github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

made binary encode/decode null safe

pull/695/head
Justin Richer 2014-10-06 23:25:48 -04:00
parent a8377513a6
commit 1fbdd240f1
3 changed files with 44 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_0.java
View File

@ -328,8 +328,12 @@ public class MITREidDataService_1_0 extends MITREidDataService_1_X {
if (subName.equals("clientAuthorization")) { if (subName.equals("clientAuthorization")) {
clientAuthorization = readAuthorizationRequest(reader); clientAuthorization = readAuthorizationRequest(reader);
} else if (subName.equals("userAuthentication")) { } else if (subName.equals("userAuthentication")) {
String authString = reader.nextString(); if (reader.peek() == JsonToken.NULL) {
userAuthentication = base64UrlDecodeObject(authString, Authentication.class); reader.skipValue();
} else {
String authString = reader.nextString();
userAuthentication = base64UrlDecodeObject(authString, Authentication.class);
}
} else { } else {
logger.debug("Found unexpected entry"); logger.debug("Found unexpected entry");
reader.skipValue(); reader.skipValue();

8
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_1.java
View File

@ -667,8 +667,12 @@ public class MITREidDataService_1_1 extends MITREidDataService_1_X {
if (subName.equals("clientAuthorization")) { if (subName.equals("clientAuthorization")) {
clientAuthorization = readAuthorizationRequest(reader); clientAuthorization = readAuthorizationRequest(reader);
} else if (subName.equals("userAuthentication")) { } else if (subName.equals("userAuthentication")) {
String authString = reader.nextString(); if (reader.peek() == JsonToken.NULL) {
userAuthentication = base64UrlDecodeObject(authString, Authentication.class); reader.skipValue();
} else {
String authString = reader.nextString();
userAuthentication = base64UrlDecodeObject(authString, Authentication.class);
}
} else { } else {
logger.debug("Found unexpected entry"); logger.debug("Found unexpected entry");
reader.skipValue(); reader.skipValue();

56
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_X.java
View File

@ -71,33 +71,41 @@ public abstract class MITREidDataService_1_X implements MITREidDataService {
} }
protected static <T> T base64UrlDecodeObject(String encoded, Class<T> type) { protected static <T> T base64UrlDecodeObject(String encoded, Class<T> type) {
T deserialized = null; if (encoded == null) {
try { return null;
byte[] decoded = BaseEncoding.base64Url().decode(encoded); } else {
ByteArrayInputStream bais = new ByteArrayInputStream(decoded); T deserialized = null;
ObjectInputStream ois = new ObjectInputStream(bais); try {
deserialized = type.cast(ois.readObject()); byte[] decoded = BaseEncoding.base64Url().decode(encoded);
ois.close(); ByteArrayInputStream bais = new ByteArrayInputStream(decoded);
bais.close(); ObjectInputStream ois = new ObjectInputStream(bais);
} catch (Exception ex) { deserialized = type.cast(ois.readObject());
logger.error("Unable to decode object", ex); ois.close();
} bais.close();
return deserialized; } catch (Exception ex) {
logger.error("Unable to decode object", ex);
}
return deserialized;
}
} }
protected static String base64UrlEncodeObject(Serializable obj) { protected static String base64UrlEncodeObject(Serializable obj) {
String encoded = null; if (obj == null) {
try { return null;
ByteArrayOutputStream baos = new ByteArrayOutputStream(); } else {
ObjectOutputStream oos = new ObjectOutputStream(baos); String encoded = null;
oos.writeObject(obj); try {
encoded = BaseEncoding.base64Url().encode(baos.toByteArray()); ByteArrayOutputStream baos = new ByteArrayOutputStream();
oos.close(); ObjectOutputStream oos = new ObjectOutputStream(baos);
baos.close(); oos.writeObject(obj);
} catch (IOException ex) { encoded = BaseEncoding.base64Url().encode(baos.toByteArray());
logger.error("Unable to encode object", ex); oos.close();
} baos.close();
return encoded; } catch (IOException ex) {
logger.error("Unable to encode object", ex);
}
return encoded;
}
} }
protected static Set readSet(JsonReader reader) throws IOException { protected static Set readSet(JsonReader reader) throws IOException {
Set arraySet = null; Set arraySet = null;