-
Notifications
You must be signed in to change notification settings - Fork 108
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
205 additions
and
67 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,86 @@ | ||
Index: components/org.wso2.carbon.identity.application.authenticator.oidc/src/main/java/org/wso2/carbon/identity/application/authenticator/oidc/OpenIDConnectAuthenticator.java | ||
IDEA additional info: | ||
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP | ||
<+>UTF-8 | ||
=================================================================== | ||
diff --git a/components/org.wso2.carbon.identity.application.authenticator.oidc/src/main/java/org/wso2/carbon/identity/application/authenticator/oidc/OpenIDConnectAuthenticator.java b/components/org.wso2.carbon.identity.application.authenticator.oidc/src/main/java/org/wso2/carbon/identity/application/authenticator/oidc/OpenIDConnectAuthenticator.java | ||
--- a/components/org.wso2.carbon.identity.application.authenticator.oidc/src/main/java/org/wso2/carbon/identity/application/authenticator/oidc/OpenIDConnectAuthenticator.java (revision 5844c8078e123699e34446eeb362864714c89983) | ||
+++ b/components/org.wso2.carbon.identity.application.authenticator.oidc/src/main/java/org/wso2/carbon/identity/application/authenticator/oidc/OpenIDConnectAuthenticator.java (date 1657176530471) | ||
@@ -452,24 +452,12 @@ | ||
protected void processAuthenticationResponse(HttpServletRequest request, HttpServletResponse response, | ||
AuthenticationContext context) throws AuthenticationFailedException { | ||
|
||
- try { | ||
- | ||
- OAuthAuthzResponse authzResponse = OAuthAuthzResponse.oauthCodeAuthzResponse(request); | ||
- OAuthClientRequest accessTokenRequest = getAccessTokenRequest(context, authzResponse); | ||
- | ||
- // Create OAuth client that uses custom http client under the hood | ||
- OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient()); | ||
- OAuthClientResponse oAuthResponse = getOauthResponse(oAuthClient, accessTokenRequest); | ||
+ OAuthClientResponse oAuthResponse = generateOauthResponse(request, context); | ||
|
||
// TODO : return access token and id token to framework | ||
- String accessToken = oAuthResponse.getParam(OIDCAuthenticatorConstants.ACCESS_TOKEN); | ||
+ mapAccessToken(context, oAuthResponse); | ||
+ String idToken = mapIdToken(request, oAuthResponse); | ||
|
||
- if (StringUtils.isBlank(accessToken)) { | ||
- throw new AuthenticationFailedException(ErrorMessages.ACCESS_TOKEN_EMPTY_OR_NULL.getCode(), | ||
- ErrorMessages.ACCESS_TOKEN_EMPTY_OR_NULL.getMessage()); | ||
- } | ||
- | ||
- String idToken = oAuthResponse.getParam(OIDCAuthenticatorConstants.ID_TOKEN); | ||
Map<String, String> authenticatorProperties = context.getAuthenticatorProperties(); | ||
if (StringUtils.isBlank(idToken) && requiredIDToken(authenticatorProperties)) { | ||
throw new AuthenticationFailedException(ErrorMessages.ID_TOKEN_MISSED_IN_OIDC_RESPONSE.getCode(), | ||
@@ -482,8 +470,6 @@ | ||
stateInfoOIDC.setIdTokenHint(idToken); | ||
context.setStateInfo(stateInfoOIDC); | ||
|
||
- context.setProperty(OIDCAuthenticatorConstants.ACCESS_TOKEN, accessToken); | ||
- | ||
AuthenticatedUser authenticatedUser; | ||
Map<ClaimMapping, String> claims = new HashMap<>(); | ||
Map<String, Object> jsonObject = new HashMap<>(); | ||
@@ -535,10 +521,38 @@ | ||
|
||
context.setSubject(authenticatedUser); | ||
|
||
+ } | ||
+ | ||
+ protected String mapIdToken(HttpServletRequest request, OAuthClientResponse oAuthResponse) { | ||
+ String idToken = oAuthResponse.getParam(OIDCAuthenticatorConstants.ID_TOKEN); | ||
+ return idToken; | ||
+ } | ||
+ | ||
+ protected void mapAccessToken(AuthenticationContext context, OAuthClientResponse oAuthResponse) throws AuthenticationFailedException { | ||
+ String accessToken = oAuthResponse.getParam(OIDCAuthenticatorConstants.ACCESS_TOKEN); | ||
+ | ||
+ if (StringUtils.isBlank(accessToken)) { | ||
+ throw new AuthenticationFailedException(ErrorMessages.ACCESS_TOKEN_EMPTY_OR_NULL.getCode(), | ||
+ ErrorMessages.ACCESS_TOKEN_EMPTY_OR_NULL.getMessage()); | ||
+ } | ||
+ context.setProperty(OIDCAuthenticatorConstants.ACCESS_TOKEN, accessToken); | ||
+ } | ||
+ | ||
+ protected OAuthClientResponse generateOauthResponse(HttpServletRequest request, AuthenticationContext context) | ||
+ throws AuthenticationFailedException { | ||
+ | ||
+ OAuthClientResponse oAuthResponse; | ||
+ try { | ||
+ OAuthAuthzResponse authzResponse = OAuthAuthzResponse.oauthCodeAuthzResponse(request); | ||
+ OAuthClientRequest accessTokenRequest = getAccessTokenRequest(context, authzResponse); | ||
+ | ||
+ // Create OAuth client that uses custom http client under the hood | ||
+ OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient()); | ||
+ oAuthResponse = getOauthResponse(oAuthClient,accessTokenRequest); | ||
} catch (OAuthProblemException e) { | ||
- throw new AuthenticationFailedException(ErrorMessages.AUTHENTICATION_PROCESS_FAILED.getCode(), | ||
- ErrorMessages.AUTHENTICATION_PROCESS_FAILED.getMessage(), context.getSubject(), e); | ||
+ throw new RuntimeException(e); | ||
} | ||
+ return oAuthResponse; | ||
} | ||
|
||
@Override |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters