Package com.nimbusds.oauth2.sdk

Examples of com.nimbusds.oauth2.sdk.ParseException


      paramString = uri.getRawFragment();

    } else {

      throw new ParseException("Missing authorization response parameters");
    }
   
    Map<String,String> params = URLUtils.parseParameters(paramString);

    if (params == null)
      throw new ParseException("Missing or invalid authorization response parameters");

    return parse(URIUtils.getBaseURI(uri), params);
  }
View Full Code Here


   */
  public static AuthenticationResponse parse(final HTTPResponse httpResponse)
    throws ParseException {

    if (httpResponse.getStatusCode() != HTTPResponse.SC_FOUND)
      throw new ParseException("Unexpected HTTP status code, must be 302 (Found): " +
                               httpResponse.getStatusCode());
   
    URI location = httpResponse.getLocation();
   
    if (location == null)
      throw new ParseException("Missing redirection URI / HTTP Location header");

    return parse(location);
  }
View Full Code Here

    // Required in OIDC
    URI redirectURI = ar.getRedirectionURI();

    if (redirectURI == null)
      throw new ParseException("Missing \"redirect_uri\" parameter",
                         OAuth2Error.INVALID_REQUEST, clientID, null, state);


    ResponseType rt = ar.getResponseType();
   
    try {
      OIDCResponseTypeValidator.validate(rt);
     
    } catch (IllegalArgumentException e) {
     
      throw new ParseException("Unsupported \"response_type\" parameter: " + e.getMessage(),
                   OAuth2Error.UNSUPPORTED_RESPONSE_TYPE,
                   clientID, redirectURI, state);
    }
   
    // Required in OIDC, must include "openid" parameter
    Scope scope = ar.getScope();

    if (scope == null)
      throw new ParseException("Missing \"scope\" parameter",
                         OAuth2Error.INVALID_REQUEST,
                   clientID, redirectURI, state);

    if (! scope.contains(OIDCScopeValue.OPENID))
      throw new ParseException("The scope must include an \"openid\" token",
                         OAuth2Error.INVALID_REQUEST,
                   clientID, redirectURI, state);




    // Parse the remaining OIDC parameters
    Nonce nonce = Nonce.parse(params.get("nonce"));
   
    // Nonce required in implicit flow
    if (rt.impliesImplicitFlow() && nonce == null)
      throw new ParseException("Missing \"nonce\" parameter: Required in implicit flow",
                         OAuth2Error.INVALID_REQUEST,
                         clientID, redirectURI, state);
   
    Display display;
   
    try {
      display = Display.parse(params.get("display"));

    } catch (ParseException e) {

      throw new ParseException("Invalid \"display\" parameter: " + e.getMessage(),
                         OAuth2Error.INVALID_REQUEST,
                         clientID, redirectURI, state, e);
    }
   
   
    Prompt prompt;
   
    try {
      prompt = Prompt.parse(params.get("prompt"));
       
    } catch (ParseException e) {
     
      throw new ParseException("Invalid \"prompt\" parameter: " + e.getMessage(),
                         OAuth2Error.INVALID_REQUEST,
                         clientID, redirectURI, state, e);
    }


    String v = params.get("max_age");

    int maxAge = 0;

    if (StringUtils.isNotBlank(v)) {

      try {
        maxAge = Integer.parseInt(v);

      } catch (NumberFormatException e) {

        throw new ParseException("Invalid \"max_age\" parameter: " + e.getMessage(),
                           OAuth2Error.INVALID_REQUEST,
                           clientID, redirectURI, state, e);
      }
    }


    v = params.get("ui_locales");

    List<LangTag> uiLocales = null;

    if (StringUtils.isNotBlank(v)) {

      uiLocales = new LinkedList<>();

      StringTokenizer st = new StringTokenizer(v, " ");

      while (st.hasMoreTokens()) {

        try {
          uiLocales.add(LangTag.parse(st.nextToken()));

        } catch (LangTagException e) {

          throw new ParseException("Invalid \"ui_locales\" parameter: " + e.getMessage(),
                             OAuth2Error.INVALID_REQUEST,
                             clientID, redirectURI, state, e);
        }
      }
    }


    v = params.get("claims_locales");

    List<LangTag> claimsLocales = null;

    if (StringUtils.isNotBlank(v)) {

      claimsLocales = new LinkedList<>();

      StringTokenizer st = new StringTokenizer(v, " ");

      while (st.hasMoreTokens()) {

        try {
          claimsLocales.add(LangTag.parse(st.nextToken()));

        } catch (LangTagException e) {

          throw new ParseException("Invalid \"claims_locales\" parameter: " + e.getMessage(),
                             OAuth2Error.INVALID_REQUEST,
                             clientID, redirectURI, state, e);
        }
      }
    }


    v = params.get("id_token_hint");
   
    JWT idTokenHint = null;
   
    if (StringUtils.isNotBlank(v)) {
   
      try {
        idTokenHint = JWTParser.parse(v);
       
      } catch (java.text.ParseException e) {
   
        throw new ParseException("Invalid \"id_token_hint\" parameter: " + e.getMessage(),
                           OAuth2Error.INVALID_REQUEST,
                           clientID, redirectURI, state, e);
      }
    }

    String loginHint = params.get("login_hint");


    v = params.get("acr_values");

    List<ACR> acrValues = null;

    if (StringUtils.isNotBlank(v)) {

      acrValues = new LinkedList<>();

      StringTokenizer st = new StringTokenizer(v, " ");

      while (st.hasMoreTokens()) {

        acrValues.add(new ACR(st.nextToken()));
      }
    }


    v = params.get("claims");

    ClaimsRequest claims = null;

    if (StringUtils.isNotBlank(v)) {

      JSONObject jsonObject;

      try {
        jsonObject = JSONObjectUtils.parseJSONObject(v);

      } catch (ParseException e) {

        throw new ParseException("Invalid \"claims\" parameter: " + e.getMessage(),
                           OAuth2Error.INVALID_REQUEST,
                           clientID, redirectURI, state, e);
      }

      // Parse exceptions silently ignored
      claims = ClaimsRequest.parse(jsonObject);
    }
   
   
    v = params.get("request_uri");
   
    URI requestURI = null;
   
    if (StringUtils.isNotBlank(v)) {

      try {
        requestURI = new URI(v);
   
      } catch (URISyntaxException e) {
     
        throw new ParseException("Invalid \"request_uri\" parameter: " + e.getMessage(),
                           OAuth2Error.INVALID_REQUEST,
                           clientID, redirectURI, state, e);
      }
    }

    v = params.get("request");

    JWT requestObject = null;

    if (StringUtils.isNotBlank(v)) {

      // request_object and request_uri must not be defined at the same time
      if (requestURI != null) {

        throw new ParseException("Invalid request: Found mutually exclusive \"request\" and \"request_uri\" parameters",
                           OAuth2Error.INVALID_REQUEST,
                           clientID, redirectURI, state, null);
      }

      try {
        requestObject = JWTParser.parse(v);
       
      } catch (java.text.ParseException e) {
   
        throw new ParseException("Invalid \"request_object\" parameter: " + e.getMessage(),
                           OAuth2Error.INVALID_REQUEST,
                           clientID, redirectURI, state, e);
      }
    }
   
View Full Code Here

    throws ParseException {
   
    String query = httpRequest.getQuery();
   
    if (query == null)
      throw new ParseException("Missing URI query string");

    URI endpointURI;

    try {
      endpointURI = httpRequest.getURL().toURI();

    } catch (URISyntaxException e) {

      throw new ParseException(e.getMessage(), e);
    }
   
    return parse(endpointURI, query);
  }
View Full Code Here

        try {
          requestURIs.add(new URI(uriString));
         
        } catch (URISyntaxException e) {
         
          throw new ParseException("Invalid \"request_uris\" parameter");
        }
      }
     
      metadata.setRequestObjectURIs(requestURIs);
      oidcFields.remove("request_uris");
    }
   
    if (jsonObject.containsKey("request_object_signing_alg")) {
      metadata.setRequestObjectJWSAlg(new JWSAlgorithm(
        JSONObjectUtils.getString(jsonObject, "request_object_signing_alg")));

      oidcFields.remove("request_object_signing_alg");
    }

    if (jsonObject.containsKey("request_object_encryption_alg")) {
      metadata.setRequestObjectJWEAlg(new JWEAlgorithm(
        JSONObjectUtils.getString(jsonObject, "request_object_encryption_alg")));

      oidcFields.remove("request_object_encryption_alg");
    }

    if (jsonObject.containsKey("request_object_encryption_enc")) {
      metadata.setRequestObjectJWEEnc(new EncryptionMethod(
        JSONObjectUtils.getString(jsonObject, "request_object_encryption_enc")));

      oidcFields.remove("request_object_encryption_enc");
    }

    if (jsonObject.containsKey("token_endpoint_auth_signing_alg")) {
      metadata.setTokenEndpointAuthJWSAlg(new JWSAlgorithm(
        JSONObjectUtils.getString(jsonObject, "token_endpoint_auth_signing_alg")));

      oidcFields.remove("token_endpoint_auth_signing_alg");
    }

    if (jsonObject.containsKey("id_token_signed_response_alg")) {
      metadata.setIDTokenJWSAlg(new JWSAlgorithm(
        JSONObjectUtils.getString(jsonObject, "id_token_signed_response_alg")));

      oidcFields.remove("id_token_signed_response_alg");
    }

    if (jsonObject.containsKey("id_token_encrypted_response_alg")) {
      metadata.setIDTokenJWEAlg(new JWEAlgorithm(
        JSONObjectUtils.getString(jsonObject, "id_token_encrypted_response_alg")));

      oidcFields.remove("id_token_encrypted_response_alg");
    }

    if (jsonObject.containsKey("id_token_encrypted_response_enc")) {
      metadata.setIDTokenJWEEnc(new EncryptionMethod(
        JSONObjectUtils.getString(jsonObject, "id_token_encrypted_response_enc")));

      oidcFields.remove("id_token_encrypted_response_enc");
    }

    if (jsonObject.containsKey("userinfo_signed_response_alg")) {
      metadata.setUserInfoJWSAlg(new JWSAlgorithm(
        JSONObjectUtils.getString(jsonObject, "userinfo_signed_response_alg")));

      oidcFields.remove("userinfo_signed_response_alg");
    }

    if (jsonObject.containsKey("userinfo_encrypted_response_alg")) {
      metadata.setUserInfoJWEAlg(new JWEAlgorithm(
        JSONObjectUtils.getString(jsonObject, "userinfo_encrypted_response_alg")));

      oidcFields.remove("userinfo_encrypted_response_alg");
    }

    if (jsonObject.containsKey("userinfo_encrypted_response_enc")) {
      metadata.setUserInfoJWEEnc(new EncryptionMethod(
        JSONObjectUtils.getString(jsonObject, "userinfo_encrypted_response_enc")));

      oidcFields.remove("userinfo_encrypted_response_enc");
    }

    if (jsonObject.containsKey("default_max_age")) {
      metadata.setDefaultMaxAge(JSONObjectUtils.getInt(jsonObject, "default_max_age"));
      oidcFields.remove("default_max_age");
    }

    if (jsonObject.containsKey("require_auth_time")) {
      metadata.requiresAuthTime(JSONObjectUtils.getBoolean(jsonObject, "require_auth_time"));
      oidcFields.remove("require_auth_time");
    }

    if (jsonObject.containsKey("default_acr_values")) {

      List<ACR> acrValues = new LinkedList<>();

      for (String acrString: JSONObjectUtils.getStringArray(jsonObject, "default_acr_values"))
        acrValues.add(new ACR(acrString));

      metadata.setDefaultACRs(acrValues);

      oidcFields.remove("default_acr_values");
    }

    if (jsonObject.containsKey("initiate_login_uri")) {
      metadata.setInitiateLoginURI(JSONObjectUtils.getURI(jsonObject, "initiate_login_uri"));
      oidcFields.remove("initiate_login_uri");
    }

    if (jsonObject.containsKey("post_logout_redirect_uris")) {

      Set<URI> logoutURIs = new LinkedHashSet<>();

      for (String uriString: JSONObjectUtils.getStringArray(jsonObject, "post_logout_redirect_uris")) {

        try {
          logoutURIs.add(new URI(uriString));

        } catch (URISyntaxException e) {

          throw new ParseException("Invalid \"post_logout_redirect_uris\" parameter");
        }
      }

      metadata.setPostLogoutRedirectionURIs(logoutURIs);
      oidcFields.remove("post_logout_redirect_uris");
View Full Code Here

    try {
      return new UserInfo(jsonObject);

    } catch (IllegalArgumentException e) {

      throw new ParseException(e.getMessage(), e);
    }
  }
View Full Code Here

      try {
        stmt = SignedJWT.parse(JSONObjectUtils.getString(jsonObject, "software_statement"));

      } catch (java.text.ParseException e) {

        throw new ParseException("Invalid software statement JWT: " + e.getMessage());
      }

      // Prevent the JWT from appearing in the metadata
      jsonObject.remove("software_statement");
    }

    // Parse the client metadata
    OIDCClientMetadata metadata = OIDCClientMetadata.parse(jsonObject);

    // Parse the optional bearer access token
    BearerAccessToken accessToken = null;
   
    String authzHeaderValue = httpRequest.getAuthorization();
   
    if (StringUtils.isNotBlank(authzHeaderValue))
      accessToken = BearerAccessToken.parse(authzHeaderValue);

    try {
      URI endpointURI = httpRequest.getURL().toURI();

      return new OIDCClientRegistrationRequest(endpointURI, metadata, stmt, accessToken);

    } catch (URISyntaxException | IllegalArgumentException e) {

      throw new ParseException(e.getMessage(), e);
    }
  }
View Full Code Here

  @Override
  public void applyTo(final HTTPRequest httpRequest)
    throws SerializeException {
 
    if (httpRequest.getMethod() != HTTPRequest.Method.POST)
      throw new SerializeException("The HTTP request method must be POST");
   
    ContentType ct = httpRequest.getContentType();
   
    if (ct == null)
      throw new SerializeException("Missing HTTP Content-Type header");
   
    if (! ct.match(CommonContentTypes.APPLICATION_URLENCODED))
      throw new SerializeException("The HTTP Content-Type header must be " + CommonContentTypes.APPLICATION_URLENCODED);
   
    Map <String,String> params = httpRequest.getQueryParameters();
   
    params.putAll(toParameters());
   
View Full Code Here

    try {
      params.put("client_assertion", clientAssertion.serialize());
   
    } catch (IllegalStateException e) {
   
      throw new SerializeException("Couldn't serialize JWT to a client assertion string: " + e.getMessage(), e);
   
   
    params.put("client_assertion_type", CLIENT_ASSERTION_TYPE);
   
    return params;
View Full Code Here

  @Override
  public void applyTo(final HTTPRequest httpRequest)
    throws SerializeException {
   
    if (httpRequest.getMethod() != HTTPRequest.Method.POST)
      throw new SerializeException("The HTTP request method must be POST");
   
    ContentType ct = httpRequest.getContentType();
   
    if (ct == null)
      throw new SerializeException("Missing HTTP Content-Type header");
   
    if (! ct.match(CommonContentTypes.APPLICATION_URLENCODED))
      throw new SerializeException("The HTTP Content-Type header must be " + CommonContentTypes.APPLICATION_URLENCODED);
   
    Map <String,String> params = httpRequest.getQueryParameters();
   
    params.putAll(toParameters());
   
View Full Code Here

TOP

Related Classes of com.nimbusds.oauth2.sdk.ParseException

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.