org.gluu.oxauth.cas.auth.client.AuthClient クラス

org.gluu.oxauth.cas.auth.client.AuthClient の継承関係図

org.gluu.oxauth.cas.auth.client.AuthClient 連携図

公開メンバ関数
	AuthClient ()
boolean	isOpenIdDefaultAuthenticator ()
void	init ()
String	getName ()
String	getRedirectionUrl (final WebContext context)
boolean	isAuthorizationResponse (final WebContext context)
boolean	isValidRequestState (final WebContext context)
final OpenIdCredentials	getCredentials (final WebContext context)
UserProfile	getUserProfile (final OpenIdCredentials credential, final WebContext context)
C	getAppConfiguration ()
OpenIdConfigurationResponse	getOpenIdConfiguration ()

限定公開メンバ関数
void	initInternal ()
CommonProfile	retrieveUserProfileFromUserInfoResponse (final WebContext context, final UserInfoResponse userInfoResponse)
String	getFirstClaim (final UserInfoResponse userInfoResponse, final String claimName)

非公開変数類
final Logger	logger = LoggerFactory.getLogger(ClientAction.class)

詳解

This class is the oxAuth client to authenticate users and retrieve user profile

著者

Yuriy Movchan 11/14/2014

構築子と解体子

AuthClient()

org.gluu.oxauth.cas.auth.client.AuthClient.AuthClient ( )

inline

                            {
                super(CasConfiguration.instance());
        }

関数詳解

getAppConfiguration()

C org.gluu.oxauth.client.OpenIdClient< C extends AppConfiguration, L extends LdapAppConfiguration >.getAppConfiguration ( )

inlineinherited

                                       {
                return appConfiguration;
        }

getCredentials()

final OpenIdCredentials org.gluu.oxauth.client.OpenIdClient< C extends AppConfiguration, L extends LdapAppConfiguration >.getCredentials ( final WebContext  context )

inlineinherited

{}

                                                                                {
                final String authorizationCode = context.getRequestParameter(ResponseType.CODE.getValue());

                final OpenIdCredentials clientCredential = new OpenIdCredentials(authorizationCode);
                clientCredential.setClientName(getName());
                logger.debug("Client credential: '{}'", clientCredential);

                return clientCredential;
        }

getFirstClaim()

String org.gluu.oxauth.client.OpenIdClient< C extends AppConfiguration, L extends LdapAppConfiguration >.getFirstClaim ( final UserInfoResponse  userInfoResponse, final String  claimName  )

inlineprotectedinherited

                                                                                                        {
                final List<String> claims = userInfoResponse.getClaim(claimName);

                if ((claims == null) || claims.isEmpty()) {
                        return null;
                }

                return claims.get(0);
        }

getName()

String org.gluu.oxauth.client.OpenIdClient< C extends AppConfiguration, L extends LdapAppConfiguration >.getName ( )

inlineinherited

{}

                                {
                return this.getClass().getSimpleName();
        }

getOpenIdConfiguration()

OpenIdConfigurationResponse org.gluu.oxauth.client.OpenIdClient< C extends AppConfiguration, L extends LdapAppConfiguration >.getOpenIdConfiguration ( )

inlineinherited

                                                                    {
                return openIdConfiguration;
        }

getRedirectionUrl()

String org.gluu.oxauth.client.OpenIdClient< C extends AppConfiguration, L extends LdapAppConfiguration >.getRedirectionUrl ( final WebContext  context )

inlineinherited

{}

                                                                  {
                init();

                final String state = RandomStringUtils.randomAlphanumeric(10);
                final String nonce = RandomStringUtils.randomAlphanumeric(10);

                final AuthorizationRequest authorizationRequest = new AuthorizationRequest(Arrays.asList(ResponseType.CODE), this.clientId, this.appConfiguration.getOpenIdScopes(),
                                this.appConfiguration.getOpenIdRedirectUrl(), null);

                authorizationRequest.setState(state);
                authorizationRequest.setNonce(nonce);

                context.setSessionAttribute(getName() + STATE_PARAMETER, state);
        context.setSessionAttribute(getName() + NONCE_PARAMETER, nonce);

                final String redirectionUrl = this.openIdConfiguration.getAuthorizationEndpoint() + "?" + authorizationRequest.getQueryString();
                logger.debug("oxAuth redirection Url: '{}'", redirectionUrl);

                return redirectionUrl;
        }

getUserProfile()

UserProfile org.gluu.oxauth.client.OpenIdClient< C extends AppConfiguration, L extends LdapAppConfiguration >.getUserProfile ( final OpenIdCredentials  credential, final WebContext  context  )

inlineinherited

{}

                                                                                                        {
                init();

                try {
                        final String accessToken = getAccessToken(credential);
                        final UserInfoResponse userInfoResponse = getUserInfo(accessToken);

                        final UserProfile profile = retrieveUserProfileFromUserInfoResponse(context, userInfoResponse);
                        logger.debug("User profile: '{}'", profile);

                        return profile;
                } catch (final Exception ex) {
                        throw new CommunicationException(ex);
                }
        }

init()

void org.gluu.oxauth.client.OpenIdClient< C extends AppConfiguration, L extends LdapAppConfiguration >.init ( )

inlineinherited

                           {
                super.init();
                initClient();
        }

initInternal()

void org.gluu.oxauth.client.OpenIdClient< C extends AppConfiguration, L extends LdapAppConfiguration >.initInternal ( )

inlineprotectedinherited

                                      {
                this.clientId = appConfiguration.getOpenIdClientId();
                this.clientSecret = appConfiguration.getOpenIdClientPassword();
                
                if (StringHelper.isNotEmpty(this.clientSecret)) {
                        try {
                                StringEncrypter stringEncrypter = StringEncrypter.instance(this.configuration.getCryptoConfigurationSalt());
                                this.clientSecret = stringEncrypter.decrypt(this.clientSecret);
                        } catch (EncryptionException ex) {
                                logger.warn("Assuming that client password is not encrypted!");
                        }
                }

                this.preRegisteredClient = StringHelper.isNotEmpty(this.clientId) && StringHelper.isNotEmpty(this.clientSecret);

                loadOpenIdConfiguration();
        }

isAuthorizationResponse()

boolean org.gluu.oxauth.client.OpenIdClient< C extends AppConfiguration, L extends LdapAppConfiguration >.isAuthorizationResponse ( final WebContext  context )

inlineinherited

{}

                                                                         {
                final String authorizationCode = context.getRequestParameter(ResponseType.CODE.getValue());
                logger.debug("oxAuth authorization code: '{}'", authorizationCode);

                final boolean result = StringHelper.isNotEmpty(authorizationCode);
                logger.debug("Is authorization request: '{}'", result);

                return result;
        }

isOpenIdDefaultAuthenticator()

boolean org.gluu.oxauth.cas.auth.client.AuthClient.isOpenIdDefaultAuthenticator ( )

inline

                                                      {
                return getAppConfiguration().isOpenIdDefaultAuthenticator();
        }

isValidRequestState()

boolean org.gluu.oxauth.client.OpenIdClient< C extends AppConfiguration, L extends LdapAppConfiguration >.isValidRequestState ( final WebContext  context )

inlineinherited

{}

                                                                     {
                final String state = context.getRequestParameter("state");
                logger.debug("oxAuth request state: '{}'", state);

                final Object sessionState = context.getSessionAttribute(getName() + STATE_PARAMETER);
                logger.debug("Session context state: '{}'", sessionState);

                final boolean emptySessionState = StringHelper.isEmptyString(sessionState);
                if (emptySessionState) {
                        return false;
                }

                final boolean result = StringHelper.equals(state, (String) sessionState);
                logger.debug("Is valid state: '{}'", result);

                return result;
        }

retrieveUserProfileFromUserInfoResponse()

CommonProfile org.gluu.oxauth.client.OpenIdClient< C extends AppConfiguration, L extends LdapAppConfiguration >.retrieveUserProfileFromUserInfoResponse ( final WebContext  context, final UserInfoResponse  userInfoResponse  )

inlineprotectedinherited

                                                                                                                                           {
                final CommonProfile profile = new CommonProfile();

                String nonceResponse = getFirstClaim(userInfoResponse, JwtClaimName.NONCE);
        final String nonceSession = (String) context.getSessionAttribute(getName() + NONCE_PARAMETER);
        logger.debug("Session nonce: '{}'", nonceSession);
        if (!StringHelper.equals(nonceSession, nonceResponse)) {
            logger.error("User info response:  nonce is not matching.");
            throw new CommunicationException("Nonce is not match");
        }

                String id = getFirstClaim(userInfoResponse, JwtClaimName.USER_NAME);
                if (StringHelper.isEmpty(id)) {
                        id = getFirstClaim(userInfoResponse, JwtClaimName.SUBJECT_IDENTIFIER);
                }
                profile.setId(id);

                List<ClaimToAttributeMapping> claimMappings = this.appConfiguration.getOpenIdClaimMapping();
                if ((claimMappings == null) || (claimMappings.size() == 0)) {
                        logger.info("Using default claims to attributes mapping");
                        profile.setUserName(id);
                        profile.setEmail(getFirstClaim(userInfoResponse, JwtClaimName.EMAIL));
        
                        profile.setDisplayName(getFirstClaim(userInfoResponse, JwtClaimName.NAME));
                        profile.setFirstName(getFirstClaim(userInfoResponse, JwtClaimName.GIVEN_NAME));
                        profile.setFamilyName(getFirstClaim(userInfoResponse, JwtClaimName.FAMILY_NAME));
                        profile.setZone(getFirstClaim(userInfoResponse, JwtClaimName.ZONEINFO));
                        profile.setLocale(getFirstClaim(userInfoResponse, JwtClaimName.LOCALE));
                } else {
                        for (ClaimToAttributeMapping mapping : claimMappings) {
                                String attribute = mapping.getAttribute();
                                String value = getFirstClaim(userInfoResponse, mapping.getClaim());
                                profile.addAttribute(attribute, value);
                                logger.trace("Adding attribute '{}' with value '{}'", attribute, value);
                        }
                }

                return profile;
        }

メンバ詳解

logger

final Logger org.gluu.oxauth.cas.auth.client.AuthClient.logger = LoggerFactory.getLogger(ClientAction.class)

private

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/OpenId/gluu/src/oxTrust/cas-openid-auth-client/src/main/java/org/gluu/oxauth/cas/auth/client/AuthClient.java