public String buildIDToken(
OAuthTokenReqMessageContext request, OAuth2AccessTokenRespDTO tokenRespDTO)
throws IdentityOAuth2Exception {
OAuthServerConfiguration config = OAuthServerConfiguration.getInstance();
String issuer = config.getOpenIDConnectIDTokenIssuerIdentifier();
int lifetime = Integer.parseInt(config.getOpenIDConnectIDTokenExpiration()) * 1000;
int curTime = (int) Calendar.getInstance().getTimeInMillis();
// setting subject
String subject = request.getAuthorizedUser();
String claim = config.getOpenIDConnectIDTokenSubjectClaim();
if (claim != null) {
String tenantUser = MultitenantUtils.getTenantAwareUsername(request.getAuthorizedUser());
String domainName = MultitenantUtils.getTenantDomain(request.getAuthorizedUser());
try {
subject =
IdentityTenantUtil.getRealm(domainName, tenantUser)
.getUserStoreManager()
.getUserClaimValue(tenantUser, claim, null);
} catch (Exception e) {
throw new IdentityOAuth2Exception("Erro while generating the IDToken", e);
}
}
if (DEBUG) {
log.debug("Using issuer " + issuer);
log.debug("Subject " + subject);
log.debug("ID Token expiration seconds" + lifetime);
log.debug("Current time " + curTime);
}
try {
IDTokenBuilder builder =
new IDTokenBuilder()
.setIssuer(issuer)
.setSubject(subject)
.setAudience(request.getOauth2AccessTokenReqDTO().getClientId())
.setAuthorizedParty(request.getOauth2AccessTokenReqDTO().getClientId())
.setExpiration(curTime + lifetime)
.setIssuedAt(curTime);
// setting up custom claims
CustomClaimsCallbackHandler claimsCallBackHandler =
OAuthServerConfiguration.getInstance().getOpenIDConnectCustomClaimsCallbackHandler();
claimsCallBackHandler.handleCustomClaims(builder, request);
return builder.buildIDToken();
} catch (IDTokenException e) {
throw new IdentityOAuth2Exception("Erro while generating the IDToken", e);
}
}
