コード例 #1
0
  // return all claims from scopes + claims requested in the id_token
  private void appendIdTokenClaims(
      OAuth2Request request,
      OAuth2ProviderSettings providerSettings,
      OpenAMOpenIdConnectToken oidcToken)
      throws ServerException, NotFoundException, InvalidClientException {

    try {
      AccessToken accessToken = request.getToken(AccessToken.class);
      Map<String, Object> userInfo = providerSettings.getUserInfo(accessToken, request).getValues();

      for (Map.Entry<String, Object> claim : userInfo.entrySet()) {
        oidcToken.put(claim.getKey(), claim.getValue());
      }

    } catch (UnauthorizedClientException e) {
      throw new InvalidClientException(e.getMessage());
    }
  }
コード例 #2
0
  // See spec section 5.5. - add claims to id_token based on 'claims' parameter in the access token
  private void appendRequestedIdTokenClaims(
      OAuth2Request request,
      OAuth2ProviderSettings providerSettings,
      OpenAMOpenIdConnectToken oidcToken)
      throws ServerException, NotFoundException, InvalidClientException {

    AccessToken accessToken = request.getToken(AccessToken.class);
    String claims;
    if (accessToken != null) {
      claims = (String) accessToken.toMap().get(OAuth2Constants.Custom.CLAIMS);
    } else {
      claims = request.getParameter(OAuth2Constants.Custom.CLAIMS);
    }

    if (claims != null) {
      try {
        JSONObject claimsObject = new JSONObject(claims);
        JSONObject idTokenClaimsRequest =
            claimsObject.getJSONObject(OAuth2Constants.JWTTokenParams.ID_TOKEN);
        Map<String, Object> userInfo =
            providerSettings.getUserInfo(accessToken, request).getValues();

        Iterator<String> it = idTokenClaimsRequest.keys();
        while (it.hasNext()) {
          String keyName = it.next();

          if (userInfo.containsKey(keyName)) {
            oidcToken.put(keyName, userInfo.get(keyName));
          }
        }
      } catch (UnauthorizedClientException e) {
        throw new InvalidClientException(e.getMessage());
      } catch (JSONException e) {
        // if claims object not found, fall through
      }
    }
  }