Class IDTokenHandler
- java.lang.Object
-
- org.oa4mp.server.loader.oauth2.claims.AbstractPayloadHandler
-
- org.oa4mp.server.loader.oauth2.claims.IDTokenHandler
-
- All Implemented Interfaces:
IDTokenHandlerInterface
,PayloadHandler
,Serializable
public class IDTokenHandler extends AbstractPayloadHandler implements IDTokenHandlerInterface
Created by Jeff Gaynor
on 2/16/20 at 6:51 AM- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description static String
ID_TOKEN_BASIC_HANDLER_TYPE
static String
ID_TOKEN_DEFAULT_HANDLER_TYPE
protected String
issuer
-
Fields inherited from class edu.uiuc.ncsa.myproxy.oa4mp.oauth2.claims.AbstractPayloadHandler
claims, oa2se, request, transaction
-
-
Constructor Summary
Constructors Constructor Description IDTokenHandler(PayloadHandlerConfigImpl payloadHandlerConfig)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addRequestState(edu.uiuc.ncsa.security.util.scripting.ScriptRunRequest req)
Marshall any resources this script needs to make a request.protected void
checkClaim(net.sf.json.JSONObject claims, String claimKey)
void
checkClaims()
Called after the runner has gotten the claims so that this class can check integrity.protected void
checkRequiredScopes(OA2ServiceTransaction t)
Use this to check for any requires scopes that the request must have.net.sf.json.JSONObject
execute(ClaimSource source, net.sf.json.JSONObject claims)
Runs this specific claim source against the internal state of this class.void
finish(String execPhase)
For CIL-499.List<ClaimSource>
getSources()
These are the sources that the runner will use to populate the claimsvoid
handleResponse(edu.uiuc.ncsa.security.util.scripting.ScriptRunResponse resp)
This takes the response from a script and unmarshalls the resourcesvoid
init()
Creates and initializes the claims object this class manages.void
refreshAccountingInformation()
This is used on refresh only.void
saveState()
Called at the end of each block, this lets the handler save its state.void
setAccountingInformation()
This sets the accounting information (such as the expiration and such) for a token.protected void
setIssuer(javax.servlet.http.HttpServletRequest request)
-
Methods inherited from class edu.uiuc.ncsa.myproxy.oa4mp.oauth2.claims.AbstractPayloadHandler
doServerVariables, doSubstitution, getClaims, getExtendedAttributes, getPhCfg, getResponseCode, getToken, hasScript, isEmpty, listToString, refresh, setClaims, setExtendedAttributes, setPhCfg, setResponseCode
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface edu.uiuc.ncsa.oa4mp.delegation.oa2.jwt.PayloadHandler
getClaims, getExtendedAttributes, getPhCfg, getResponseCode, getToken, hasScript, refresh, setPhCfg, setResponseCode
-
-
-
-
Field Detail
-
issuer
protected String issuer
-
ID_TOKEN_DEFAULT_HANDLER_TYPE
public static final String ID_TOKEN_DEFAULT_HANDLER_TYPE
- See Also:
- Constant Field Values
-
ID_TOKEN_BASIC_HANDLER_TYPE
public static final String ID_TOKEN_BASIC_HANDLER_TYPE
- See Also:
- Constant Field Values
-
-
Constructor Detail
-
IDTokenHandler
public IDTokenHandler(PayloadHandlerConfigImpl payloadHandlerConfig)
-
-
Method Detail
-
setIssuer
protected void setIssuer(javax.servlet.http.HttpServletRequest request)
-
init
public void init() throws Throwable
Description copied from interface:PayloadHandler
Creates and initializes the claims object this class manages.- Specified by:
init
in interfacePayloadHandler
- Throws:
Throwable
-
refreshAccountingInformation
public void refreshAccountingInformation()
Description copied from interface:PayloadHandler
This is used on refresh only. It will reset all the standard accounting information (such as timestamps) for an existing claims object.Usage
Create an instance of the handler with the constructor for any state, then invoke this method.- Specified by:
refreshAccountingInformation
in interfacePayloadHandler
-
setAccountingInformation
public void setAccountingInformation()
Description copied from interface:PayloadHandler
This sets the accounting information (such as the expiration and such) for a token. This is called when a token is created or refreshed.- Specified by:
setAccountingInformation
in interfacePayloadHandler
-
addRequestState
public void addRequestState(edu.uiuc.ncsa.security.util.scripting.ScriptRunRequest req) throws Throwable
Description copied from interface:PayloadHandler
Marshall any resources this script needs to make a request. I.e., add specific state (if needed) from this handler to theScriptRunRequest
.- Specified by:
addRequestState
in interfacePayloadHandler
- Throws:
Throwable
-
handleResponse
public void handleResponse(edu.uiuc.ncsa.security.util.scripting.ScriptRunResponse resp) throws Throwable
Description copied from interface:PayloadHandler
This takes the response from a script and unmarshalls the resources- Specified by:
handleResponse
in interfacePayloadHandler
- Overrides:
handleResponse
in classAbstractPayloadHandler
- Throws:
Throwable
-
checkClaims
public void checkClaims() throws Throwable
Description copied from interface:PayloadHandler
Called after the runner has gotten the claims so that this class can check integrity. For instance, an OIDC server would need to see that the subject is set properly. SciTokens needs to check that its scopes (aka resource permissions) were set- Specified by:
checkClaims
in interfacePayloadHandler
- Throws:
Throwable
-
getSources
public List<ClaimSource> getSources() throws Throwable
Description copied from interface:PayloadHandler
These are the sources that the runner will use to populate the claims- Specified by:
getSources
in interfacePayloadHandler
- Returns:
- Throws:
Throwable
-
finish
public void finish(String execPhase) throws Throwable
For CIL-499. It is possible to remove key claims with functors and return unusable claims objects. This method will check that claims that must be present are there or will raise a server-side exception.- Specified by:
finish
in interfacePayloadHandler
- Parameters:
execPhase
- - the current execution phase.- Throws:
Throwable
-
saveState
public void saveState() throws Throwable
Description copied from interface:PayloadHandler
Called at the end of each block, this lets the handler save its state. Note that for OA4MP, the state is saved in the transaction which is saved once after the handlers run. Only put actual save code in here if needed, since it is apt to get called a lot.- Specified by:
saveState
in interfacePayloadHandler
- Throws:
Throwable
-
checkRequiredScopes
protected void checkRequiredScopes(OA2ServiceTransaction t) throws Throwable
Use this to check for any requires scopes that the request must have. It is usually best to check these in the transaction since they have been normalized there, but the request is supplied too for completeness.- Parameters:
t
-- Throws:
Throwable
-
checkClaim
protected void checkClaim(net.sf.json.JSONObject claims, String claimKey)
-
execute
public net.sf.json.JSONObject execute(ClaimSource source, net.sf.json.JSONObject claims) throws Throwable
Description copied from interface:PayloadHandler
Runs this specific claim source against the internal state of this class. Note that the contract is that it returns the updated claims and if there are no new claims, it should just return its claims argument.- Specified by:
execute
in interfacePayloadHandler
- Overrides:
execute
in classAbstractPayloadHandler
- Returns:
- Throws:
Throwable
-
-