2012-05-08 23:52:13 +00:00
# Account Choooser UI Application
## Overview
2012-05-15 22:43:45 +00:00
This is Web application created in response to [Issue #39 ] to permit the Client AuthenticationFilter to speak to multiple OpenID Connect Servers. The protocol between the Clinent and the Account Chooser UI application is documented the README.md of the openid-connect-client submodule.
2012-05-08 23:52:13 +00:00
## Configuration
2012-05-15 22:43:45 +00:00
Configure AccountChooserController via configuring a AccountChooserConfig bean in the spring-servlet.xml like so:
2012-05-08 23:52:13 +00:00
2012-05-15 22:43:45 +00:00
< bean name = "AccountChooserConfig" class = "org.mitre.account_chooser.AccountChooserConfig" >
< property name = "issuers" >
2012-05-08 23:52:13 +00:00
< map >
2012-05-15 22:43:45 +00:00
< entry key = "http://sever.example.com:8080/openid-connect-server" >
2012-05-08 23:52:13 +00:00
< bean class = "org.mitre.account_chooser.OIDCServer" >
2012-05-15 22:43:45 +00:00
< property name = "name" value = "Example Server" / >
2012-05-08 23:52:13 +00:00
< / bean >
< / entry >
< / map >
< / property >
2012-05-15 22:43:45 +00:00
< property name = "validClientIds" value = "FGWEUIASJK, IUYTTYEV, GFHDSFYD" / >
2012-05-08 23:52:13 +00:00
< / bean >
2012-05-15 22:43:45 +00:00
2012-05-08 23:52:13 +00:00
The keys must match those found in the OpenIdConnectAuthenticationFilter's configuration like so:
< bean id = "openIdConnectAuthenticationFilter"
class="org.mitre.openid.connect.client.OpenIdConnectAuthenticationFilter">
2012-05-15 22:43:45 +00:00
< property name = "errorRedirectURI" value = "/login.jsp?authfail=openid" / >
< property name = "authenticationManager" ref = "authenticationManager" / >
< property name = "accountChooserURI"
value="http://sever.example.com:8080/account-chooser" />
< property name = "accountChooserClientID" value = "FGWEUIASJK" / >
< property name = "oidcServerConfigs" >
2012-05-08 23:52:13 +00:00
< map >
2012-05-15 22:43:45 +00:00
< entry key = "http://sever.example.com:8080/Fopenid-connect-server" >
< bean class = "org.mitre.openid.connect.client.OIDCServerConfiguration" >
< property name = "authorizationEndpointURI"
value="http://sever.example.com:8080/openid-connect-server/oauth/authorize" />
< property name = "tokenEndpointURI"
value="http://sever.example.com:8080/openid-connect-server/oauth/token" />
< property name = "checkIDEndpointURI"
value="http://sever.example.com:8080/openid-connect-server/checkid" />
< property name = "clientId"
value="someClientId" />
< property name = "clientSecret" value = "someClientSecret" / >
< / bean >
2012-05-08 23:52:13 +00:00
< / entry >
2012-05-15 22:43:45 +00:00
. . .
## Test the Default Configuration
To test the default config, deploy to a servlet container, and request:
http://localhost:8080/account-chooser/?redirect_uri=http://www.google.com& client_id=FGWEUIASJK
2012-05-21 21:56:20 +00:00
Click **Submit** or **Cancel** , and Google will open. Study the URL parameters of each.
2012-05-08 23:52:13 +00:00
2012-05-21 21:56:20 +00:00
[Issue #39 ]: http://github.com/jricher/OpenID-Connect-Java-Spring-Server/issues/39 "Issue #39 -- Multiple Point Client"
