revised TokenController.provideToken
Signed-off-by: Stephan Richter <s.richter@srsoftware.de>
This commit is contained in:
@@ -0,0 +1,7 @@
|
||||
/* © SRSoftware 2024 */
|
||||
package de.srsoftware.oidc.api;
|
||||
|
||||
import java.util.Set;
|
||||
|
||||
public record AuthResult(AuthorizedScopes authorizedScopes, Set<String> unauthorizedScopes, String authCode) {
|
||||
}
|
||||
@@ -0,0 +1,5 @@
|
||||
/* © SRSoftware 2024 */
|
||||
package de.srsoftware.oidc.api;
|
||||
|
||||
public record Authorization(String clientId, String userId, AuthorizedScopes scopes) {
|
||||
}
|
||||
@@ -1,7 +0,0 @@
|
||||
/* © SRSoftware 2024 */
|
||||
package de.srsoftware.oidc.api;
|
||||
|
||||
import java.time.Instant;
|
||||
|
||||
public record AuthorizedScope(String scope, Instant expiration) {
|
||||
}
|
||||
@@ -0,0 +1,8 @@
|
||||
/* © SRSoftware 2024 */
|
||||
package de.srsoftware.oidc.api;
|
||||
|
||||
import java.time.Instant;
|
||||
import java.util.Set;
|
||||
|
||||
public record AuthorizedScopes(Set<String> scopes, Instant expiration) {
|
||||
}
|
||||
@@ -3,12 +3,10 @@ package de.srsoftware.oidc.api;
|
||||
|
||||
import java.time.Instant;
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
import java.util.Optional;
|
||||
|
||||
public interface ClaimAuthorizationService {
|
||||
public record AuthResult(List<AuthorizedScope> authorizedScopes, Set<String> unauthorizedScopes, String authCode) {
|
||||
}
|
||||
AuthResult getAuthorization(User user, Client client, Collection<String> scopes);
|
||||
ClaimAuthorizationService authorize(User user, Client client, Collection<String> scopes, Instant expiration);
|
||||
Optional<Authorization> consumeAuthorization(String authCode);
|
||||
AuthResult getAuthorization(User user, Client client, Collection<String> scopes);
|
||||
}
|
||||
|
||||
@@ -1,40 +1,44 @@
|
||||
/* © SRSoftware 2024 */
|
||||
package de.srsoftware.oidc.api;
|
||||
|
||||
|
||||
public class Constants {
|
||||
public static final String ACCESS_TOKEN = "access_token";
|
||||
public static final String APP_NAME = "LightOIDC";
|
||||
public static final String AUTH_CODE = "authorization_code";
|
||||
public static final String AUTHORIZATION = "Authorization";
|
||||
public static final String AUTHORZED = "authorized";
|
||||
public static final String BEARER = "Bearer";
|
||||
public static final String CAUSE = "cause";
|
||||
public static final String CLIENT_ID = "client_id";
|
||||
public static final String CLIENT_SECRET = "client_secret";
|
||||
public static final String CODE = "code";
|
||||
public static final String ERROR = "error";
|
||||
public static final String CONFIG_PATH = "LIGHTOIDC_CONFIG_PATH";
|
||||
public static final String CONFIRMED = "confirmed";
|
||||
public static final String DAYS = "days";
|
||||
public static final String ERROR_DESCRIPTION = "error_description";
|
||||
public static final String EXPIRATION = "expiration";
|
||||
public static final String EXPIRES_IN = "expires_in";
|
||||
public static final String GRANT_TYPE = "grant_type";
|
||||
public static final String ID_TOKEN = "id_token";
|
||||
public static final String INVALID_REDIRECT_URI = "invalid_request_uri";
|
||||
public static final String INVALID_REQUEST = "invalid_request";
|
||||
public static final String ACCESS_TOKEN = "access_token";
|
||||
public static final String APP_NAME = "LightOIDC";
|
||||
public static final String AUTH_CODE = "authorization_code";
|
||||
public static final String AUTHORIZATION = "Authorization";
|
||||
public static final String AUTHORZED = "authorized";
|
||||
public static final String BEARER = "Bearer";
|
||||
public static final String CAUSE = "cause";
|
||||
public static final String CLIENT_ID = "client_id";
|
||||
public static final String CLIENT_SECRET = "client_secret";
|
||||
public static final String CODE = "code";
|
||||
public static final String ERROR = "error";
|
||||
public static final String CONFIG_PATH = "LIGHTOIDC_CONFIG_PATH";
|
||||
public static final String CONFIRMED = "confirmed";
|
||||
public static final String DAYS = "days";
|
||||
public static final String ERROR_DESCRIPTION = "error_description";
|
||||
public static final String EXPIRATION = "expiration";
|
||||
public static final String EXPIRES_IN = "expires_in";
|
||||
public static final String GRANT_TYPE = "grant_type";
|
||||
public static final String ID_TOKEN = "id_token";
|
||||
public static final String INVALID_CLIENT = "invalid_client";
|
||||
public static final String INVALID_GRANT = "invalid_grant";
|
||||
public static final String INVALID_REDIRECT_URI = "invalid_request_uri";
|
||||
public static final String INVALID_REQUEST = "invalid_request";
|
||||
public static final String INVALID_REQUEST_OBJECT = "invalid_request_object";
|
||||
public static final String INVALID_SCOPE = "invalid_scope";
|
||||
public static final String NAME = "name";
|
||||
public static final String NONCE = "nonce";
|
||||
public static final String OPENID = "openid";
|
||||
public static final String REDIRECT_URI = "redirect_uri";
|
||||
public static final String REDIRECT_URIS = "redirect_uris";
|
||||
public static final String REQUEST_NOT_SUPPORTED = "request_not_supported";
|
||||
public static final String RESPONSE_TYPE = "response_type";
|
||||
public static final String SCOPE = "scope";
|
||||
public static final String SECRET = "secret";
|
||||
public static final String STATE = "state";
|
||||
public static final String TOKEN = "token";
|
||||
public static final String TOKEN_TYPE = "token_type";
|
||||
public static final String INVALID_SCOPE = "invalid_scope";
|
||||
public static final String NAME = "name";
|
||||
public static final String NONCE = "nonce";
|
||||
public static final String OPENID = "openid";
|
||||
public static final String REDIRECT_URI = "redirect_uri";
|
||||
public static final String REDIRECT_URIS = "redirect_uris";
|
||||
public static final String REQUEST_NOT_SUPPORTED = "request_not_supported";
|
||||
public static final String RESPONSE_TYPE = "response_type";
|
||||
public static final String SCOPE = "scope";
|
||||
public static final String SECRET = "secret";
|
||||
public static final String STATE = "state";
|
||||
public static final String TOKEN = "token";
|
||||
public static final String TOKEN_TYPE = "token_type";
|
||||
public static final String UNAUTHORIZED_CLIENT = "unauthorized_client";
|
||||
}
|
||||
|
||||
@@ -11,10 +11,7 @@ import com.sun.net.httpserver.HttpExchange;
|
||||
import com.sun.net.httpserver.HttpHandler;
|
||||
import com.sun.net.httpserver.HttpServer;
|
||||
import java.io.IOException;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Optional;
|
||||
import java.util.*;
|
||||
import java.util.stream.Stream;
|
||||
import org.json.JSONObject;
|
||||
|
||||
@@ -30,6 +27,9 @@ public abstract class PathHandler implements HttpHandler {
|
||||
|
||||
private String[] paths;
|
||||
|
||||
public record BasicAuth(String userId, String pass) {
|
||||
}
|
||||
|
||||
public class Bond {
|
||||
Bond(String[] paths) {
|
||||
PathHandler.this.paths = paths;
|
||||
@@ -102,6 +102,16 @@ public abstract class PathHandler implements HttpHandler {
|
||||
return getHeader(ex, AUTHORIZATION);
|
||||
}
|
||||
|
||||
public static Optional<BasicAuth> getBasicAuth(HttpExchange ex) {
|
||||
return getAuthToken(ex)
|
||||
.filter(token -> token.startsWith("Basic ")) //
|
||||
.map(token -> token.substring(6))
|
||||
.map(Base64.getDecoder()::decode)
|
||||
.map(bytes -> new String(bytes, UTF_8))
|
||||
.map(token -> token.split(":", 2))
|
||||
.map(arr -> new BasicAuth(arr[0], arr[1]));
|
||||
}
|
||||
|
||||
public static Optional<String> getBearer(HttpExchange ex) {
|
||||
return getAuthToken(ex).filter(token -> token.startsWith("Bearer ")).map(token -> token.substring(7));
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user