fish.payara.security.openid.controller

Class TokenController

java.lang.Object

fish.payara.security.openid.controller.TokenController

@ApplicationScoped
public class TokenController
extends Object

Controller for Token endpoint

Author:

Gaurav Gupta

Constructor Summary

Constructors

Constructor and Description
TokenController()

Method Summary

Modifier and Type	Method and Description
javax.ws.rs.core.Response	getTokens(OpenIdConfiguration configuration, javax.servlet.http.HttpServletRequest request) (4) A Client makes a token request to the token endpoint and the OpenId Provider responds with an ID Token and an Access Token.
javax.ws.rs.core.Response	refreshTokens(OpenIdConfiguration configuration, RefreshToken refreshToken) Makes a refresh request to the token endpoint and the OpenId Provider responds with a new (updated) Access Token and Refreshs Token.
Map<String,Object>	validateAccessToken(AccessTokenImpl accessToken, com.nimbusds.jose.Algorithm idTokenAlgorithm, Map<String,Object> idTokenClaims, OpenIdConfiguration configuration) (5.2) Validate the Access Token & it's claims and verify the signature.
Map<String,Object>	validateIdToken(IdentityTokenImpl idToken, javax.security.enterprise.authentication.mechanism.http.HttpMessageContext httpContext, OpenIdConfiguration configuration) (5.1) Validate Id Token's claims and verify ID Token's signature.
Map<String,Object>	validateRefreshedIdToken(IdentityToken previousIdToken, IdentityTokenImpl newIdToken, javax.security.enterprise.authentication.mechanism.http.HttpMessageContext httpContext, OpenIdConfiguration configuration) Validate Id Token received from Successful Refresh Response.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

TokenController

public TokenController()

Method Detail

getTokens

public javax.ws.rs.core.Response getTokens(OpenIdConfiguration configuration,
                                           javax.servlet.http.HttpServletRequest request)

(4) A Client makes a token request to the token endpoint and the OpenId Provider responds with an ID Token and an Access Token.

Parameters:

configuration -

request -

Returns:

a JSON object representation of OpenID Connect token response from the Token endpoint.

validateIdToken

public Map<String,Object> validateIdToken(IdentityTokenImpl idToken,
                                          javax.security.enterprise.authentication.mechanism.http.HttpMessageContext httpContext,
                                          OpenIdConfiguration configuration)

(5.1) Validate Id Token's claims and verify ID Token's signature.

Parameters:

idToken -

httpContext -

configuration -

Returns:

JWT Claims

validateRefreshedIdToken

public Map<String,Object> validateRefreshedIdToken(IdentityToken previousIdToken,
                                                   IdentityTokenImpl newIdToken,
                                                   javax.security.enterprise.authentication.mechanism.http.HttpMessageContext httpContext,
                                                   OpenIdConfiguration configuration)

Validate Id Token received from Successful Refresh Response.

Parameters:

previousIdToken -

newIdToken -

httpContext -

configuration -

Returns:

JWT Claims

validateAccessToken

public Map<String,Object> validateAccessToken(AccessTokenImpl accessToken,
                                              com.nimbusds.jose.Algorithm idTokenAlgorithm,
                                              Map<String,Object> idTokenClaims,
                                              OpenIdConfiguration configuration)

(5.2) Validate the Access Token & it's claims and verify the signature.

Parameters:

accessToken -

idTokenAlgorithm -

idTokenClaims -

configuration -

Returns:

JWT Claims

refreshTokens

public javax.ws.rs.core.Response refreshTokens(OpenIdConfiguration configuration,
                                               RefreshToken refreshToken)

Makes a refresh request to the token endpoint and the OpenId Provider responds with a new (updated) Access Token and Refreshs Token.

Parameters:

configuration -

refreshToken - Refresh Token received from previous token request.

Returns:

a JSON object representation of OpenID Connect token response from the Token endpoint.