Browse Source

Extracted out decode step

gremlin 4 years ago
parent
commit
30435034d3
1 changed files with 32 additions and 18 deletions
  1. 32 18
      src/main/java/riomhaire/lti/business/actions/ProcessLtiMessage.java

+ 32 - 18
src/main/java/riomhaire/lti/business/actions/ProcessLtiMessage.java

@@ -39,24 +39,7 @@ public class ProcessLtiMessage implements Action<ModelAndView> {
         var clientId = jwt.getClaim("aud").asString();
 
         var toolRegistration = registry.clientRegistrationResolver().lookupClient(issuer, clientId);
-        var claims = new HashMap<>();
-
-        if (toolRegistration.isPresent()) {
-            // Validate JWT to verify its by who they say they are
-            var clientConfiguration = toolRegistration.get();
-            var adapter = JWKBasedJwtToMapAdapter.builder()
-                    .jwksUrl(clientConfiguration.getJwksUrl())
-                    .skipVerification(clientConfiguration.isSkipVerification())
-                    .build();
-            try {
-                claims.putAll(adapter.decode(token));
-            } catch (DecodeException e) {
-                // OK not valid
-                claims.put("error", "cannot verify token because of: " + e.toString());
-            }
-        } else {
-            claims.put("error", "cannot find client for " + issuer + "  client-id " + clientId);
-        }
+        var claims = decodeToken(token, issuer, clientId, toolRegistration);
 //
         // OK based off of the message delegate to the right sub-action
         var messageType = String.valueOf(claims.get(CLAIM_MESSAGE_TYPE));
@@ -83,4 +66,35 @@ public class ProcessLtiMessage implements Action<ModelAndView> {
                 throw new IllegalStateException("Unexpected value: " + messageType);
         };
     }
+
+    /**
+     * This method using info tool configuration for jwks etc
+     *
+     * @param token  token to decode
+     * @param issuer    who the issuer was
+     * @param clientId   the client id
+     * @param toolRegistration  the tool configguration
+     * @return
+     */
+    private HashMap<Object, Object> decodeToken(String token, String issuer, String clientId, java.util.Optional<riomhaire.lti.model.ClientConfiguration> toolRegistration) {
+        var claims = new HashMap<>();
+
+        if (toolRegistration.isPresent()) {
+            // Validate JWT to verify its by who they say they are
+            var clientConfiguration = toolRegistration.get();
+            var adapter = JWKBasedJwtToMapAdapter.builder()
+                    .jwksUrl(clientConfiguration.getJwksUrl())
+                    .skipVerification(clientConfiguration.isSkipVerification())
+                    .build();
+            try {
+                claims.putAll(adapter.decode(token));
+            } catch (DecodeException e) {
+                // OK not valid
+                claims.put("error", "cannot verify token because of: " + e.toString());
+            }
+        } else {
+            claims.put("error", "cannot find client for " + issuer + "  client-id " + clientId);
+        }
+        return claims;
+    }
 }