@Override
public CommandResponse execute() {
try {
final GetTokensByCodeParams params = asParams(GetTokensByCodeParams.class);
final SiteConfiguration site = getSite(params.getOxdId());
final TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
tokenRequest.setCode(params.getCode());
tokenRequest.setRedirectUri(site.getAuthorizationRedirectUri());
tokenRequest.setAuthUsername(site.getClientId());
tokenRequest.setAuthPassword(site.getClientSecret());
tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
tokenRequest.setScope(asCommaSeparatedString(site.getScope()));
final TokenClient tokenClient =
new TokenClient(getDiscoveryService().getConnectDiscoveryResponse().getTokenEndpoint());
tokenClient.setExecutor(getHttpService().getClientExecutor());
tokenClient.setRequest(tokenRequest);
final TokenResponse response = tokenClient.exec();
ClientUtils.showClient(tokenClient);
if (response.getStatus() == 200 || response.getStatus() == 302) { // success or redirect
if (Util.allNotBlank(response.getAccessToken(), response.getRefreshToken())) {
final GetTokensByCodeResponse opResponse = new GetTokensByCodeResponse();
opResponse.setAccessToken(response.getAccessToken());
opResponse.setIdToken(response.getIdToken());
opResponse.setRefreshToken(response.getRefreshToken());
opResponse.setExpiresIn(response.getExpiresIn());
final Jwt jwt = Jwt.parse(response.getIdToken());
if (CheckIdTokenOperation.isValid(
jwt, getDiscoveryService().getConnectDiscoveryResponse())) {
final Map<String, List<String>> claims =
jwt.getClaims() != null
? jwt.getClaims().toMap()
: new HashMap<String, List<String>>();
opResponse.setIdTokenClaims(claims);
return okResponse(opResponse);
} else {
LOG.error("ID Token is not valid, token: " + response.getIdToken());
}
}
} else {
LOG.error("Failed to get tokens because response code is: " + response.getScope());
}
} catch (Exception e) {
LOG.error(e.getMessage(), e);
}
return CommandResponse.INTERNAL_ERROR_RESPONSE;
}
