|
@@ -39,24 +39,7 @@ public class ProcessLtiMessage implements Action<ModelAndView> {
|
|
|
var clientId = jwt.getClaim("aud").asString();
|
|
|
|
|
|
var toolRegistration = registry.clientRegistrationResolver().lookupClient(issuer, clientId);
|
|
|
- var claims = new HashMap<>();
|
|
|
-
|
|
|
- if (toolRegistration.isPresent()) {
|
|
|
-
|
|
|
- var clientConfiguration = toolRegistration.get();
|
|
|
- var adapter = JWKBasedJwtToMapAdapter.builder()
|
|
|
- .jwksUrl(clientConfiguration.getJwksUrl())
|
|
|
- .skipVerification(clientConfiguration.isSkipVerification())
|
|
|
- .build();
|
|
|
- try {
|
|
|
- claims.putAll(adapter.decode(token));
|
|
|
- } catch (DecodeException e) {
|
|
|
-
|
|
|
- claims.put("error", "cannot verify token because of: " + e.toString());
|
|
|
- }
|
|
|
- } else {
|
|
|
- claims.put("error", "cannot find client for " + issuer + " client-id " + clientId);
|
|
|
- }
|
|
|
+ var claims = decodeToken(token, issuer, clientId, toolRegistration);
|
|
|
|
|
|
|
|
|
var messageType = String.valueOf(claims.get(CLAIM_MESSAGE_TYPE));
|
|
@@ -83,4 +66,35 @@ public class ProcessLtiMessage implements Action<ModelAndView> {
|
|
|
throw new IllegalStateException("Unexpected value: " + messageType);
|
|
|
};
|
|
|
}
|
|
|
+
|
|
|
+
|
|
|
+ * This method using info tool configuration for jwks etc
|
|
|
+ *
|
|
|
+ * @param token token to decode
|
|
|
+ * @param issuer who the issuer was
|
|
|
+ * @param clientId the client id
|
|
|
+ * @param toolRegistration the tool configguration
|
|
|
+ * @return
|
|
|
+ */
|
|
|
+ private HashMap<Object, Object> decodeToken(String token, String issuer, String clientId, java.util.Optional<riomhaire.lti.model.ClientConfiguration> toolRegistration) {
|
|
|
+ var claims = new HashMap<>();
|
|
|
+
|
|
|
+ if (toolRegistration.isPresent()) {
|
|
|
+
|
|
|
+ var clientConfiguration = toolRegistration.get();
|
|
|
+ var adapter = JWKBasedJwtToMapAdapter.builder()
|
|
|
+ .jwksUrl(clientConfiguration.getJwksUrl())
|
|
|
+ .skipVerification(clientConfiguration.isSkipVerification())
|
|
|
+ .build();
|
|
|
+ try {
|
|
|
+ claims.putAll(adapter.decode(token));
|
|
|
+ } catch (DecodeException e) {
|
|
|
+
|
|
|
+ claims.put("error", "cannot verify token because of: " + e.toString());
|
|
|
+ }
|
|
|
+ } else {
|
|
|
+ claims.put("error", "cannot find client for " + issuer + " client-id " + clientId);
|
|
|
+ }
|
|
|
+ return claims;
|
|
|
+ }
|
|
|
}
|