gCubeSystem
/
oidc-library
18
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Using azp field (if present) also in logout

This commit is contained in:
Mauro Mugnaini 2020-06-30 13:57:41 +02:00
parent d6362f0cb5
commit 9aafc0d289
1 changed files with 21 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
src/main/java/org/gcube/oidc/rest/OpenIdConnectRESTHelper.java
View File

@ -115,10 +115,12 @@ public class OpenIdConnectRESTHelper {
con.setRequestProperty("Authorization", authorization); con.setRequestProperty("Authorization", authorization);
} }
OutputStream os = con.getOutputStream(); OutputStream os = con.getOutputStream();
String queryString = mapToQueryString(params);
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
logger.debug("Sending parameters: " + params); logger.debug("Parameters query string is: " + queryString);
} }
os.write(mapToQueryString(params).getBytes("UTF-8")); os.write(queryString.getBytes("UTF-8"));
os.close(); os.close();
return con; return con;
} }
@ -156,6 +158,18 @@ public class OpenIdConnectRESTHelper {
Map<String, List<String>> params = new HashMap<>(); Map<String, List<String>> params = new HashMap<>();
params.put("grant_type", Arrays.asList("refresh_token")); params.put("grant_type", Arrays.asList("refresh_token"));
if (clientId == null) { if (clientId == null) {
clientId = getClientIdFromToken(token);
}
params.put("client_id", Arrays.asList(URLEncoder.encode(clientId, "UTF-8")));
if (clientSecret != null) {
params.put("client_secret", Arrays.asList(URLEncoder.encode(clientSecret, "UTF-8")));
}
params.put("refresh_token", Arrays.asList(token.getRefreshTokenString()));
return performQueryTokenWithPOST(tokenURL, null, params);
}
protected static String getClientIdFromToken(JWTToken token) {
String clientId;
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled()) {
logger.debug("Client id not provided, using authorized party field (azp)"); logger.debug("Client id not provided, using authorized party field (azp)");
} }
@ -166,13 +180,7 @@ public class OpenIdConnectRESTHelper {
} }
clientId = getFirstAudienceNoAccount(token); clientId = getFirstAudienceNoAccount(token);
} }
} return clientId;
params.put("client_id", Arrays.asList(URLEncoder.encode(clientId, "UTF-8")));
if (clientSecret != null) {
params.put("client_secret", Arrays.asList(URLEncoder.encode(clientSecret, "UTF-8")));
}
params.put("refresh_token", Arrays.asList(token.getRefreshTokenString()));
return performQueryTokenWithPOST(tokenURL, null, params);
} }
private static String getFirstAudienceNoAccount(JWTToken token) { private static String getFirstAudienceNoAccount(JWTToken token) {
@ -194,7 +202,7 @@ public class OpenIdConnectRESTHelper {
public static boolean logout(URL logoutUrl, String clientId, JWTToken token) throws IOException { public static boolean logout(URL logoutUrl, String clientId, JWTToken token) throws IOException {
Map<String, List<String>> params = new HashMap<>(); Map<String, List<String>> params = new HashMap<>();
if (clientId == null) { if (clientId == null) {
clientId = getFirstAudienceNoAccount(token); clientId = getClientIdFromToken(token);
} }
params.put("client_id", Arrays.asList(URLEncoder.encode(clientId, "UTF-8"))); params.put("client_id", Arrays.asList(URLEncoder.encode(clientId, "UTF-8")));
params.put("refresh_token", Arrays.asList(token.getRefreshTokenString())); params.put("refresh_token", Arrays.asList(token.getRefreshTokenString()));