Browse Source

preparing jwt creation

Signed-off-by: Stephan Richter <s.richter@srsoftware.de>
sqlite
Stephan Richter 4 months ago
parent
commit
ddb30ba295
  1. 17
      de.srsoftware.cookies/src/main/java/de/srsoftware/cookies/Cookie.java
  2. 13
      de.srsoftware.cookies/src/main/java/de/srsoftware/cookies/SessionToken.java
  3. 9
      de.srsoftware.oidc.api/src/main/java/de/srsoftware/oidc/api/Constants.java
  4. 4
      de.srsoftware.oidc.app/src/main/java/de/srsoftware/oidc/app/Application.java
  5. 44
      de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/TokenController.java

17
de.srsoftware.cookies/src/main/java/de/srsoftware/cookies/Cookie.java

@ -1,6 +1,9 @@
/* © SRSoftware 2024 */ /* © SRSoftware 2024 */
package de.srsoftware.cookies; package de.srsoftware.cookies;
import static java.lang.System.Logger.Level.ERROR;
import static java.lang.System.Logger.Level.WARNING;
import com.sun.net.httpserver.Headers; import com.sun.net.httpserver.Headers;
import com.sun.net.httpserver.HttpExchange; import com.sun.net.httpserver.HttpExchange;
import java.util.Arrays; import java.util.Arrays;
@ -8,9 +11,6 @@ import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Optional; import java.util.Optional;
import static java.lang.System.Logger.Level.ERROR;
import static java.lang.System.Logger.Level.WARNING;
public abstract class Cookie implements Map.Entry<String, String> { public abstract class Cookie implements Map.Entry<String, String> {
static final System.Logger LOG = System.getLogger(SessionToken.class.getSimpleName()); static final System.Logger LOG = System.getLogger(SessionToken.class.getSimpleName());
private final String key; private final String key;
@ -22,7 +22,7 @@ public abstract class Cookie implements Map.Entry<String, String> {
} }
public <T extends Cookie> T addTo(Headers headers) { public <T extends Cookie> T addTo(Headers headers) {
LOG.log(ERROR,"sending cookie {0}={1}",key,value); LOG.log(ERROR, "sending cookie {0}={1}", key, value);
headers.add("Set-Cookie", "%s=%s".formatted(key, value)); headers.add("Set-Cookie", "%s=%s".formatted(key, value));
return (T)this; return (T)this;
} }
@ -42,14 +42,7 @@ public abstract class Cookie implements Map.Entry<String, String> {
} }
protected static List<String> of(HttpExchange ex) { protected static List<String> of(HttpExchange ex) {
return Optional.ofNullable(ex.getRequestHeaders() return Optional.ofNullable(ex.getRequestHeaders().get("Cookie")).stream().flatMap(List::stream).flatMap(s -> Arrays.stream(s.split(";"))).map(String::trim).peek(cookie -> LOG.log(WARNING, "received cookie {0}", cookie)).toList();
.get("Cookie"))
.stream()
.flatMap(List::stream)
.flatMap(s -> Arrays.stream(s.split(";")))
.map(String::trim)
.peek(cookie -> LOG.log(WARNING,"received cookie {0}",cookie))
.toList();
} }
@Override @Override

13
de.srsoftware.cookies/src/main/java/de/srsoftware/cookies/SessionToken.java

@ -4,23 +4,24 @@ package de.srsoftware.cookies;
import com.sun.net.httpserver.HttpExchange; import com.sun.net.httpserver.HttpExchange;
import java.util.Optional; import java.util.Optional;
import java.util.logging.Logger;
import static java.lang.System.Logger.Level.DEBUG;
import static java.lang.System.Logger.Level.WARNING;
public class SessionToken extends Cookie { public class SessionToken extends Cookie {
private final String sessionId; private final String sessionId;
public SessionToken(String sessionId) { public SessionToken(String sessionId) {
super("sessionToken", sessionId+"; Path=/api"); super("sessionToken", sessionId + "; Path=/api");
this.sessionId = sessionId; this.sessionId = sessionId;
} }
public static Optional<SessionToken> from(HttpExchange ex) { public static Optional<SessionToken> from(HttpExchange ex) {
return Cookie.of(ex).stream().filter(cookie -> cookie.startsWith("sessionToken=")) return Cookie.of(ex)
.stream()
.filter(cookie -> cookie.startsWith("sessionToken="))
.map(cookie -> cookie.split("=", 2)[1]).map(id -> new SessionToken(id)).findAny(); .map(cookie -> cookie.split("=", 2)[1])
.map(id -> new SessionToken(id))
.findAny();
} }
public String sessionId() { public String sessionId() {

9
de.srsoftware.oidc.api/src/main/java/de/srsoftware/oidc/api/Constants.java

@ -2,15 +2,22 @@
package de.srsoftware.oidc.api; package de.srsoftware.oidc.api;
public class Constants { public class Constants {
public static final String ACCESS_TOKEN = "access_token";
public static final String ATUH_CODE = "authorization_code";
public static final String BEARER = "Bearer";
public static final String CAUSE = "cause"; public static final String CAUSE = "cause";
public static final String CLIENT_ID = "client_id"; public static final String CLIENT_ID = "client_id";
public static final String CLIENT_SECRET = "client_secret";
public static final String CODE = "code"; public static final String CODE = "code";
public static final String CONFIRMED = "confirmed"; public static final String CONFIRMED = "confirmed";
public static final String DEFAULT_KEY = "default_key";
public static final String EXPIRES_IN = "expires_in";
public static final String GRANT_TYPE = "grant_type"; public static final String GRANT_TYPE = "grant_type";
public static final String ID_TOKEN = "id_token";
public static final String NAME = "name"; public static final String NAME = "name";
public static final String REDIRECT_URI = "redirect_uri"; public static final String REDIRECT_URI = "redirect_uri";
public static final String REDIRECT_URIS = "redirect_uris"; public static final String REDIRECT_URIS = "redirect_uris";
public static final String SECRET = "secret"; public static final String SECRET = "secret";
public static final String STATE = "state"; public static final String STATE = "state";
public static final String ATUH_CODE = "authorization_code"; public static final String TOKEN_TYPE = "token_type";
} }

4
de.srsoftware.oidc.app/src/main/java/de/srsoftware/oidc/app/Application.java

@ -52,9 +52,9 @@ public class Application {
new Forward(INDEX).bindPath(ROOT).on(server); new Forward(INDEX).bindPath(ROOT).on(server);
new WellKnownController().bindPath(WELL_KNOWN).on(server); new WellKnownController().bindPath(WELL_KNOWN).on(server);
new UserController(fileStore, fileStore).bindPath(API_USER).on(server); new UserController(fileStore, fileStore).bindPath(API_USER).on(server);
new TokenController().bindPath(API_TOKEN).on(server); new TokenController(fileStore).bindPath(API_TOKEN).on(server);
new ClientController(fileStore, fileStore, fileStore).bindPath(API_CLIENT).on(server); new ClientController(fileStore, fileStore, fileStore).bindPath(API_CLIENT).on(server);
//server.setExecutor(Executors.newCachedThreadPool()); // server.setExecutor(Executors.newCachedThreadPool());
server.setExecutor(Executors.newSingleThreadExecutor()); server.setExecutor(Executors.newSingleThreadExecutor());
server.start(); server.start();
} }

44
de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/TokenController.java

@ -1,21 +1,27 @@
/* © SRSoftware 2024 */ /* © SRSoftware 2024 */
package de.srsoftware.oidc.backend; package de.srsoftware.oidc.backend;
import static de.srsoftware.oidc.api.Constants.ATUH_CODE; import static de.srsoftware.oidc.api.Constants.*;
import static de.srsoftware.oidc.api.Constants.GRANT_TYPE;
import static java.lang.System.Logger.Level.ERROR; import static java.lang.System.Logger.Level.ERROR;
import static java.lang.System.Logger.Level.WARNING; import static java.lang.System.Logger.Level.WARNING;
import static java.net.HttpURLConnection.HTTP_BAD_REQUEST; import static java.net.HttpURLConnection.HTTP_BAD_REQUEST;
import static java.net.HttpURLConnection.HTTP_NOT_FOUND;
import com.sun.net.httpserver.HttpExchange; import com.sun.net.httpserver.HttpExchange;
import de.srsoftware.oidc.api.Client;
import de.srsoftware.oidc.api.ClientService;
import de.srsoftware.oidc.api.PathHandler; import de.srsoftware.oidc.api.PathHandler;
import java.io.IOException; import java.io.IOException;
import java.util.Arrays; import java.util.*;
import java.util.Map;
import java.util.stream.Collectors; import java.util.stream.Collectors;
import org.json.JSONObject;
public class TokenController extends PathHandler { public class TokenController extends PathHandler {
private final ClientService clients;
public TokenController(ClientService clientService) {
clients = clientService;
}
private Map<String, String> deserialize(String body) { private Map<String, String> deserialize(String body) {
return Arrays.stream(body.split("&")).map(s -> s.split("=")).collect(Collectors.toMap(arr -> arr[0], arr -> arr[1])); return Arrays.stream(body.split("&")).map(s -> s.split("=")).collect(Collectors.toMap(arr -> arr[0], arr -> arr[1]));
} }
@ -32,10 +38,36 @@ public class TokenController extends PathHandler {
private boolean provideToken(HttpExchange ex) throws IOException { private boolean provideToken(HttpExchange ex) throws IOException {
var map = deserialize(body(ex)); var map = deserialize(body(ex));
// TODO: check Authorization Code, → https://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint
// TODO: check Redirect URL
LOG.log(WARNING, "post data: {0}", map); LOG.log(WARNING, "post data: {0}", map);
LOG.log(ERROR, "{0}.provideToken(ex) not implemented!", getClass().getSimpleName()); LOG.log(ERROR, "{0}.provideToken(ex) not implemented!", getClass().getSimpleName());
var grantType = map.get(GRANT_TYPE); var grantType = map.get(GRANT_TYPE);
if (!ATUH_CODE.equals(grantType)) sendContent(ex, HTTP_BAD_REQUEST, Map.of(ERROR, "unknown grant type", GRANT_TYPE, grantType)); if (!ATUH_CODE.equals(grantType)) sendContent(ex, HTTP_BAD_REQUEST, Map.of(ERROR, "unknown grant type", GRANT_TYPE, grantType));
return sendEmptyResponse(HTTP_NOT_FOUND, ex); var optClient = Optional.ofNullable(map.get(CLIENT_ID)).flatMap(clients::getClient);
if (optClient.isEmpty()) {
LOG.log(ERROR, "client not found");
return sendEmptyResponse(HTTP_BAD_REQUEST, ex);
// TODO: send correct response
}
var secretFromClient = map.get(CLIENT_SECRET);
var client = optClient.get();
if (!client.secret().equals(secretFromClient)) {
LOG.log(ERROR, "client secret mismatch");
return sendEmptyResponse(HTTP_BAD_REQUEST, ex);
// TODO: send correct response
}
String jwToken = createJWT(client);
ex.getResponseHeaders().add("Cache-Control", "no-store");
JSONObject response = new JSONObject();
response.put(ACCESS_TOKEN, UUID.randomUUID().toString()); // TODO: wofür genau wird der verwendet, was gilt es hier zu beachten
response.put(TOKEN_TYPE, BEARER);
response.put(EXPIRES_IN, 3600);
response.put(ID_TOKEN, jwToken);
return sendContent(ex, response);
}
private String createJWT(Client client) {
return null;
} }
} }

Loading…
Cancel
Save