org.xdi.oxauth.client.AuthorizeClient クラス

org.xdi.oxauth.client.AuthorizeClient の継承関係図

org.xdi.oxauth.client.AuthorizeClient 連携図

公開メンバ関数
	AuthorizeClient (String url)
String	getHttpMethod ()
AuthorizationResponse	execAuthorizationCodeGrant (String clientId, List< String > scopes, String redirectUri, String nonce, String state, String req, String reqUri, Display display, List< Prompt > prompt)
AuthorizationResponse	execImplicitGrant (String clientId, List< String > scopes, String redirectUri, String nonce, String state, String req, String reqUri, Display display, List< Prompt > prompt)
AuthorizationResponse	exec ()
AuthorizationResponse	exec (ClientExecutor clientExecutor)
String	getUrl ()
void	setUrl (String url)
T	getRequest ()
void	setRequest (T request)
V	getResponse ()
void	setResponse (V response)
ClientExecutor	getExecutor ()
void	setExecutor (ClientExecutor executor)
String	getRequestAsString ()
String	getResponseAsString ()
void	closeConnection ()
List< Cookie >	getCookies ()
Map< String, String >	getHeaders ()

静的公開メンバ関数
static void	putAllFormParameters (ClientRequest p_clientRequest, BaseRequest p_request)

限定公開メンバ関数
void	addReqParam (String p_key, HasParamName p_value)
void	addReqParam (String p_key, String p_value)
void	initClientRequest ()

限定公開変数類
T	request
V	response
ClientRequest	clientRequest
ClientResponse< String >	clientResponse
ClientExecutor	executor

静的変数
static String	NO_REDIRECT_HEADER = "X-Gluu-NoRedirect"

非公開メンバ関数
AuthorizationResponse	exec_ () throws Exception

静的非公開変数類
static final Logger	LOG = Logger.getLogger(AuthorizeClient.class)

詳解

Encapsulates functionality to make authorization request calls to an authorization server via REST Services.

著者

Javier Rojas Blum

バージョン

August 9, 2017

構築子と解体子

AuthorizeClient()

org.xdi.oxauth.client.AuthorizeClient.AuthorizeClient ( String  url )

inline

Constructs an authorize client by providing a REST url where the authorize service is located.

引数

url	The REST Service location.

                                       {
        super(url);
    }

関数詳解

addReqParam() [1/2]

void org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.addReqParam ( String  p_key, HasParamName  p_value  )

inlineprotectedinherited

                                                                   {
        if (p_value != null) {
            addReqParam(p_key, p_value.getParamName());
        }
    }

addReqParam() [2/2]

void org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.addReqParam ( String  p_key, String  p_value  )

inlineprotectedinherited

                                                             {
        if (Util.allNotBlank(p_key, p_value)) {
            if (request.getAuthorizationMethod() == AuthorizationMethod.FORM_ENCODED_BODY_PARAMETER) {
                clientRequest.formParameter(p_key, p_value);
            } else {
                clientRequest.queryParameter(p_key, p_value);
            }
        }
    }

closeConnection()

void org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.closeConnection ( )

inlineinherited

                                  {
        try {
            if (clientResponse != null) {
                clientResponse.releaseConnection();
            }
            if (clientRequest != null && clientRequest.getExecutor() != null) {
                clientRequest.getExecutor().close();
            }
        } catch (Exception e) {
            LOG.error(e.getMessage(), e);
        }
    }

exec() [1/2]

AuthorizationResponse org.xdi.oxauth.client.AuthorizeClient.exec ( )

inline

Executes the call to the REST Service and processes the response.

戻り値

The authorization response.

                                        {
        AuthorizationResponse response = null;

        try {
            initClientRequest();
            response = exec_();
        } catch (Exception e) {
            LOG.error(e.getMessage(), e);
        } finally {
            closeConnection();
        }

        return response;
    }

exec() [2/2]

AuthorizationResponse org.xdi.oxauth.client.AuthorizeClient.exec ( ClientExecutor  clientExecutor )

inline

                                                                     {
        AuthorizationResponse response = null;

        try {
            clientRequest = new ClientRequest(getUrl(), clientExecutor);
            response = exec_();
        } catch (Exception e) {
            LOG.error(e.getMessage(), e);
        }
        // Do not close the connection for this case.

        return response;
    }

exec_()

AuthorizationResponse org.xdi.oxauth.client.AuthorizeClient.exec_ ( ) throws Exception

inlineprivate

                                                           {
        // Prepare request parameters
        clientRequest.header("Content-Type", MediaType.APPLICATION_FORM_URLENCODED);
        clientRequest.setHttpMethod(getHttpMethod());

        if (getRequest().isUseNoRedirectHeader()) {
            clientRequest.header(NO_REDIRECT_HEADER, "true");
        }

        final String responseTypesAsString = getRequest().getResponseTypesAsString();
        final String scopesAsString = getRequest().getScopesAsString();
        final String promptsAsString = getRequest().getPromptsAsString();
        final String uiLocalesAsString = getRequest().getUiLocalesAsString();
        final String claimLocalesAsString = getRequest().getClaimsLocalesAsString();
        final String acrValuesAsString = getRequest().getAcrValuesAsString();
        final String claimsAsString = getRequest().getClaimsAsString();

        addReqParam(AuthorizeRequestParam.RESPONSE_TYPE, responseTypesAsString);
        addReqParam(AuthorizeRequestParam.CLIENT_ID, getRequest().getClientId());
        addReqParam(AuthorizeRequestParam.SCOPE, scopesAsString);
        addReqParam(AuthorizeRequestParam.REDIRECT_URI, getRequest().getRedirectUri());
        addReqParam(AuthorizeRequestParam.STATE, getRequest().getState());

        addReqParam(AuthorizeRequestParam.NONCE, getRequest().getNonce());
        addReqParam(AuthorizeRequestParam.DISPLAY, getRequest().getDisplay());
        addReqParam(AuthorizeRequestParam.PROMPT, promptsAsString);
        if (getRequest().getMaxAge() != null) {
            addReqParam(AuthorizeRequestParam.MAX_AGE, getRequest().getMaxAge().toString());
        }
        addReqParam(AuthorizeRequestParam.UI_LOCALES, uiLocalesAsString);
        addReqParam(AuthorizeRequestParam.CLAIMS_LOCALES, claimLocalesAsString);
        addReqParam(AuthorizeRequestParam.ID_TOKEN_HINT, getRequest().getIdTokenHint());
        addReqParam(AuthorizeRequestParam.LOGIN_HINT, getRequest().getLoginHint());
        addReqParam(AuthorizeRequestParam.ACR_VALUES, acrValuesAsString);
        addReqParam(AuthorizeRequestParam.CLAIMS, claimsAsString);
        addReqParam(AuthorizeRequestParam.REGISTRATION, getRequest().getRegistration());
        addReqParam(AuthorizeRequestParam.REQUEST, getRequest().getRequest());
        addReqParam(AuthorizeRequestParam.REQUEST_URI, getRequest().getRequestUri());
        addReqParam(AuthorizeRequestParam.ACCESS_TOKEN, getRequest().getAccessToken());
        addReqParam(AuthorizeRequestParam.CUSTOM_RESPONSE_HEADERS, getRequest().getCustomResponseHeadersAsString());

        // PKCE
        addReqParam(AuthorizeRequestParam.CODE_CHALLENGE, getRequest().getCodeChallenge());
        addReqParam(AuthorizeRequestParam.CODE_CHALLENGE_METHOD, getRequest().getCodeChallengeMethod());

        if (getRequest().isRequestSessionId()) {
            addReqParam(AuthorizeRequestParam.REQUEST_SESSION_ID, Boolean.toString(getRequest().isRequestSessionId()));
        }
        addReqParam(AuthorizeRequestParam.SESSION_ID, getRequest().getSessionId());

        // Custom params
        for (String key : request.getCustomParameters().keySet()) {
            addReqParam(key, request.getCustomParameters().get(key));
        }

        if (request.getAuthorizationMethod() != AuthorizationMethod.FORM_ENCODED_BODY_PARAMETER && request.hasCredentials()) {
            clientRequest.header("Authorization", "Basic " + request.getEncodedCredentials());
        }

        // Call REST Service and handle response
        if (request.getAuthorizationMethod() == AuthorizationMethod.FORM_ENCODED_BODY_PARAMETER) {
            clientResponse = clientRequest.post(String.class);
        } else {
            clientResponse = clientRequest.get(String.class);
        }

        setResponse(new AuthorizationResponse(clientResponse));

        return getResponse();
    }

execAuthorizationCodeGrant()

AuthorizationResponse org.xdi.oxauth.client.AuthorizeClient.execAuthorizationCodeGrant ( String  clientId, List< String >  scopes, String  redirectUri, String  nonce, String  state, String  req, String  reqUri, Display  display, List< Prompt >  prompt  )

inline

The authorization code grant type is used to obtain both access tokens and refresh tokens and is optimized for confidential clients. As a redirection-based flow, the client must be capable of interacting with the resource owner's user-agent (typically a web browser) and capable of receiving incoming requests (via redirection) from the authorization server.

引数

clientId	The client identifier. This parameter is required.
scopes	The scope of the access request. This parameter is optional.
redirectUri	The redirection URI. This parameter is optional.
nonce	A string value used to associate a user agent session with an ID Token, and to mitigate replay attacks. forgery. This parameter is recommended.
state	An opaque value used by the client to maintain state between the request and callback. The authorization server includes this value when redirecting the user-agent back to the client. The parameter should be used for preventing cross-site request forgery.
req	A JWT encoded OpenID Request Object.
reqUri	An URL that points to an OpenID Request Object.
display	An ASCII string value that specifies how the Authorization Server displays the authentication page to the End-User.
prompt	A space delimited list of ASCII strings that can contain the values login, consent, select_account, and none.

戻り値

The authorization response.

                                                                                           {
        List<ResponseType> responseTypes = new ArrayList<ResponseType>();
        responseTypes.add(ResponseType.CODE);
        setRequest(new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce));
        getRequest().setRedirectUri(redirectUri);
        getRequest().setState(state);
        getRequest().setRequest(req);
        getRequest().setRedirectUri(reqUri);
        getRequest().setDisplay(display);
        getRequest().getPrompts().addAll(prompt);

        return exec();
    }

execImplicitGrant()

AuthorizationResponse org.xdi.oxauth.client.AuthorizeClient.execImplicitGrant ( String  clientId, List< String >  scopes, String  redirectUri, String  nonce, String  state, String  req, String  reqUri, Display  display, List< Prompt >  prompt  )

inline

The implicit grant type is used to obtain access tokens (it does not support the issuance of refresh tokens) and is optimized for public clients known to operate a particular redirection URI. These clients are typically implemented in a browser using a scripting language such as JavaScript.

As a redirection-based flow, the client must be capable of interacting with the resource owner's user-agent (typically a web browser) and capable of receiving incoming requests (via redirection) from the authorization server.

Unlike the authorization code grant type in which the client makes separate requests for authorization and access token, the client receives the access token as the result of the authorization request.

The implicit grant type does not include client authentication, and relies on the presence of the resource owner and the registration of the redirection URI. Because the access token is encoded into the redirection URI, it may be exposed to the resource owner and other applications residing on its device.

引数

clientId	The client identifier. This parameter is required.
scopes	The scope of the access request. This parameter is optional.
redirectUri	The redirection URI. This parameter is optional.
nonce	A string value used to associate a user agent session with an ID Token, and to mitigate replay attacks. forgery. This parameter is recommended.
state	An opaque value used by the client to maintain state between the request and callback. The authorization server includes this value when redirecting the user-agent back to the client. The parameter should be used for preventing cross-site request forgery.
req	A JWT encoded OpenID Request Object.
reqUri	An URL that points to an OpenID Request Object.
display	An ASCII string value that specifies how the Authorization Server displays the authentication page to the End-User.
prompt	A space delimited list of ASCII strings that can contain the values login, consent, select_account, and none.

戻り値

The authorization response.

                                                                                           {
        List<ResponseType> responseTypes = new ArrayList<ResponseType>();
        responseTypes.add(ResponseType.TOKEN);
        setRequest(new AuthorizationRequest(responseTypes, clientId, scopes, redirectUri, nonce));
        getRequest().setRedirectUri(redirectUri);
        getRequest().setState(state);
        getRequest().setRequest(req);
        getRequest().setRedirectUri(reqUri);
        getRequest().setDisplay(display);
        getRequest().getPrompts().addAll(prompt);

        return exec();
    }

getCookies()

List<Cookie> org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.getCookies ( )

inlineinherited

                                     {
        return cookies;
    }

getExecutor()

ClientExecutor org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.getExecutor ( )

inlineinherited

                                        {
        return executor;
    }

getHeaders()

Map<String, String> org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.getHeaders ( )

inlineinherited

                                            {
        return headers;
    }

getHttpMethod()

String org.xdi.oxauth.client.AuthorizeClient.getHttpMethod ( )

inline

                                  {
        if (request.getAuthorizationMethod() == null
                || request.getAuthorizationMethod() == AuthorizationMethod.AUTHORIZATION_REQUEST_HEADER_FIELD
                || request.getAuthorizationMethod() == AuthorizationMethod.FORM_ENCODED_BODY_PARAMETER) {
            return HttpMethod.POST;
        } else { // AuthorizationMethod.URL_QUERY_PARAMETER
            return HttpMethod.GET;
        }
    }

getRequest()

T org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.getRequest ( )

inlineinherited

                          {
        return request;
    }

getRequestAsString()

String org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.getRequestAsString ( )

inlineinherited

                                       {
        StringBuilder sb = new StringBuilder();

        try {
            URL theUrl = new URL(url);

            if (getHttpMethod().equals(HttpMethod.POST)) {
                sb.append(HttpMethod.POST).append(" ").append(theUrl.getPath()).append(" HTTP/1.1");
                if (StringUtils.isNotBlank(request.getContentType())) {
                    sb.append("\n");
                    sb.append("Content-Type: ").append(request.getContentType());
                }
                if (StringUtils.isNotBlank(request.getMediaType())) {
                    sb.append("\n");
                    sb.append("Accept: ").append(request.getMediaType());
                }
                sb.append("\n");
                sb.append("Host: ").append(theUrl.getHost());

                if (request instanceof AuthorizationRequest) {
                    AuthorizationRequest authorizationRequest = (AuthorizationRequest) request;
                    if (authorizationRequest.isUseNoRedirectHeader()) {
                        sb.append("\n");
                        sb.append("X-Gluu-NoRedirect: true");
                    }
                }
                if (request.getAuthorizationMethod() == null) {
                    if (request.getAuthenticationMethod() == null
                            || request.getAuthenticationMethod() == AuthenticationMethod.CLIENT_SECRET_BASIC) {
                        if (request.hasCredentials()) {
                            String encodedCredentials = request.getEncodedCredentials();
                            sb.append("\n");
                            sb.append("Authorization: Basic ").append(encodedCredentials);
                        }
                    }
                } else if (request.getAuthorizationMethod() == AuthorizationMethod.AUTHORIZATION_REQUEST_HEADER_FIELD) {
                    if (request instanceof UserInfoRequest) {
                        String accessToken = ((UserInfoRequest) request).getAccessToken();
                        sb.append("\n");
                        sb.append("Authorization: Bearer ").append(accessToken);
                    }
                }

                sb.append("\n");
                sb.append("\n");
                sb.append(request.getQueryString());
            } else if (getHttpMethod().equals(HttpMethod.GET)) {
                sb.append("GET ").append(theUrl.getPath());
                if (StringUtils.isNotBlank(request.getQueryString())) {
                    sb.append("?").append(request.getQueryString());
                }
                sb.append(" HTTP/1.1");
                sb.append("\n");
                sb.append("Host: ").append(theUrl.getHost());

                if (request instanceof AuthorizationRequest) {
                    AuthorizationRequest authorizationRequest = (AuthorizationRequest) request;
                    if (authorizationRequest.isUseNoRedirectHeader()) {
                        sb.append("\n");
                        sb.append("X-Gluu-NoRedirect: true");
                    }
                }
                if (request.getAuthorizationMethod() == null) {
                    if (request.hasCredentials()) {
                        String encodedCredentials = request.getEncodedCredentials();
                        sb.append("\n");
                        sb.append("Authorization: Basic ").append(encodedCredentials);
                    } else if (request instanceof RegisterRequest) {
                        RegisterRequest r = (RegisterRequest) request;
                        String registrationAccessToken = r.getRegistrationAccessToken();
                        sb.append("\n");
                        sb.append("Authorization: Bearer ").append(registrationAccessToken);
                    }
                } else if (request.getAuthorizationMethod() == AuthorizationMethod.AUTHORIZATION_REQUEST_HEADER_FIELD) {
                    if (request instanceof UserInfoRequest) {
                        String accessToken = ((UserInfoRequest) request).getAccessToken();
                        sb.append("\n");
                        sb.append("Authorization: Bearer ").append(accessToken);
                    }
                }
            }
        } catch (MalformedURLException e) {
            LOG.error(e.getMessage(), e);
        }

        return sb.toString();
    }

getResponse()

V org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.getResponse ( )

inlineinherited

                           {
        return response;
    }

getResponseAsString()

String org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.getResponseAsString ( )

inlineinherited

                                        {
        StringBuilder sb = new StringBuilder();

        if (response != null) {
            sb.append("HTTP/1.1 ").append(response.getStatus());
            if (response.getHeaders() != null) {
                for (String key : response.getHeaders().keySet()) {
                    sb.append("\n")
                            .append(key)
                            .append(": ")
                            .append(response.getHeaders().get(key).get(0));
                }
            }
            if (response.getEntity() != null) {
                sb.append("\n");
                sb.append("\n");
                sb.append(response.getEntity());
            }
        }
        return sb.toString();
    }

getUrl()

String org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.getUrl ( )

inlineinherited

                           {
        return url;
    }

initClientRequest()

void org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.initClientRequest ( )

inlineprotectedinherited

                                       {
        if (this.executor == null) {
            this.clientRequest = new ClientRequest(getUrl());
        } else {
            this.clientRequest = new ClientRequest(getUrl(), this.executor);
        }
        for (Cookie cookie : cookies) {
            clientRequest.cookie(cookie);
        }
        for (Map.Entry<String, String> headerEntry : headers.entrySet()) {
            clientRequest.header(headerEntry.getKey(), headerEntry.getValue());
        }
    }

putAllFormParameters()

static void org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.putAllFormParameters ( ClientRequest  p_clientRequest, BaseRequest  p_request  )

inlinestaticinherited

                                                                                                  {
        if (p_clientRequest != null && p_request != null) {
            final Map<String, String> parameters = p_request.getParameters();
            if (parameters != null && !parameters.isEmpty()) {
                for (Map.Entry<String, String> e : parameters.entrySet()) {
                    p_clientRequest.formParameter(e.getKey(), e.getValue());
                }
            }
        }
    }

setExecutor()

void org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.setExecutor ( ClientExecutor  executor )

inlineinherited

                                                     {
        this.executor = executor;
    }

setRequest()

void org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.setRequest ( T  request )

inlineinherited

                                      {
        this.request = request;
    }

setResponse()

void org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.setResponse ( V  response )

inlineinherited

                                        {
        this.response = response;
    }

setUrl()

void org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.setUrl ( String  url )

inlineinherited

                                   {
        this.url = url;
    }

メンバ詳解

clientRequest

ClientRequest org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.clientRequest

protectedinherited

clientResponse

ClientResponse<String> org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.clientResponse

protectedinherited

executor

ClientExecutor org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.executor

protectedinherited

LOG

final Logger org.xdi.oxauth.client.AuthorizeClient.LOG = Logger.getLogger(AuthorizeClient.class)

staticprivate

NO_REDIRECT_HEADER

String org.xdi.oxauth.client.AuthorizeClient.NO_REDIRECT_HEADER = "X-Gluu-NoRedirect"

staticpackage

request

T org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.request

protectedinherited

response

V org.xdi.oxauth.client.BaseClient< T extends BaseRequest, V extends BaseResponse >.response

protectedinherited

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/OpenId/gluu/src/oxAuth/Client/src/main/java/org/xdi/oxauth/client/AuthorizeClient.java