github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

wrap errors in saving the client in an HTTP 400 (instead of HTTP 500) error 

Conflicts:

	openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
pull/650/head
Justin Richer 2013-09-13 14:22:42 -04:00
parent e11c0386d1
commit 122b0c4e8c
1 changed files with 46 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
View File

@ -69,13 +69,13 @@ public class ClientDynamicRegistrationEndpoint {
@Autowired @Autowired
private OAuth2TokenEntityService tokenService; private OAuth2TokenEntityService tokenService;
@Autowired @Autowired
private JwtSigningAndValidationService jwtService; private JwtSigningAndValidationService jwtService;
@Autowired @Autowired
private ConfigurationPropertiesBean configBean; private ConfigurationPropertiesBean configBean;
@Autowired @Autowired
private AuthenticationHolderRepository authenticationHolderRepository; private AuthenticationHolderRepository authenticationHolderRepository;
@ -123,7 +123,7 @@ public class ClientDynamicRegistrationEndpoint {
if (allowedScopes == null || allowedScopes.isEmpty()) { if (allowedScopes == null || allowedScopes.isEmpty()) {
allowedScopes = scopeService.getDefaults(); allowedScopes = scopeService.getDefaults();
} }
newClient.setScope(scopeService.toStrings(allowedScopes)); newClient.setScope(scopeService.toStrings(allowedScopes));
@ -164,22 +164,29 @@ public class ClientDynamicRegistrationEndpoint {
newClient.setDynamicallyRegistered(true); newClient.setDynamicallyRegistered(true);
// now save it // now save it
ClientDetailsEntity savedClient = clientService.saveNewClient(newClient); try {
ClientDetailsEntity savedClient = clientService.saveNewClient(newClient);
// generate the registration access token // generate the registration access token
OAuth2AccessTokenEntity token = createRegistrationAccessToken(savedClient); OAuth2AccessTokenEntity token = createRegistrationAccessToken(savedClient);
// send it all out to the view // send it all out to the view
// TODO: urlencode the client id for safety? // TODO: urlencode the client id for safety?
RegisteredClient registered = new RegisteredClient(savedClient, token.getValue(), config.getIssuer() + "register/" + savedClient.getClientId()); RegisteredClient registered = new RegisteredClient(savedClient, token.getValue(), config.getIssuer() + "register/" + savedClient.getClientId());
m.addAttribute("client", registered); m.addAttribute("client", registered);
m.addAttribute("code", HttpStatus.CREATED); // http 201 m.addAttribute("code", HttpStatus.CREATED); // http 201
//m.addAttribute("token", token); //m.addAttribute("token", token);
//m.addAttribute("uri", config.getIssuer() + "register/" + savedClient.getClientId()); //m.addAttribute("uri", config.getIssuer() + "register/" + savedClient.getClientId());
return "clientInformationResponseView"; return "clientInformationResponseView";
} catch (IllegalArgumentException e) {
logger.error("Couldn't save client", e);
m.addAttribute("code", HttpStatus.BAD_REQUEST);
return "httpCodeView";
}
} else { } else {
// didn't parse, this is a bad request // didn't parse, this is a bad request
logger.error("registerNewClient failed; submitted JSON is malformed"); logger.error("registerNewClient failed; submitted JSON is malformed");
@ -278,25 +285,32 @@ public class ClientDynamicRegistrationEndpoint {
// make sure that the client doesn't ask for scopes it can't have // make sure that the client doesn't ask for scopes it can't have
newClient.setScope(scopeService.toStrings(allowedScopes)); newClient.setScope(scopeService.toStrings(allowedScopes));
// save the client try {
ClientDetailsEntity savedClient = clientService.updateClient(oldClient, newClient); // save the client
ClientDetailsEntity savedClient = clientService.updateClient(oldClient, newClient);
// we return the token that we got in // we return the token that we got in
// TODO: rotate this after some set amount of time // TODO: rotate this after some set amount of time
OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails(); OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails();
OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue()); OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue());
// TODO: urlencode the client id for safety? // TODO: urlencode the client id for safety?
RegisteredClient registered = new RegisteredClient(savedClient, token.getValue(), config.getIssuer() + "register/" + savedClient.getClientId()); RegisteredClient registered = new RegisteredClient(savedClient, token.getValue(), config.getIssuer() + "register/" + savedClient.getClientId());
// send it all out to the view // send it all out to the view
m.addAttribute("client", registered); m.addAttribute("client", registered);
m.addAttribute("code", HttpStatus.OK); // http 200 m.addAttribute("code", HttpStatus.OK); // http 200
//m.addAttribute("token", token); //m.addAttribute("token", token);
// TODO: urlencode the client id for safety? // TODO: urlencode the client id for safety?
//m.addAttribute("uri", config.getIssuer() + "register/" + savedClient.getClientId()); //m.addAttribute("uri", config.getIssuer() + "register/" + savedClient.getClientId());
return "clientInformationResponseView"; return "clientInformationResponseView";
} catch (IllegalArgumentException e) {
logger.error("Couldn't save client", e);
m.addAttribute("code", HttpStatus.BAD_REQUEST);
return "httpCodeView";
}
} else { } else {
// client mismatch // client mismatch
logger.error("readClientConfiguration failed, client ID mismatch: " logger.error("readClientConfiguration failed, client ID mismatch: "
@ -354,7 +368,7 @@ public class ClientDynamicRegistrationEndpoint {
clientAuth.setApproved(true); clientAuth.setApproved(true);
clientAuth.setAuthorities(Sets.newHashSet(new SimpleGrantedAuthority("ROLE_CLIENT"))); clientAuth.setAuthorities(Sets.newHashSet(new SimpleGrantedAuthority("ROLE_CLIENT")));
OAuth2Authentication authentication = new OAuth2Authentication(clientAuth, null); OAuth2Authentication authentication = new OAuth2Authentication(clientAuth, null);
OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity(); OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();
token.setClient(client); token.setClient(client);
token.setScope(Sets.newHashSet(OAuth2AccessTokenEntity.REGISTRATION_TOKEN_SCOPE)); token.setScope(Sets.newHashSet(OAuth2AccessTokenEntity.REGISTRATION_TOKEN_SCOPE));
@ -383,7 +397,7 @@ public class ClientDynamicRegistrationEndpoint {
tokenService.saveAccessToken(token); tokenService.saveAccessToken(token);
return token; return token;
} }
} }