private static UserInfo getUserInfo(
final OIDCProviderMetadata providerConfiguration, final BearerAccessToken bearerAccessToken)
throws ParseException, SerializeException, IOException {
final UserInfoRequest userInfoRequest =
new UserInfoRequest(providerConfiguration.getUserInfoEndpointURI(), bearerAccessToken);
UserInfoResponse userInfoResponse;
switch (providerConfiguration.getIssuer().getValue()) {
case ISSUER_FACEBOOK:
userInfoResponse = FacebookUserInfoResponse.parse(userInfoRequest.toHTTPRequest().send());
break;
case ISSUER_PAY_PAL:
userInfoResponse = PayPalUserInfoResponse.parse(userInfoRequest.toHTTPRequest().send());
break;
case ISSUER_MICROSOFT:
userInfoResponse = MicrosoftUserInfoResponse.parse(userInfoRequest.toHTTPRequest().send());
break;
default: // Google.
userInfoResponse = UserInfoResponse.parse(userInfoRequest.toHTTPRequest().send());
break;
}
if (userInfoResponse instanceof UserInfoErrorResponse) {
final ErrorObject error = ((UserInfoErrorResponse) userInfoResponse).getErrorObject();
throw new GNUOpenBusinessApplicationException(error.getDescription());
}
return ((UserInfoSuccessResponse) userInfoResponse).getUserInfo();
}
private static AuthorizationCode retrieveAuthenticationCode(
final URI requestURI, final State state) throws ParseException {
final AuthenticationResponse authenticationResponse =
AuthenticationResponseParser.parse(requestURI);
if (authenticationResponse instanceof AuthenticationErrorResponse) {
final ErrorObject error =
((AuthenticationErrorResponse) authenticationResponse).getErrorObject();
throw new GNUOpenBusinessApplicationException(error.getDescription());
}
if (((AuthenticationSuccessResponse) authenticationResponse).getState() == null
|| !((AuthenticationSuccessResponse) authenticationResponse)
.getState()
.getValue()
.equals(state.getValue())) {
throw new GNUOpenBusinessApplicationException(
"State verification failed, recieved stated is not correct");
}
return ((AuthenticationSuccessResponse) authenticationResponse).getAuthorizationCode();
}
private static BearerAccessToken getTokenRequest(
final OIDCProviderMetadata providerConfiguration,
final ClientID clientID,
final AuthorizationCode authorizationCode,
final URI redirectURI,
Secret clientSecret)
throws SerializeException, ParseException, IOException, NoSuchAlgorithmException,
InvalidKeySpecException, java.text.ParseException, JOSEException {
final SecretTokenRequest tokenRequest =
new SecretTokenRequest(
providerConfiguration.getTokenEndpointURI(),
clientID,
clientSecret,
new AuthorizationCodeGrant(authorizationCode, redirectURI));
final TokenResponse tokenResponse =
OIDCTokenResponseParser.parse(tokenRequest.toHTTPRequest().send());
if (tokenResponse instanceof TokenErrorResponse) {
final ErrorObject error = ((TokenErrorResponse) tokenResponse).getErrorObject();
throw new GNUOpenBusinessApplicationException(error.getDescription());
}
return ((OIDCAccessTokenResponse) tokenResponse).getBearerAccessToken();
}