Porting token_exchange
branch to master
#1
|
@ -102,7 +102,7 @@ public class OpenIdConnectRESTHelper {
|
|||
protected static JWTToken performQueryTokenWithPOST(URL tokenURL, String authorization,
|
||||
Map<String, List<String>> params) throws OpenIdConnectRESTHelperException {
|
||||
return performQueryTokenWithPOST(tokenURL, authorization, params, null);
|
||||
}
|
||||
}
|
||||
|
||||
protected static JWTToken performQueryTokenWithPOST(URL tokenURL, String authorization,
|
||||
Map<String, List<String>> params, Map<String, String> headers) throws OpenIdConnectRESTHelperException {
|
||||
|
@ -218,10 +218,11 @@ public class OpenIdConnectRESTHelper {
|
|||
logger.info("Queried exchangeToken for context " + audience);
|
||||
|
||||
Map<String, List<String>> params = new HashMap<>();
|
||||
params.put("subject_token", Arrays.asList("authorization"));
|
||||
params.put("grant_type", Arrays.asList("urn:ietf:params:oauth:grant-type:token-exchange"));
|
||||
|
||||
params.put("subject_token", Arrays.asList(authorization));
|
||||
params.put("client_id", Arrays.asList(client_id));
|
||||
params.put("client_secret", Arrays.asList(client_secret));
|
||||
params.put("grant_type", Arrays.asList("urn:ietf:params:oauth:grant-type:token-exchange"));
|
||||
params.put("subject_token_type", Arrays.asList("urn:ietf:params:oauth:token-type:access_token"));
|
||||
params.put("requested_token_type", Arrays.asList("urn:ietf:params:oauth:token-type:access_token"));
|
||||
|
||||
|
@ -250,12 +251,12 @@ public class OpenIdConnectRESTHelper {
|
|||
}
|
||||
|
||||
|
||||
Map<String, String> headers = new HashMap<>();
|
||||
headers.put("X-D4Science-Context", audience);
|
||||
// Map<String, String> headers = new HashMap<>();
|
||||
// headers.put("X-D4Science-Context", audience);
|
||||
|
||||
return performQueryTokenWithPOST(tokenUrl, authorization, params, headers);
|
||||
return performQueryTokenWithPOST(tokenUrl, null, params/*, headers*/);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Queries from the OIDC server an UMA token, by using provided access token, for the given audience (context),
|
||||
* in URLEncoded form or not, and optionally a list of permissions.
|
||||
|
|
Loading…
Reference in New Issue