Package io.jans.configapi.service.auth

Class AdminUISessionService

java.lang.Object

io.jans.configapi.service.auth.AdminUISessionService

@ApplicationScoped
public class AdminUISessionService
extends Object

Constructor Summary

Constructors

Constructor	Description
AdminUISessionService()

Method Summary

Modifier and Type	Method	Description
io.jans.as.model.config.adminui.AdminConf	fetchAdminUIConfiguration()	Loads the Admin UI configuration entry from persistence.
io.jans.as.client.TokenResponse	getApiProtectionToken(String ujwtString, io.jans.configapi.core.model.adminui.AUIConfiguration auiConfiguration)	Obtains an API protection access token for the Admin UI backend using client credentials and a user-info JWT.
Map<String,Object>	getClaims(io.jans.as.model.jwt.Jwt jwtObj)	Extracts the claims from a Jwt into a map keyed by claim name.
io.jans.configapi.core.model.adminui.AdminUISession	getSession(String sessionId)	Load the Admin UI session corresponding to the given session identifier.
Map<String,Object>	getToken(io.jans.as.client.TokenRequest tokenRequest, String tokenEndpoint, String userInfoJwt)	Exchanges the provided token request parameters with the authorization server and returns the parsed token response.
boolean	isCachedTokenValid(String token, io.jans.configapi.core.model.adminui.AUIConfiguration auiConfiguration)	Checks whether a cached token is active by calling the Admin UI introspection endpoint.
void	removeAllExpiredSessions()	Removes all AdminUISession entries whose expirationDate is earlier than the current time.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AdminUISessionService

public AdminUISessionService()

Method Detail

getSession

public io.jans.configapi.core.model.adminui.AdminUISession getSession(String sessionId)

Load the Admin UI session corresponding to the given session identifier.

Parameters:

sessionId - the session identifier used to build the session DN

Returns:

the matching AdminUISession, or `null` if no session is found or an error occurs

removeAllExpiredSessions

public void removeAllExpiredSessions()

Removes all AdminUISession entries whose expirationDate is earlier than the current time. This method queries sessions under the service's session base DN and deletes any persisted AdminUISession whose expiration date has already passed.

isCachedTokenValid

public boolean isCachedTokenValid(String token,
                                  io.jans.configapi.core.model.adminui.AUIConfiguration auiConfiguration)
                           throws com.fasterxml.jackson.core.JsonProcessingException

Checks whether a cached token is active by calling the Admin UI introspection endpoint.

Parameters:

token - the token to introspect; may be null or empty

auiConfiguration - configuration holding the introspection endpoint URL

Returns:

`true` if the introspection response contains `"active": true`, `false` otherwise

Throws:

com.fasterxml.jackson.core.JsonProcessingException - if the introspection response body cannot be parsed as JSON

getApiProtectionToken

public io.jans.as.client.TokenResponse getApiProtectionToken(String ujwtString,
                                                             io.jans.configapi.core.model.adminui.AUIConfiguration auiConfiguration)
                                                      throws io.jans.util.security.StringEncrypter.EncryptionException,
                                                             io.jans.configapi.core.model.exception.ConfigApiApplicationException

Obtains an API protection access token for the Admin UI backend using client credentials and a user-info JWT.

Parameters:

ujwtString - the user-info JWT to include in the token request; must be non-null and non-empty to generate a token

auiConfiguration - configuration containing the backend token endpoint, client ID, encrypted client secret, and redirect URI

Returns:

a TokenResponse containing the access token, or `null` if `ujwtString` is null or empty

Throws:

io.jans.util.security.StringEncrypter.EncryptionException - if decrypting the client secret fails

com.fasterxml.jackson.core.JsonProcessingException - if parsing token responses fails

io.jans.configapi.core.model.exception.ConfigApiApplicationException

getToken

public Map<String,Object> getToken(io.jans.as.client.TokenRequest tokenRequest,
                                         String tokenEndpoint,
                                         String userInfoJwt)
                                  throws io.jans.configapi.core.model.exception.ConfigApiApplicationException

Exchanges the provided token request parameters with the authorization server and returns the parsed token response.

Parameters:

tokenRequest - the token request details (grant type, client credentials, redirect URI, optional code and PKCE verifier)

tokenEndpoint - the token endpoint URL to call

userInfoJwt - optional user-info JWT to include in the request as `ujwt`

Returns:

a map of token response parameters (for example `access_token`, `expires_in`), with any `token_type` entry removed; returns an empty map if the exchange fails

Throws:

io.jans.configapi.core.model.exception.ConfigApiApplicationException - if the token endpoint response cannot be parsed as JSON

fetchAdminUIConfiguration

public io.jans.as.model.config.adminui.AdminConf fetchAdminUIConfiguration()

Loads the Admin UI configuration entry from persistence.

Returns:

the AdminConf instance stored at ADMIN_UI_CONFIG_DN, or null if not found

getClaims

public Map<String,Object> getClaims(io.jans.as.model.jwt.Jwt jwtObj)

Extracts the claims from a Jwt into a map keyed by claim name.

Parameters:

jwtObj - the Jwt to extract claims from; may be null

Returns:

a map of claim names to their values. Values are `String`, `Integer`, `Long`, `Boolean`, `List` for JSON arrays, or `JSONObject`; returns an empty map if `jwtObj` is null or contains no claims