org.xdi.oxauth.uma.service.UmaNeedsInfoService クラス

org.xdi.oxauth.uma.service.UmaNeedsInfoService 連携図

公開メンバ関数
Map< UmaScriptByScope, UmaAuthorizationContext >	checkNeedsInfo (Claims claims, Map< UmaScopeDescription, Boolean > requestedScopes, List< UmaPermission > permissions, UmaPCT pct, HttpServletRequest httpRequest, Client client)

静的公開メンバ関数
static Set< String >	getScriptDNs (List< UmaScopeDescription > scopes)

非公開メンバ関数
String	constructGatheringScriptNameValue (String existingValue, String claimsGatheringScriptName)
String	buildClaimsGatheringRedirectUri (Collection< UmaAuthorizationContext > contexts, Client client, String newTicket)

非公開変数類
Logger	log
AppConfiguration	appConfiguration
UmaPermissionService	permissionService
AttributeService	attributeService
UmaResourceService	resourceService
ExternalUmaRptPolicyService	policyService
UmaSessionService	sessionService
UserService	userService

詳解

著者

yuriyz on 06/16/2017.

関数詳解

buildClaimsGatheringRedirectUri()

String org.xdi.oxauth.uma.service.UmaNeedsInfoService.buildClaimsGatheringRedirectUri ( Collection< UmaAuthorizationContext >  contexts, Client  client, String  newTicket  )

inlineprivate

                                                                                                                                  {
        String queryParameters = "";

        for (UmaAuthorizationContext context : contexts) {
            queryParameters += context.getRedirectUserParameters().buildQueryString() + "&";
        }
        queryParameters = StringUtils.removeEnd(queryParameters, "&");

        String result = appConfiguration.getBaseEndpoint() + "/uma/gather_claims";
        if (StringUtils.isNotBlank(queryParameters)) {
            result += "?" + queryParameters;
        }
        result += "&client_id=" + client.getClientId() + "&ticket=" + newTicket;
        return result;
    }

checkNeedsInfo()

Map<UmaScriptByScope, UmaAuthorizationContext> org.xdi.oxauth.uma.service.UmaNeedsInfoService.checkNeedsInfo ( Claims  claims, Map< UmaScopeDescription, Boolean >  requestedScopes, List< UmaPermission >  permissions, UmaPCT  pct, HttpServletRequest  httpRequest, Client  client  )

inline

                                                                                                 {

        Map<UmaScriptByScope, UmaAuthorizationContext> scriptMap = new HashMap<UmaScriptByScope, UmaAuthorizationContext>();
        Map<String, String> ticketAttributes = new HashMap<String, String>();

        List<ClaimDefinition> missedClaims = new ArrayList<ClaimDefinition>();

        UmaAuthorizationContextBuilder contextBuilder = new UmaAuthorizationContextBuilder(appConfiguration,
                attributeService, resourceService, permissions, requestedScopes, claims, httpRequest,
                sessionService, userService, permissionService, client);


        for (UmaScopeDescription scope : requestedScopes.keySet()) {
            List<String> authorizationPolicies = scope.getAuthorizationPolicies();
            if (authorizationPolicies != null && !authorizationPolicies.isEmpty()) {
                for (String scriptDN : authorizationPolicies) { //log.trace("Loading UMA script: " + scriptDN + ", scope: " + scope + " ...");
                    CustomScriptConfiguration script = policyService.getScriptByDn(scriptDN);
                    if (script != null) {
                        UmaAuthorizationContext context = contextBuilder.build(script);
                        scriptMap.put(new UmaScriptByScope(scope, script), context);

                        List<ClaimDefinition> requiredClaims = policyService.getRequiredClaims(script, context);
                        if (requiredClaims != null && !requiredClaims.isEmpty()) {
                            for (ClaimDefinition definition : requiredClaims) {
                                if (!claims.has(definition.getName())) {
                                    missedClaims.add(definition);
                                }
                            }
                        }

                        String claimsGatheringScriptName = policyService.getClaimsGatheringScriptName(script, context);
                        if (StringUtils.isNotBlank(claimsGatheringScriptName)) {
                            ticketAttributes.put(UmaConstants.GATHERING_ID, constructGatheringScriptNameValue(ticketAttributes.get(UmaConstants.GATHERING_ID), claimsGatheringScriptName));
                        } else {
                            if (!UmaConstants.NO_SCRIPT.equalsIgnoreCase(claimsGatheringScriptName)) {
                                log.error("External 'getClaimsGatheringScriptName' script method return null or blank value, script: " + script.getName());
                            }
                        }
                    } else {
                        log.error("Unable to load UMA script dn: '{}'", scriptDN);
                    }
                }
            } else {
                log.trace("No policies defined for scope: " + scope.getId() + ", scopeDn: " + scope.getDn());
            }
        }

        if (!missedClaims.isEmpty()) {
            ticketAttributes.put(UmaPermission.PCT, pct.getCode());
            String newTicket = permissionService.changeTicket(permissions, ticketAttributes);

            UmaNeedInfoResponse needInfoResponse = new UmaNeedInfoResponse();
            needInfoResponse.setTicket(newTicket);
            needInfoResponse.setError("need_info");
            needInfoResponse.setRedirectUser(buildClaimsGatheringRedirectUri(scriptMap.values(), client, newTicket));
            needInfoResponse.setRequiredClaims(missedClaims);

            throw new WebApplicationException(Response.status(Response.Status.FORBIDDEN).entity(ServerUtil.asJsonSilently(needInfoResponse)).build());
        }

        return scriptMap;
    }

constructGatheringScriptNameValue()

String org.xdi.oxauth.uma.service.UmaNeedsInfoService.constructGatheringScriptNameValue ( String  existingValue, String  claimsGatheringScriptName  )

inlineprivate

                                                                                                             {
        if (StringUtils.isBlank(existingValue)) {
            return claimsGatheringScriptName;
        }
        return existingValue + " " + claimsGatheringScriptName;
    }

getScriptDNs()

static Set<String> org.xdi.oxauth.uma.service.UmaNeedsInfoService.getScriptDNs ( List< UmaScopeDescription >  scopes )

inlinestatic

                                                                             {
        HashSet<String> result = new HashSet<String>();

        for (UmaScopeDescription scope : scopes) {
            List<String> authorizationPolicies = scope.getAuthorizationPolicies();
            if (authorizationPolicies != null) {
                result.addAll(authorizationPolicies);
            }
        }

        return result;
    }

メンバ詳解

appConfiguration

AppConfiguration org.xdi.oxauth.uma.service.UmaNeedsInfoService.appConfiguration

private

attributeService

AttributeService org.xdi.oxauth.uma.service.UmaNeedsInfoService.attributeService

private

log

Logger org.xdi.oxauth.uma.service.UmaNeedsInfoService.log

private

permissionService

UmaPermissionService org.xdi.oxauth.uma.service.UmaNeedsInfoService.permissionService

private

policyService

ExternalUmaRptPolicyService org.xdi.oxauth.uma.service.UmaNeedsInfoService.policyService

private

resourceService

UmaResourceService org.xdi.oxauth.uma.service.UmaNeedsInfoService.resourceService

private

sessionService

UmaSessionService org.xdi.oxauth.uma.service.UmaNeedsInfoService.sessionService

private

userService

UserService org.xdi.oxauth.uma.service.UmaNeedsInfoService.userService

private

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/OpenId/gluu/src/oxAuth/Server/src/main/java/org/xdi/oxauth/uma/service/UmaNeedsInfoService.java