Using azp field (if present) also in logout
This commit is contained in:
parent
d6362f0cb5
commit
9aafc0d289
|
@ -115,10 +115,12 @@ public class OpenIdConnectRESTHelper {
|
||||||
con.setRequestProperty("Authorization", authorization);
|
con.setRequestProperty("Authorization", authorization);
|
||||||
}
|
}
|
||||||
OutputStream os = con.getOutputStream();
|
OutputStream os = con.getOutputStream();
|
||||||
|
|
||||||
|
String queryString = mapToQueryString(params);
|
||||||
if (logger.isDebugEnabled()) {
|
if (logger.isDebugEnabled()) {
|
||||||
logger.debug("Sending parameters: " + params);
|
logger.debug("Parameters query string is: " + queryString);
|
||||||
}
|
}
|
||||||
os.write(mapToQueryString(params).getBytes("UTF-8"));
|
os.write(queryString.getBytes("UTF-8"));
|
||||||
os.close();
|
os.close();
|
||||||
return con;
|
return con;
|
||||||
}
|
}
|
||||||
|
@ -156,6 +158,18 @@ public class OpenIdConnectRESTHelper {
|
||||||
Map<String, List<String>> params = new HashMap<>();
|
Map<String, List<String>> params = new HashMap<>();
|
||||||
params.put("grant_type", Arrays.asList("refresh_token"));
|
params.put("grant_type", Arrays.asList("refresh_token"));
|
||||||
if (clientId == null) {
|
if (clientId == null) {
|
||||||
|
clientId = getClientIdFromToken(token);
|
||||||
|
}
|
||||||
|
params.put("client_id", Arrays.asList(URLEncoder.encode(clientId, "UTF-8")));
|
||||||
|
if (clientSecret != null) {
|
||||||
|
params.put("client_secret", Arrays.asList(URLEncoder.encode(clientSecret, "UTF-8")));
|
||||||
|
}
|
||||||
|
params.put("refresh_token", Arrays.asList(token.getRefreshTokenString()));
|
||||||
|
return performQueryTokenWithPOST(tokenURL, null, params);
|
||||||
|
}
|
||||||
|
|
||||||
|
protected static String getClientIdFromToken(JWTToken token) {
|
||||||
|
String clientId;
|
||||||
if (logger.isDebugEnabled()) {
|
if (logger.isDebugEnabled()) {
|
||||||
logger.debug("Client id not provided, using authorized party field (azp)");
|
logger.debug("Client id not provided, using authorized party field (azp)");
|
||||||
}
|
}
|
||||||
|
@ -166,13 +180,7 @@ public class OpenIdConnectRESTHelper {
|
||||||
}
|
}
|
||||||
clientId = getFirstAudienceNoAccount(token);
|
clientId = getFirstAudienceNoAccount(token);
|
||||||
}
|
}
|
||||||
}
|
return clientId;
|
||||||
params.put("client_id", Arrays.asList(URLEncoder.encode(clientId, "UTF-8")));
|
|
||||||
if (clientSecret != null) {
|
|
||||||
params.put("client_secret", Arrays.asList(URLEncoder.encode(clientSecret, "UTF-8")));
|
|
||||||
}
|
|
||||||
params.put("refresh_token", Arrays.asList(token.getRefreshTokenString()));
|
|
||||||
return performQueryTokenWithPOST(tokenURL, null, params);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private static String getFirstAudienceNoAccount(JWTToken token) {
|
private static String getFirstAudienceNoAccount(JWTToken token) {
|
||||||
|
@ -194,7 +202,7 @@ public class OpenIdConnectRESTHelper {
|
||||||
public static boolean logout(URL logoutUrl, String clientId, JWTToken token) throws IOException {
|
public static boolean logout(URL logoutUrl, String clientId, JWTToken token) throws IOException {
|
||||||
Map<String, List<String>> params = new HashMap<>();
|
Map<String, List<String>> params = new HashMap<>();
|
||||||
if (clientId == null) {
|
if (clientId == null) {
|
||||||
clientId = getFirstAudienceNoAccount(token);
|
clientId = getClientIdFromToken(token);
|
||||||
}
|
}
|
||||||
params.put("client_id", Arrays.asList(URLEncoder.encode(clientId, "UTF-8")));
|
params.put("client_id", Arrays.asList(URLEncoder.encode(clientId, "UTF-8")));
|
||||||
params.put("refresh_token", Arrays.asList(token.getRefreshTokenString()));
|
params.put("refresh_token", Arrays.asList(token.getRefreshTokenString()));
|
||||||
|
|
Loading…
Reference in New Issue