From 0ff7cb75a071a57a612166ddc6c24deb6941dd48 Mon Sep 17 00:00:00 2001
From: Justin Richer <jricher@mit.edu>
Date: Tue, 24 Sep 2013 21:38:08 -0400
Subject: [PATCH] made userinfo fetching optional, addresses #510

---
 .../connect/client/UserInfoFetcher.java       | 44 ++++++++++++++++---
 1 file changed, 37 insertions(+), 7 deletions(-)

diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/UserInfoFetcher.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/UserInfoFetcher.java
index 812d03bc2..b54a1315f 100644
--- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/UserInfoFetcher.java
+++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/UserInfoFetcher.java
@@ -18,21 +18,46 @@ package org.mitre.openid.connect.client;
 
 import org.apache.http.client.HttpClient;
 import org.apache.http.impl.client.DefaultHttpClient;
+import org.mitre.openid.connect.config.ServerConfiguration;
 import org.mitre.openid.connect.model.DefaultUserInfo;
 import org.mitre.openid.connect.model.OIDCAuthenticationToken;
 import org.mitre.openid.connect.model.UserInfo;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
 import org.springframework.util.LinkedMultiValueMap;
 import org.springframework.util.MultiValueMap;
 import org.springframework.web.client.RestTemplate;
 
+import com.google.common.base.Strings;
 import com.google.gson.JsonObject;
 import com.google.gson.JsonParser;
 
+/**
+ * Utility class to fetch userinfo from the userinfo endpoint, if available. 
+ * @author jricher
+ *
+ */
 public class UserInfoFetcher {
 
+	private Logger logger = LoggerFactory.getLogger(UserInfoFetcher.class);
+	
 	public UserInfo loadUserInfo(OIDCAuthenticationToken token) {
 
+		ServerConfiguration serverConfiguration = token.getServerConfiguration();
+		
+		if (serverConfiguration == null) {
+			logger.warn("No server configuration found.");
+			return null;
+		}
+		
+		if (Strings.isNullOrEmpty(serverConfiguration.getUserInfoUri())) {
+			logger.warn("No userinfo endpoint, not fetching.");
+			return null;
+		}
+
+		// if we got this far, try to actually get the userinfo
+		
 		HttpClient httpClient = new DefaultHttpClient();
 
 		HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(httpClient);
@@ -42,13 +67,18 @@ public class UserInfoFetcher {
 		MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>();
 		form.add("access_token", token.getAccessTokenValue());
 
-		String userInfoString = restTemplate.postForObject(token.getServerConfiguration().getUserInfoUri(), form, String.class);
-
-		JsonObject userInfoJson = new JsonParser().parse(userInfoString).getAsJsonObject();
-
-		UserInfo userInfo = DefaultUserInfo.fromJson(userInfoJson);
-
-		return userInfo;
+		try {
+			String userInfoString = restTemplate.postForObject(serverConfiguration.getUserInfoUri(), form, String.class);
+	
+			JsonObject userInfoJson = new JsonParser().parse(userInfoString).getAsJsonObject();
+	
+			UserInfo userInfo = DefaultUserInfo.fromJson(userInfoJson);
+	
+			return userInfo;
+		} catch (Exception e) {
+			logger.warn("Error fetching userinfo", e);
+			return null;
+		}
 
 	}