DefaultIntrospectionResultAssembler.java

  1. /*******************************************************************************
  2.  * Copyright 2017 The MIT Internet Trust Consortium
  3.  *
  4.  * Licensed under the Apache License, Version 2.0 (the "License");
  5.  * you may not use this file except in compliance with the License.
  6.  * You may obtain a copy of the License at
  7.  *
  8.  *   http://www.apache.org/licenses/LICENSE-2.0
  9.  *
  10.  * Unless required by applicable law or agreed to in writing, software
  11.  * distributed under the License is distributed on an "AS IS" BASIS,
  12.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13.  * See the License for the specific language governing permissions and
  14.  * limitations under the License.
  15.  *******************************************************************************/
  16. package org.mitre.oauth2.service.impl;

  18. import static com.google.common.collect.Maps.newLinkedHashMap;

  20. import java.text.ParseException;
  21. import java.util.Map;
  22. import java.util.Set;

  24. import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
  25. import org.mitre.oauth2.model.OAuth2RefreshTokenEntity;
  26. import org.mitre.oauth2.service.IntrospectionResultAssembler;
  27. import org.mitre.openid.connect.model.UserInfo;
  28. import org.mitre.uma.model.Permission;
  29. import org.slf4j.Logger;
  30. import org.slf4j.LoggerFactory;
  31. import org.springframework.security.oauth2.provider.OAuth2Authentication;
  32. import org.springframework.stereotype.Service;

  34. import com.google.common.base.Joiner;
  35. import com.google.common.collect.Sets;

  37. /**
  38.  * Default implementation of the {@link IntrospectionResultAssembler} interface.
  39.  */
  40. @Service
  41. public class DefaultIntrospectionResultAssembler implements IntrospectionResultAssembler {

  43.     /**
  44.      * Logger for this class
  45.      */
  46.     private static final Logger logger = LoggerFactory.getLogger(DefaultIntrospectionResultAssembler.class);

  48.     @Override
  49.     public Map<String, Object> assembleFrom(OAuth2AccessTokenEntity accessToken, UserInfo userInfo, Set<String> authScopes) {

  51.         Map<String, Object> result = newLinkedHashMap();
  52.         OAuth2Authentication authentication = accessToken.getAuthenticationHolder().getAuthentication();

  54.         result.put(ACTIVE, true);

  56.         if (accessToken.getPermissions() != null && !accessToken.getPermissions().isEmpty()) {

  58.             Set<Object> permissions = Sets.newHashSet();

  60.             for (Permission perm : accessToken.getPermissions()) {
  61.                 Map<String, Object> o = newLinkedHashMap();
  62.                 o.put("resource_set_id", perm.getResourceSet().getId().toString());
  63.                 Set<String> scopes = Sets.newHashSet(perm.getScopes());
  64.                 o.put("scopes", scopes);
  65.                 permissions.add(o);
  66.             }

  68.             result.put("permissions", permissions);

  70.         } else {
  71.             Set<String> scopes = Sets.intersection(authScopes, accessToken.getScope());

  73.             result.put(SCOPE, Joiner.on(SCOPE_SEPARATOR).join(scopes));

  75.         }

  77.         if (accessToken.getExpiration() != null) {
  78.             try {
  79.                 result.put(EXPIRES_AT, dateFormat.valueToString(accessToken.getExpiration()));
  80.                 result.put(EXP, accessToken.getExpiration().getTime() / 1000L);
  81.             } catch (ParseException e) {
  82.                 logger.error("Parse exception in token introspection", e);
  83.             }
  84.         }

  86.         if (userInfo != null) {
  87.             // if we have a UserInfo, use that for the subject
  88.             result.put(SUB, userInfo.getSub());
  89.         } else {
  90.             // otherwise, use the authentication's username
  91.             result.put(SUB, authentication.getName());
  92.         }

  94.         if(authentication.getUserAuthentication() != null) {
  95.             result.put(USER_ID, authentication.getUserAuthentication().getName());
  96.         }

  98.         result.put(CLIENT_ID, authentication.getOAuth2Request().getClientId());

  100.         result.put(TOKEN_TYPE, accessToken.getTokenType());

  102.         return result;
  103.     }

  105.     @Override
  106.     public Map<String, Object> assembleFrom(OAuth2RefreshTokenEntity refreshToken, UserInfo userInfo, Set<String> authScopes) {

  108.         Map<String, Object> result = newLinkedHashMap();
  109.         OAuth2Authentication authentication = refreshToken.getAuthenticationHolder().getAuthentication();

  111.         result.put(ACTIVE, true);

  113.         Set<String> scopes = Sets.intersection(authScopes, authentication.getOAuth2Request().getScope());

  115.         result.put(SCOPE, Joiner.on(SCOPE_SEPARATOR).join(scopes));

  117.         if (refreshToken.getExpiration() != null) {
  118.             try {
  119.                 result.put(EXPIRES_AT, dateFormat.valueToString(refreshToken.getExpiration()));
  120.                 result.put(EXP, refreshToken.getExpiration().getTime() / 1000L);
  121.             } catch (ParseException e) {
  122.                 logger.error("Parse exception in token introspection", e);
  123.             }
  124.         }


  127.         if (userInfo != null) {
  128.             // if we have a UserInfo, use that for the subject
  129.             result.put(SUB, userInfo.getSub());
  130.         } else {
  131.             // otherwise, use the authentication's username
  132.             result.put(SUB, authentication.getName());
  133.         }

  135.         if(authentication.getUserAuthentication() != null) {
  136.             result.put(USER_ID, authentication.getUserAuthentication().getName());
  137.         }

  139.         result.put(CLIENT_ID, authentication.getOAuth2Request().getClientId());

  141.         return result;
  142.     }
  143. }
Created with JaCoCo 0.7.9.201702052155