From 23efdf9f51775c53447721ee5ebb88a5b99f0e28 Mon Sep 17 00:00:00 2001 From: Justin Richer Date: Mon, 4 Mar 2013 16:12:06 -0500 Subject: [PATCH] fix viewbean name, nullsafe client creation time, fixed default scope handling --- .../openid/connect/view/ClientInformationResponseView.java | 7 +++++-- .../connect/web/ClientDynamicRegistrationEndpoint.java | 6 ++++-- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientInformationResponseView.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientInformationResponseView.java index 33eede5a6..4e0800c34 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientInformationResponseView.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientInformationResponseView.java @@ -32,7 +32,7 @@ import com.google.gson.reflect.TypeToken; * @author jricher * */ -@Component("clientInformationResponse") +@Component("clientInformationResponseView") public class ClientInformationResponseView extends AbstractView { // note that this won't serialize nulls by default @@ -60,7 +60,10 @@ public class ClientInformationResponseView extends AbstractView { o.addProperty("client_secret", c.getClientSecret()); o.addProperty("expires_at", 0); // TODO: do we want to let secrets expire? } - o.addProperty("issued_at", c.getCreatedAt().getTime()); + + if (c.getCreatedAt() != null) { + o.addProperty("issued_at", c.getCreatedAt().getTime()); + } o.addProperty("registration_access_token", token.getValue()); diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java index fdd2c5720..2bd6c34a3 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java @@ -77,7 +77,9 @@ public class ClientDynamicRegistrationEndpoint { // scopes that the client is asking for Set requestedScopes = scopeService.fromStrings(newClient.getScope()); - if (requestedScopes == null) { + + // if the client didn't ask for any, give them the defaults + if (requestedScopes == null || requestedScopes.isEmpty()) { requestedScopes = scopeService.getDefaults(); } @@ -131,7 +133,7 @@ public class ClientDynamicRegistrationEndpoint { m.addAttribute("code", HttpStatus.CREATED); // http 201 m.addAttribute("token", token); - return "clientInformationView"; + return "clientInformationResponseView"; } else { // didn't parse, this is a bad request