[cxf] branch master updated: CXF-8413 - Throw an error if there is no IdToken available for the Implicit/Hybrid flows if required

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[cxf] branch master updated: CXF-8413 - Throw an error if there is no IdToken available for the Implicit/Hybrid flows if required

coheigea
Administrator
This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git


The following commit(s) were added to refs/heads/master by this push:
     new 6255de2  CXF-8413 - Throw an error if there is no IdToken available for the Implicit/Hybrid flows if required
6255de2 is described below

commit 6255de2a14e5e7ba06e490dcb54eaa0b8c1ebe99
Author: Colm O hEigeartaigh <[hidden email]>
AuthorDate: Tue Jan 26 07:05:36 2021 +0000

    CXF-8413 - Throw an error if there is no IdToken available for the Implicit/Hybrid flows if required
---
 .../org/apache/cxf/rs/security/oidc/idp/OidcImplicitService.java | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcImplicitService.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcImplicitService.java
index bf84bcd..b2cfb73 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcImplicitService.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcImplicitService.java
@@ -29,6 +29,7 @@ import java.util.logging.Level;
 import javax.ws.rs.core.MultivaluedMap;
 import javax.ws.rs.core.Response;
 
+import org.apache.cxf.jaxrs.utils.ExceptionUtils;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
 import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
 import org.apache.cxf.rs.security.jose.jws.JwsUtils;
@@ -134,7 +135,11 @@ public class OidcImplicitService extends ImplicitGrantService {
                                              getApprovedScope(requestedScope, approvedScope));
         if (idToken != null) {
             sb.append(OidcUtils.ID_TOKEN).append('=').append(idToken);
+        } else if (state.getResponseType().contains(OidcUtils.ID_TOKEN_RESPONSE_TYPE)) {
+            LOG.warning("No IdToken available. Did you configure a IdTokenProvider implementation?");
+            throw ExceptionUtils.toInternalServerErrorException(null, null);
         }
+
         finalizeResponse(sb, state);
         return sb;
     }
@@ -153,6 +158,10 @@ public class OidcImplicitService extends ImplicitGrantService {
         // id_token response type processing
         String idToken = getProcessedIdToken(state, userSubject,
                                              getApprovedScope(requestedScope, approvedScope));
+        if (idToken == null && state.getResponseType().contains(OidcUtils.ID_TOKEN_RESPONSE_TYPE)) {
+            LOG.warning("No IdToken available. Did you configure a IdTokenProvider implementation?");
+            throw ExceptionUtils.toInternalServerErrorException(null, null);
+        }
         FormIdTokenResponse response = new FormIdTokenResponse();
         response.setIdToken(idToken);
         response.setResponseType(state.getResponseType());