org.xdi.oxd.server.service.IntrospectionService 連携図

公開メンバ関数
	IntrospectionService (HttpService httpService, UmaTokenService umaTokenService, DiscoveryService discoveryService)

IntrospectionResponse	introspectToken (String oxdId, String accessToken)

CorrectRptIntrospectionResponse	introspectRpt (String oxdId, String rpt)

静的公開メンバ関数
static Integer	dateToSeconds (Date date)

非公開メンバ関数
IntrospectionResponse	introspectToken (String oxdId, String accessToken, boolean retry)

CorrectRptIntrospectionResponse	introspectRpt (String oxdId, String rpt, boolean retry)

非公開変数類
HttpService	httpService

UmaTokenService	umaTokenService

DiscoveryService	discoveryService

静的非公開変数類
static final Logger	LOG = LoggerFactory.getLogger(IntrospectionService.class)

詳解

著者: yuriyz

構築子と解体子

◆ IntrospectionService()

org.xdi.oxd.server.service.IntrospectionService.IntrospectionService	(	HttpService	httpService,
		UmaTokenService	umaTokenService,
		DiscoveryService	discoveryService
	)

inline

                                                                                                                              {
         this.httpService = httpService;
         this.umaTokenService = umaTokenService;
         this.discoveryService = discoveryService;
     }

関数詳解

◆ dateToSeconds()

static Integer org.xdi.oxd.server.service.IntrospectionService.dateToSeconds ( Date date )

inlinestatic

                                                    {
         return date != null ? (int) (date.getTime() / 1000) : null;
     }

◆ introspectRpt() [1/2]

CorrectRptIntrospectionResponse org.xdi.oxd.server.service.IntrospectionService.introspectRpt	(	String	oxdId,
		String	rpt
	)

inline

                                                                                    {
         return introspectRpt(oxdId, rpt, true);
     }

◆ introspectRpt() [2/2]

CorrectRptIntrospectionResponse org.xdi.oxd.server.service.IntrospectionService.introspectRpt	(	String	oxdId,
		String	rpt,
		boolean	retry
	)

inlineprivate

                                                                                                    {
         final UmaMetadata metadata = discoveryService.getUmaDiscoveryByOxdId(oxdId);
 
         try {
             final CorrectRptIntrospectionService introspectionService = ClientFactory.instance().createCorrectRptStatusService(metadata, httpService.getClientExecutor());
             return introspectionService.requestRptStatus("Bearer " + umaTokenService.getPat(oxdId).getToken(), rpt, "");
         } catch (ClientResponseFailure e) {
             int httpStatus = e.getResponse().getStatus();
             if (retry && (httpStatus == 401 || httpStatus == 400 || httpStatus == 403)) {
                 umaTokenService.obtainPat(oxdId).getToken();
                 return introspectRpt(oxdId, rpt, false);
             } else {
                 throw e;
             }
         } catch (Throwable e) {
             LOG.trace("Exception during rpt introspection, message: " + e.getMessage());
             if (e instanceof ReaderException) { // dummy construction but checked JsonParseException is thrown inside jackson provider, so we don't have choice
                 // trying to handle compatiblity issue.
                 LOG.trace("Trying to handle compatibility issue ...");
                 BadRptIntrospectionService badService = ClientFactory.instance().createBadRptStatusService(metadata, httpService.getClientExecutor());
                 BadRptIntrospectionResponse badResponse = badService.requestRptStatus("Bearer " + umaTokenService.getPat(oxdId).getToken(), rpt, "");
 
                 LOG.trace("Handled compatibility issue. Response: " + badResponse);
 
                 final List<CorrectUmaPermission> permissions = new ArrayList<>();
 
                 CorrectRptIntrospectionResponse response = new CorrectRptIntrospectionResponse();
                 response.setActive(badResponse.getActive());
                 response.setClientId(badResponse.getClientId());
                 response.setJti(badResponse.getJti());
                 response.setExpiresAt(dateToSeconds(badResponse.getExpiresAt()));
                 response.setIssuedAt(dateToSeconds(badResponse.getIssuedAt()));
                 response.setNbf(dateToSeconds(badResponse.getNbf()));
                 response.setPermissions(permissions);
 
                 if (badResponse.getPermissions() != null) {
                     for (BadUmaPermission badPermission : badResponse.getPermissions()) {
                         CorrectUmaPermission p = new CorrectUmaPermission();
                         p.setExpiresAt(dateToSeconds(badPermission.getExpiresAt()));
                         p.setResourceId(badPermission.getResourceId());
                         p.setScopes(badPermission.getScopes());
 
                         permissions.add(p);
                     }
                 }
 
                 return response;
             }
             throw e;
         }
     }

◆ introspectToken() [1/2]

IntrospectionResponse org.xdi.oxd.server.service.IntrospectionService.introspectToken	(	String	oxdId,
		String	accessToken
	)

inline

                                                                                    {
         return introspectToken(oxdId, accessToken, true);
     }

◆ introspectToken() [2/2]

IntrospectionResponse org.xdi.oxd.server.service.IntrospectionService.introspectToken	(	String	oxdId,
		String	accessToken,
		boolean	retry
	)

inlineprivate

                                                                                                    {
         final String introspectionEndpoint = discoveryService.getConnectDiscoveryResponseByOxdId(oxdId).getIntrospectionEndpoint();
         final org.xdi.oxauth.client.service.IntrospectionService introspectionService = ProxyFactory.create(org.xdi.oxauth.client.service.IntrospectionService.class, introspectionEndpoint, httpService.getClientExecutor());
 
         try {
             IntrospectionResponse response = introspectionService.introspectToken("Bearer " + umaTokenService.getPat(oxdId).getToken(), accessToken);
             return response; // we need local variable to force convertion here
         } catch (ClientResponseFailure e) {
             int status = e.getResponse().getStatus();
             LOG.debug("Failed to introspect token. Entity: " + e.getResponse().getEntity(String.class) + ", status: " + status, e);
             if (retry && (status == 400 || status == 401)) {
                 LOG.debug("Try maybe PAT is lost on AS, force refresh PAT and re-try ...");
                 umaTokenService.obtainPat(oxdId); // force to refresh PAT
                 return introspectToken(oxdId, accessToken, false);
             } else {
                 throw e;
             }
         } catch (Throwable e) {
             LOG.trace("Exception during access token introspection.", e);
             if (e instanceof ReaderException) { // dummy construction but checked JsonParseException is thrown inside jackson provider, so we don't have choice
                 // trying to handle compatiblity issue.
                 LOG.trace("Trying to handle compatibility issue ...");
                 BackCompatibleIntrospectionService backCompatibleIntrospectionService = ClientFactory.instance().createBackCompatibleIntrospectionService(introspectionEndpoint, httpService.getClientExecutor());
                 BackCompatibleIntrospectionResponse backResponse = backCompatibleIntrospectionService.introspectToken("Bearer " + umaTokenService.getPat(oxdId).getToken(), accessToken);
                 LOG.trace("Handled compatibility issue. Response: " + backResponse);
 
                 IntrospectionResponse response = new IntrospectionResponse();
                 response.setSub(backResponse.getSubject());
                 response.setAudience(backResponse.getAudience());
                 response.setTokenType(backResponse.getTokenType());
                 response.setActive(backResponse.isActive());
                 response.setScopes(backResponse.getScopes());
                 response.setIssuer(backResponse.getIssuer());
                 response.setUsername(backResponse.getUsername());
                 response.setClientId(backResponse.getClientId());
                 response.setJti(backResponse.getJti());
                 response.setAcrValues(backResponse.getAcrValues());
                 response.setExpiresAt(dateToSeconds(backResponse.getExpiresAt()));
                 response.setIssuedAt(dateToSeconds(backResponse.getIssuedAt()));
 
                 return response;
             }
             throw e;
         }
     }

メンバ詳解

◆ discoveryService

DiscoveryService org.xdi.oxd.server.service.IntrospectionService.discoveryService

private

◆ httpService

HttpService org.xdi.oxd.server.service.IntrospectionService.httpService

private

◆ LOG

final Logger org.xdi.oxd.server.service.IntrospectionService.LOG = LoggerFactory.getLogger(IntrospectionService.class)

staticprivate

◆ umaTokenService

UmaTokenService org.xdi.oxd.server.service.IntrospectionService.umaTokenService

private

このクラス詳解は次のファイルから抽出されました:

D:/AppData/OpenId/gluu/src/oxd/oxd-server/src/main/java/org/xdi/oxd/server/service/IntrospectionService.java

公開メンバ関数

静的公開メンバ関数

非公開メンバ関数

非公開変数類

静的非公開変数類

詳解

構築子と解体子

◆ IntrospectionService()

関数詳解

◆ dateToSeconds()

◆ introspectRpt() [1/2]

◆ introspectRpt() [2/2]

◆ introspectToken() [1/2]

◆ introspectToken() [2/2]

メンバ詳解

◆ discoveryService

◆ httpService

◆ LOG

◆ umaTokenService