Class OidcUserInfoEndpoint
The UserInfo Endpoint is an OAuth 2.0 Protected Resource that returns Claims about the
authenticated End-User. To obtain the requested Claims about the End-User, the Client makes a
request to the UserInfo Endpoint using an Access Token
obtained through OpenID Connect
Authentication. These Claims are normally represented by a JSON object that contains a collection
of name and value pairs for the Claims.
One can use setScopeToken to map claims to a scopeToken. The value of these claims will be
retrieved using the AbstractUserDatabase#idpJsonClaim()
function.
You can look at http://openid.net/specs/openid-connect-core-1_0.html#UserInfo for more information.
This endpoint is implemented as a WResource
, so it's usually deployed using
WServer#addResource()
.
This class relies on the implementation of several functions in the AbstractUserDatabase
. Namely AbstractUserDatabase#idpJsonClaim()
, AbstractUserDatabase#idpTokenFindWithValue()
, AbstractUserDatabase#idpTokenUser()
, and
AbstractUserDatabase#idpTokenScope()
.
Must be deployed using TLS.
-
Nested Class Summary
Nested classes/interfaces inherited from class eu.webtoolkit.jwt.WResource
WResource.DispositionType
Nested classes/interfaces inherited from class eu.webtoolkit.jwt.WObject
WObject.FormData
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionprotected com.google.gson.JsonObject
generateUserInfo
(User user, Set<String> scope) Generates the JSON containing the claims for the given scope.Retrieves the set of claims that has been mapped to the given scope token.void
handleRequest
(WebRequest request, WebResponse response) Handles a request.void
setScopeToken
(String scopeToken, Set<String> claims) Maps the given scope token to the given set of claims.Methods inherited from class eu.webtoolkit.jwt.WResource
dataChanged, dataExceeded, dataReceived, generateUrl, getDispositionType, getInternalPath, getSuggestedFileName, getUrl, getVersion, incrementVersion, isInvalidAfterChanged, setChanged, setDispositionType, setInternalPath, setInvalidAfterChanged, setTakesUpdateLock, setUploadProgress, suggestFileName, suggestFileName, takesUpdateLock, write, write
Methods inherited from class eu.webtoolkit.jwt.WObject
getId, getObjectName, remove, setFormData, setObjectName, tr
-
Constructor Details
-
OidcUserInfoEndpoint
Constructor.
-
-
Method Details
-
handleRequest
Description copied from class:WResource
Handles a request.Reimplement this method so that a proper response is generated for the given request. From the request object you can access request parameters and whether the request is a continuation request. In the response object, you should set the mime type and stream the output data.
- Specified by:
handleRequest
in classWResource
- Parameters:
request
- The request informationresponse
- The response object
-
setScopeToken
Maps the given scope token to the given set of claims.The value of these claims will be retrieved from the
AbstractUserDatabase
using theAbstractUserDatabase#idpJsonClaim()
function.At construction, the following default scopes are automatically populated: profile . {name} and email . {email, email_verified}
A scope can be erased by setting it to an empty set of claims.
-
getScopeTokens
Retrieves the set of claims that has been mapped to the given scope token. -
generateUserInfo
Generates the JSON containing the claims for the given scope.Can be overridden, but by default it uses the configured mapping set by setScopeToken, and
AbstractUserDatabase#idpJsonClaim()
.
-