Refactor OktaOAuthAuthenticationService introspectToken method

The introspectToken method in OktaOAuthAuthenticationService has been optimized to improve error handling. The HttpClient implementation previously used was replaced by a new method, 'doOktaRequest', to simplify the process. Error messages have been updated for better interpretation in case of exceptions. Code responsible for user initialization has been moved to ensure it only occurs if valid introspectResponse exists.
hms-dbmi · Jan 24, 2024 · e66b271 · e66b271
1 parent 6c5af1a
commit e66b271
Showing 1 changed file with 3 additions and 14 deletions.
diff --git a/.../java/edu/harvard/hms/dbmi/avillach/auth/service/auth/OktaOAuthAuthenticationService.java b/.../java/edu/harvard/hms/dbmi/avillach/auth/service/auth/OktaOAuthAuthenticationService.java
@@ -67,7 +67,7 @@ public Response authenticate(UriInfo uriInfo, Map<String, String> authRequest) {
             if (introspectResponse != null) {
                 user = initializeUser(introspectResponse);
             }
-            
+
             if (user == null) {
                 logger.info("LOGIN FAILED ___ USER NOT FOUND ___ " + userToken.get("email").asText() + ":" + userToken.get("sub").asText() + " ___");
                 return PICSUREResponse.error("User not found");
@@ -149,25 +149,14 @@ private JsonNode introspectToken(JsonNode userToken) throws IOException, Interru
             return null;
         }
 
-        HttpClient client = HttpClient.newHttpClient();
         String accessToken = userToken.get("access_token").asText();
         logger.info("introspectToken - Access Token: " + accessToken);
         String oktaIntrospectUrl = "https://" + JAXRSConfiguration.idp_provider_uri + "/oauth2/default/v1/introspect";
 
         String payload = "{\"token\":\"" + accessToken + "\",\"token_type_hint\":\"access_token\"}";
-        String auth_header = JAXRSConfiguration.clientId + ":" + JAXRSConfiguration.spClientSecret;
-
-        var request = HttpRequest.newBuilder()
-                .POST(HttpRequest.BodyPublishers.ofString(payload))
-                .uri(URI.create(oktaIntrospectUrl))
-                .header("Content-Type", "application/json")
-                .header("Authorization", "Basic " + Base64.getEncoder().encodeToString((auth_header).getBytes()))
-                .build();
-
+        String contentType = "application/json";
 
-        HttpResponse<String> send = client.send(request, HttpResponse.BodyHandlers.ofString());
-        logger.info("introspectToken - Response: " + send.body());
-        return JAXRSConfiguration.objectMapper.readTree(send.body());
+        return doOktaRequest(oktaIntrospectUrl, payload, contentType);
     }
 
     /**