@@ -3,12 +3,17 @@ package no.nav.security.mock.oauth2.token
3
3
import com.nimbusds.jose.JOSEObjectType
4
4
import com.nimbusds.oauth2.sdk.GrantType
5
5
import com.nimbusds.oauth2.sdk.TokenRequest
6
+ import kotlinx.serialization.json.Json
7
+ import kotlinx.serialization.json.JsonArray
8
+ import kotlinx.serialization.json.JsonObject
9
+ import kotlinx.serialization.json.JsonPrimitive
6
10
import no.nav.security.mock.oauth2.extensions.clientIdAsString
7
11
import no.nav.security.mock.oauth2.extensions.grantType
8
12
import no.nav.security.mock.oauth2.extensions.scopesWithoutOidcScopes
9
13
import no.nav.security.mock.oauth2.extensions.tokenExchangeGrantOrNull
14
+ import no.nav.security.mock.oauth2.http.objectMapper
10
15
import java.time.Duration
11
- import java.util.UUID
16
+ import java.util.*
12
17
13
18
interface OAuth2TokenCallback {
14
19
fun issuerId (): String
@@ -26,49 +31,49 @@ interface OAuth2TokenCallback {
26
31
27
32
// TODO: for JwtBearerGrant and TokenExchange should be able to ovverride sub, make sub nullable and return some default
28
33
open class DefaultOAuth2TokenCallback
29
- @JvmOverloads
30
- constructor (
31
- private val issuerId: String = " default" ,
32
- private val subject: String = UUID .randomUUID().toString(),
33
- private val typeHeader: String = JOSEObjectType .JWT .type,
34
- // needs to be nullable in order to know if a list has explicitly been set, empty list should be a allowable value
35
- private val audience: List <String >? = null ,
36
- private val claims: Map <String , Any > = emptyMap(),
37
- private val expiry: Long = 3600 ,
38
- ) : OAuth2TokenCallback {
39
- override fun issuerId (): String = issuerId
40
-
41
- override fun subject (tokenRequest : TokenRequest ): String {
42
- return when (GrantType .CLIENT_CREDENTIALS ) {
43
- tokenRequest.grantType() -> tokenRequest.clientIdAsString()
44
- else -> subject
45
- }
46
- }
34
+ @JvmOverloads
35
+ constructor (
36
+ private val issuerId: String = " default" ,
37
+ private val subject: String = UUID .randomUUID().toString(),
38
+ private val typeHeader: String = JOSEObjectType .JWT .type,
39
+ // needs to be nullable in order to know if a list has explicitly been set, empty list should be a allowable value
40
+ private val audience: List <String >? = null ,
41
+ private val claims: Map <String , Any > = emptyMap(),
42
+ private val expiry: Long = 3600 ,
43
+ ) : OAuth2TokenCallback {
44
+ override fun issuerId (): String = issuerId
47
45
48
- override fun typeHeader (tokenRequest : TokenRequest ): String {
49
- return typeHeader
46
+ override fun subject (tokenRequest : TokenRequest ): String {
47
+ return when (GrantType .CLIENT_CREDENTIALS ) {
48
+ tokenRequest.grantType() -> tokenRequest.clientIdAsString()
49
+ else -> subject
50
50
}
51
+ }
51
52
52
- override fun audience (tokenRequest : TokenRequest ): List <String > {
53
- val audienceParam = tokenRequest.tokenExchangeGrantOrNull()?.audience
54
- return when {
55
- audience != null -> audience
56
- audienceParam != null -> audienceParam
57
- tokenRequest.scope != null -> tokenRequest.scopesWithoutOidcScopes()
58
- else -> listOf (" default" )
59
- }
53
+ override fun typeHeader (tokenRequest : TokenRequest ): String {
54
+ return typeHeader
55
+ }
56
+
57
+ override fun audience (tokenRequest : TokenRequest ): List <String > {
58
+ val audienceParam = tokenRequest.tokenExchangeGrantOrNull()?.audience
59
+ return when {
60
+ audience != null -> audience
61
+ audienceParam != null -> audienceParam
62
+ tokenRequest.scope != null -> tokenRequest.scopesWithoutOidcScopes()
63
+ else -> listOf (" default" )
60
64
}
65
+ }
61
66
62
- override fun addClaims (tokenRequest : TokenRequest ): Map <String , Any > =
63
- mutableMapOf<String , Any >(
64
- " tid" to issuerId,
65
- ).apply {
66
- putAll(claims)
67
- put(" azp" , tokenRequest.clientIdAsString())
68
- }
67
+ override fun addClaims (tokenRequest : TokenRequest ): Map <String , Any > =
68
+ mutableMapOf<String , Any >(
69
+ " tid" to issuerId,
70
+ ).apply {
71
+ putAll(claims)
72
+ put(" azp" , tokenRequest.clientIdAsString())
73
+ }
69
74
70
- override fun tokenExpiry (): Long = expiry
71
- }
75
+ override fun tokenExpiry (): Long = expiry
76
+ }
72
77
73
78
data class RequestMappingTokenCallback (
74
79
val issuerId : String ,
@@ -96,16 +101,44 @@ data class RequestMappingTokenCallback(
96
101
}).toMap() + mapOf (" clientId" to tokenRequest.clientIdAsString())
97
102
98
103
return claims.mapValues { (_, value) ->
99
- when (value) {
100
- is String -> replaceVariables(value, params)
101
- is List <* > ->
102
- value.map { v ->
103
- if (v is String ) {
104
- replaceVariables(v, params)
104
+ val v = objectMapper.writeValueAsString(value)
105
+ val jsonElement = Json .parseToJsonElement(v)
106
+ when (jsonElement) {
107
+ is JsonPrimitive ->
108
+ if (jsonElement.isString) {
109
+ replaceVariables(jsonElement.content, params)
110
+ } else {
111
+ jsonElement.content
112
+ }
113
+
114
+ is JsonObject -> {
115
+ jsonElement.mapValues { (_, value) ->
116
+ if (value is JsonPrimitive ) {
117
+ replaceVariables(value.content, params)
118
+ } else if (value is JsonArray )
119
+ value.map { element ->
120
+ if (element is JsonPrimitive ) {
121
+ replaceVariables(element.content, params)
122
+ } else {
123
+ element
124
+ }
125
+ }
126
+ else {
127
+ value
128
+ }
129
+ }
130
+ }
131
+
132
+ is JsonArray -> {
133
+ jsonElement.map { element ->
134
+ if (element is JsonPrimitive ) {
135
+ replaceVariables(element.content, params)
105
136
} else {
106
- v
137
+ element
107
138
}
108
139
}
140
+ }
141
+
109
142
else -> value
110
143
}
111
144
}
@@ -122,11 +155,8 @@ data class RequestMappingTokenCallback(
122
155
input : String ,
123
156
replacements : Map <String , String >,
124
157
): String {
125
- val pattern = Regex (""" \$\{(\w+)}""" )
126
- return pattern.replace(input) { result ->
127
- val variableName = result.groupValues[1 ]
128
- val replacement = replacements[variableName]
129
- replacement ? : result.value
158
+ return replacements.entries.fold(input) { acc, (key, value) ->
159
+ acc.replace(" \$ {$key }" , value)
130
160
}
131
161
}
132
162
}
0 commit comments