added client information response view
Justin Richer
parent
fc978ac994
commit
235a3bf2c4
|
|
@ -6,6 +6,7 @@ package org.mitre.openid.connect.view;
|
|||
import java.io.IOException;
|
||||
import java.io.Writer;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
|
@ -18,9 +19,10 @@ import org.springframework.web.servlet.view.AbstractView;
|
|||
|
||||
import com.google.common.base.Joiner;
|
||||
import com.google.gson.Gson;
|
||||
import com.google.gson.GsonBuilder;
|
||||
import com.google.gson.JsonElement;
|
||||
import com.google.gson.JsonIOException;
|
||||
import com.google.gson.JsonObject;
|
||||
import com.google.gson.reflect.TypeToken;
|
||||
|
||||
/**
|
||||
*
|
||||
|
|
@ -33,6 +35,9 @@ import com.google.gson.JsonObject;
|
|||
@Component("clientInformationResponse")
|
||||
public class ClientInformationResponseView extends AbstractView {
|
||||
|
||||
// note that this won't serialize nulls by default
|
||||
private Gson gson = new Gson();
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see org.springframework.web.servlet.view.AbstractView#renderMergedOutputModel(java.util.Map, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
|
||||
*/
|
||||
|
|
@ -41,39 +46,65 @@ public class ClientInformationResponseView extends AbstractView {
|
|||
|
||||
response.setContentType("application/json");
|
||||
|
||||
// note that this won't serialize nulls by default
|
||||
Gson gson = new Gson();
|
||||
|
||||
ClientDetailsEntity client = (ClientDetailsEntity) model.get("client");
|
||||
ClientDetailsEntity c = (ClientDetailsEntity) model.get("client");
|
||||
OAuth2AccessTokenEntity token = (OAuth2AccessTokenEntity) model.get("token");
|
||||
HttpStatus code = (HttpStatus) model.get("code");
|
||||
if (code == null) {
|
||||
code = HttpStatus.OK;
|
||||
}
|
||||
|
||||
JsonObject obj = new JsonObject();
|
||||
JsonObject o = new JsonObject();
|
||||
|
||||
obj.addProperty("client_id", client.getClientId());
|
||||
if (client.getClientSecret() != null) {
|
||||
obj.addProperty("client_secret", client.getClientSecret());
|
||||
obj.addProperty("expires_at", 0); // TODO: do we want to let secrets expire?
|
||||
o.addProperty("client_id", c.getClientId());
|
||||
if (c.getClientSecret() != null) {
|
||||
o.addProperty("client_secret", c.getClientSecret());
|
||||
o.addProperty("expires_at", 0); // TODO: do we want to let secrets expire?
|
||||
}
|
||||
obj.addProperty("issued_at", client.getCreatedAt().getTime());
|
||||
o.addProperty("issued_at", c.getCreatedAt().getTime());
|
||||
|
||||
obj.addProperty("registration_access_token", token.getValue());
|
||||
o.addProperty("registration_access_token", token.getValue());
|
||||
|
||||
// TODO: urlencode the client id for safety?
|
||||
String uri = request.getRequestURL() + "/" + client.getClientId();
|
||||
obj.addProperty("registration_client_uri", uri);
|
||||
String uri = request.getRequestURL() + "/" + c.getClientId();
|
||||
o.addProperty("registration_client_uri", uri);
|
||||
|
||||
|
||||
// add in all other client properties
|
||||
|
||||
// OAuth DynReg
|
||||
o.add("redirect_uris", getAsArray(c.getRedirectUris()));
|
||||
o.addProperty("client_name", c.getClientName());
|
||||
o.addProperty("client_uri", c.getClientUri());
|
||||
o.addProperty("logo_uri", c.getLogoUri());
|
||||
o.add("contacts", getAsArray(c.getContacts()));
|
||||
o.addProperty("tos_uri", c.getTosUri());
|
||||
o.addProperty("token_endpoint_auth_method", c.getTokenEndpointAuthMethod() != null ? c.getTokenEndpointAuthMethod().getValue() : null);
|
||||
o.addProperty("scope", c.getScope() != null ? Joiner.on(" ").join(c.getScope()) : null);
|
||||
o.add("grant_types", getAsArray(c.getGrantTypes()));
|
||||
o.addProperty("policy_uri", c.getPolicyUri());
|
||||
o.addProperty("jwks_uri", c.getJwksUri());
|
||||
|
||||
// OIDC Registration
|
||||
o.addProperty("application_type", c.getApplicationType() != null ? c.getApplicationType().getValue() : null);
|
||||
o.addProperty("sector_identifier_uri", c.getSectorIdentifierUri());
|
||||
o.addProperty("subject_type", c.getSubjectType() != null ? c.getSubjectType().getValue() : null);
|
||||
o.addProperty("request_object_signing_alg", c.getRequestObjectSigningAlg() != null ? c.getRequestObjectSigningAlg().getAlgorithmName() : null);
|
||||
o.addProperty("userinfo_signed_response_alg", c.getUserInfoSignedResponseAlg() != null ? c.getUserInfoSignedResponseAlg().getAlgorithmName() : null);
|
||||
o.addProperty("userinfo_encrypted_response_alg", c.getUserInfoEncryptedResponseAlg() != null ? c.getUserInfoEncryptedResponseAlg().getAlgorithmName() : null);
|
||||
o.addProperty("userinfo_encrypted_response_enc", c.getUserInfoEncryptedResponseEnc() != null ? c.getUserInfoEncryptedResponseEnc().getAlgorithmName() : null);
|
||||
o.addProperty("id_token_signed_response_alg", c.getIdTokenSignedResponseAlg() != null ? c.getIdTokenSignedResponseAlg().getAlgorithmName() : null);
|
||||
o.addProperty("id_token_encrypted_response_alg", c.getIdTokenEncryptedResponseAlg() != null ? c.getIdTokenEncryptedResponseAlg().getAlgorithmName() : null);
|
||||
o.addProperty("id_token_encrypted_response_enc", c.getIdTokenEncryptedReponseEnc() != null ? c.getIdTokenEncryptedReponseEnc().getAlgorithmName() : null);
|
||||
o.addProperty("default_max_age", c.getDefaultMaxAge());
|
||||
o.addProperty("require_auth_time", c.getRequireAuthTime());
|
||||
o.add("default_acr_values", getAsArray(c.getDefaultACRvalues()));
|
||||
o.addProperty("initiate_login_uri", c.getInitiateLoginUri());
|
||||
o.addProperty("post_logout_redirect_uri", c.getPostLogoutRedirectUri());
|
||||
o.add("request_uris", getAsArray(c.getRequestUris()));
|
||||
|
||||
try {
|
||||
Writer out = response.getWriter();
|
||||
gson.toJson(obj, out);
|
||||
gson.toJson(o, out);
|
||||
} catch (JsonIOException e) {
|
||||
// TODO Auto-generated catch block
|
||||
e.printStackTrace();
|
||||
|
|
@ -83,5 +114,9 @@ public class ClientInformationResponseView extends AbstractView {
|
|||
}
|
||||
|
||||
}
|
||||
|
||||
private JsonElement getAsArray(Set<String> value) {
|
||||
return gson.toJsonTree(value, new TypeToken<Set<String>>(){}.getType());
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -107,6 +107,19 @@ public class ClientDynamicRegistrationEndpoint {
|
|||
// this client has been dynamically registered (obviously)
|
||||
newClient.setDynamicallyRegistered(true);
|
||||
|
||||
if (newClient.getTokenEndpointAuthMethod() == null) {
|
||||
newClient.setTokenEndpointAuthMethod(AuthMethod.SECRET_BASIC);
|
||||
}
|
||||
|
||||
if (newClient.getTokenEndpointAuthMethod() == AuthMethod.SECRET_BASIC ||
|
||||
newClient.getTokenEndpointAuthMethod() == AuthMethod.SECRET_JWT ||
|
||||
newClient.getTokenEndpointAuthMethod() == AuthMethod.SECRET_POST) {
|
||||
|
||||
// we need to generate a secret
|
||||
newClient = clientService.generateClientSecret(newClient);
|
||||
}
|
||||
|
||||
|
||||
// now save it
|
||||
ClientDetailsEntity savedClient = clientService.saveNewClient(newClient);
|
||||
|
||||
|
|
@ -185,8 +198,8 @@ public class ClientDynamicRegistrationEndpoint {
|
|||
c.setRequestObjectSigningAlg(getAsJwsAlgorithm(o, "request_object_signing_alg"));
|
||||
|
||||
c.setUserInfoSignedResponseAlg(getAsJwsAlgorithm(o, "userinfo_signed_response_alg"));
|
||||
c.setUserInfoEncryptedResponseAlg(getAsJweAlgorithm(o, "user_info_encrypted_response_alg"));
|
||||
c.setUserInfoEncryptedResponseEnc(getAsJweEncryptionMethod(o, "user_info_encrypted_response_enc"));
|
||||
c.setUserInfoEncryptedResponseAlg(getAsJweAlgorithm(o, "userinfo_encrypted_response_alg"));
|
||||
c.setUserInfoEncryptedResponseEnc(getAsJweEncryptionMethod(o, "userinfo_encrypted_response_enc"));
|
||||
|
||||
c.setIdTokenSignedResponseAlg(getAsJwsAlgorithm(o, "id_token_signed_response_alg"));
|
||||
c.setIdTokenEncryptedResponseAlg(getAsJweAlgorithm(o, "id_token_encrypted_response_alg"));
|
||||
|
|
|
|||
Loading…
Reference in New Issue