolicited OIDC authentication response");
			
			AuthorizationGrant codeGrant = new AuthorizationCodeGrant(
					authenticationSuccessResponse.getAuthorizationCode(), getCallbackUri());

			ClientID clientID = new ClientID(getClientId());
			Secret clientSecret = new Secret(getClientSecret());
			ClientAuthentication clientAuth = new ClientSecretBasic(clientID, clientSecret);
			TokenRequest tokenRequest = new TokenRequest(
					new URI(getCachedProviderMetadata().getTokenEndpoint()), clientAuth, codeGrant);
			HTTPResponse httpResponse = tokenRequest.toHTTPRequest().send();
			if (httpResponse.getStatusCode() == HTTPResponse.SC_OK) {
				JSONObject jsonObject = httpResponse.getContentAsJSONObject();
				if (jsonObject.get("error") != null) 
					throw buildException(TokenErrorResponse.parse(jsonObject).getErrorObject());
				else 
					return processTokenResponse(OIDCAccessTokenResponse.parse(jsonObject));
			} else {
				ErrorObject error = TokenErrorResponse.parse(httpResponse).getErrorObject();
				if (error != null) {
					throw buildException(error);
				} else {
					String message = String.format("Error requesting OIDC token: http status: %d", 
							httpResponse.getStatusCode());
					throw new AuthenticationException(message);
				}
			}
		}
	} catch (ParseException | URISyntaxException|SerializeException|IOException e) {
		throw new RuntimeException(e);
	}
}
 
Example #3
Source File: OidcClient.java    From sonar-auth-oidc with Apache License 2.0 4 votes vote down vote up
private Secret getClientSecret() {
  String secret = config.clientSecret();
  return secret == null ? new Secret("") : new Secret(secret);
}
 
Example #4
Source File: ClientSecretGet.java    From OAuth-2.0-Cookbook with MIT License 4 votes vote down vote up
protected ClientSecretGet(ClientID clientID, Secret secret) {
    super(new ClientAuthenticationMethod("get"), clientID, secret);
}
 
Example #5
Source File: FacebookAuthorizationGrantTokenExchanger.java    From OAuth-2.0-Cookbook with MIT License 4 votes vote down vote up
@Override
public TokenResponseAttributes exchange(
    AuthorizationCodeAuthenticationToken authorizationCodeAuthenticationToken)
    throws OAuth2AuthenticationException {

    ClientRegistration clientRegistration = authorizationCodeAuthenticationToken.getClientRegistration();

    AuthorizationCode authorizationCode = new AuthorizationCode(
        authorizationCodeAuthenticationToken.getAuthorizationCode());
    AuthorizationGrant authorizationCodeGrant = new AuthorizationCodeGrant(
        authorizationCode, URI.create(clientRegistration.getRedirectUri()));
    URI tokenUri = URI.create(clientRegistration.getProviderDetails().getTokenUri());

    ClientID clientId = new ClientID(clientRegistration.getClientId());
    Secret clientSecret = new Secret(clientRegistration.getClientSecret());
    ClientAuthentication clientAuthentication = new ClientSecretGet(clientId, clientSecret);

    try {
        HTTPRequest httpRequest = createTokenRequest(
                clientRegistration, authorizationCodeGrant,
                tokenUri, clientAuthentication);

        TokenResponse tokenResponse = TokenResponse.parse(httpRequest.send());

        if (!tokenResponse.indicatesSuccess()) {
            OAuth2Error errorObject = new OAuth2Error("invalid_token_response");
            throw new OAuth2AuthenticationException(errorObject, "error");
        }

        return createTokenResponse((AccessTokenResponse) tokenResponse);

    } catch (MalformedURLException e) {
        throw new SerializeException(e.getMessage(), e);
    } catch (ParseException pe) {
        throw new OAuth2AuthenticationException(new OAuth2Error("invalid_token_response"), pe);
    } catch (IOException ioe) {
        throw new AuthenticationServiceException(
            "An error occurred while sending the Access Token Request: " +
            ioe.getMessage(), ioe);
    }

}