Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Changes related to step up auth in guardio billing app #482

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

Changes related to step up auth in guardio billing app #482

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
42 changes: 35 additions & 7 deletions ...oidc-sso-sample/pickup-dispatch/src/main/org/wso2/sample/identity/oauth2/CommonUtils.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@ public static JSONObject responseToJson(final OAuthClientResponse oAuthResponse)

JSONObject obj = new JSONObject();
obj.append("status-code", "200");
obj.append("scope", oAuthResponse.getParam("scope"));
obj.append("id_token", oAuthResponse.getParam("id_token"));
obj.append("access_token", oAuthResponse.getParam("access_token"));
return obj;
Expand Down Expand Up @@ -95,13 +96,13 @@ public static void getToken(final HttpServletRequest request, final HttpServletR

final TokenData storedTokenData;

if (appIdCookie.isPresent()) {
storedTokenData = TOKEN_STORE.get(appIdCookie.get().getValue());
if (storedTokenData != null) {
setTokenDataToSession(session, storedTokenData);
return;
}
}
// if (appIdCookie.isPresent()) {
// storedTokenData = TOKEN_STORE.get(appIdCookie.get().getValue());
// if (storedTokenData != null) {
// setTokenDataToSession(session, storedTokenData);
// return;
// }
// }

final String authzCode = request.getParameter("code");

Expand All @@ -112,13 +113,40 @@ public static void getToken(final HttpServletRequest request, final HttpServletR
final OAuthClientRequest.TokenRequestBuilder oAuthTokenRequestBuilder =
new OAuthClientRequest.TokenRequestBuilder(properties.getProperty("tokenEndpoint"));

// Get all cookies from the request
Cookie[] cookies = request.getCookies();

String pkceCookieValue = "";

// Check if any cookies are present
if (cookies != null) {
for (Cookie cookie : cookies) {
// Find the specific cookie by name
if ("code_verifier".equals(cookie.getName())) {
pkceCookieValue = cookie.getValue();
// Remove the cookie once the value is obtained.
cookie.setMaxAge(0);
break;
}
}
}

// Display the cookie value
if (pkceCookieValue != null) {
System.out.println("Value of 'cookieName': " + pkceCookieValue);
} else {
System.out.println("Cookie 'cookieName' not found.");
}

final OAuthClientRequest accessRequest = oAuthTokenRequestBuilder.setGrantType(GrantType.AUTHORIZATION_CODE)
.setClientId(properties.getProperty("consumerKey"))
.setClientSecret(properties.getProperty("consumerSecret"))
.setRedirectURI(properties.getProperty("callBackUrl"))
.setCode(authzCode)
.setParameter("code_verifier", pkceCookieValue)
.buildBodyMessage();


//create OAuth client that uses custom http client under the hood
final OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());
final JSONObject requestObject = requestToJson(accessRequest);
Expand Down
Loading