-
Notifications
You must be signed in to change notification settings - Fork 59
/
OAuth2Config.kt
124 lines (112 loc) · 4.84 KB
/
OAuth2Config.kt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
package no.nav.security.mock.oauth2
import com.fasterxml.jackson.core.JsonParser
import com.fasterxml.jackson.databind.DeserializationContext
import com.fasterxml.jackson.databind.JsonDeserializer
import com.fasterxml.jackson.databind.JsonNode
import com.fasterxml.jackson.databind.annotation.JsonDeserialize
import com.fasterxml.jackson.module.kotlin.jacksonObjectMapper
import com.fasterxml.jackson.module.kotlin.readValue
import com.nimbusds.jose.JWSAlgorithm
import com.nimbusds.jose.jwk.JWK
import no.nav.security.mock.oauth2.http.MockWebServerWrapper
import no.nav.security.mock.oauth2.http.NettyWrapper
import no.nav.security.mock.oauth2.http.OAuth2HttpServer
import no.nav.security.mock.oauth2.http.Ssl
import no.nav.security.mock.oauth2.http.SslKeystore
import no.nav.security.mock.oauth2.token.KeyProvider
import no.nav.security.mock.oauth2.token.OAuth2TokenCallback
import no.nav.security.mock.oauth2.token.OAuth2TokenProvider
import no.nav.security.mock.oauth2.token.RequestMappingTokenCallback
import java.io.File
import java.time.Instant
data class OAuth2Config
@JvmOverloads
constructor(
val interactiveLogin: Boolean = false,
val loginPagePath: String? = null,
val staticAssetsPath: String? = null,
val rotateRefreshToken: Boolean = false,
@JsonDeserialize(using = OAuth2TokenProviderDeserializer::class)
val tokenProvider: OAuth2TokenProvider = OAuth2TokenProvider(),
@JsonDeserialize(contentAs = RequestMappingTokenCallback::class)
val tokenCallbacks: Set<OAuth2TokenCallback> = emptySet(),
@JsonDeserialize(using = OAuth2HttpServerDeserializer::class)
val httpServer: OAuth2HttpServer = MockWebServerWrapper(),
) {
class OAuth2TokenProviderDeserializer : JsonDeserializer<OAuth2TokenProvider>() {
data class ProviderConfig(
val keyProvider: KeyProviderConfig?,
val systemTime: String?,
)
data class KeyProviderConfig(
val initialKeys: String?,
val algorithm: String,
)
override fun deserialize(
p: JsonParser,
ctxt: DeserializationContext?,
): OAuth2TokenProvider {
val node: JsonNode = p.readValueAsTree()
val config: ProviderConfig =
if (!node.isObject) {
return OAuth2TokenProvider()
} else {
p.codec.treeToValue(node, ProviderConfig::class.java)
}
val jwks =
config.keyProvider?.initialKeys?.let {
listOf(JWK.parse(it))
} ?: emptyList()
val systemTime =
config.systemTime?.let {
Instant.parse(it)
}
return OAuth2TokenProvider(
KeyProvider(
jwks,
config.keyProvider?.algorithm ?: JWSAlgorithm.RS256.name,
),
systemTime,
)
}
}
class OAuth2HttpServerDeserializer : JsonDeserializer<OAuth2HttpServer>() {
enum class ServerType {
MockWebServerWrapper,
NettyWrapper,
}
data class ServerConfig(
val type: ServerType,
val ssl: SslConfig? = null,
)
data class SslConfig(
val keyPassword: String = "",
val keystoreFile: File? = null,
val keystoreType: SslKeystore.KeyStoreType = SslKeystore.KeyStoreType.PKCS12,
val keystorePassword: String = "",
) {
fun ssl() = Ssl(sslKeyStore())
private fun sslKeyStore() = if (keystoreFile == null) SslKeystore() else SslKeystore(keyPassword, keystoreFile, keystoreType, keystorePassword)
}
override fun deserialize(
p: JsonParser,
ctxt: DeserializationContext,
): OAuth2HttpServer {
val node: JsonNode = p.readValueAsTree()
val serverConfig: ServerConfig =
if (node.isObject) {
p.codec.treeToValue(node, ServerConfig::class.java)
} else {
ServerConfig(ServerType.valueOf(node.textValue()))
}
val ssl: Ssl? = serverConfig.ssl?.ssl()
return when (serverConfig.type) {
ServerType.NettyWrapper -> NettyWrapper(ssl)
ServerType.MockWebServerWrapper -> MockWebServerWrapper(ssl)
}
}
}
companion object {
fun fromJson(json: String): OAuth2Config = jacksonObjectMapper().readValue(json)
}
}