diff --git a/src/main/java/no/idporten/example/login/LoginController.java b/src/main/java/no/idporten/example/login/LoginController.java new file mode 100644 index 0000000..c6c42a3 --- /dev/null +++ b/src/main/java/no/idporten/example/login/LoginController.java @@ -0,0 +1,58 @@ +package no.idporten.example.login; + +import com.nimbusds.oauth2.sdk.*; +import com.nimbusds.oauth2.sdk.id.State; + +import jakarta.servlet.http.HttpServletRequest; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.web.bind.annotation.GetMapping; + +import java.net.URI; + +@Controller +public class LoginController { + + // used to check state in authorization responses. + private State lastState = new State(); // TODO: dummy. + + @GetMapping(path = "/login") + public String login() { + return ""; + } + + @GetMapping(path = "/callback") + public String loginCallback(HttpServletRequest req, Model model) { + URI callbackURI = URI.create(req.getRequestURL() + "?" + req.getQueryString()); + return handleCallbackURI(callbackURI, model); + } + + private String handleCallbackURI(URI callbackURI, Model model) { + AuthorizationResponse resp; + try { + resp = AuthorizationResponse.parse(callbackURI); + } + catch (ParseException e) { + model.addAttribute("errmsg_attr", "Authorization response parse error"); + return "login_fail"; + } + + if (!resp.indicatesSuccess()) { + model.addAttribute("errmsg_attr", resp.toErrorResponse()); + return "login_fail"; + } + + if (!resp.getState().equals(lastState)) { + model.addAttribute("errmsg_attr", "Bad state"); + return "login_fail"; + } + + model.addAttribute("errmsg_attr", "Success"); + + AuthorizationCode authzCode = resp.toSuccessResponse() + .getAuthorizationCode(); + model.addAttribute("authz_code_attr", authzCode.getValue()); + + return "login_success"; + } +}