All Downloads are FREE. Search and download functionalities are using the official Maven repository.

leap.oauth2.server.endpoint.JwkEndpoint Maven / Gradle / Ivy

There is a newer version: 0.7.13b
Show newest version
/*
 *
 *  * Copyright 2013 the original author or authors.
 *  *
 *  * Licensed under the Apache License, Version 2.0 (the "License");
 *  * you may not use this file except in compliance with the License.
 *  * You may obtain a copy of the License at
 *  *
 *  *      http://www.apache.org/licenses/LICENSE-2.0
 *  *
 *  * Unless required by applicable law or agreed to in writing, software
 *  * distributed under the License is distributed on an "AS IS" BASIS,
 *  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  * See the License for the specific language governing permissions and
 *  * limitations under the License.
 *
 */

package leap.oauth2.server.endpoint;

import leap.core.annotation.ConfigProperty;
import leap.core.annotation.Configurable;
import leap.core.annotation.Inject;
import leap.core.security.token.jwt.JwtSigner;
import leap.core.validation.annotations.NotNull;
import leap.oauth2.server.endpoint.jwks.JwkToken;
import leap.oauth2.server.endpoint.jwks.JwkWriter;
import leap.web.*;
import leap.web.route.Routes;

import java.util.stream.Stream;

/**
 * support jwk specification, compatible spring oauth2 config.
 *
 * @author kael.
 * @see OAuth2 Autoconfig
 * 

* this endpoint will be call when use spring security.oauth2.resource.jwt.key-uri configuration. */ @Configurable(prefix = "oauth2.as.jwks") public class JwkEndpoint extends AbstractAuthzEndpoint implements Endpoint, Handler { @ConfigProperty(key = "jwkPath", defaultValue = "/oauth2/token_key") private String[] jwkPath; private @Inject JwtSigner signer; private @Inject(name = "oauth2PublicKey") @NotNull JwkToken oauth2PublicKey; @Override public void startEndpoint(App app, Routes routes) throws Throwable { if (config.isEnabled()) { Stream.of(jwkPath).distinct().forEach(s -> { sc.ignore(s); routes.create() .handle(s, this).disableCsrf().enableCors() .apply(); }); } } @Override public void handle(Request request, Response response) throws Throwable { JwkWriter.create(request).write(oauth2PublicKey); } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy