[sling-whiteboard] 03/04: oidc-rp: add API for extracting the id token

Thu, 06 Jul 2023 04:30:47 -0700 

This is an automated email from the ASF dual-hosted git repository.

rombert pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-whiteboard.git

commit f45f2c49af17c0dc872cde0277f85485f6c4a585
Author: Robert Munteanu <romb...@apache.org>
AuthorDate: Thu Jul 6 14:00:57 2023 +0300

    oidc-rp: add API for extracting the id token
---
 .../servlets/oidc_rp/OidcConnectionFinder.java     |  4 ++--
 .../oidc_rp/impl/OidcConnectionFinderImpl.java     | 12 ++++++++++-
 .../oidc_rp/impl/OidcConnectionFinderImplTest.java | 24 ++++++++++++++++++++++
 3 files changed, 37 insertions(+), 3 deletions(-)

diff --git 
a/org.apache.sling.servlets.oidc-rp/src/main/java/org/apache/sling/servlets/oidc_rp/OidcConnectionFinder.java
 
b/org.apache.sling.servlets.oidc-rp/src/main/java/org/apache/sling/servlets/oidc_rp/OidcConnectionFinder.java
index 8d5dbb52..bcfc14d2 100644
--- 
a/org.apache.sling.servlets.oidc-rp/src/main/java/org/apache/sling/servlets/oidc_rp/OidcConnectionFinder.java
+++ 
b/org.apache.sling.servlets.oidc-rp/src/main/java/org/apache/sling/servlets/oidc_rp/OidcConnectionFinder.java
@@ -43,7 +43,7 @@ public interface OidcConnectionFinder {
     
     OidcToken getRefreshToken(OidcConnection connection, ResourceResolver 
resolver);
     
-    void persistTokens(OidcConnection connection, ResourceResolver resolver, 
OidcTokens tokens);
+    OidcToken getIdToken(OidcConnection connection, ResourceResolver resolver);
     
-    /* TODO OidcToken getUserToken(OidcConnection connection, ResourceResolver 
resolver); */
+    void persistTokens(OidcConnection connection, ResourceResolver resolver, 
OidcTokens tokens);
 }
diff --git 
a/org.apache.sling.servlets.oidc-rp/src/main/java/org/apache/sling/servlets/oidc_rp/impl/OidcConnectionFinderImpl.java
 
b/org.apache.sling.servlets.oidc-rp/src/main/java/org/apache/sling/servlets/oidc_rp/impl/OidcConnectionFinderImpl.java
index cc622ec3..a694db4d 100644
--- 
a/org.apache.sling.servlets.oidc-rp/src/main/java/org/apache/sling/servlets/oidc_rp/impl/OidcConnectionFinderImpl.java
+++ 
b/org.apache.sling.servlets.oidc-rp/src/main/java/org/apache/sling/servlets/oidc_rp/impl/OidcConnectionFinderImpl.java
@@ -100,6 +100,17 @@ public class OidcConnectionFinderImpl implements 
OidcConnectionFinder, OidcConne
         }
     }
     
+    @Override
+    public OidcToken getIdToken(OidcConnection connection, ResourceResolver 
resolver) {
+        try {
+            User user = resolver.adaptTo(User.class);
+            
+            return getToken(connection, user, PROPERTY_NAME_ID_TOKEN);
+        } catch (RepositoryException e) {
+            throw new RuntimeException(e);
+        }
+    }
+    
     @Override
     public void persistTokens(OidcConnection connection, ResourceResolver 
resolver, OIDCTokens tokens) {
         persistTokens0(connection, resolver, tokens);
@@ -168,5 +179,4 @@ public class OidcConnectionFinderImpl implements 
OidcConnectionFinder, OidcConne
     private String nodePath(OidcConnection connection) {
         return "oidc-tokens/" + connection.name();
     }
-
 }
diff --git 
a/org.apache.sling.servlets.oidc-rp/src/test/java/org/apache/sling/servlets/oidc_rp/impl/OidcConnectionFinderImplTest.java
 
b/org.apache.sling.servlets.oidc-rp/src/test/java/org/apache/sling/servlets/oidc_rp/impl/OidcConnectionFinderImplTest.java
index f64b54cb..5383969f 100644
--- 
a/org.apache.sling.servlets.oidc-rp/src/test/java/org/apache/sling/servlets/oidc_rp/impl/OidcConnectionFinderImplTest.java
+++ 
b/org.apache.sling.servlets.oidc-rp/src/test/java/org/apache/sling/servlets/oidc_rp/impl/OidcConnectionFinderImplTest.java
@@ -161,7 +161,31 @@ class OidcConnectionFinderImplTest {
             .extracting( OidcToken::getState )
             .isEqualTo( OidcTokenState.MISSING);
     }
+    
+    @Test
+    void getIdToken_missing() {
+        OidcConnectionFinderImpl connectionFinder = new 
OidcConnectionFinderImpl();
+        
+        OidcToken refreshToken = connectionFinder.getIdToken(connection, 
context.resourceResolver());
+        assertThat(refreshToken).as("id token")
+            .isNotNull()
+            .extracting( OidcToken::getState )
+            .isEqualTo( OidcTokenState.MISSING);
+    }
 
+    @Test
+    void getIdToken_valid() {
+        OIDCTokens tokens = new OIDCTokens(new PlainJWT(new 
JWTClaimsSet.Builder().issuer("example.com").build()), new 
BearerAccessToken(12), null);
+        OidcConnectionFinderImpl connectionFinder = new 
OidcConnectionFinderImpl();
+        connectionFinder.persistTokens(connection, context.resourceResolver(), 
tokens);
+        
+        OidcToken refreshToken = connectionFinder.getIdToken(connection, 
context.resourceResolver());
+        assertThat(refreshToken).as("id token")
+            .isNotNull()
+            .extracting( OidcToken::getState, OidcToken::getValue )
+            .containsExactly( OidcTokenState.VALID, tokens.getIDTokenString() 
);
+    }
+    
     private Resource getConnectionResource(OidcConnection connection) throws 
RepositoryException {
         String userPath = 
context.resourceResolver().adaptTo(User.class).getPath();
         Resource userHomeResource = 
context.resourceResolver().getResource(userPath);

Reply via email to