com.nimbusds.oauth2.sdk.Scope Java Examples

The following examples show how to use com.nimbusds.oauth2.sdk.Scope. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: OpenIdConnector.java    From onedev with MIT License 6 votes vote down vote up
@Override
public void initiateLogin() {
	try {
		ClientID clientID = new ClientID(clientId);
		
		State state = new State(UUID.randomUUID().toString());
		Session.get().setAttribute(SESSION_ATTR_STATE, state.getValue());
		Session.get().setAttribute(SESSION_ATTR_PROVIDER_METADATA, discoverProviderMetadata());
		
		String scopes = "openid email profile";
		if (groupsClaim != null)
			scopes = scopes + " " + groupsClaim;
		
		AuthenticationRequest request = new AuthenticationRequest(
				new URI(getCachedProviderMetadata().getAuthorizationEndpoint()),
			    new ResponseType("code"), Scope.parse(scopes), clientID, getCallbackUri(),
			    state, new Nonce());
		throw new RedirectToUrlException(request.toURI().toString());
	} catch (URISyntaxException|SerializeException e) {
		throw new RuntimeException(e);
	}		
}
 
Example #2
Source File: StandardOidcIdentityProviderTest.java    From nifi with Apache License 2.0 6 votes vote down vote up
@Test
public void testValidateScopes() throws IllegalAccessException {
    final String additionalScope_profile = "profile";
    final String additionalScope_abc = "abc";

    final StandardOidcIdentityProvider provider = createOidcProviderWithAdditionalScopes(additionalScope_profile,
        additionalScope_abc);
    Scope scope = provider.getScope();

    // two additional scopes are set, two (openid, email) are hard-coded
    assertEquals(scope.toArray().length, 4);
    assertTrue(scope.contains("openid"));
    assertTrue(scope.contains("email"));
    assertTrue(scope.contains(additionalScope_profile));
    assertTrue(scope.contains(additionalScope_abc));
}
 
Example #3
Source File: OidcClientTest.java    From sonar-auth-oidc with Apache License 2.0 5 votes vote down vote up
@Test
public void getAuthenticationRequest() throws URISyntaxException {
  OidcClient underTest = newSpyOidcClient();
  AuthenticationRequest request = underTest.getAuthenticationRequest(CALLBACK_URL, STATE);
  assertEquals("invalid scope", Scope.parse("openid profile email"), request.getScope());
  assertEquals("invalid client id", new ClientID("id"), request.getClientID());
  assertEquals("invalid state", new State(STATE), request.getState());
  assertEquals("invalid response type", ResponseType.getDefault(), request.getResponseType());
  assertEquals("invalid redirect uri", new URI(CALLBACK_URL), request.getRedirectionURI());
  assertEquals("invalid endpoint uri", new URI(ISSUER_URI).resolve("/protocol/openid-connect/auth"),
      request.getEndpointURI());
}
 
Example #4
Source File: DefaultJsonConverter.java    From vertx-pac4j with Apache License 2.0 5 votes vote down vote up
public DefaultJsonConverter() {
    mapper.setVisibility(PropertyAccessor.FIELD, JsonAutoDetect.Visibility.ANY);
    mapper.setVisibility(PropertyAccessor.GETTER, JsonAutoDetect.Visibility.NONE);
    mapper.setVisibility(PropertyAccessor.IS_GETTER, JsonAutoDetect.Visibility.NONE);

    mapper.addMixIn(OAuth1RequestToken.class, OAuth1RequestTokenMixin.class)
        .addMixIn(BearerAccessToken.class, BearerAccessTokenMixin.class)
        .addMixIn(Scope.Value.class, ValueMixin.class)
        .addMixIn(Token.class, TokenMixin.class);
}
 
Example #5
Source File: StandardOidcIdentityProvider.java    From nifi with Apache License 2.0 5 votes vote down vote up
@Override
public Scope getScope() {
    if (!isOidcEnabled()) {
        throw new IllegalStateException(OPEN_ID_CONNECT_SUPPORT_IS_NOT_CONFIGURED);
    }

    Scope scope = new Scope("openid", "email");

    for (String additionalScope : properties.getOidcAdditionalScopes()) {
        // Scope automatically prevents duplicated entries
        scope.add(additionalScope);
    }

    return scope;
}
 
Example #6
Source File: StandardOidcIdentityProviderTest.java    From nifi with Apache License 2.0 5 votes vote down vote up
@Test
public void testNoDuplicatedScopes() throws IllegalAccessException {
    final String additionalScopeDuplicate = "abc";

    final StandardOidcIdentityProvider provider = createOidcProviderWithAdditionalScopes(additionalScopeDuplicate,
            "def", additionalScopeDuplicate);
    Scope scope = provider.getScope();

    // three additional scopes are set but one is duplicated and mustn't be returned; note that there is
    // another one inserted in between the duplicated; two (openid, email) are hard-coded
    assertEquals(scope.toArray().length, 4);
}
 
Example #7
Source File: OidcClient.java    From sonar-auth-oidc with Apache License 2.0 4 votes vote down vote up
private Scope getScope() {
  return Scope.parse(config.scopes());
}
 
Example #8
Source File: DefaultJsonConverter.java    From vertx-pac4j with Apache License 2.0 4 votes vote down vote up
@JsonCreator
public BearerAccessTokenMixin(@JsonProperty("value") String value, @JsonProperty("lifetime") long lifetime,
        @JsonProperty("scope") Scope scope) {
}
 
Example #9
Source File: OidcService.java    From nifi with Apache License 2.0 2 votes vote down vote up
/**
 * Returns the OpenId Connect scope.
 *
 * @return scope
 */
public Scope getScope() {
    return identityProvider.getScope();
}
 
Example #10
Source File: OidcIdentityProvider.java    From nifi with Apache License 2.0 2 votes vote down vote up
/**
 * Returns the scopes supported by the OIDC provider.
 *
 * @return support scopes
 */
Scope getScope();