Package org.oa4mp.delegation.server.jwt

Class JWTRunner

  • public class JWTRunner
extends Object
    This will create a JWT. The contract is generally that it has (multiple) PayloadHandlers which process a given token. These are run at various times during execution based on the phase and flow states. For various historical reasons, the JWT is referred to as "claims" and it would take far too much tracking down in the code to change it.

    Created by Jeff Gaynor
    on 2/15/20 at 7:38 AM

    • Constructor Detail

      • JWTRunner

        public JWTRunner​(OIDCServiceTransactionInterface transaction,
                 edu.uiuc.ncsa.security.util.scripting.ScriptRuntimeEngine scriptRuntimeEngine)

    • Method Detail

      • setIdTokenHandlerInterface

        public void setIdTokenHandlerInterface​(IDTokenHandlerInterface idTokenHandlerInterface)

      • hasIDTokenHandler

        public boolean hasIDTokenHandler()

      • hasATHandler

        public boolean hasATHandler()

      • hasRTHandler

        public boolean hasRTHandler()

      • initializeHandlers

        public void initializeHandlers()
                        throws Throwable
        Throws:
        Throwable

      • doTokenClaims

        protected void doTokenClaims​(boolean isRefresh)
                      throws Throwable
        Throws:
        Throwable

      • getFromSources

        protected void getFromSources​(FlowStates flowStates,
                              String execPhase,
                              boolean checkAuthClaims)
                       throws Throwable
        Deprecated.
        This should go away at some point since it has to loop over handler and basically ignores how the system works.
        Get the claims sources for the ID token. This is needed only if the handler will attempt to get claims at some point.
        Parameters:
        flowStates -
        checkAuthClaims -
        Throws:
        Throwable

      • getScriptRuntimeEngine

        public edu.uiuc.ncsa.security.util.scripting.ScriptRuntimeEngine getScriptRuntimeEngine()

      • newSRR

        protected edu.uiuc.ncsa.security.util.scripting.ScriptRunRequest newSRR​(OIDCServiceTransactionInterface transaction,
                                                                        String phase)
        creates new ScriptRunRequest with the basic information from the transaction. Anything specific to the handler needs to be added in the PayloadHandler.addRequestState(ScriptRunRequest). This sends along the current claims, scopes flow states and claim sources then harvests them in toto from the response.
        Returns:

      • handleSREResponse

        protected void handleSREResponse​(OIDCServiceTransactionInterface transaction,
                                 edu.uiuc.ncsa.security.util.scripting.ScriptRunResponse scriptRunResponse)
                          throws IOException
        Process the script, but the claim sources are not updated because we are not interested in the claim sources, e.g. if this is called after all claims sources have been processed and the script just massages the claims or flow states.
        Parameters:
        scriptRunResponse -
        Throws:
        IOException