github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

scope wasn't quite right, needed a space

pull/59/head
U-MITRE\mjwalsh 2012-03-22 17:55:59 -04:00
parent b4836a0302
commit 02d0471acf
1 changed files with 48 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
openid-connect-client/src/main/java/org/mitre/openid/connect/client/OpenIdConnectAuthenticationFilter.java
View File

@ -46,40 +46,38 @@ import com.google.gson.JsonParser;
* *
* Configured like: * Configured like:
* *
* <security:http auto-config="false" use-expressions="true" * <security:http auto-config="false" use-expressions="true"
* disable-url-rewriting="true" entry-point-ref="authenticationEntryPoint" pattern="/**"> * disable-url-rewriting="true" entry-point-ref="authenticationEntryPoint"
* pattern="/**">
* *
* <security:intercept-url pattern="/somepath/**" * <security:intercept-url pattern="/somepath/**" access="denyAll" />
* access="denyAll" />
* *
* <security:custom-filter before="PRE_AUTH_FILTER " * <security:custom-filter before="PRE_AUTH_FILTER "
* ref="openIdConnectAuthenticationFilter" /> * ref="openIdConnectAuthenticationFilter" />
* *
* <security:intercept-url pattern="/**" * <security:intercept-url pattern="/**"
* access="hasAnyRole('ROLE_USER','ROLE_ADMIN')" /> * access="hasAnyRole('ROLE_USER','ROLE_ADMIN')" /> <security:logout />
* <security:logout /> * </security:http>
* </security:http>
* *
* <bean id="authenticationEntryPoint" * <bean id="authenticationEntryPoint" class=
* class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint"> * "org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint"
* <property name="loginFormUrl" value="/openid_connect_login"/> * > <property name="loginFormUrl" value="/openid_connect_login"/> </bean>
* </bean>
* *
* <security:authentication-manager alias="authenticationManager" /> * <security:authentication-manager alias="authenticationManager" /> <bean
* <bean id="openIdConnectAuthenticationFilter" * id="openIdConnectAuthenticationFilter"
* class="org.mitre.openid.connect.client.OpenIdConnectAuthenticationFilter"> * class="org.mitre.openid.connect.client.OpenIdConnectAuthenticationFilter">
* *
* <property name="authenticationManager" ref="authenticationManager" /> * <property name="authenticationManager" ref="authenticationManager" />
* <property name="errorRedirectURI" value="/login.jsp?authfail=openid" /> <!-- TODO: or would this be value="/login.jsp?authfail=openid_connect" --> * <property name="errorRedirectURI" value="/login.jsp?authfail=openid" /> <!--
* <property name="authorizationEndpointURI" * TODO: or would this be value="/login.jsp?authfail=openid_connect" -->
* value="http://sever.example.com:8080/openid-connect-server/openidconnect/auth" /> * <property name="authorizationEndpointURI" value=
* <property name="tokenEndpointURI" * "http://sever.example.com:8080/openid-connect-server/openidconnect/auth" />
* value="http://sever.example.com:8080/openid-connect-server/checkid" /> * <property name="tokenEndpointURI"
* <property name="checkIDEndpointURI" * value="http://sever.example.com:8080/openid-connect-server/checkid" />
* value="http://sever.example.com:8080/openid-connect-server/checkid" /> * <property name="checkIDEndpointURI"
* <property name="clientId" value="someClientId" /> * value="http://sever.example.com:8080/openid-connect-server/checkid" />
* <property name="clientSecret" value="someClientSecret" /> * <property name="clientId" value="someClientId" /> <property
* </bean> * name="clientSecret" value="someClientSecret" /> </bean>
* *
* @author nemonik * @author nemonik
* *
@ -95,7 +93,7 @@ public class OpenIdConnectAuthenticationFilter extends
private final static int KEY_SIZE = 1024; private final static int KEY_SIZE = 1024;
private final static String SIGNING_ALGORITHM = "SHA256withRSA"; private final static String SIGNING_ALGORITHM = "SHA256withRSA";
private final static String NONCE_SIGNATURE_COOKIE_NAME = "nonce"; private final static String NONCE_SIGNATURE_COOKIE_NAME = "nonce";
private final static String FILTER_PROCESSES_URL ="/openid_connect_login"; private final static String FILTER_PROCESSES_URL = "/openid_connect_login";
/** /**
* Return the URL w/ GET parameters * Return the URL w/ GET parameters
@ -261,11 +259,7 @@ public class OpenIdConnectAuthenticationFilter extends
} }
// prepend the spec necessary scope // prepend the spec necessary scope
if (scope != null && !scope.isEmpty() ) { setScope(SCOPE + ((scope != null && !scope.isEmpty()) ? " " + scope : ""));
setScope(SCOPE + scope);
} else {
setScope(SCOPE);
}
} }
/* /*
@ -316,7 +310,8 @@ public class OpenIdConnectAuthenticationFilter extends
HttpClient httpClient = new DefaultHttpClient(); HttpClient httpClient = new DefaultHttpClient();
httpClient.getParams().setParameter("http.socket.timeout", new Integer(httpSocketTimeout)); httpClient.getParams().setParameter("http.socket.timeout",
new Integer(httpSocketTimeout));
UsernamePasswordCredentials credentials = new UsernamePasswordCredentials( UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(
clientId, clientSecret); clientId, clientSecret);
@ -397,7 +392,8 @@ public class OpenIdConnectAuthenticationFilter extends
httpClient = new DefaultHttpClient(); httpClient = new DefaultHttpClient();
httpClient.getParams().setParameter("http.socket.timeout", new Integer(httpSocketTimeout)); httpClient.getParams().setParameter("http.socket.timeout",
new Integer(httpSocketTimeout));
factory = new HttpComponentsClientHttpRequestFactory( factory = new HttpComponentsClientHttpRequestFactory(
httpClient); httpClient);
@ -596,4 +592,3 @@ public class OpenIdConnectAuthenticationFilter extends
this.tokenEndpointURI = tokenEndpointURI; this.tokenEndpointURI = tokenEndpointURI;
} }
} }