Beta version
This commit is contained in:
parent
1294d1a550
commit
c3f057e05c
|
@ -17,33 +17,29 @@ import org.json.simple.parser.ParseException;
|
|||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import com.nubisware.oidc.keycloak.KeycloakHelper;
|
||||
|
||||
public class JWTToken implements Serializable {
|
||||
|
||||
protected static Logger logger = LoggerFactory.getLogger(KeycloakHelper.class);
|
||||
protected static Logger logger = LoggerFactory.getLogger(JWTToken.class);
|
||||
|
||||
private static final long serialVersionUID = -7063122428186284827L;
|
||||
|
||||
private static String SHARE_PREFIX = "USER_";
|
||||
|
||||
public static String OIDC_TOKEN_ATTRIBUTE = SHARE_PREFIX + "OIDC_JWT";
|
||||
public static String RPT_TOKEN_ATTRIBUTE = SHARE_PREFIX + "UMA_RPT_JWT";
|
||||
|
||||
public static final String ACCOUNT_RESOURCE = "account";
|
||||
|
||||
private String raw;
|
||||
private JSONObject token;
|
||||
private JSONObject identity;
|
||||
private JSONObject payload;
|
||||
|
||||
public static JWTToken fromString(String tokenString) {
|
||||
if (tokenString == null) {
|
||||
if (logger.isDebugEnabled()) {
|
||||
logger.debug("Token string is null, cannot create token object");
|
||||
}
|
||||
return null;
|
||||
}
|
||||
try {
|
||||
return new JWTToken(tokenString);
|
||||
} catch (ParseException e) {
|
||||
|
||||
logger.error("Cannot parse token string", e);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
@ -56,7 +52,7 @@ public class JWTToken implements Serializable {
|
|||
private void parse() throws ParseException {
|
||||
token = (JSONObject) new JSONParser().parse(this.raw);
|
||||
String[] parts = getAccessTokenString().split("\\.");
|
||||
identity = (JSONObject) new JSONParser().parse(new String(Base64.getDecoder().decode(parts[1])));
|
||||
payload = (JSONObject) new JSONParser().parse(new String(Base64.getDecoder().decode(parts[1])));
|
||||
}
|
||||
|
||||
public String getRaw() {
|
||||
|
@ -75,12 +71,12 @@ public class JWTToken implements Serializable {
|
|||
return "Bearer " + getAccessTokenString();
|
||||
}
|
||||
|
||||
public JSONObject getIdentity() {
|
||||
return identity;
|
||||
public JSONObject getPayload() {
|
||||
return payload;
|
||||
}
|
||||
|
||||
public String getExp() {
|
||||
return (String) getIdentity().get("exp");
|
||||
return (String) getPayload().get("exp");
|
||||
}
|
||||
|
||||
public Date getExpAsDate() {
|
||||
|
@ -97,32 +93,46 @@ public class JWTToken implements Serializable {
|
|||
return new Date().after(getExpAsDate());
|
||||
}
|
||||
|
||||
public List<String> getAud() {
|
||||
List<String> audienceStrings = new ArrayList<>();
|
||||
Object audience = getPayload().get("aud");
|
||||
if (audience instanceof String) {
|
||||
audienceStrings.add((String) audience);
|
||||
} else if (audience instanceof JSONArray) {
|
||||
JSONArray audienceArray = (JSONArray) audience;
|
||||
for (int i = 0; i < audienceArray.size(); i++) {
|
||||
audienceStrings.add((String) audienceArray.get(i));
|
||||
}
|
||||
}
|
||||
return audienceStrings;
|
||||
}
|
||||
|
||||
public String getSub() {
|
||||
return (String) getIdentity().get("sub");
|
||||
return (String) getPayload().get("sub");
|
||||
}
|
||||
|
||||
public String getEmail() {
|
||||
return (String) getIdentity().get("email");
|
||||
return (String) getPayload().get("email");
|
||||
}
|
||||
|
||||
public String getFamily() {
|
||||
return (String) getIdentity().get("family_name");
|
||||
return (String) getPayload().get("family_name");
|
||||
}
|
||||
|
||||
public String getGiven() {
|
||||
return (String) getIdentity().get("given_name");
|
||||
return (String) getPayload().get("given_name");
|
||||
}
|
||||
|
||||
public String getUserName() {
|
||||
return (String) getIdentity().get("preferred_username");
|
||||
return (String) getPayload().get("preferred_username");
|
||||
}
|
||||
|
||||
public String getDisplayName() {
|
||||
return (String) getIdentity().get("name");
|
||||
return (String) getPayload().get("name");
|
||||
}
|
||||
|
||||
protected JSONObject getResourceAccess() {
|
||||
return (JSONObject) getIdentity().get("resource_access");
|
||||
return (JSONObject) getPayload().get("resource_access");
|
||||
}
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
|
@ -153,20 +163,8 @@ public class JWTToken implements Serializable {
|
|||
return map;
|
||||
}
|
||||
|
||||
/*
|
||||
"authorization": {
|
||||
"permissions": [
|
||||
{
|
||||
"rsid": "e9afce09-baeb-4569-8e9a-67342ce39cf5",
|
||||
"rsname": "a",
|
||||
"resource_scopes" : []
|
||||
}
|
||||
]
|
||||
}
|
||||
*/
|
||||
|
||||
protected JSONArray getAuthorizationPermissions() {
|
||||
JSONObject authorization = (JSONObject) getIdentity().get("authorization");
|
||||
JSONObject authorization = (JSONObject) getPayload().get("authorization");
|
||||
return (JSONArray) authorization.get("permissions");
|
||||
}
|
||||
|
||||
|
@ -206,4 +204,9 @@ public class JWTToken implements Serializable {
|
|||
return map;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return getRaw();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -42,7 +42,6 @@ public class OpenIdConnectRESTHelper {
|
|||
if (logger.isDebugEnabled()) {
|
||||
logger.debug("Query string is: " + q);
|
||||
}
|
||||
System.out.println("Query string is: " + q);
|
||||
return q;
|
||||
}
|
||||
|
||||
|
@ -75,7 +74,6 @@ public class OpenIdConnectRESTHelper {
|
|||
if (authorization != null) {
|
||||
con.setRequestProperty("Authorization", authorization);
|
||||
}
|
||||
System.err.println("Authorization: " + authorization);
|
||||
OutputStream os = con.getOutputStream();
|
||||
os.write(mapToQueryString(params).getBytes("UTF-8"));
|
||||
os.close();
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
package com.nubisware.oidc.rest;
|
||||
|
||||
public class JWTTokenTest {
|
||||
|
||||
private static String tokenString = "{\"access_token\":\"eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJfNEdzbmg3eGZpQ2VNOUFFOTU4S0FqeG5hcllmZlBMbDRrVEpjajN5bThFIn0.eyJleHAiOjE1OTA2NzU4NDEsImlhdCI6MTU5MDY3NTU0MSwiYXV0aF90aW1lIjoxNTkwNjc1NTQwLCJqdGkiOiIxZDc2MjZmMi0xYjcxLTQ2NmEtOWNjNS0wNmYyNWYwODgzZDciLCJpc3MiOiJodHRwczovL251YmlzMi5pbnQuZDRzY2llbmNlLm5ldC9hdXRoL3JlYWxtcy9kNHNjaWVuY2UiLCJhdWQiOlsiJTJGZ2N1YmUiLCIlMkZnY3ViZSUyRmRldk5leHQlMkZOZXh0TmV4dCIsIiUyRmdjdWJlJTJGZGV2c2VjJTJGZGV2VlJFIiwiYWNjb3VudCJdLCJzdWIiOiIzNTQ5MjQ2MS0yZjY4LTQ1YTctOGQyNy1iOGNjNzgyOTJkNGEiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJwb3J0YWwiLCJzZXNzaW9uX3N0YXRlIjoiYzA4MzYzOWUtMjNlMy00ZWU2LTg3YjgtODRkMDcxMDBkY2Y2IiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyIqIl0sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiJTJGZ2N1YmUiOnsicm9sZXMiOlsiTWVtYmVyIl19LCIlMkZnY3ViZSUyRmRldk5leHQlMkZOZXh0TmV4dCI6eyJyb2xlcyI6WyJNZW1iZXIiXX0sIiUyRmdjdWJlJTJGZGV2c2VjJTJGZGV2VlJFIjp7InJvbGVzIjpbIk1lbWJlciJdfSwiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJvcGVuaWQgcHJvZmlsZSBlbWFpbCIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJuYW1lIjoiTWF1cm8gTXVnbmFpbmkiLCJncm91cHMiOltdLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJtYXVybyIsImdpdmVuX25hbWUiOiJNYXVybyIsImZhbWlseV9uYW1lIjoiTXVnbmFpbmkiLCJlbWFpbCI6Im1hdXJvLm11Z25haW5pQG51Ymlzd2FyZS5jb20ifQ.dYHmdm23iqO3swhUllyICnzhJlH8h1pTmT8n7S7w-y2b2pNTgK98YiRspSbIC-yPzreAf_GkvsUWyVXeRKnbstiwonIeH5EjVglEF1LgppzTClqaMel1C1AcbPdccno7uIzsE0m03ErKwhzOS8o3SiZEZfELg6bH-UtdOrqnB0Hk8EGVZ7wfso-LwumMw_t600l7E_m4wuPw2UqQNHVtu714043_1cAi4YQXg-KVGzhLcwX-zZj--EJgmm8voTHTENQ-mKYuM-UCK2iZkVYOLcz4I6W97nLbk_Vx59ysTZh4J21cbh7sQRwhp5kE3itYV1ec-xHfjWDjTY-DDZNJ-Q\",\"expires_in\":300,\"refresh_expires_in\":1800,\"refresh_token\":\"eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIzZjUyZDcxMS01Nzk5LTRjYjYtOGExMi02MzEyNjg2NGU0ODAifQ.eyJleHAiOjE1OTA2NzczNDEsImlhdCI6MTU5MDY3NTU0MSwianRpIjoiODdkNDAwN2EtMjQ4MC00MDliLTgyZTAtODFkOTIwZmFiM2E5IiwiaXNzIjoiaHR0cHM6Ly9udWJpczIuaW50LmQ0c2NpZW5jZS5uZXQvYXV0aC9yZWFsbXMvZDRzY2llbmNlIiwiYXVkIjoiaHR0cHM6Ly9udWJpczIuaW50LmQ0c2NpZW5jZS5uZXQvYXV0aC9yZWFsbXMvZDRzY2llbmNlIiwic3ViIjoiMzU0OTI0NjEtMmY2OC00NWE3LThkMjctYjhjYzc4MjkyZDRhIiwidHlwIjoiUmVmcmVzaCIsImF6cCI6InBvcnRhbCIsInNlc3Npb25fc3RhdGUiOiJjMDgzNjM5ZS0yM2UzLTRlZTYtODdiOC04NGQwNzEwMGRjZjYiLCJzY29wZSI6Im9wZW5pZCBwcm9maWxlIGVtYWlsIn0.8Mz_hlZ7635YRW_f1c4fHEzUzutRLxuooA0XAu3g24w\",\"token_type\":\"bearer\",\"id_token\":\"eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJfNEdzbmg3eGZpQ2VNOUFFOTU4S0FqeG5hcllmZlBMbDRrVEpjajN5bThFIn0.eyJleHAiOjE1OTA2NzU4NDEsImlhdCI6MTU5MDY3NTU0MSwiYXV0aF90aW1lIjoxNTkwNjc1NTQwLCJqdGkiOiJkM2M1Mjc5NC00ZTJkLTQ4MWQtODBhNy0wMjdiZWIxNzM0YmIiLCJpc3MiOiJodHRwczovL251YmlzMi5pbnQuZDRzY2llbmNlLm5ldC9hdXRoL3JlYWxtcy9kNHNjaWVuY2UiLCJhdWQiOiJwb3J0YWwiLCJzdWIiOiIzNTQ5MjQ2MS0yZjY4LTQ1YTctOGQyNy1iOGNjNzgyOTJkNGEiLCJ0eXAiOiJJRCIsImF6cCI6InBvcnRhbCIsInNlc3Npb25fc3RhdGUiOiJjMDgzNjM5ZS0yM2UzLTRlZTYtODdiOC04NGQwNzEwMGRjZjYiLCJhY3IiOiIxIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsIm5hbWUiOiJNYXVybyBNdWduYWluaSIsImdyb3VwcyI6W10sInByZWZlcnJlZF91c2VybmFtZSI6Im1hdXJvIiwiZ2l2ZW5fbmFtZSI6Ik1hdXJvIiwiZmFtaWx5X25hbWUiOiJNdWduYWluaSIsImVtYWlsIjoibWF1cm8ubXVnbmFpbmlAbnViaXN3YXJlLmNvbSJ9.X4aY7q3cQ5TFk8phfpKlomE1kttu4hIySEfNjeasQl3lDMiGspnS2LmilSV9agFkDs2z8sdvWLUmmCpevZ_eOdDK0WgsmuYunXXOOCBbNyzzw6AmyDK4DYC2aUUfe8wNndgi7e7bf1TTA4TuFJgC_-xaWfwBrIU8NmDZyozBsms2s4oXxMXUGSb_WmJnXARnHIfWR0F72fngF7jkGs_S6UjyB3g4ZKFk1F3ctrxNT8S49Y82w6n7RqjaLkPBq_WtSXnOQG0Osagv1lkkg2FeXrE6lKZVdAsxbVFVN9epFlvn5aFB7OK1smevjYd_PQxk498rm11H4WLkXBgUqifKWg\",\"not-before-policy\":0,\"session_state\":\"c083639e-23e3-4ee6-87b8-84d07100dcf6\",\"scope\":\"openid profile email\"}";
|
||||
|
||||
public JWTTokenTest() {
|
||||
}
|
||||
|
||||
public static void main(String[] args) {
|
||||
JWTToken token = JWTToken.fromString(tokenString);
|
||||
System.out.println(token.getAud());
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue