github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

initial support for displaying claim values for requested scopes

pull/576/head
Justin Richer 2014-01-20 20:56:04 -05:00
parent 11064b540a
commit 19dbe92d4e
2 changed files with 54 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approve.jsp
View File

@ -100,11 +100,22 @@
</c:otherwise> </c:otherwise>
</c:choose> </c:choose>
</label> <c:if test="${ not empty claims[scope.value] }">
<c:forEach var="claim" items="${ claims[scope.value] }">
[
<c:out value="${ claim.key } " />
:
<c:out value="${ claim.value }" />
]
</c:forEach>
</c:if>
<c:if test="${ scope.structured }"> <c:if test="${ scope.structured }">
<input name="scopeparam_${ scope.value }" type="text" value="${ scope.structuredValue }" placeholder="${scope.structuredParamDescription}"> <input name="scopeparam_${ scope.value }" type="text" value="${ scope.structuredValue }" placeholder="${scope.structuredParamDescription}">
</c:if> </c:if>
</label>
</c:forEach> </c:forEach>
</fieldset> </fieldset>

44
openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java
View File

@ -19,13 +19,19 @@
*/ */
package org.mitre.oauth2.web; package org.mitre.oauth2.web;
import java.security.Principal;
import java.util.HashMap;
import java.util.LinkedHashSet; import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
import org.mitre.oauth2.model.SystemScope; import org.mitre.oauth2.model.SystemScope;
import org.mitre.oauth2.service.ClientDetailsEntityService; import org.mitre.oauth2.service.ClientDetailsEntityService;
import org.mitre.oauth2.service.SystemScopeService; import org.mitre.oauth2.service.SystemScopeService;
import org.mitre.openid.connect.model.UserInfo;
import org.mitre.openid.connect.service.ScopeClaimTranslationService;
import org.mitre.openid.connect.service.UserInfoService;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
@ -39,7 +45,12 @@ import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.SessionAttributes; import org.springframework.web.bind.annotation.SessionAttributes;
import com.google.common.collect.ArrayListMultimap;
import com.google.common.collect.HashMultimap;
import com.google.common.collect.Multimap;
import com.google.common.collect.Multimaps;
import com.google.common.collect.Sets; import com.google.common.collect.Sets;
import com.google.gson.JsonObject;
/** /**
* @author jricher * @author jricher
@ -55,6 +66,12 @@ public class OAuthConfirmationController {
@Autowired @Autowired
private SystemScopeService scopeService; private SystemScopeService scopeService;
@Autowired
private ScopeClaimTranslationService scopeClaimTranslationService;
@Autowired
private UserInfoService userInfoService;
private static Logger logger = LoggerFactory.getLogger(OAuthConfirmationController.class); private static Logger logger = LoggerFactory.getLogger(OAuthConfirmationController.class);
public OAuthConfirmationController() { public OAuthConfirmationController() {
@ -67,7 +84,8 @@ public class OAuthConfirmationController {
@PreAuthorize("hasRole('ROLE_USER')") @PreAuthorize("hasRole('ROLE_USER')")
@RequestMapping("/oauth/confirm_access") @RequestMapping("/oauth/confirm_access")
public String confimAccess(Map<String, Object> model, @ModelAttribute("authorizationRequest") AuthorizationRequest clientAuth) { public String confimAccess(Map<String, Object> model, @ModelAttribute("authorizationRequest") AuthorizationRequest clientAuth,
Principal p) {
// Check the "prompt" parameter to see if we need to do special processing // Check the "prompt" parameter to see if we need to do special processing
@ -113,17 +131,39 @@ public class OAuthConfirmationController {
Set<SystemScope> sortedScopes = new LinkedHashSet<SystemScope>(scopes.size()); Set<SystemScope> sortedScopes = new LinkedHashSet<SystemScope>(scopes.size());
Set<SystemScope> systemScopes = scopeService.getAll(); Set<SystemScope> systemScopes = scopeService.getAll();
// sort scopes for display // sort scopes for display based on the inherent order of system scopes
for (SystemScope s : systemScopes) { for (SystemScope s : systemScopes) {
if (scopes.contains(s)) { if (scopes.contains(s)) {
sortedScopes.add(s); sortedScopes.add(s);
} }
} }
// add in any scopes that aren't system scopes to the end of the list
sortedScopes.addAll(Sets.difference(scopes, systemScopes)); sortedScopes.addAll(Sets.difference(scopes, systemScopes));
model.put("scopes", sortedScopes); model.put("scopes", sortedScopes);
// get the userinfo claims for each scope
UserInfo user = userInfoService.getByUsername(p.getName());
JsonObject userJson = user.toJson();
Map<String, Map<String, String>> claimsForScopes = new HashMap<String, Map<String, String>>();
for (SystemScope systemScope : sortedScopes) {
Map<String, String> claimValues = new HashMap<String, String>();
Set<String> claims = scopeClaimTranslationService.getClaimsForScope(systemScope.getValue());
for (String claim : claims) {
if (userJson.has(claim) && userJson.get(claim).isJsonPrimitive()) {
// TODO: this skips the address claim
claimValues.put(claim, userJson.get(claim).getAsString());
}
}
claimsForScopes.put(systemScope.getValue(), claimValues);
}
model.put("claims", claimsForScopes);
return "approve"; return "approve";
} }