Added method to retrieve UMA token by using `clientId` and `clientSecret` in a specific `audience` (aka context, that must be in `URLEncoded` form) and Javadoc for all interesting methods
This commit is contained in:
parent
527f04fb67
commit
17e503c786
|
@ -13,6 +13,7 @@ import java.net.ProtocolException;
|
|||
import java.net.URL;
|
||||
import java.net.URLEncoder;
|
||||
import java.util.Arrays;
|
||||
import java.util.Base64;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
@ -58,6 +59,15 @@ public class OpenIdConnectRESTHelper {
|
|||
return q;
|
||||
}
|
||||
|
||||
/**
|
||||
* Queries from the OIDC server an OIDC access token, by using provided clientId and client secret.
|
||||
*
|
||||
* @param clientId the client id
|
||||
* @param clientSecret the client secret
|
||||
* @param tokenUrl the token endpoint {@link URL} of the OIDC server
|
||||
* @return the issued token
|
||||
* @throws OpenIdConnectRESTHelperException if an error occurs (also an unauthorized call), inspect the exception for details
|
||||
*/
|
||||
public static JWTToken queryClientToken(String clientId, String clientSecret, URL tokenURL)
|
||||
throws OpenIdConnectRESTHelperException {
|
||||
|
||||
|
@ -88,7 +98,7 @@ public class OpenIdConnectRESTHelper {
|
|||
return performQueryTokenWithPOST(tokenURL, null, params);
|
||||
}
|
||||
|
||||
public static JWTToken performQueryTokenWithPOST(URL tokenURL, String authorization,
|
||||
protected static JWTToken performQueryTokenWithPOST(URL tokenURL, String authorization,
|
||||
Map<String, List<String>> params) throws OpenIdConnectRESTHelperException {
|
||||
|
||||
logger.debug("Querying access token from OIDC server with URL: {}", tokenURL);
|
||||
|
@ -154,7 +164,37 @@ public class OpenIdConnectRESTHelper {
|
|||
return con;
|
||||
}
|
||||
|
||||
public static JWTToken queryUMAToken(URL tokenUrl, String authorizationToken, String audience,
|
||||
/**
|
||||
* Queries from the OIDC server an UMA token, by using provided clientId and client secret for the given audience
|
||||
* (context) in URLEncoded form and optionally a list of permissions.
|
||||
*
|
||||
* @param tokenUrl the token endpoint {@link URL} of the OIDC server
|
||||
* @param clientId the client id
|
||||
* @param clientSecret the client secret
|
||||
* @param audience the audience (context) where to request the issuing of the ticket
|
||||
* @param permissions a list of permissions, can be <code>null</code>
|
||||
* @return the issued token
|
||||
* @throws OpenIdConnectRESTHelperException if an error occurs (also an unauthorized call), inspect the exception for details
|
||||
*/
|
||||
public static JWTToken queryUMAToken(URL tokenUrl, String clientId, String clientSecret, String audience,
|
||||
List<String> permissions) throws OpenIdConnectRESTHelperException {
|
||||
|
||||
return queryUMAToken(tokenUrl, "Basic " + Base64.getEncoder().encodeToString((clientId + ":" + clientSecret).getBytes()),
|
||||
audience, permissions);
|
||||
}
|
||||
|
||||
/**
|
||||
* Queries from the OIDC server an UMA token, by using provided access token, for the given audience (context)
|
||||
* in URLEncoded form and optionally a list of permissions.
|
||||
*
|
||||
* @param tokenUrl the token endpoint {@link URL} of the OIDC server
|
||||
* @param authorization the auth token (the access token URLEncoded by the "Bearer " string)
|
||||
* @param audience the audience (context) where to request the issuing of the ticket (URLEncoded)
|
||||
* @param permissions a list of permissions, can be <code>null</code>
|
||||
* @return the issued token
|
||||
* @throws OpenIdConnectRESTHelperException if an error occurs (also an unauthorized call), inspect the exception for details
|
||||
*/
|
||||
public static JWTToken queryUMAToken(URL tokenUrl, String authorization, String audience,
|
||||
List<String> permissions) throws OpenIdConnectRESTHelperException {
|
||||
|
||||
Map<String, List<String>> params = new HashMap<>();
|
||||
|
@ -174,18 +214,45 @@ public class OpenIdConnectRESTHelper {
|
|||
}
|
||||
}).collect(Collectors.toList()));
|
||||
}
|
||||
return performQueryTokenWithPOST(tokenUrl, authorizationToken, params);
|
||||
return performQueryTokenWithPOST(tokenUrl, authorization, params);
|
||||
}
|
||||
|
||||
/**
|
||||
* Refreshes the token from the OIDC server.
|
||||
*
|
||||
* @param tokenUrl the token endpoint {@link URL} of the OIDC server
|
||||
* @param token the token to be refreshed
|
||||
* @return a new token refreshed from the previous one
|
||||
* @throws OpenIdConnectRESTHelperException if an error occurs (also an unauthorized call), inspect the exception for details
|
||||
*/
|
||||
public static JWTToken refreshToken(URL tokenURL, JWTToken token) throws OpenIdConnectRESTHelperException {
|
||||
return refreshToken(tokenURL, null, null, token);
|
||||
}
|
||||
|
||||
/**
|
||||
* Refreshes the token from the OIDC server for a specific client represented by the client id.
|
||||
*
|
||||
* @param tokenUrl the token endpoint {@link URL} of the OIDC server
|
||||
* @param clientId the client id
|
||||
* @param token the token to be refreshed
|
||||
* @return a new token refreshed from the previous one
|
||||
* @throws OpenIdConnectRESTHelperException if an error occurs (also an unauthorized call), inspect the exception for details
|
||||
*/
|
||||
public static JWTToken refreshToken(URL tokenURL, String clientId, JWTToken token)
|
||||
throws OpenIdConnectRESTHelperException {
|
||||
return refreshToken(tokenURL, clientId, null, token);
|
||||
}
|
||||
|
||||
/**
|
||||
* Refreshes the token from the OIDC server for a specific client represented by the client id.
|
||||
*
|
||||
* @param tokenUrl the token endpoint {@link URL} of the OIDC server
|
||||
* @param clientId the client id
|
||||
* @param clientSecret the client secret
|
||||
* @param token the token to be refreshed
|
||||
* @return a new token refreshed from the previous one
|
||||
* @throws OpenIdConnectRESTHelperException if an error occurs (also an unauthorized call), inspect the exception for details
|
||||
*/
|
||||
public static JWTToken refreshToken(URL tokenURL, String clientId, String clientSecret, JWTToken token)
|
||||
throws OpenIdConnectRESTHelperException {
|
||||
|
||||
|
@ -233,10 +300,27 @@ public class OpenIdConnectRESTHelper {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Performs the logout (SSOut) from all the sessions opened in the OIDC server.
|
||||
*
|
||||
* @param logoutUrl the logut endpoint {@link URL} of the OIDC server
|
||||
* @param token the token used to take info from
|
||||
* @return <code>true</code> if the logout is performed correctly, <code>false</code> otherwise
|
||||
* @throws IOException if an I/O error occurs during the communication with the server
|
||||
*/
|
||||
public static boolean logout(URL logoutUrl, JWTToken token) throws IOException {
|
||||
return logout(logoutUrl, null, token);
|
||||
}
|
||||
|
||||
/**
|
||||
* Performs the logout from the session related to the provided client id in the OIDC server.
|
||||
*
|
||||
* @param logoutUrl the logut endpoint {@link URL} of the OIDC server
|
||||
* @param clientId the client id
|
||||
* @param token the token used to take info from
|
||||
* @return <code>true</code> if the logout is performed correctly, <code>false</code> otherwise
|
||||
* @throws IOException if an I/O error occurs during the communication with the server
|
||||
*/
|
||||
public static boolean logout(URL logoutUrl, String clientId, JWTToken token) throws IOException {
|
||||
Map<String, List<String>> params = new HashMap<>();
|
||||
if (clientId == null) {
|
||||
|
|
Loading…
Reference in New Issue