Package org.jgrapes.webconlet.oidclogin

Class OidcClient

java.lang.Object

org.jgrapes.core.internal.ComponentVertex

org.jgrapes.core.Component

org.jgrapes.webconlet.oidclogin.OidcClient

All Implemented Interfaces:

Iterable<ComponentType>, Channel, ComponentType, Eligible, Manager

public class OidcClient
extends Component

Helper component for LoginConlet that handles the communication with the OIDC provider.

“OidcClient” is a bit of a misnomer because this class not only initiates requests to the OIDC provider but also serves the redirect URI that the provider uses as callback. However, the callback can be seen as the asynchronous response to the authentication request that the OidcClient sends initially, therefore the component primarily acts as a client nevertheless.

The component requires an HTTP connector (usually an instance of HttpConnector) to exist that handles the Request.Out events that this component fires. There must also be an HTTP server (usually an instance of HttpServer) that converts the provider’s calls to the redirect URI from the provider to a Request.In.Get event. Details about configuring the various channels used can be found in the description of the constructor.

The component has a single configuration property that sets the value of the redirect URI sent to the OIDC provider.

"...":
  "/OidcClient":
    redirectUri: "https://localhost:5443/vjconsole/oauth/callback"

While it is tempting to simply use as redirect URI the host/port from the HTTP server component together with the request path passed to the constructor, there are two reasons why the redirect URI has to be configured explicitly. First, the framework does not support querying the host/port properties from the server component. Second, and more import, the HTTP server component will often be placed behind a firewall or reverse proxy and therefore the URL that it serves will usually differ from the redirect URI sent to the OIDC provider.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	OidcClient.Configuration	The configuration information.

Nested classes/interfaces inherited from interface org.jgrapes.core.Channel

Channel.Default

Field Summary

Fields inherited from class org.jgrapes.core.Component

logger

Fields inherited from interface org.jgrapes.core.Channel

BROADCAST, SELF

Constructor Summary

Constructors

Constructor	Description
OidcClient(Channel componentChannel, Channel httpClientChannel, Channel httpServerChannel, URI redirectTarget, int priority)	Instantiates a new OIDC client.

Method Summary

Modifier and Type	Method	Description
void	onAuthCallback(Request.In.Get event, IOSubchannel channel)	On callback from the authorization request.
void	onConfigUpdate(ConfigurationUpdate event)	The component can be configured with events that include a path (see @link ConfigurationUpdate.paths()) that matches this components path (see Manager.componentPath()).
void	onConnected(HttpConnected event, IOSubchannel clientChannel)	Invoked when the connection to the provider has been established.
void	onDataInput(DataInput<Map<String,Object>> event, IOSubchannel clientChannel)	On data input.
void	onInput(Input<ByteBuffer> event, IOSubchannel clientChannel)	Collect and process input from the provider.
void	onResponse(Response response, IOSubchannel clientChannel)	Invoked when a response is received from the provider.
void	onStartProviderLogin(StartOidcLogin event)	On start provider login.

Methods inherited from class org.jgrapes.core.Component

channel, component, defaultCriterion, isEligibleFor, setName

Methods inherited from class org.jgrapes.core.internal.ComponentVertex

activeEventPipeline, addHandler, attach, channelReplacements, children, componentPath, componentVertex, detach, fire, initComponentsHandlers, iterator, name, newEventPipeline, newEventPipeline, parent, registerAsGenerator, root, toString, unregisterAsGenerator

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface java.lang.Iterable

forEach, spliterator

Methods inherited from interface org.jgrapes.core.Manager

stream

Constructor Details

OidcClient

public OidcClient(Channel componentChannel,
 Channel httpClientChannel,
 Channel httpServerChannel,
 URI redirectTarget,
 int priority)

Instantiates a new OIDC client.

The OIDC uses three channels.

• It is a helper component for the LoginConlet and therefore uses its “primary” (component) channel to exchange events with the conlet.

• It uses the httpClientChannel to accesses the provider as client, i.e. when it fires Request.Out events to obtain information from the provider.

• It defines a request handler that listens on the httpServerChannel for handling the authorization callback from the provider.

Parameters:

componentChannel - the component’s channel

httpClientChannel - the channel used for connecting the provider

httpServerChannel - the channel used by some HttpServer to send the Request.In events from the provider callback

redirectTarget - defines the path handled by onAuthCallback(org.jgrapes.http.events.Request.In.Get, org.jgrapes.io.IOSubchannel)

priority - the priority of the onAuthCallback(org.jgrapes.http.events.Request.In.Get, org.jgrapes.io.IOSubchannel) handler. Must be higher than the default priority of request handlers if the callback URL uses a sub-path of the web console’s URL.

Method Details

onConfigUpdate

@Handler
public void onConfigUpdate(ConfigurationUpdate event)

The component can be configured with events that include a path (see @link ConfigurationUpdate.paths()) that matches this components path (see Manager.componentPath()).

The following properties are recognized:

redirectUri

The redirect URI as defined in the OIDC provider.

Parameters:

event - the event

onStartProviderLogin

@Handler
public void onStartProviderLogin(StartOidcLogin event)
                          throws URISyntaxException

On start provider login.

Parameters:

event - the event

Throws:

URISyntaxException

onConnected

@Handler(channels=org.jgrapes.webconlet.oidclogin.OidcClient.HttpClientChannel.class)
public void onConnected(HttpConnected event,
 IOSubchannel clientChannel)

Invoked when the connection to the provider has been established.

Parameters:

event - the event

clientChannel - the client channel

onResponse

@Handler(channels=org.jgrapes.webconlet.oidclogin.OidcClient.HttpClientChannel.class)
public void onResponse(Response response,
 IOSubchannel clientChannel)
                throws URISyntaxException

Invoked when a response is received from the provider.

Parameters:

response - the response

clientChannel - the client channel

Throws:

URISyntaxException

onInput

@Handler(channels=org.jgrapes.webconlet.oidclogin.OidcClient.HttpClientChannel.class)
public void onInput(Input<ByteBuffer> event,
 IOSubchannel clientChannel)
             throws IOException

Collect and process input from the provider.

Parameters:

event - the event

clientChannel - the client channel

Throws:

IOException - Signals that an I/O exception has occurred.

onDataInput

@Handler(channels=org.jgrapes.webconlet.oidclogin.OidcClient.HttpClientChannel.class)
public void onDataInput(DataInput<Map<String,Object>> event,
 IOSubchannel clientChannel)
                 throws MalformedURLException,
URISyntaxException,
com.fasterxml.jackson.databind.JsonMappingException,
com.fasterxml.jackson.core.JsonProcessingException

On data input.

Parameters:

event - the event

clientChannel - the client channel

Throws:

MalformedURLException - the malformed URL exception

URISyntaxException - the URI syntax exception

com.fasterxml.jackson.core.JsonProcessingException

com.fasterxml.jackson.databind.JsonMappingException

onAuthCallback

@RequestHandler(channels=org.jgrapes.webconlet.oidclogin.OidcClient.HttpServerChannel.class,
                dynamic=true)
public void onAuthCallback(Request.In.Get event,
 IOSubchannel channel)

On callback from the authorization request.

(Path selector defined in constructor.)

Parameters:

event - the event

channel - the channel