verified id token stored as message

jalauros · jalauros · commit 5508eef416b3 · 2018-10-03T16:39:13.000+03:00
diff --git a/src/main/java/org/oidc/msg/oidc/AccessTokenResponse.java b/src/main/java/org/oidc/msg/oidc/AccessTokenResponse.java
@@ -55,6 +55,8 @@ public class AccessTokenResponse extends org.oidc.msg.oauth2.AccessTokenResponse
   private String issuer;
   /** Client ID to match the response to. */
   private String clientId;
+  /** Verified id token.*/
+  private IDToken verifiedIdToken;
 
   { // Set parameter requirements for message.
     paramVerDefs.put("id_token", ParameterVerification.SINGLE_OPTIONAL_JWT.getValue());
@@ -76,6 +78,14 @@ public AccessTokenResponse() {
   public AccessTokenResponse(Map<String, Object> claims) {
     super(claims);
   }
+  
+  /**
+   * Get verified id token.
+   * @return verified id token
+   */
+  public IDToken getVerifiedIdToken() {
+    return verifiedIdToken;
+  }
 
   /**
    * Set the allowed id token encryption key transport algorithm.
@@ -209,6 +219,7 @@ protected void doVerify() {
             getError().getDetails().add(details);
           }
         }
+        verifiedIdToken = idToken;
       } catch (DeserializationException | JWTDecodeException e) {
         getError().getDetails().add(new ErrorDetails("id_token", ErrorType.INVALID_VALUE_FORMAT,
             "Unable to verify id token signature", e));
diff --git a/src/main/java/org/oidc/msg/oidc/AuthenticationResponse.java b/src/main/java/org/oidc/msg/oidc/AuthenticationResponse.java
@@ -56,6 +56,8 @@ public class AuthenticationResponse extends AuthorizationResponse {
   private String encEnc;
   /** the allowed id token signing algorithm. */
   private String sigAlg;
+  /** Verified id token. */
+  private IDToken verifiedIdToken;
 
   {
     paramVerDefs.put("access_token", ParameterVerification.SINGLE_OPTIONAL_STRING.getValue());
@@ -90,6 +92,15 @@ public AuthenticationResponse(Map<String, Object> claims) {
     super(claims);
   }
 
+  /**
+   * Get verified id token.
+   * 
+   * @return verified id token
+   */
+  public IDToken getVerifiedIdToken() {
+    return verifiedIdToken;
+  }
+
   /**
    * Set the allowed id token encryption key transport algorithm.
    * 
@@ -211,6 +222,7 @@ protected void doVerify() {
             getError().getDetails().add(details);
           }
         }
+        verifiedIdToken = idToken;
       } catch (DeserializationException | JWTDecodeException e) {
         getError().getDetails().add(new ErrorDetails("id_token", ErrorType.INVALID_VALUE_FORMAT,
             "Unable to verify id token signature", e));
diff --git a/src/test/java/org/oidc/msg/oidc/AccessTokenResponseTest.java b/src/test/java/org/oidc/msg/oidc/AccessTokenResponseTest.java
@@ -54,6 +54,7 @@ public void testValidIdToken() throws InvalidClaimException, IllegalArgumentExce
     Assert.assertEquals("mockToken", message.getClaims().get("access_token"));
     Assert.assertEquals("mockType", message.getClaims().get("token_type"));
     Assert.assertEquals(jwt, message.getClaims().get("id_token"));
+    Assert.assertNotNull(message.getVerifiedIdToken());
   }
 
   @Test
@@ -62,6 +63,7 @@ public void testInvalidIdToken() throws InvalidClaimException {
     message.addClaim("token_type", "mockType");
     message.addClaim("id_token", "not_jwt");
     Assert.assertFalse(message.verify());
+    Assert.assertNull(message.getVerifiedIdToken());
   }
 
 }
diff --git a/src/test/java/org/oidc/msg/oidc/AuthenticationResponseTest.java b/src/test/java/org/oidc/msg/oidc/AuthenticationResponseTest.java
@@ -108,6 +108,7 @@ public void testSuccessValidIdToken() throws InvalidClaimException, IllegalArgum
     Assert.assertTrue(idToken.verify());
     // Finally assert we really have the same jwt
     Assert.assertEquals(jwt, (String) respParsed.getClaims().get("id_token"));
+    Assert.assertNotNull(respParsed.getVerifiedIdToken());
   }
 
   @Test

Original file line number	Diff line number	Diff line change
`@@ -56,6 +56,8 @@ public class AuthenticationResponse extends AuthorizationResponse {`
`56`	`56`	`private String encEnc;`
`57`	`57`	`/** the allowed id token signing algorithm. */`
`58`	`58`	`private String sigAlg;`
	`59`	`+ /** Verified id token. */`
	`60`	`+ private IDToken verifiedIdToken;`
`59`	`61`
`60`	`62`	`{`
`61`	`63`	`paramVerDefs.put("access_token", ParameterVerification.SINGLE_OPTIONAL_STRING.getValue());`
`@@ -90,6 +92,15 @@ public AuthenticationResponse(Map<String, Object> claims) {`
`90`	`92`	`super(claims);`
`91`	`93`	`}`
`92`	`94`
	`95`	`+ /**`
	`96`	`+ * Get verified id token.`
	`97`	`+ *`
	`98`	`+ * @return verified id token`
	`99`	`+ */`
	`100`	`+ public IDToken getVerifiedIdToken() {`
	`101`	`+ return verifiedIdToken;`
	`102`	`+ }`
	`103`	`+`
`93`	`104`	`/**`
`94`	`105`	`* Set the allowed id token encryption key transport algorithm.`
`95`	`106`	`*`
`@@ -211,6 +222,7 @@ protected void doVerify() {`
`211`	`222`	`getError().getDetails().add(details);`
`212`	`223`	`}`
`213`	`224`	`}`
	`225`	`+ verifiedIdToken = idToken;`
`214`	`226`	`} catch (DeserializationException \| JWTDecodeException e) {`
`215`	`227`	`getError().getDetails().add(new ErrorDetails("id_token", ErrorType.INVALID_VALUE_FORMAT,`
`216`	`228`	`"Unable to verify id token signature", e));`
Original file line number	Diff line number	Diff line change
`@@ -54,6 +54,7 @@ public void testValidIdToken() throws InvalidClaimException, IllegalArgumentExce`
`54`	`54`	`Assert.assertEquals("mockToken", message.getClaims().get("access_token"));`
`55`	`55`	`Assert.assertEquals("mockType", message.getClaims().get("token_type"));`
`56`	`56`	`Assert.assertEquals(jwt, message.getClaims().get("id_token"));`
	`57`	`+ Assert.assertNotNull(message.getVerifiedIdToken());`
`57`	`58`	`}`
`58`	`59`
`59`	`60`	`@Test`
`@@ -62,6 +63,7 @@ public void testInvalidIdToken() throws InvalidClaimException {`
`62`	`63`	`message.addClaim("token_type", "mockType");`
`63`	`64`	`message.addClaim("id_token", "not_jwt");`
`64`	`65`	`Assert.assertFalse(message.verify());`
	`66`	`+ Assert.assertNull(message.getVerifiedIdToken());`
`65`	`67`	`}`
`66`	`68`
`67`	`69`	`}`
Original file line number	Diff line number	Diff line change
`@@ -108,6 +108,7 @@ public void testSuccessValidIdToken() throws InvalidClaimException, IllegalArgum`
`108`	`108`	`Assert.assertTrue(idToken.verify());`
`109`	`109`	`// Finally assert we really have the same jwt`
`110`	`110`	`Assert.assertEquals(jwt, (String) respParsed.getClaims().get("id_token"));`
	`111`	`+ Assert.assertNotNull(respParsed.getVerifiedIdToken());`
`111`	`112`	`}`
`112`	`113`
`113`	`114`	`@Test`