From 1af65134992aa0c9539b04b4ee69fc8f1ffa59a8 Mon Sep 17 00:00:00 2001
From: Amanda Anganes <aanganes@mitre.org>
Date: Fri, 4 Jan 2013 15:28:55 -0500
Subject: [PATCH] Removed nonce checking from token service impl

---
 .../DefaultOAuth2ProviderTokenService.java    | 44 +------------------
 1 file changed, 1 insertion(+), 43 deletions(-)

diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
index ff8eb740d..f9af3e0f8 100644
--- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
@@ -71,12 +71,6 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi
 	@Autowired
 	private ClientDetailsEntityService clientDetailsService;
 	
-	@Autowired
-	private NonceService nonceService;
-	
-	//TODO how to specify this?
-	private Period nonceStorageDuration = new Period(1, 0, 0, 0, 0, 0, 0, 0);
-	
 	@Autowired
 	private TokenEnhancer tokenEnhancer;
 	
@@ -91,29 +85,7 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi
 			if (client == null) {
 				throw new InvalidClientException("Client not found: " + clientAuth.getClientId());
 			}
-			
-			String requestNonce = clientAuth.getAuthorizationParameters().get("nonce");
-			
-			//Check request nonce for reuse
-			Collection<Nonce> clientNonces = nonceService.getByClientId(client.getClientId());
-			for (Nonce nonce : clientNonces) {
-				if (nonce.getValue().equals(requestNonce)) {
-					throw new NonceReuseException(client.getClientId(), nonce);
-				}
-			}
-			
-			//Store nonce
-			Nonce nonce = new Nonce();
-			nonce.setClientId(client.getClientId());
-			nonce.setValue(requestNonce);
-			DateTime now = new DateTime(new Date());
-			DateTime expDate = now.plus(nonceStorageDuration);
-			Date expirationJdkDate = expDate.toDate();
-			nonce.setExpireDate(expirationJdkDate);
-			
-			nonceService.save(nonce);
-			
-			
+					
 			OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();//accessTokenFactory.createNewAccessToken();
 		    
 		    // attach the client
@@ -428,19 +400,5 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi
     public OAuth2AccessTokenEntity getAccessTokenForIdToken(OAuth2AccessTokenEntity idToken) {
     	return tokenRepository.getAccessTokenForIdToken(idToken);
     }
-
-	/**
-	 * @return the nonceStorageDuration
-	 */
-	public Period getNonceStorageDuration() {
-		return nonceStorageDuration;
-	}
-
-	/**
-	 * @param nonceStorageDuration the nonceStorageDuration to set
-	 */
-	public void setNonceStorageDuration(Period nonceStorageDuration) {
-		this.nonceStorageDuration = nonceStorageDuration;
-	}
 	
 }