本文整理汇总了Java中com.nimbusds.openid.connect.sdk.Nonce类的典型用法代码示例。如果您正苦于以下问题:Java Nonce类的具体用法?Java Nonce怎么用?Java Nonce使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
Nonce类属于com.nimbusds.openid.connect.sdk包,在下文中一共展示了Nonce类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: doExecute
import com.nimbusds.openid.connect.sdk.Nonce; //导入依赖的package包/类
/** {@inheritDoc} */
@Override
protected void doExecute(@Nonnull final ProfileRequestContext profileRequestContext) {
if (getOidcResponseContext().getIDToken() == null) {
log.error("{} No id token", getLogPrefix());
ActionSupport.buildEvent(profileRequestContext, EventIds.INVALID_MSG_CTX);
return;
}
Nonce nonce = requestNonceLookupStrategy.apply(profileRequestContext);
if (nonce != null) {
log.debug("{} Setting nonce to id token", getLogPrefix());
getOidcResponseContext().getIDToken().setNonce(nonce);
log.debug("{} Updated token {}", getLogPrefix(),
getOidcResponseContext().getIDToken().toJSONObject().toJSONString());
}
}
示例2: IdTokenRequest
import com.nimbusds.openid.connect.sdk.Nonce; //导入依赖的package包/类
public IdTokenRequest(Subject subject, OIDCClientInformation client, Scope scope, Instant authenticationTime,
ACR acr, AMR amr, SessionID sessionId, Nonce nonce, AccessToken accessToken, AuthorizationCode code) {
Objects.requireNonNull(subject, "subject must not be null");
Objects.requireNonNull(client, "client must not be null");
Objects.requireNonNull(scope, "scope must not be null");
Objects.requireNonNull(authenticationTime, "authenticationTime must not be null");
Objects.requireNonNull(acr, "acr must not be null");
Objects.requireNonNull(amr, "amr must not be null");
if (!scope.contains(OIDCScopeValue.OPENID)) {
throw new IllegalArgumentException("Scope '" + OIDCScopeValue.OPENID + "' is required");
}
this.subject = subject;
this.client = client;
this.scope = scope;
this.authenticationTime = authenticationTime;
this.acr = acr;
this.amr = amr;
this.sessionId = sessionId;
this.nonce = nonce;
this.accessToken = accessToken;
this.code = code;
}
示例3: AuthorizationCodeContext
import com.nimbusds.openid.connect.sdk.Nonce; //导入依赖的package包/类
public AuthorizationCodeContext(Subject subject, ClientID clientId, URI redirectUri, Scope scope,
Instant authenticationTime, ACR acr, AMR amr, SessionID sessionId, CodeChallenge codeChallenge,
CodeChallengeMethod codeChallengeMethod, Nonce nonce) {
Objects.requireNonNull(subject, "subject must not be null");
Objects.requireNonNull(clientId, "clientId must not be null");
Objects.requireNonNull(redirectUri, "redirectUri must not be null");
Objects.requireNonNull(scope, "scope must not be null");
Objects.requireNonNull(authenticationTime, "authenticationTime must not be null");
Objects.requireNonNull(acr, "acr must not be null");
Objects.requireNonNull(amr, "amr must not be null");
Objects.requireNonNull(sessionId, "sessionId must not be null");
this.subject = subject;
this.clientId = clientId;
this.redirectUri = redirectUri;
this.scope = scope;
this.authenticationTime = authenticationTime;
this.acr = acr;
this.amr = amr;
this.sessionId = sessionId;
this.codeChallenge = codeChallenge;
this.codeChallengeMethod = codeChallengeMethod;
this.nonce = nonce;
}
示例4: handleAuthorizationCodeFlow
import com.nimbusds.openid.connect.sdk.Nonce; //导入依赖的package包/类
private AuthenticationSuccessResponse handleAuthorizationCodeFlow(AuthenticationRequest authRequest,
OIDCClientInformation client, HttpServletRequest request, Subject subject) throws GeneralException {
ResponseMode responseMode = authRequest.impliedResponseMode();
ClientID clientId = authRequest.getClientID();
URI redirectUri = authRequest.getRedirectionURI();
Scope requestedScope = authRequest.getScope();
CodeChallenge codeChallenge = authRequest.getCodeChallenge();
CodeChallengeMethod codeChallengeMethod = authRequest.getCodeChallengeMethod();
Nonce nonce = authRequest.getNonce();
Instant authenticationTime = Instant.ofEpochMilli(request.getSession().getCreationTime());
ACR acr = this.acr;
AMR amr = AMR.PWD;
SessionID sessionId = new SessionID(request.getSession().getId());
State sessionState = this.sessionManagementEnabled ? State.parse(sessionId.getValue()) : null;
Scope scope = this.scopeResolver.resolve(subject, requestedScope, client.getOIDCMetadata());
AuthorizationCodeContext context = new AuthorizationCodeContext(subject, clientId, redirectUri, scope,
authenticationTime, acr, amr, sessionId, codeChallenge, codeChallengeMethod, nonce);
AuthorizationCode code = this.authorizationCodeService.create(context);
return new AuthenticationSuccessResponse(redirectUri, code, null, null, authRequest.getState(), sessionState,
responseMode);
}
示例5: validate
import com.nimbusds.openid.connect.sdk.Nonce; //导入依赖的package包/类
@Override
public IDTokenClaimsSet validate(final JWT idToken, final Nonce expectedNonce) throws BadJOSEException, JOSEException {
try {
if (originalIssuer.contains("%7Btenantid%7D")) {
Object tid = idToken.getJWTClaimsSet().getClaim("tid");
if (tid == null) {
throw new BadJWTException("ID token does not contain the 'tid' claim");
}
base = new IDTokenValidator(new Issuer(originalIssuer.replace("%7Btenantid%7D", tid.toString())),
base.getClientID(), base.getJWSKeySelector(), base.getJWEKeySelector());
base.setMaxClockSkew(getMaxClockSkew());
}
} catch (ParseException e) {
throw new BadJWTException(e.getMessage(), e);
}
return base.validate(idToken, expectedNonce);
}
示例6: getIdTokenClaims
import com.nimbusds.openid.connect.sdk.Nonce; //导入依赖的package包/类
protected JWTClaimsSet getIdTokenClaims(@Nonnull ClientID clientId, @Nullable Nonce nonce,
@Nullable AccessTokenHash atHash, @Nullable CodeHash cHash) throws ParseException {
UserInfo ui = getUserInfo();
JWTClaimsSet.Builder cb = new JWTClaimsSet.Builder(ui.toJWTClaimsSet());
cb.issuer(getTokenIssuer().getValue());
cb.audience(getTokenAudience(clientId));
cb.issueTime(getTokenIssuedAt());
cb.expirationTime(getTokenExpiration());
if (nonce != null) {
cb.claim("nonce", nonce.getValue());
}
if (atHash != null) {
cb.claim("at_hash", atHash.getValue());
}
if (cHash != null) {
cb.claim("c_hash", cHash.getValue());
}
JWTClaimsSet claims = cb.build();
return claims;
}
示例7: getIdToken
import com.nimbusds.openid.connect.sdk.Nonce; //导入依赖的package包/类
protected JWT getIdToken(@Nonnull ClientID clientId, @Nullable Nonce nonce, @Nullable AccessTokenHash atHash,
@Nullable CodeHash cHash) throws GeneralSecurityException, JOSEException, ParseException {
JWTClaimsSet claims = getIdTokenClaims(clientId, nonce, atHash, cHash);
RSAKey key = getSigningJwk();
JWSHeader.Builder headerBuilder = new JWSHeader.Builder(JWSAlgorithm.RS256)
.type(JOSEObjectType.JWT);
if (params.getBool(INCLUDE_SIGNING_CERT)) {
headerBuilder = headerBuilder.jwk(key.toPublicJWK());
}
JWSHeader header = headerBuilder.build();
SignedJWT signedJwt = new SignedJWT(header, claims);
JWSSigner signer = new RSASSASigner(key);
signedJwt.sign(signer);
return signedJwt;
}
示例8: getAuthRequestURL
import com.nimbusds.openid.connect.sdk.Nonce; //导入依赖的package包/类
public String getAuthRequestURL() {
Nonce nonce = new Nonce();
AuthenticationRequest req = new AuthenticationRequest(
oauthS,
new ResponseType(ResponseType.Value.CODE),
Scope.parse("profile openid additional"),
authC.getClientID(),
callback,
state,
nonce);
try {
return req.toURI().toString();
} catch (SerializeException ex) {
_log.error(ex);
}
return null;
}
示例9: setUp
import com.nimbusds.openid.connect.sdk.Nonce; //导入依赖的package包/类
@SuppressWarnings("unchecked")
private void setUp(boolean idtoken, boolean userinfo) throws Exception {
matcher = new AttributeInOIDCRequestedClaimsMatcher();
final RequestContext requestCtx = new RequestContextBuilder().buildRequestContext();
prc = new WebflowRequestContextProfileRequestContextLookup().apply(requestCtx);
msgCtx = new MessageContext<AuthenticationRequest>();
prc.setInboundMessageContext(msgCtx);
//We use the same ctx for outbonud, outbound is olnly used here for fetching response context.
prc.setOutboundMessageContext(msgCtx);
OIDCAuthenticationResponseContext respCtx = new OIDCAuthenticationResponseContext();
msgCtx.addSubcontext(respCtx);
if (!idtoken && !userinfo) {
msgCtx.setMessage(new AuthenticationRequest(new URI("htts://example.org"), ResponseType.getDefault(),
new Scope("openid"), new ClientID(), new URI("htts://example.org"), new State(), new Nonce()));
} else {
msgCtx.setMessage(new AuthenticationRequest(new URI("htts://example.org"), ResponseType.getDefault(), null,
new Scope("openid"), new ClientID(), new URI("htts://example.org"), new State(), new Nonce(), null,
null, 0, null, null, null, null, null, getClaimsRequest(idtoken, userinfo), null, null, null, null));
respCtx.setRequestedClaims(getClaimsRequest(idtoken, userinfo));
}
// shortcut, may break the test
filtercontext = prc.getSubcontext(AttributeFilterContext.class, true);
ctx = new OIDCMetadataContext();
OIDCClientMetadata metadata = new OIDCClientMetadata();
OIDCClientInformation information = new OIDCClientInformation(new ClientID(), new Date(), metadata,
new Secret());
ctx.setClientInformation(information);
msgCtx.addSubcontext(ctx);
attribute = new IdPAttribute("test");
OIDCStringAttributeEncoder encoder = new OIDCStringAttributeEncoder();
encoder.setName("test");
encoders = new ArrayList<AttributeEncoder<?>>();
encoders.add(encoder);
attribute.setEncoders(encoders);
matcher.setId("componentId");
}
开发者ID:CSCfi,项目名称:shibboleth-idp-oidc-extension,代码行数:40,代码来源:AttributeInOIDCRequestedClaimsMatcherTest.java
示例10: doLookup
import com.nimbusds.openid.connect.sdk.Nonce; //导入依赖的package包/类
@Override
Nonce doLookup(@Nonnull AuthenticationRequest req) {
if (req.getNonce() != null) {
return Nonce.parse(req.getNonce().getValue());
}
return null;
}
示例11: getNonce
import com.nimbusds.openid.connect.sdk.Nonce; //导入依赖的package包/类
/**
* Get copy of the nonce in authentication request.
*
* @return copy of the nonce in authentication request.
*/
@Nonnull
public Nonce getNonce() {
if (authzCodeClaims.getClaim(KEY_NONCE) == null) {
return null;
}
return new Nonce((String) authzCodeClaims.getClaim(KEY_NONCE));
}
示例12: handleImplicitFlow
import com.nimbusds.openid.connect.sdk.Nonce; //导入依赖的package包/类
private AuthenticationSuccessResponse handleImplicitFlow(AuthenticationRequest authRequest,
OIDCClientInformation client, HttpServletRequest request, Subject subject) throws GeneralException {
ResponseType responseType = authRequest.getResponseType();
ResponseMode responseMode = authRequest.impliedResponseMode();
URI redirectUri = authRequest.getRedirectionURI();
Scope requestedScope = authRequest.getScope();
State state = authRequest.getState();
Nonce nonce = authRequest.getNonce();
Instant authenticationTime = Instant.ofEpochMilli(request.getSession().getCreationTime());
ACR acr = this.acr;
AMR amr = AMR.PWD;
SessionID sessionId = new SessionID(request.getSession().getId());
State sessionState = this.sessionManagementEnabled ? State.parse(sessionId.getValue()) : null;
Scope scope = this.scopeResolver.resolve(subject, requestedScope, client.getOIDCMetadata());
AccessToken accessToken = null;
if (responseType.contains(ResponseType.Value.TOKEN)) {
AccessTokenRequest accessTokenRequest = new AccessTokenRequest(subject, client, scope);
accessToken = this.tokenService.createAccessToken(accessTokenRequest);
}
IdTokenRequest idTokenRequest = new IdTokenRequest(subject, client, scope, authenticationTime, acr, amr,
sessionId, nonce, accessToken, null);
JWT idToken = this.tokenService.createIdToken(idTokenRequest);
return new AuthenticationSuccessResponse(redirectUri, null, idToken, accessToken, state, sessionState,
responseMode);
}
示例13: handleHybridFlow
import com.nimbusds.openid.connect.sdk.Nonce; //导入依赖的package包/类
private AuthenticationSuccessResponse handleHybridFlow(AuthenticationRequest authRequest,
OIDCClientInformation client, HttpServletRequest request, Subject subject) throws GeneralException {
ResponseType responseType = authRequest.getResponseType();
ResponseMode responseMode = authRequest.impliedResponseMode();
ClientID clientId = authRequest.getClientID();
URI redirectUri = authRequest.getRedirectionURI();
Scope requestedScope = authRequest.getScope();
State state = authRequest.getState();
CodeChallenge codeChallenge = authRequest.getCodeChallenge();
CodeChallengeMethod codeChallengeMethod = authRequest.getCodeChallengeMethod();
Nonce nonce = authRequest.getNonce();
Instant authenticationTime = Instant.ofEpochMilli(request.getSession().getCreationTime());
ACR acr = this.acr;
AMR amr = AMR.PWD;
SessionID sessionId = new SessionID(request.getSession().getId());
State sessionState = this.sessionManagementEnabled ? State.parse(sessionId.getValue()) : null;
Scope scope = this.scopeResolver.resolve(subject, requestedScope, client.getOIDCMetadata());
AuthorizationCodeContext context = new AuthorizationCodeContext(subject, clientId, redirectUri, scope,
authenticationTime, acr, amr, sessionId, codeChallenge, codeChallengeMethod, nonce);
AuthorizationCode code = this.authorizationCodeService.create(context);
AccessToken accessToken = null;
if (responseType.contains(ResponseType.Value.TOKEN)) {
AccessTokenRequest accessTokenRequest = new AccessTokenRequest(subject, client, scope);
accessToken = this.tokenService.createAccessToken(accessTokenRequest);
}
JWT idToken = null;
if (responseType.contains(OIDCResponseTypeValue.ID_TOKEN)) {
IdTokenRequest idTokenRequest = new IdTokenRequest(subject, client, scope, authenticationTime, acr, amr,
sessionId, nonce, accessToken, code);
idToken = this.tokenService.createIdToken(idTokenRequest);
}
return new AuthenticationSuccessResponse(redirectUri, code, idToken, accessToken, state, sessionState,
responseMode);
}
示例14: addStateAndNonceParameters
import com.nimbusds.openid.connect.sdk.Nonce; //导入依赖的package包/类
protected void addStateAndNonceParameters(final WebContext context, final Map<String, String> params) {
// Init state for CSRF mitigation
State state = new State();
params.put(OidcConfiguration.STATE, state.getValue());
context.setSessionAttribute(OidcConfiguration.STATE_SESSION_ATTRIBUTE, state);
// Init nonce for replay attack mitigation
if (configuration.isUseNonce()) {
Nonce nonce = new Nonce();
params.put(OidcConfiguration.NONCE, nonce.getValue());
context.setSessionAttribute(OidcConfiguration.NONCE_SESSION_ATTRIBUTE, nonce.getValue());
}
}
示例15: tokenRequestInt
import com.nimbusds.openid.connect.sdk.Nonce; //导入依赖的package包/类
@Nullable
protected OIDCTokenResponse tokenRequestInt(TokenRequest tokenReq, HttpServletResponse resp)
throws GeneralSecurityException, JOSEException, ParseException {
ClientAuthentication auth = tokenReq.getClientAuthentication();
ClientID clientId = auth != null ? auth.getClientID() : tokenReq.getClientID();
AuthorizationGrant grant = tokenReq.getAuthorizationGrant();
CodeHash cHash = null;
if (grant != null && grant.getType() == GrantType.AUTHORIZATION_CODE) {
AuthorizationCodeGrant codeGrant = (AuthorizationCodeGrant) grant;
cHash = CodeHash.compute(codeGrant.getAuthorizationCode(), JWSAlgorithm.RS256);
}
AccessToken at = new BearerAccessToken();
AccessTokenHash atHash = AccessTokenHash.compute(at, JWSAlgorithm.RS256);
// save access token if honest op
if (type == OPType.HONEST) {
stepCtx.put(OPContextConstants.HONEST_ACCESSTOKEN, at);
}
Nonce nonce = (Nonce) stepCtx.get(OPContextConstants.AUTH_REQ_NONCE);
JWT idToken = getIdToken(clientId, nonce, atHash, cHash);
OIDCTokens tokens = new OIDCTokens(idToken, at, null);
OIDCTokenResponse tokenRes = new OIDCTokenResponse(tokens);
return tokenRes;
}