-
Notifications
You must be signed in to change notification settings - Fork 566
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Support for IDCS specific feature in OIDC config. (#1688)
* Support for IDCS specific feature in OIDC config.
- Loading branch information
1 parent
0e8f92a
commit e8abee8
Showing
6 changed files
with
185 additions
and
44 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
60 changes: 60 additions & 0 deletions
60
...ders/oidc-common/src/main/java/io/helidon/security/providers/oidc/common/IdcsSupport.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
/* | ||
* Copyright (c) 2020 Oracle and/or its affiliates. | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
|
||
package io.helidon.security.providers.oidc.common; | ||
|
||
import java.net.URI; | ||
|
||
import javax.json.JsonObject; | ||
import javax.ws.rs.client.Client; | ||
import javax.ws.rs.client.Entity; | ||
import javax.ws.rs.client.WebTarget; | ||
import javax.ws.rs.core.MediaType; | ||
import javax.ws.rs.core.MultivaluedHashMap; | ||
import javax.ws.rs.core.MultivaluedMap; | ||
|
||
import io.helidon.common.Errors; | ||
import io.helidon.security.jwt.jwk.JwkKeys; | ||
|
||
/** | ||
* Oracle IDCS specific implementations for {@code idcs} server type. | ||
*/ | ||
class IdcsSupport { | ||
// prevent instantiation | ||
private IdcsSupport() { | ||
} | ||
// load signature jwk with a token | ||
static JwkKeys signJwk(Client generalClient, WebTarget tokenEndpoint, Errors.Collector collector, URI signJwkUri) { | ||
// need to get token to be able to request this endpoint | ||
MultivaluedMap<String, String> formData = new MultivaluedHashMap<>(); | ||
formData.putSingle("grant_type", "client_credentials"); | ||
formData.putSingle("scope", "urn:opc:idm:__myscopes__"); | ||
|
||
JsonObject response = tokenEndpoint.request() | ||
.accept(MediaType.APPLICATION_JSON_TYPE) | ||
.post(Entity.form(formData), JsonObject.class); | ||
String accessToken = response.getString("access_token"); | ||
|
||
// get the jwk from server | ||
JsonObject jwkJson = generalClient.target(signJwkUri) | ||
.request() | ||
.header("Authorization", "Bearer " + accessToken) | ||
.get(JsonObject.class); | ||
|
||
return JwkKeys.create(jwkJson); | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters