public void filter(ContainerRequestContext context) {
try {
interceptor.handleMessage(JAXRSUtils.getCurrentMessage());
} catch (AccessDeniedException ex) {
context.abortWith(Response.status(Response.Status.FORBIDDEN).build());
}
}
protected MultivaluedMap<String, String> toRequestState(ContainerRequestContext rc, UriInfo ui) {
MultivaluedMap<String, String> requestState = new MetadataMap<String, String>();
requestState.putAll(ui.getQueryParameters(decodeRequestParameters));
if (MediaType.APPLICATION_FORM_URLENCODED_TYPE.isCompatible(rc.getMediaType())) {
String body = FormUtils.readBody(rc.getEntityStream(), StandardCharsets.UTF_8.name());
FormUtils.populateMapFromString(
requestState,
JAXRSUtils.getCurrentMessage(),
body,
StandardCharsets.UTF_8.name(),
decodeRequestParameters);
}
return requestState;
}
private void setAtHashAndNonce(IdToken idToken, ServerAccessToken st) {
if (idToken.getAccessTokenHash() == null) {
Properties props = JwsUtils.loadSignatureOutProperties(false);
SignatureAlgorithm sigAlgo = null;
if (super.isSignWithClientSecret()) {
sigAlgo = OAuthUtils.getClientSecretSignatureAlgorithm(props);
} else {
sigAlgo = JwsUtils.getSignatureAlgorithm(props, SignatureAlgorithm.RS256);
}
if (sigAlgo != SignatureAlgorithm.NONE) {
String atHash = OidcUtils.calculateAccessTokenHash(st.getTokenKey(), sigAlgo);
idToken.setAccessTokenHash(atHash);
}
}
Message m = JAXRSUtils.getCurrentMessage();
if (m != null && m.getExchange().containsKey(OAuthConstants.NONCE)) {
idToken.setNonce((String) m.getExchange().get(OAuthConstants.NONCE));
} else if (st.getNonce() != null) {
idToken.setNonce(st.getNonce());
}
}
private void setClientCodeRequest(ClientTokenContext request) {
JAXRSUtils.getCurrentMessage().setContent(ClientTokenContext.class, request);
}