github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

refactoring submodule common - part 3

pull/1580/head
Dominik František Bučík 2020-03-31 08:56:19 +02:00 committed by Dominik Frantisek Bucik
parent 380a2fbcb8
commit 273106f76b
No known key found for this signature in database
GPG Key ID: 25014C8DB2E7E62D
39 changed files with 325 additions and 1168 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
openid-connect-common/src/main/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessor.java
View File

@ -98,7 +98,6 @@ import static org.mitre.oauth2.model.RegisteredClientFields.USERINFO_SIGNED_RESP
* Utility class to handle the parsing and serialization of ClientDetails objects.
*
* @author jricher
*
*/
public class ClientDetailsEntityJsonProcessor {
@ -106,13 +105,6 @@ public class ClientDetailsEntityJsonProcessor {
private static JsonParser parser = new JsonParser();
/**
*
* Create an unbound ClientDetailsEntity from the given JSON string.
*
* @param jsonString
* @return the entity if successful, null otherwise
*/
public static ClientDetailsEntity parse(String jsonString) {
JsonElement jsonEl = parser.parse(jsonString);
return parse(jsonEl);

8
openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationBeanLocaleResolver.java
View File

@ -30,17 +30,19 @@ import org.springframework.context.i18n.TimeZoneAwareLocaleContext;
import org.springframework.web.servlet.i18n.AbstractLocaleContextResolver;
/**
*
* Resolve the server's locale from the injected ConfigurationPropertiesBean.
*
* @author jricher
*
*/
public class ConfigurationBeanLocaleResolver extends AbstractLocaleContextResolver {
@Autowired
private ConfigurationPropertiesBean config;
@Autowired
public ConfigurationBeanLocaleResolver(ConfigurationPropertiesBean config) {
this.config = config;
}
@Override
protected Locale getDefaultLocale() {
if (config.getLocale() != null) {

96
openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java
View File

@ -42,51 +42,30 @@ import com.google.gson.Gson;
*/
public class ConfigurationPropertiesBean {
/**
* Logger for this class
*/
private static final Logger logger = LoggerFactory.getLogger(ConfigurationPropertiesBean.class);
private String issuer;
private String topbarTitle;
private String shortTopbarTitle;
private String logoImageUrl;
private Long regTokenLifeTime;
private Long rqpTokenLifeTime;
private boolean forceHttps = false; // by default we just log a warning for HTTPS deployment
private Locale locale = Locale.ENGLISH; // we default to the english translation
private List<String> languageNamespaces = Lists.newArrayList("messages");
private boolean dualClient = false;
private boolean heartMode = false;
private boolean allowCompleteDeviceCodeUri = false;
public ConfigurationPropertiesBean() {
public ConfigurationPropertiesBean() { }
}
/**
* Endpoints protected by TLS must have https scheme in the URI.
* @throws HttpsUrlRequiredException
*/
@PostConstruct
public void checkConfigConsistency() {
if (!StringUtils.startsWithIgnoreCase(issuer, "https")) {
if (this.forceHttps) {
logger.error("Configured issuer url is not using https scheme. Server will be shut down!");
throw new BeanCreationException("Issuer is not using https scheme as required: " + issuer);
}
else {
} else {
logger.warn("\n\n**\n** WARNING: Configured issuer url is not using https scheme.\n**\n\n");
}
}
@ -96,37 +75,22 @@ public class ConfigurationPropertiesBean {
}
}
/**
* @return the issuer baseUrl
*/
public String getIssuer() {
return issuer;
}
/**
* @param iss the issuer to set
*/
public void setIssuer(String iss) {
issuer = iss;
}
/**
* @return the topbarTitle
*/
public String getTopbarTitle() {
return topbarTitle;
}
/**
* @param topbarTitle the topbarTitle to set
*/
public void setTopbarTitle(String topbarTitle) {
this.topbarTitle = topbarTitle;
}
/**
* @return If shortTopbarTitle is undefined, returns topbarTitle.
*/
public String getShortTopbarTitle() {
return shortTopbarTitle == null ? topbarTitle : shortTopbarTitle;
}
@ -135,44 +99,26 @@ public class ConfigurationPropertiesBean {
this.shortTopbarTitle = shortTopbarTitle;
}
/**
* @return the logoImageUrl
*/
public String getLogoImageUrl() {
return logoImageUrl;
}
/**
* @param logoImageUrl the logoImageUrl to set
*/
public void setLogoImageUrl(String logoImageUrl) {
this.logoImageUrl = logoImageUrl;
}
/**
* @return the regTokenLifeTime
*/
public Long getRegTokenLifeTime() {
return regTokenLifeTime;
}
/**
* @param regTokenLifeTime the registration token lifetime to set in seconds
*/
public void setRegTokenLifeTime(Long regTokenLifeTime) {
this.regTokenLifeTime = regTokenLifeTime;
}
/**
* @return the rqpTokenLifeTime
*/
public Long getRqpTokenLifeTime() {
return rqpTokenLifeTime;
}
/**
* @param rqpTokenLifeTime the rqpTokenLifeTime to set
*/
public void setRqpTokenLifeTime(Long rqpTokenLifeTime) {
this.rqpTokenLifeTime = rqpTokenLifeTime;
}
@ -185,37 +131,22 @@ public class ConfigurationPropertiesBean {
this.forceHttps = forceHttps;
}
/**
* @return the locale
*/
public Locale getLocale() {
return locale;
}
/**
* @param locale the locale to set
*/
public void setLocale(Locale locale) {
this.locale = locale;
}
/**
* @return the languageNamespaces
*/
public List<String> getLanguageNamespaces() {
return languageNamespaces;
}
/**
* @param languageNamespaces the languageNamespaces to set
*/
public void setLanguageNamespaces(List<String> languageNamespaces) {
this.languageNamespaces = languageNamespaces;
}
/**
* @return true if dual client is configured, otherwise false
*/
public boolean isDualClient() {
if (isHeartMode()) {
return false; // HEART mode is incompatible with dual client mode
@ -224,53 +155,32 @@ public class ConfigurationPropertiesBean {
}
}
/**
* @param dualClient the dual client configuration
*/
public void setDualClient(boolean dualClient) {
this.dualClient = dualClient;
}
/**
* Get the list of namespaces as a JSON string, for injection into the JavaScript UI
* @return
*/
public String getLanguageNamespacesString() {
return new Gson().toJson(getLanguageNamespaces());
}
/**
* Get the default namespace (first in the nonempty list)
*/
public String getDefaultLanguageNamespace() {
return getLanguageNamespaces().get(0);
}
/**
* @return the heartMode
*/
public boolean isHeartMode() {
return heartMode;
}
/**
* @param heartMode the heartMode to set
*/
public void setHeartMode(boolean heartMode) {
this.heartMode = heartMode;
}
/**
* @return the allowCompleteDeviceCodeUri
*/
public boolean isAllowCompleteDeviceCodeUri() {
return allowCompleteDeviceCodeUri;
}
/**
* @param allowCompleteDeviceCodeUri the allowCompleteDeviceCodeUri to set
*/
public void setAllowCompleteDeviceCodeUri(boolean allowCompleteDeviceCodeUri) {
this.allowCompleteDeviceCodeUri = allowCompleteDeviceCodeUri;
}
}

1
openid-connect-common/src/main/java/org/mitre/openid/connect/config/JWKSetEditor.java
View File

@ -26,7 +26,6 @@ import com.nimbusds.jose.jwk.JWKSet;
* Allows JWK Set strings to be used in XML configurations.
*
* @author jricher
*
*/
public class JWKSetEditor extends PropertyEditorSupport {

313
openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java
View File

@ -161,21 +161,13 @@ public class ServerConfiguration {
*/
private String authorizationEndpointUri;
private String tokenEndpointUri;
private String registrationEndpointUri;
private String issuer;
private String jwksUri;
private String userInfoUri;
private String introspectionEndpointUri;
private String revocationEndpointUri;
private String checkSessionIframe;
private String endSessionEndpoint;
private List<String> scopesSupported;
@ -207,11 +199,6 @@ public class ServerConfiguration {
private String opPolicyUri;
private String opTosUri;
//
// extensions to the discoverable methods
//
// how do we send the access token to the userinfo endpoint?
private UserInfoTokenMethod userInfoTokenMethod;
public enum UserInfoTokenMethod {
@ -220,447 +207,298 @@ public class ServerConfiguration {
QUERY;
}
/**
* @return the authorizationEndpointUri
*/
public String getAuthorizationEndpointUri() {
return authorizationEndpointUri;
}
/**
* @param authorizationEndpointUri the authorizationEndpointUri to set
*/
public void setAuthorizationEndpointUri(String authorizationEndpointUri) {
this.authorizationEndpointUri = authorizationEndpointUri;
}
/**
* @return the tokenEndpointUri
*/
public String getTokenEndpointUri() {
return tokenEndpointUri;
}
/**
* @param tokenEndpointUri the tokenEndpointUri to set
*/
public void setTokenEndpointUri(String tokenEndpointUri) {
this.tokenEndpointUri = tokenEndpointUri;
}
/**
* @return the registrationEndpointUri
*/
public String getRegistrationEndpointUri() {
return registrationEndpointUri;
}
/**
* @param registrationEndpointUri the registrationEndpointUri to set
*/
public void setRegistrationEndpointUri(String registrationEndpointUri) {
this.registrationEndpointUri = registrationEndpointUri;
}
/**
* @return the issuer
*/
public String getIssuer() {
return issuer;
}
/**
* @param issuer the issuer to set
*/
public void setIssuer(String issuer) {
this.issuer = issuer;
}
/**
* @return the jwksUri
*/
public String getJwksUri() {
return jwksUri;
}
/**
* @param jwksUri the jwksUri to set
*/
public void setJwksUri(String jwksUri) {
this.jwksUri = jwksUri;
}
/**
* @return the userInfoUri
*/
public String getUserInfoUri() {
return userInfoUri;
}
/**
* @param userInfoUri the userInfoUri to set
*/
public void setUserInfoUri(String userInfoUri) {
this.userInfoUri = userInfoUri;
}
/**
* @return the introspectionEndpointUri
*/
public String getIntrospectionEndpointUri() {
return introspectionEndpointUri;
}
/**
* @param introspectionEndpointUri the introspectionEndpointUri to set
*/
public void setIntrospectionEndpointUri(String introspectionEndpointUri) {
this.introspectionEndpointUri = introspectionEndpointUri;
}
/**
* @return the checkSessionIframe
*/
public String getCheckSessionIframe() {
return checkSessionIframe;
}
/**
* @param checkSessionIframe the checkSessionIframe to set
*/
public void setCheckSessionIframe(String checkSessionIframe) {
this.checkSessionIframe = checkSessionIframe;
}
/**
* @return the endSessionEndpoint
*/
public String getEndSessionEndpoint() {
return endSessionEndpoint;
}
/**
* @param endSessionEndpoint the endSessionEndpoint to set
*/
public void setEndSessionEndpoint(String endSessionEndpoint) {
this.endSessionEndpoint = endSessionEndpoint;
}
/**
* @return the scopesSupported
*/
public List<String> getScopesSupported() {
return scopesSupported;
}
/**
* @param scopesSupported the scopesSupported to set
*/
public void setScopesSupported(List<String> scopesSupported) {
this.scopesSupported = scopesSupported;
}
/**
* @return the responseTypesSupported
*/
public List<String> getResponseTypesSupported() {
return responseTypesSupported;
}
/**
* @param responseTypesSupported the responseTypesSupported to set
*/
public void setResponseTypesSupported(List<String> responseTypesSupported) {
this.responseTypesSupported = responseTypesSupported;
}
/**
* @return the grantTypesSupported
*/
public List<String> getGrantTypesSupported() {
return grantTypesSupported;
}
/**
* @param grantTypesSupported the grantTypesSupported to set
*/
public void setGrantTypesSupported(List<String> grantTypesSupported) {
this.grantTypesSupported = grantTypesSupported;
}
/**
* @return the acrValuesSupported
*/
public List<String> getAcrValuesSupported() {
return acrValuesSupported;
}
/**
* @param acrValuesSupported the acrValuesSupported to set
*/
public void setAcrValuesSupported(List<String> acrValuesSupported) {
this.acrValuesSupported = acrValuesSupported;
}
/**
* @return the subjectTypesSupported
*/
public List<String> getSubjectTypesSupported() {
return subjectTypesSupported;
}
/**
* @param subjectTypesSupported the subjectTypesSupported to set
*/
public void setSubjectTypesSupported(List<String> subjectTypesSupported) {
this.subjectTypesSupported = subjectTypesSupported;
}
/**
* @return the userinfoSigningAlgValuesSupported
*/
public List<JWSAlgorithm> getUserinfoSigningAlgValuesSupported() {
return userinfoSigningAlgValuesSupported;
}
/**
* @param userinfoSigningAlgValuesSupported the userinfoSigningAlgValuesSupported to set
*/
public void setUserinfoSigningAlgValuesSupported(List<JWSAlgorithm> userinfoSigningAlgValuesSupported) {
this.userinfoSigningAlgValuesSupported = userinfoSigningAlgValuesSupported;
}
/**
* @return the userinfoEncryptionAlgValuesSupported
*/
public List<JWEAlgorithm> getUserinfoEncryptionAlgValuesSupported() {
return userinfoEncryptionAlgValuesSupported;
}
/**
* @param userinfoEncryptionAlgValuesSupported the userinfoEncryptionAlgValuesSupported to set
*/
public void setUserinfoEncryptionAlgValuesSupported(List<JWEAlgorithm> userinfoEncryptionAlgValuesSupported) {
this.userinfoEncryptionAlgValuesSupported = userinfoEncryptionAlgValuesSupported;
}
/**
* @return the userinfoEncryptionEncValuesSupported
*/
public List<EncryptionMethod> getUserinfoEncryptionEncValuesSupported() {
return userinfoEncryptionEncValuesSupported;
}
/**
* @param userinfoEncryptionEncValuesSupported the userinfoEncryptionEncValuesSupported to set
*/
public void setUserinfoEncryptionEncValuesSupported(List<EncryptionMethod> userinfoEncryptionEncValuesSupported) {
this.userinfoEncryptionEncValuesSupported = userinfoEncryptionEncValuesSupported;
}
/**
* @return the idTokenSigningAlgValuesSupported
*/
public List<JWSAlgorithm> getIdTokenSigningAlgValuesSupported() {
return idTokenSigningAlgValuesSupported;
}
/**
* @param idTokenSigningAlgValuesSupported the idTokenSigningAlgValuesSupported to set
*/
public void setIdTokenSigningAlgValuesSupported(List<JWSAlgorithm> idTokenSigningAlgValuesSupported) {
this.idTokenSigningAlgValuesSupported = idTokenSigningAlgValuesSupported;
}
/**
* @return the idTokenEncryptionAlgValuesSupported
*/
public List<JWEAlgorithm> getIdTokenEncryptionAlgValuesSupported() {
return idTokenEncryptionAlgValuesSupported;
}
/**
* @param idTokenEncryptionAlgValuesSupported the idTokenEncryptionAlgValuesSupported to set
*/
public void setIdTokenEncryptionAlgValuesSupported(List<JWEAlgorithm> idTokenEncryptionAlgValuesSupported) {
this.idTokenEncryptionAlgValuesSupported = idTokenEncryptionAlgValuesSupported;
}
/**
* @return the idTokenEncryptionEncValuesSupported
*/
public List<EncryptionMethod> getIdTokenEncryptionEncValuesSupported() {
return idTokenEncryptionEncValuesSupported;
}
/**
* @param idTokenEncryptionEncValuesSupported the idTokenEncryptionEncValuesSupported to set
*/
public void setIdTokenEncryptionEncValuesSupported(List<EncryptionMethod> idTokenEncryptionEncValuesSupported) {
this.idTokenEncryptionEncValuesSupported = idTokenEncryptionEncValuesSupported;
}
/**
* @return the requestObjectSigningAlgValuesSupported
*/
public List<JWSAlgorithm> getRequestObjectSigningAlgValuesSupported() {
return requestObjectSigningAlgValuesSupported;
}
/**
* @param requestObjectSigningAlgValuesSupported the requestObjectSigningAlgValuesSupported to set
*/
public void setRequestObjectSigningAlgValuesSupported(List<JWSAlgorithm> requestObjectSigningAlgValuesSupported) {
this.requestObjectSigningAlgValuesSupported = requestObjectSigningAlgValuesSupported;
}
/**
* @return the requestObjectEncryptionAlgValuesSupported
*/
public List<JWEAlgorithm> getRequestObjectEncryptionAlgValuesSupported() {
return requestObjectEncryptionAlgValuesSupported;
}
/**
* @param requestObjectEncryptionAlgValuesSupported the requestObjectEncryptionAlgValuesSupported to set
*/
public void setRequestObjectEncryptionAlgValuesSupported(List<JWEAlgorithm> requestObjectEncryptionAlgValuesSupported) {
this.requestObjectEncryptionAlgValuesSupported = requestObjectEncryptionAlgValuesSupported;
}
/**
* @return the requestObjectEncryptionEncValuesSupported
*/
public List<EncryptionMethod> getRequestObjectEncryptionEncValuesSupported() {
return requestObjectEncryptionEncValuesSupported;
}
/**
* @param requestObjectEncryptionEncValuesSupported the requestObjectEncryptionEncValuesSupported to set
*/
public void setRequestObjectEncryptionEncValuesSupported(List<EncryptionMethod> requestObjectEncryptionEncValuesSupported) {
this.requestObjectEncryptionEncValuesSupported = requestObjectEncryptionEncValuesSupported;
}
/**
* @return the tokenEndpointAuthMethodsSupported
*/
public List<String> getTokenEndpointAuthMethodsSupported() {
return tokenEndpointAuthMethodsSupported;
}
/**
* @param tokenEndpointAuthMethodsSupported the tokenEndpointAuthMethodsSupported to set
*/
public void setTokenEndpointAuthMethodsSupported(List<String> tokenEndpointAuthMethodsSupported) {
this.tokenEndpointAuthMethodsSupported = tokenEndpointAuthMethodsSupported;
}
/**
* @return the tokenEndpointAuthSigningAlgValuesSupported
*/
public List<JWSAlgorithm> getTokenEndpointAuthSigningAlgValuesSupported() {
return tokenEndpointAuthSigningAlgValuesSupported;
}
/**
* @param tokenEndpointAuthSigningAlgValuesSupported the tokenEndpointAuthSigningAlgValuesSupported to set
*/
public void setTokenEndpointAuthSigningAlgValuesSupported(List<JWSAlgorithm> tokenEndpointAuthSigningAlgValuesSupported) {
this.tokenEndpointAuthSigningAlgValuesSupported = tokenEndpointAuthSigningAlgValuesSupported;
}
/**
* @return the displayValuesSupported
*/
public List<String> getDisplayValuesSupported() {
return displayValuesSupported;
}
/**
* @param displayValuesSupported the displayValuesSupported to set
*/
public void setDisplayValuesSupported(List<String> displayValuesSupported) {
this.displayValuesSupported = displayValuesSupported;
}
/**
* @return the claimTypesSupported
*/
public List<String> getClaimTypesSupported() {
return claimTypesSupported;
}
/**
* @param claimTypesSupported the claimTypesSupported to set
*/
public void setClaimTypesSupported(List<String> claimTypesSupported) {
this.claimTypesSupported = claimTypesSupported;
}
/**
* @return the claimsSupported
*/
public List<String> getClaimsSupported() {
return claimsSupported;
}
/**
* @param claimsSupported the claimsSupported to set
*/
public void setClaimsSupported(List<String> claimsSupported) {
this.claimsSupported = claimsSupported;
}
/**
* @return the serviceDocumentation
*/
public String getServiceDocumentation() {
return serviceDocumentation;
}
/**
* @param serviceDocumentation the serviceDocumentation to set
*/
public void setServiceDocumentation(String serviceDocumentation) {
this.serviceDocumentation = serviceDocumentation;
}
/**
* @return the claimsLocalesSupported
*/
public List<String> getClaimsLocalesSupported() {
return claimsLocalesSupported;
}
/**
* @param claimsLocalesSupported the claimsLocalesSupported to set
*/
public void setClaimsLocalesSupported(List<String> claimsLocalesSupported) {
this.claimsLocalesSupported = claimsLocalesSupported;
}
/**
* @return the uiLocalesSupported
*/
public List<String> getUiLocalesSupported() {
return uiLocalesSupported;
}
/**
* @param uiLocalesSupported the uiLocalesSupported to set
*/
public void setUiLocalesSupported(List<String> uiLocalesSupported) {
this.uiLocalesSupported = uiLocalesSupported;
}
/**
* @return the claimsParameterSupported
*/
public Boolean getClaimsParameterSupported() {
return claimsParameterSupported;
}
/**
* @param claimsParameterSupported the claimsParameterSupported to set
*/
public void setClaimsParameterSupported(Boolean claimsParameterSupported) {
this.claimsParameterSupported = claimsParameterSupported;
}
/**
* @return the requestParameterSupported
*/
public Boolean getRequestParameterSupported() {
return requestParameterSupported;
}
/**
* @param requestParameterSupported the requestParameterSupported to set
*/
public void setRequestParameterSupported(Boolean requestParameterSupported) {
this.requestParameterSupported = requestParameterSupported;
}
/**
* @return the requestUriParameterSupported
*/
public Boolean getRequestUriParameterSupported() {
return requestUriParameterSupported;
}
/**
* @param requestUriParameterSupported the requestUriParameterSupported to set
*/
public void setRequestUriParameterSupported(Boolean requestUriParameterSupported) {
this.requestUriParameterSupported = requestUriParameterSupported;
}
/**
* @return the requireRequestUriRegistration
*/
public Boolean getRequireRequestUriRegistration() {
return requireRequestUriRegistration;
}
/**
* @param requireRequestUriRegistration the requireRequestUriRegistration to set
*/
public void setRequireRequestUriRegistration(Boolean requireRequestUriRegistration) {
this.requireRequestUriRegistration = requireRequestUriRegistration;
}
/**
* @return the opPolicyUri
*/
public String getOpPolicyUri() {
return opPolicyUri;
}
/**
* @param opPolicyUri the opPolicyUri to set
*/
public void setOpPolicyUri(String opPolicyUri) {
this.opPolicyUri = opPolicyUri;
}
/**
* @return the opTosUri
*/
public String getOpTosUri() {
return opTosUri;
}
/**
* @param opTosUri the opTosUri to set
*/
public void setOpTosUri(String opTosUri) {
this.opTosUri = opTosUri;
}
@ -668,6 +506,7 @@ public class ServerConfiguration {
public String getRevocationEndpointUri() {
return revocationEndpointUri;
}
public void setRevocationEndpointUri(String revocationEndpointUri) {
this.revocationEndpointUri = revocationEndpointUri;
}
@ -675,9 +514,11 @@ public class ServerConfiguration {
public UserInfoTokenMethod getUserInfoTokenMethod() {
return userInfoTokenMethod;
}
public void setUserInfoTokenMethod(UserInfoTokenMethod userInfoTokenMethod) {
this.userInfoTokenMethod = userInfoTokenMethod;
}
@Override
public int hashCode() {
final int prime = 31;
@ -819,6 +660,7 @@ public class ServerConfiguration {
: userinfoSigningAlgValuesSupported.hashCode());
return result;
}
@Override
public boolean equals(Object obj) {
if (this == obj) {
@ -1118,5 +960,4 @@ public class ServerConfiguration {
return true;
}
}

9
openid-connect-common/src/main/java/org/mitre/openid/connect/config/UIConfiguration.java
View File

@ -19,25 +19,18 @@ package org.mitre.openid.connect.config;
import java.util.Set;
/**
*
* Bean for UI (front-end) configuration to be read at start-up.
*
* @author jricher
*
*/
public class UIConfiguration {
private Set<String> jsFiles;
/**
* @return the jsFiles
*/
public Set<String> getJsFiles() {
return jsFiles;
}
/**
* @param jsFiles the jsFiles to set
*/
public void setJsFiles(Set<String> jsFiles) {
this.jsFiles = jsFiles;
}

26
openid-connect-common/src/main/java/org/mitre/openid/connect/model/Address.java
View File

@ -25,66 +25,66 @@ public interface Address extends Serializable {
* Get the system-specific ID of the Address object
* @return
*/
public Long getId();
Long getId();
/**
* @return the formatted address
*/
public String getFormatted();
String getFormatted();
/**
* @param formatted the formatted address to set
*/
public void setFormatted(String formatted);
void setFormatted(String formatted);
/**
* @return the streetAddress
*/
public String getStreetAddress();
String getStreetAddress();
/**
* @param streetAddress the streetAddress to set
*/
public void setStreetAddress(String streetAddress);
void setStreetAddress(String streetAddress);
/**
* @return the locality
*/
public String getLocality();
String getLocality();
/**
* @param locality the locality to set
*/
public void setLocality(String locality);
void setLocality(String locality);
/**
* @return the region
*/
public String getRegion();
String getRegion();
/**
* @param region the region to set
*/
public void setRegion(String region);
void setRegion(String region);
/**
* @return the postalCode
*/
public String getPostalCode();
String getPostalCode();
/**
* @param postalCode the postalCode to set
*/
public void setPostalCode(String postalCode);
void setPostalCode(String postalCode);
/**
* @return the country
*/
public String getCountry();
String getCountry();
/**
* @param country the country to set
*/
public void setCountry(String country);
void setCountry(String country);
}

78
openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java
View File

@ -54,38 +54,16 @@ public class ApprovedSite {
public static final String PARAM_CLIENT_ID = "clientId";
public static final String PARAM_USER_ID = "userId";
// unique id
private Long id;
// which user made the approval
private String userId;
// which OAuth2 client is this tied to
private String clientId;
// when was this first approved?
private Date creationDate;
// when was this last accessed?
private Date accessDate;
// if this is a time-limited access, when does it run out?
private Date timeoutDate;
// what scopes have been allowed
// this should include all information for what data to access
private Set<String> allowedScopes;
/**
* Empty constructor
*/
public ApprovedSite() {
public ApprovedSite() { }
}
/**
* @return the id
*/
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id")
@ -93,48 +71,30 @@ public class ApprovedSite {
return id;
}
/**
* @param id the id to set
*/
public void setId(Long id) {
this.id = id;
}
/**
* @return the userInfo
*/
@Basic
@Column(name="user_id")
public String getUserId() {
return userId;
}
/**
* @param userInfo the userInfo to set
*/
public void setUserId(String userId) {
this.userId = userId;
}
/**
* @return the clientId
*/
@Basic
@Column(name="client_id")
public String getClientId() {
return clientId;
}
/**
* @param clientId the clientId to set
*/
public void setClientId(String clientId) {
this.clientId = clientId;
}
/**
* @return the creationDate
*/
@Basic
@Temporal(javax.persistence.TemporalType.TIMESTAMP)
@Column(name="creation_date")
@ -142,16 +102,10 @@ public class ApprovedSite {
return creationDate;
}
/**
* @param creationDate the creationDate to set
*/
public void setCreationDate(Date creationDate) {
this.creationDate = creationDate;
}
/**
* @return the accessDate
*/
@Basic
@Temporal(javax.persistence.TemporalType.TIMESTAMP)
@Column(name="access_date")
@ -159,36 +113,21 @@ public class ApprovedSite {
return accessDate;
}
/**
* @param accessDate the accessDate to set
*/
public void setAccessDate(Date accessDate) {
this.accessDate = accessDate;
}
/**
* @return the allowedScopes
*/
@ElementCollection(fetch = FetchType.EAGER)
@CollectionTable(
name="approved_site_scope",
joinColumns=@JoinColumn(name="owner_id")
)
@CollectionTable(name="approved_site_scope", joinColumns=@JoinColumn(name="owner_id"))
@Column(name="scope")
public Set<String> getAllowedScopes() {
return allowedScopes;
}
/**
* @param allowedScopes the allowedScopes to set
*/
public void setAllowedScopes(Set<String> allowedScopes) {
this.allowedScopes = allowedScopes;
}
/**
* @return the timeoutDate
*/
@Basic
@Temporal(javax.persistence.TemporalType.TIMESTAMP)
@Column(name="timeout_date")
@ -196,26 +135,15 @@ public class ApprovedSite {
return timeoutDate;
}
/**
* @param timeoutDate the timeoutDate to set
*/
public void setTimeoutDate(Date timeoutDate) {
this.timeoutDate = timeoutDate;
}
/**
* Has this approval expired?
* @return
*/
@Transient
public boolean isExpired() {
if (getTimeoutDate() != null) {
Date now = new Date();
if (now.after(getTimeoutDate())) {
return true;
} else {
return false;
}
return now.after(getTimeoutDate());
} else {
return false;
}

15
openid-connect-common/src/main/java/org/mitre/openid/connect/model/BlacklistedSite.java
View File

@ -32,7 +32,6 @@ import javax.persistence.Table;
/**
* @author jricher
*
*/
@Entity
@Table(name="blacklisted_site")
@ -43,19 +42,11 @@ public class BlacklistedSite {
public static final String QUERY_ALL = "BlacklistedSite.getAll";
// unique id
private Long id;
// URI pattern to black list
private String uri;
public BlacklistedSite() {
public BlacklistedSite() { }
}
/**
* @return the id
*/
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id")
@ -63,9 +54,6 @@ public class BlacklistedSite {
return id;
}
/**
* @param id the id to set
*/
public void setId(Long id) {
this.id = id;
}
@ -80,5 +68,4 @@ public class BlacklistedSite {
this.uri = uri;
}
}

24
openid-connect-common/src/main/java/org/mitre/openid/connect/model/CachedImage.java
View File

@ -18,7 +18,6 @@ package org.mitre.openid.connect.model;
/**
* @author jricher
*
*/
public class CachedImage {
@ -26,39 +25,26 @@ public class CachedImage {
private String contentType;
private long length;
/**
* @return the data
*/
public byte[] getData() {
return data;
}
/**
* @param data the data to set
*/
public void setData(byte[] data) {
this.data = data;
}
/**
* @return the contentType
*/
public String getContentType() {
return contentType;
}
/**
* @param contentType the contentType to set
*/
public void setContentType(String contentType) {
this.contentType = contentType;
}
/**
* @return the length
*/
public long getLength() {
return length;
}
/**
* @param length the length to set
*/
public void setLength(long length) {
this.length = length;
}

7
openid-connect-common/src/main/java/org/mitre/openid/connect/model/ClientStat.java
View File

@ -18,22 +18,15 @@ package org.mitre.openid.connect.model;
/**
* @author jricher
*
*/
public class ClientStat {
private Integer approvedSiteCount;
/**
* @return the count
*/
public Integer getApprovedSiteCount() {
return approvedSiteCount;
}
/**
* @param count the count to set
*/
public void setApprovedSiteCount(Integer count) {
this.approvedSiteCount = count;
}

74
openid-connect-common/src/main/java/org/mitre/openid/connect/model/DefaultAddress.java
View File

@ -37,17 +37,8 @@ public class DefaultAddress implements Address {
private String postalCode;
private String country;
/**
* Empty constructor
*/
public DefaultAddress() {
public DefaultAddress() { }
}
/**
* Copy constructor from an existing address.
* @param address
*/
public DefaultAddress(Address address) {
setFormatted(address.getFormatted());
setStreetAddress(address.getStreetAddress());
@ -57,106 +48,79 @@ public class DefaultAddress implements Address {
setCountry(address.getCountry());
}
/**
* @return the formatted address string
*/
@Override
@Basic
@Column(name = "formatted")
public String getFormatted() {
return formatted;
}
/**
* @param formatted the formatted address to set
*/
@Override
public void setFormatted(String formatted) {
this.formatted = formatted;
}
/**
* @return the streetAddress
*/
@Override
@Basic
@Column(name="street_address")
public String getStreetAddress() {
return streetAddress;
}
/**
* @param streetAddress the streetAddress to set
*/
@Override
public void setStreetAddress(String streetAddress) {
this.streetAddress = streetAddress;
}
/**
* @return the locality
*/
@Override
@Basic
@Column(name = "locality")
public String getLocality() {
return locality;
}
/**
* @param locality the locality to set
*/
@Override
public void setLocality(String locality) {
this.locality = locality;
}
/**
* @return the region
*/
@Override
@Basic
@Column(name = "region")
public String getRegion() {
return region;
}
/**
* @param region the region to set
*/
@Override
public void setRegion(String region) {
this.region = region;
}
/**
* @return the postalCode
*/
@Override
@Basic
@Column(name="postal_code")
public String getPostalCode() {
return postalCode;
}
/**
* @param postalCode the postalCode to set
*/
@Override
public void setPostalCode(String postalCode) {
this.postalCode = postalCode;
}
/**
* @return the country
*/
@Override
@Basic
@Column(name = "country")
public String getCountry() {
return country;
}
/**
* @param country the country to set
*/
@Override
public void setCountry(String country) {
this.country = country;
}
/**
* @return the id
*/
@Override
@Id
@GeneratedValue(strategy=GenerationType.IDENTITY)
@ -165,16 +129,12 @@ public class DefaultAddress implements Address {
return id;
}
/**
* @param id the id to set
*/
public void setId(Long id) {
this.id = id;
}
/* (non-Javadoc)
* @see java.lang.Object#hashCode()
*/
@Override
public int hashCode() {
final int prime = 31;
@ -189,9 +149,7 @@ public class DefaultAddress implements Address {
return result;
}
/* (non-Javadoc)
* @see java.lang.Object#equals(java.lang.Object)
*/
@Override
public boolean equals(Object obj) {
if (this == obj) {

198
openid-connect-common/src/main/java/org/mitre/openid/connect/model/DefaultUserInfo.java
View File

@ -80,305 +80,228 @@ public class DefaultUserInfo implements UserInfo {
private transient JsonObject src; // source JSON if this is loaded remotely
/**
* @return the id
*/
@Id
@GeneratedValue(strategy=GenerationType.IDENTITY)
@Column(name = "id")
public Long getId() {
return id;
}
/**
* @param id the id to set
*/
public void setId(Long id) {
this.id = id;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#getUserId()
*/
@Override
@Basic
@Column(name="sub")
public String getSub() {
return sub;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#setUserId(java.lang.String)
*/
@Override
public void setSub(String sub) {
this.sub = sub;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#getPreferredUsername
*/
@Override
@Basic
@Column(name="preferred_username")
public String getPreferredUsername() {
return this.preferredUsername;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#setPreferredUsername(java.lang.String)
*/
@Override
public void setPreferredUsername(String preferredUsername) {
this.preferredUsername = preferredUsername;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#getName()
*/
@Override
@Basic
@Column(name = "name")
public String getName() {
return name;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#setName(java.lang.String)
*/
@Override
public void setName(String name) {
this.name = name;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#getGivenName()
*/
@Override
@Basic
@Column(name="given_name")
public String getGivenName() {
return givenName;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#setGivenName(java.lang.String)
*/
@Override
public void setGivenName(String givenName) {
this.givenName = givenName;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#getFamilyName()
*/
@Override
@Basic
@Column(name="family_name")
public String getFamilyName() {
return familyName;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#setFamilyName(java.lang.String)
*/
@Override
public void setFamilyName(String familyName) {
this.familyName = familyName;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#getMiddleName()
*/
@Override
@Basic
@Column(name="middle_name")
public String getMiddleName() {
return middleName;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#setMiddleName(java.lang.String)
*/
@Override
public void setMiddleName(String middleName) {
this.middleName = middleName;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#getNickname()
*/
@Override
@Basic
@Column(name = "nickname")
public String getNickname() {
return nickname;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#setNickname(java.lang.String)
*/
@Override
public void setNickname(String nickname) {
this.nickname = nickname;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#getProfile()
*/
@Override
@Basic
@Column(name = "profile")
public String getProfile() {
return profile;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#setProfile(java.lang.String)
*/
@Override
public void setProfile(String profile) {
this.profile = profile;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#getPicture()
*/
@Override
@Basic
@Column(name = "picture")
public String getPicture() {
return picture;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#setPicture(java.lang.String)
*/
@Override
public void setPicture(String picture) {
this.picture = picture;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#getWebsite()
*/
@Override
@Basic
@Column(name = "website")
public String getWebsite() {
return website;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#setWebsite(java.lang.String)
*/
@Override
public void setWebsite(String website) {
this.website = website;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#getEmail()
*/
@Override
@Basic
@Column(name = "email")
public String getEmail() {
return email;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#setEmail(java.lang.String)
*/
@Override
public void setEmail(String email) {
this.email = email;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#getVerified()
*/
@Override
@Basic
@Column(name="email_verified")
public Boolean getEmailVerified() {
return emailVerified;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#setVerified(java.lang.boolean)
*/
@Override
public void setEmailVerified(Boolean emailVerified) {
this.emailVerified = emailVerified;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#getGender()
*/
@Override
@Basic
@Column(name = "gender")
public String getGender() {
return gender;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#setGender(java.lang.String)
*/
@Override
public void setGender(String gender) {
this.gender = gender;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#getZoneinfo()
*/
@Override
@Basic
@Column(name="zone_info")
public String getZoneinfo() {
return zoneinfo;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#setZoneinfo(java.lang.String)
*/
@Override
public void setZoneinfo(String zoneinfo) {
this.zoneinfo = zoneinfo;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#getLocale()
*/
@Override
@Basic
@Column(name = "locale")
public String getLocale() {
return locale;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#setLocale(java.lang.String)
*/
@Override
public void setLocale(String locale) {
this.locale = locale;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#getPhoneNumber()
*/
@Override
@Basic
@Column(name="phone_number")
public String getPhoneNumber() {
return phoneNumber;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#setPhoneNumber(java.lang.String)
*/
@Override
public void setPhoneNumber(String phoneNumber) {
this.phoneNumber = phoneNumber;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#getPhoneNumberVerified()
*/
@Override
@Basic
@Column(name="phone_number_verified")
public Boolean getPhoneNumberVerified() {
return phoneNumberVerified;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#setPhoneNumberVerified(java.lang.Boolean)
*/
@Override
public void setPhoneNumberVerified(Boolean phoneNumberVerified) {
this.phoneNumberVerified = phoneNumberVerified;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#getAddress()
*/
@Override
@OneToOne(targetEntity = DefaultAddress.class, cascade = CascadeType.ALL)
@JoinColumn(name="address_id")
public Address getAddress() {
return address;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#setAddress(org.mitre.openid.connect.model.Address)
*/
@Override
public void setAddress(Address address) {
if (address != null) {
@ -387,35 +310,26 @@ public class DefaultUserInfo implements UserInfo {
this.address = null;
}
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#getUpdatedTime()
*/
@Override
@Basic
@Column(name="updated_time")
public String getUpdatedTime() {
return updatedTime;
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.model.UserInfo#setUpdatedTime(java.lang.String)
*/
@Override
public void setUpdatedTime(String updatedTime) {
this.updatedTime = updatedTime;
}
/**
* @return the birthdate
*/
@Override
@Basic
@Column(name="birthdate")
public String getBirthdate() {
return birthdate;
}
/**
* @param birthdate the birthdate to set
*/
@Override
public void setBirthdate(String birthdate) {
this.birthdate = birthdate;
@ -424,11 +338,9 @@ public class DefaultUserInfo implements UserInfo {
@Override
public JsonObject toJson() {
if (src == null) {
JsonObject obj = new JsonObject();
obj.addProperty("sub", this.getSub());
obj.addProperty("name", this.getName());
obj.addProperty("preferred_username", this.getPreferredUsername());
obj.addProperty("given_name", this.getGivenName());
@ -451,7 +363,6 @@ public class DefaultUserInfo implements UserInfo {
obj.addProperty("phone_number_verified", this.getPhoneNumberVerified());
if (this.getAddress() != null) {
JsonObject addr = new JsonObject();
addr.addProperty("formatted", this.getAddress().getFormatted());
addr.addProperty("street_address", this.getAddress().getStreetAddress());
@ -462,19 +373,13 @@ public class DefaultUserInfo implements UserInfo {
obj.add("address", addr);
}
return obj;
} else {
return src;
}
}
/**
* Parse a JsonObject into a UserInfo.
* @param o
* @return
*/
public static UserInfo fromJson(JsonObject obj) {
DefaultUserInfo ui = new DefaultUserInfo();
ui.setSource(obj);
@ -515,13 +420,9 @@ public class DefaultUserInfo implements UserInfo {
}
return ui;
}
/**
* @return the jsonString
*/
@Override
@Basic
@Column(name = "src")
@ -530,21 +431,14 @@ public class DefaultUserInfo implements UserInfo {
return src;
}
/**
* @param jsonString the jsonString to set
*/
public void setSource(JsonObject src) {
this.src = src;
}
private static String nullSafeGetString(JsonObject obj, String field) {
return obj.has(field) && obj.get(field).isJsonPrimitive() ? obj.get(field).getAsString() : null;
}
/* (non-Javadoc)
* @see java.lang.Object#hashCode()
*/
@Override
public int hashCode() {
final int prime = 31;
@ -573,9 +467,6 @@ public class DefaultUserInfo implements UserInfo {
return result;
}
/* (non-Javadoc)
* @see java.lang.Object#equals(java.lang.Object)
*/
@Override
public boolean equals(Object obj) {
if (this == obj) {
@ -738,10 +629,6 @@ public class DefaultUserInfo implements UserInfo {
return true;
}
/*
* Custom serialization to handle the JSON object
*/
private void writeObject(ObjectOutputStream out) throws IOException {
out.defaultWriteObject();
if (src == null) {
@ -750,6 +637,7 @@ public class DefaultUserInfo implements UserInfo {
out.writeObject(src.toString());
}
}
private void readObject(ObjectInputStream in) throws IOException, ClassNotFoundException {
in.defaultReadObject();
Object o = in.readObject();

45
openid-connect-common/src/main/java/org/mitre/openid/connect/model/OIDCAuthenticationToken.java
View File

@ -31,9 +31,7 @@ import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.JWTParser;
/**
*
* @author Michael Walsh, Justin Richer
*
*/
public class OIDCAuthenticationToken extends AbstractAuthenticationToken {
@ -48,21 +46,10 @@ public class OIDCAuthenticationToken extends AbstractAuthenticationToken {
private final UserInfo userInfo; // user info container
/**
* Constructs OIDCAuthenticationToken with a full set of authorities, marking this as authenticated.
*
* Set to authenticated.
*
* Constructs a Principal out of the subject and issuer.
* @param subject
* @param authorities
* @param principal
* @param idToken
*/
public OIDCAuthenticationToken(String subject, String issuer,
UserInfo userInfo, Collection<? extends GrantedAuthority> authorities,
JWT idToken, String accessTokenValue, String refreshTokenValue) {
JWT idToken, String accessTokenValue, String refreshTokenValue)
{
super(authorities);
this.principal = ImmutableMap.of("sub", subject, "iss", issuer);
@ -76,20 +63,11 @@ public class OIDCAuthenticationToken extends AbstractAuthenticationToken {
setAuthenticated(true);
}
/*
* (non-Javadoc)
*
* @see org.springframework.security.core.Authentication#getCredentials()
*/
@Override
public Object getCredentials() {
return accessTokenValue;
}
/**
* Get the principal of this object, an immutable map of the subject and issuer.
*/
@Override
public Object getPrincipal() {
return principal;
@ -99,44 +77,26 @@ public class OIDCAuthenticationToken extends AbstractAuthenticationToken {
return sub;
}
/**
* @return the idTokenValue
*/
public JWT getIdToken() {
return idToken;
}
/**
* @return the accessTokenValue
*/
public String getAccessTokenValue() {
return accessTokenValue;
}
/**
* @return the refreshTokenValue
*/
public String getRefreshTokenValue() {
return refreshTokenValue;
}
/**
* @return the issuer
*/
public String getIssuer() {
return issuer;
}
/**
* @return the userInfo
*/
public UserInfo getUserInfo() {
return userInfo;
}
/*
* Custom serialization to handle the JSON object
*/
private void writeObject(ObjectOutputStream out) throws IOException {
out.defaultWriteObject();
if (idToken == null) {
@ -145,6 +105,7 @@ public class OIDCAuthenticationToken extends AbstractAuthenticationToken {
out.writeObject(idToken.serialize());
}
}
private void readObject(ObjectInputStream in) throws IOException, ClassNotFoundException, ParseException {
in.defaultReadObject();
Object o = in.readObject();

25
openid-connect-common/src/main/java/org/mitre/openid/connect/model/PairwiseIdentifier.java
View File

@ -56,9 +56,6 @@ public class PairwiseIdentifier {
private String userSub;
private String sectorIdentifier;
/**
* @return the id
*/
@Id
@GeneratedValue(strategy=GenerationType.IDENTITY)
@Column(name = "id")
@ -66,58 +63,38 @@ public class PairwiseIdentifier {
return id;
}
/**
* @param id the id to set
*/
public void setId(Long id) {
this.id = id;
}
/**
* @return the identifier
*/
@Basic
@Column(name = "identifier")
public String getIdentifier() {
return identifier;
}
/**
* @param identifier the identifier to set
*/
public void setIdentifier(String identifier) {
this.identifier = identifier;
}
/**
* @return the userSub
*/
@Basic
@Column(name = PairwiseIdentifier.PARAM_SUB)
public String getUserSub() {
return userSub;
}
/**
* @param userSub the userSub to set
*/
public void setUserSub(String userSub) {
this.userSub = userSub;
}
/**
* @return the sectorIdentifier
*/
@Basic
@Column(name = "sector_identifier")
public String getSectorIdentifier() {
return sectorIdentifier;
}
/**
* @param sectorIdentifier the sectorIdentifier to set
*/
public void setSectorIdentifier(String sectorIdentifier) {
this.sectorIdentifier = sectorIdentifier;
}
}

42
openid-connect-common/src/main/java/org/mitre/openid/connect/model/PendingOIDCAuthenticationToken.java
View File

@ -34,7 +34,6 @@ import com.nimbusds.jwt.JWTParser;
* AuthenticationToken for use as a data shuttle from the filter to the auth provider.
*
* @author jricher
*
*/
public class PendingOIDCAuthenticationToken extends AbstractAuthenticationToken {
@ -49,19 +48,10 @@ public class PendingOIDCAuthenticationToken extends AbstractAuthenticationToken
private final transient ServerConfiguration serverConfiguration; // server configuration used to fulfill this token, don't serialize it
/**
* Constructs OIDCAuthenticationToken for use as a data shuttle from the filter to the auth provider.
*
* Set to not-authenticated.
*
* Constructs a Principal out of the subject and issuer.
* @param sub
* @param idToken
*/
public PendingOIDCAuthenticationToken (String subject, String issuer,
ServerConfiguration serverConfiguration,
JWT idToken, String accessTokenValue, String refreshTokenValue) {
JWT idToken, String accessTokenValue, String refreshTokenValue)
{
super(new ArrayList<GrantedAuthority>(0));
this.principal = ImmutableMap.of("sub", subject, "iss", issuer);
@ -73,23 +63,14 @@ public class PendingOIDCAuthenticationToken extends AbstractAuthenticationToken
this.serverConfiguration = serverConfiguration;
setAuthenticated(false);
}
/*
* (non-Javadoc)
*
* @see org.springframework.security.core.Authentication#getCredentials()
*/
@Override
public Object getCredentials() {
return accessTokenValue;
}
/**
* Get the principal of this object, an immutable map of the subject and issuer.
*/
@Override
public Object getPrincipal() {
return principal;
@ -99,44 +80,26 @@ public class PendingOIDCAuthenticationToken extends AbstractAuthenticationToken
return sub;
}
/**
* @return the idTokenValue
*/
public JWT getIdToken() {
return idToken;
}
/**
* @return the accessTokenValue
*/
public String getAccessTokenValue() {
return accessTokenValue;
}
/**
* @return the refreshTokenValue
*/
public String getRefreshTokenValue() {
return refreshTokenValue;
}
/**
* @return the serverConfiguration
*/
public ServerConfiguration getServerConfiguration() {
return serverConfiguration;
}
/**
* @return the issuer
*/
public String getIssuer() {
return issuer;
}
/*
* Custom serialization to handle the JSON object
*/
private void writeObject(ObjectOutputStream out) throws IOException {
out.defaultWriteObject();
if (idToken == null) {
@ -145,6 +108,7 @@ public class PendingOIDCAuthenticationToken extends AbstractAuthenticationToken
out.writeObject(idToken.serialize());
}
}
private void readObject(ObjectInputStream in) throws IOException, ClassNotFoundException, ParseException {
in.defaultReadObject();
Object o = in.readObject();

217
openid-connect-common/src/main/java/org/mitre/openid/connect/model/UserInfo.java
View File

@ -24,221 +24,88 @@ import com.google.gson.JsonObject;
public interface UserInfo extends Serializable {
/**
* @return the userId
*/
public String getSub();
String getSub();
/**
* @param sub the userId to set
*/
public void setSub(String sub);
void setSub(String sub);
/**
* @return the preferred username
*/
public String getPreferredUsername();
String getPreferredUsername();
/**
* @param preferredUsername the preferredUsername to set
*/
public void setPreferredUsername(String preferredUsername);
void setPreferredUsername(String preferredUsername);
/**
* @return the name
*/
public String getName();
String getName();
/**
* @param name the name to set
*/
public void setName(String name);
void setName(String name);
/**
* @return the givenName
*/
public String getGivenName();
String getGivenName();
/**
* @param givenName the givenName to set
*/
public void setGivenName(String givenName);
void setGivenName(String givenName);
/**
* @return the familyName
*/
public String getFamilyName();
String getFamilyName();
/**
* @param familyName the familyName to set
*/
public void setFamilyName(String familyName);
void setFamilyName(String familyName);
/**
* @return the middleName
*/
public String getMiddleName();
String getMiddleName();
/**
* @param middleName the middleName to set
*/
public void setMiddleName(String middleName);
void setMiddleName(String middleName);
/**
* @return the nickname
*/
public String getNickname();
String getNickname();
/**
* @param nickname the nickname to set
*/
public void setNickname(String nickname);
void setNickname(String nickname);
/**
* @return the profile
*/
public String getProfile();
String getProfile();
/**
* @param profile the profile to set
*/
public void setProfile(String profile);
void setProfile(String profile);
/**
* @return the picture
*/
public String getPicture();
String getPicture();
/**
* @param picture the picture to set
*/
public void setPicture(String picture);
void setPicture(String picture);
/**
* @return the website
*/
public String getWebsite();
String getWebsite();
/**
* @param website the website to set
*/
public void setWebsite(String website);
void setWebsite(String website);
/**
* @return the email
*/
public String getEmail();
String getEmail();
/**
* @param email the email to set
*/
public void setEmail(String email);
void setEmail(String email);
/**
* @return the verified
*/
public Boolean getEmailVerified();
Boolean getEmailVerified();
/**
* @param verified the verified to set
*/
public void setEmailVerified(Boolean emailVerified);
void setEmailVerified(Boolean emailVerified);
/**
* @return the gender
*/
public String getGender();
String getGender();
/**
* @param gender the gender to set
*/
public void setGender(String gender);
void setGender(String gender);
/**
* @return the zoneinfo
*/
public String getZoneinfo();
String getZoneinfo();
/**
* @param zoneinfo the zoneinfo to set
*/
public void setZoneinfo(String zoneinfo);
void setZoneinfo(String zoneinfo);
/**
* @return the locale
*/
public String getLocale();
String getLocale();
/**
* @param locale the locale to set
*/
public void setLocale(String locale);
void setLocale(String locale);
/**
* @return the phoneNumber
*/
public String getPhoneNumber();
String getPhoneNumber();
/**
* @param phoneNumber the phoneNumber to set
*/
public void setPhoneNumber(String phoneNumber);
void setPhoneNumber(String phoneNumber);
/**
*
*/
public Boolean getPhoneNumberVerified();
Boolean getPhoneNumberVerified();
/**
*
* @param phoneNumberVerified
*/
public void setPhoneNumberVerified(Boolean phoneNumberVerified);
void setPhoneNumberVerified(Boolean phoneNumberVerified);
/**
* @return the address
*/
public Address getAddress();
Address getAddress();
/**
* @param address the address to set
*/
public void setAddress(Address address);
void setAddress(Address address);
/**
* @return the updatedTime
*/
public String getUpdatedTime();
String getUpdatedTime();
/**
* @param updatedTime the updatedTime to set
*/
public void setUpdatedTime(String updatedTime);
void setUpdatedTime(String updatedTime);
String getBirthdate();
/**
*
* @return
*/
public String getBirthdate();
void setBirthdate(String birthdate);
/**
*
* @param birthdate
*/
public void setBirthdate(String birthdate);
JsonObject toJson();
/**
* Serialize this UserInfo object to JSON.
*
* @return
*/
public JsonObject toJson();
/**
* The JSON source of this UserInfo (if it was fetched), or null if it's local.
* @return
*/
public JsonObject getSource();
JsonObject getSource();
}

39
openid-connect-common/src/main/java/org/mitre/openid/connect/model/WhitelistedSite.java
View File

@ -55,29 +55,13 @@ public class WhitelistedSite {
public static final String PARAM_USER_ID = "userId";
public static final String PARAM_CLIENT_ID = "clientId";
// unique id
private Long id;
// Reference to the admin user who created this entry
private String creatorUserId;
// which OAuth2 client is this tied to
private String clientId;
// what scopes be allowed by default
// this should include all information for what data to access
private Set<String> allowedScopes;
/**
* Empty constructor
*/
public WhitelistedSite() {
public WhitelistedSite() { }
}
/**
* @return the id
*/
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id")
@ -85,45 +69,27 @@ public class WhitelistedSite {
return id;
}
/**
* @param id the id to set
*/
public void setId(Long id) {
this.id = id;
}
/**
* @return the clientId
*/
@Basic
@Column(name="client_id")
public String getClientId() {
return clientId;
}
/**
* @param clientId the clientId to set
*/
public void setClientId(String clientId) {
this.clientId = clientId;
}
/**
* @return the allowedScopes
*/
@ElementCollection(fetch = FetchType.EAGER)
@CollectionTable(
name="whitelisted_site_scope",
joinColumns=@JoinColumn(name="owner_id")
)
@CollectionTable(name="whitelisted_site_scope", joinColumns=@JoinColumn(name="owner_id"))
@Column(name="scope")
public Set<String> getAllowedScopes() {
return allowedScopes;
}
/**
* @param allowedScopes the allowedScopes to set
*/
public void setAllowedScopes(Set<String> allowedScopes) {
this.allowedScopes = allowedScopes;
}
@ -137,4 +103,5 @@ public class WhitelistedSite {
public void setCreatorUserId(String creatorUserId) {
this.creatorUserId = creatorUserId;
}
}

17
openid-connect-common/src/main/java/org/mitre/openid/connect/model/convert/JsonObjectStringConverter.java
View File

@ -22,10 +22,10 @@ import javax.persistence.Converter;
import com.google.common.base.Strings;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import org.springframework.util.StringUtils;
/**
* @author jricher
*
*/
@Converter
public class JsonObjectStringConverter implements AttributeConverter<JsonObject, String> {
@ -34,23 +34,12 @@ public class JsonObjectStringConverter implements AttributeConverter<JsonObject,
@Override
public String convertToDatabaseColumn(JsonObject attribute) {
if (attribute != null) {
return attribute.toString();
} else {
return null;
}
return attribute != null ? attribute.toString() : null;
}
/* (non-Javadoc)
* @see javax.persistence.AttributeConverter#convertToEntityAttribute(java.lang.Object)
*/
@Override
public JsonObject convertToEntityAttribute(String dbData) {
if (!Strings.isNullOrEmpty(dbData)) {
return parser.parse(dbData).getAsJsonObject();
} else {
return null;
}
return !StringUtils.isEmpty(dbData) ? parser.parse(dbData).getAsJsonObject() : null;
}
}

2
openid-connect-common/src/main/java/org/mitre/openid/connect/repository/AddressRepository.java
View File

@ -34,6 +34,6 @@ public interface AddressRepository {
* id the id of the Address
* @return a valid Address if it exists, null otherwise
*/
public Address getById(Long id);
Address getById(Long id);
}

14
openid-connect-common/src/main/java/org/mitre/openid/connect/repository/ApprovedSiteRepository.java
View File

@ -36,14 +36,14 @@ public interface ApprovedSiteRepository {
* id the id of the ApprovedSite
* @return a valid ApprovedSite if it exists, null otherwise
*/
public ApprovedSite getById(Long id);
ApprovedSite getById(Long id);
/**
* Return a collection of all ApprovedSites managed by this repository
*
* @return the ApprovedSite collection, or null
*/
public Collection<ApprovedSite> getAll();
Collection<ApprovedSite> getAll();
/**
* Return a collection of ApprovedSite managed by this repository matching the
@ -53,7 +53,7 @@ public interface ApprovedSiteRepository {
* @param userId
* @return
*/
public Collection<ApprovedSite> getByClientIdAndUserId(String clientId, String userId);
Collection<ApprovedSite> getByClientIdAndUserId(String clientId, String userId);
/**
* Removes the given ApprovedSite from the repository
@ -61,7 +61,7 @@ public interface ApprovedSiteRepository {
* @param aggregator
* the ApprovedSite object to remove
*/
public void remove(ApprovedSite approvedSite);
void remove(ApprovedSite approvedSite);
/**
* Persists an ApprovedSite
@ -70,20 +70,20 @@ public interface ApprovedSiteRepository {
* valid ApprovedSite instance
* @return the persisted entity
*/
public ApprovedSite save(ApprovedSite approvedSite);
ApprovedSite save(ApprovedSite approvedSite);
/**
* Get all sites approved by this user
* @param userId
* @return
*/
public Collection<ApprovedSite> getByUserId(String userId);
Collection<ApprovedSite> getByUserId(String userId);
/**
* Get all sites associated with this client
* @param clientId
* @return
*/
public Collection<ApprovedSite> getByClientId(String clientId);
Collection<ApprovedSite> getByClientId(String clientId);
}

10
openid-connect-common/src/main/java/org/mitre/openid/connect/repository/BlacklistedSiteRepository.java
View File

@ -30,14 +30,14 @@ import org.mitre.openid.connect.model.BlacklistedSite;
*/
public interface BlacklistedSiteRepository {
public Collection<BlacklistedSite> getAll();
Collection<BlacklistedSite> getAll();
public BlacklistedSite getById(Long id);
BlacklistedSite getById(Long id);
public void remove(BlacklistedSite blacklistedSite);
void remove(BlacklistedSite blacklistedSite);
public BlacklistedSite save(BlacklistedSite blacklistedSite);
BlacklistedSite save(BlacklistedSite blacklistedSite);
public BlacklistedSite update(BlacklistedSite oldBlacklistedSite, BlacklistedSite blacklistedSite);
BlacklistedSite update(BlacklistedSite oldBlacklistedSite, BlacklistedSite blacklistedSite);
}

4
openid-connect-common/src/main/java/org/mitre/openid/connect/repository/PairwiseIdentifierRepository.java
View File

@ -35,13 +35,13 @@ public interface PairwiseIdentifierRepository {
* @param sectorIdentifierUri
* @return
*/
public PairwiseIdentifier getBySectorIdentifier(String sub, String sectorIdentifierUri);
PairwiseIdentifier getBySectorIdentifier(String sub, String sectorIdentifierUri);
/**
* Save a pairwise identifier to the database.
*
* @param pairwise
*/
public void save(PairwiseIdentifier pairwise);
void save(PairwiseIdentifier pairwise);
}

4
openid-connect-common/src/main/java/org/mitre/openid/connect/repository/UserInfoRepository.java
View File

@ -32,7 +32,7 @@ public interface UserInfoRepository {
* @param username
* @return
*/
public UserInfo getByUsername(String username);
UserInfo getByUsername(String username);
/**
*
@ -41,6 +41,6 @@ public interface UserInfoRepository {
* @param email
* @return
*/
public UserInfo getByEmailAddress(String email);
UserInfo getByEmailAddress(String email);
}

14
openid-connect-common/src/main/java/org/mitre/openid/connect/repository/WhitelistedSiteRepository.java
View File

@ -34,7 +34,7 @@ public interface WhitelistedSiteRepository {
*
* @return the WhitelistedSite collection, or null
*/
public Collection<WhitelistedSite> getAll();
Collection<WhitelistedSite> getAll();
/**
* Returns the WhitelistedSite for the given id
@ -43,7 +43,7 @@ public interface WhitelistedSiteRepository {
* id the id of the WhitelistedSite
* @return a valid WhitelistedSite if it exists, null otherwise
*/
public WhitelistedSite getById(Long id);
WhitelistedSite getById(Long id);
/**
* Find a WhitelistedSite by its associated ClientDetails reference
@ -51,7 +51,7 @@ public interface WhitelistedSiteRepository {
* @param client the Relying Party
* @return the corresponding WhitelistedSite if one exists for the RP, or null
*/
public WhitelistedSite getByClientId(String clientId);
WhitelistedSite getByClientId(String clientId);
/**
* Return a collection of the WhitelistedSites created by a given user
@ -59,7 +59,7 @@ public interface WhitelistedSiteRepository {
* @param creator the id of the admin who may have created some WhitelistedSites
* @return the collection of corresponding WhitelistedSites, if any, or null
*/
public Collection<WhitelistedSite> getByCreator(String creatorId);
Collection<WhitelistedSite> getByCreator(String creatorId);
/**
* Removes the given IdToken from the repository
@ -67,7 +67,7 @@ public interface WhitelistedSiteRepository {
* @param whitelistedSite
* the WhitelistedSite object to remove
*/
public void remove(WhitelistedSite whitelistedSite);
void remove(WhitelistedSite whitelistedSite);
/**
* Persists a WhitelistedSite
@ -75,7 +75,7 @@ public interface WhitelistedSiteRepository {
* @param whitelistedSite
* @return
*/
public WhitelistedSite save(WhitelistedSite whiteListedSite);
WhitelistedSite save(WhitelistedSite whiteListedSite);
/**
* Persist changes to a whitelistedSite. The ID of oldWhitelistedSite is retained.
@ -83,6 +83,6 @@ public interface WhitelistedSiteRepository {
* @param whitelistedSite
* @return
*/
public WhitelistedSite update(WhitelistedSite oldWhitelistedSite, WhitelistedSite whitelistedSite);
WhitelistedSite update(WhitelistedSite oldWhitelistedSite, WhitelistedSite whitelistedSite);
}

23
openid-connect-common/src/main/java/org/mitre/openid/connect/service/ApprovedSiteService.java
View File

@ -34,15 +34,14 @@ import org.springframework.security.oauth2.provider.ClientDetails;
*/
public interface ApprovedSiteService {
public ApprovedSite createApprovedSite(String clientId, String userId, Date timeoutDate, Set<String> allowedScopes);
ApprovedSite createApprovedSite(String clientId, String userId, Date timeoutDate, Set<String> allowedScopes);
/**
* Return a collection of all ApprovedSites
*
* @return the ApprovedSite collection, or null
*/
public Collection<ApprovedSite> getAll();
Collection<ApprovedSite> getAll();
/**
* Return a collection of ApprovedSite managed by this repository matching the
@ -52,7 +51,7 @@ public interface ApprovedSiteService {
* @param userId
* @return
*/
public Collection<ApprovedSite> getByClientIdAndUserId(String clientId, String userId);
Collection<ApprovedSite> getByClientIdAndUserId(String clientId, String userId);
/**
* Save an ApprovedSite
@ -60,7 +59,7 @@ public interface ApprovedSiteService {
* @param approvedSite
* the ApprovedSite to be saved
*/
public ApprovedSite save(ApprovedSite approvedSite);
ApprovedSite save(ApprovedSite approvedSite);
/**
* Get ApprovedSite for id
@ -69,7 +68,7 @@ public interface ApprovedSiteService {
* id for ApprovedSite
* @return ApprovedSite for id, or null
*/
public ApprovedSite getById(Long id);
ApprovedSite getById(Long id);
/**
* Remove the ApprovedSite
@ -77,38 +76,38 @@ public interface ApprovedSiteService {
* @param approvedSite
* the ApprovedSite to remove
*/
public void remove(ApprovedSite approvedSite);
void remove(ApprovedSite approvedSite);
/**
* Get all sites approved by this user
* @param userId
* @return
*/
public Collection<ApprovedSite> getByUserId(String userId);
Collection<ApprovedSite> getByUserId(String userId);
/**
* Get all sites associated with this client
* @param clientId
* @return
*/
public Collection<ApprovedSite> getByClientId(String clientId);
Collection<ApprovedSite> getByClientId(String clientId);
/**
* Clear out any approved sites for a given client.
* @param client
*/
public void clearApprovedSitesForClient(ClientDetails client);
void clearApprovedSitesForClient(ClientDetails client);
/**
* Remove all expired approved sites fromt he data store.
* @return
*/
public void clearExpiredSites();
void clearExpiredSites();
/**
* Return all approved access tokens for the site.
* @return
*/
public List<OAuth2AccessTokenEntity> getApprovedAccessTokens(ApprovedSite approvedSite);
List<OAuth2AccessTokenEntity> getApprovedAccessTokens(ApprovedSite approvedSite);
}

12
openid-connect-common/src/main/java/org/mitre/openid/connect/service/BlacklistedSiteService.java
View File

@ -30,16 +30,16 @@ import org.mitre.openid.connect.model.BlacklistedSite;
*/
public interface BlacklistedSiteService {
public Collection<BlacklistedSite> getAll();
Collection<BlacklistedSite> getAll();
public BlacklistedSite getById(Long id);
BlacklistedSite getById(Long id);
public void remove(BlacklistedSite blacklistedSite);
void remove(BlacklistedSite blacklistedSite);
public BlacklistedSite saveNew(BlacklistedSite blacklistedSite);
BlacklistedSite saveNew(BlacklistedSite blacklistedSite);
public BlacklistedSite update(BlacklistedSite oldBlacklistedSite, BlacklistedSite blacklistedSite);
BlacklistedSite update(BlacklistedSite oldBlacklistedSite, BlacklistedSite blacklistedSite);
public boolean isBlacklisted(String uri);
boolean isBlacklisted(String uri);
}

2
openid-connect-common/src/main/java/org/mitre/openid/connect/service/ClientLogoLoadingService.java
View File

@ -29,6 +29,6 @@ public interface ClientLogoLoadingService {
* @param client
* @return
*/
public CachedImage getLogo(ClientDetailsEntity client);
CachedImage getLogo(ClientDetailsEntity client);
}

2
openid-connect-common/src/main/java/org/mitre/openid/connect/service/LoginHintExtracter.java
View File

@ -26,6 +26,6 @@ public interface LoginHintExtracter {
* @param loginHint
* @return
*/
public String extractHint(String loginHint);
String extractHint(String loginHint);
}

24
openid-connect-common/src/main/java/org/mitre/openid/connect/service/MITREidDataService.java
View File

@ -31,20 +31,20 @@ public interface MITREidDataService {
/**
* Data member for 1.X configurations
*/
public static final String MITREID_CONNECT_1_0 = "mitreid-connect-1.0";
public static final String MITREID_CONNECT_1_1 = "mitreid-connect-1.1";
public static final String MITREID_CONNECT_1_2 = "mitreid-connect-1.2";
public static final String MITREID_CONNECT_1_3 = "mitreid-connect-1.3";
String MITREID_CONNECT_1_0 = "mitreid-connect-1.0";
String MITREID_CONNECT_1_1 = "mitreid-connect-1.1";
String MITREID_CONNECT_1_2 = "mitreid-connect-1.2";
String MITREID_CONNECT_1_3 = "mitreid-connect-1.3";
// member names
public static final String REFRESHTOKENS = "refreshTokens";
public static final String ACCESSTOKENS = "accessTokens";
public static final String WHITELISTEDSITES = "whitelistedSites";
public static final String BLACKLISTEDSITES = "blacklistedSites";
public static final String AUTHENTICATIONHOLDERS = "authenticationHolders";
public static final String GRANTS = "grants";
public static final String CLIENTS = "clients";
public static final String SYSTEMSCOPES = "systemScopes";
String REFRESHTOKENS = "refreshTokens";
String ACCESSTOKENS = "accessTokens";
String WHITELISTEDSITES = "whitelistedSites";
String BLACKLISTEDSITES = "blacklistedSites";
String AUTHENTICATIONHOLDERS = "authenticationHolders";
String GRANTS = "grants";
String CLIENTS = "clients";
String SYSTEMSCOPES = "systemScopes";
/**
* Write out the current server state to the given JSON writer as a JSON object

63
openid-connect-common/src/main/java/org/mitre/openid/connect/service/MITREidDataServiceMaps.java
View File

@ -22,84 +22,61 @@ import java.util.Set;
/**
* @author jricher
*
*/
public class MITREidDataServiceMaps {
private Map<Long, Long> accessTokenOldToNewIdMap = new HashMap<Long, Long>();
private Map<Long, Long> accessTokenToAuthHolderRefs = new HashMap<Long, Long>();
private Map<Long, String> accessTokenToClientRefs = new HashMap<Long, String>();
private Map<Long, Long> accessTokenToRefreshTokenRefs = new HashMap<Long, Long>();
private Map<Long, Long> authHolderOldToNewIdMap = new HashMap<Long, Long>();
private Map<Long, Long> accessTokenOldToNewIdMap = new HashMap<>();
private Map<Long, Long> accessTokenToAuthHolderRefs = new HashMap<>();
private Map<Long, String> accessTokenToClientRefs = new HashMap<>();
private Map<Long, Long> accessTokenToRefreshTokenRefs = new HashMap<>();
private Map<Long, Long> authHolderOldToNewIdMap = new HashMap<>();
private Map<Long, Long> grantOldToNewIdMap = new HashMap<>();
private Map<Long, Set<Long>> grantToAccessTokensRefs = new HashMap<>();
private Map<Long, Long> refreshTokenOldToNewIdMap = new HashMap<Long, Long>();
private Map<Long, Long> refreshTokenToAuthHolderRefs = new HashMap<Long, Long>();
private Map<Long, String> refreshTokenToClientRefs = new HashMap<Long, String>();
private Map<Long, Long> whitelistedSiteOldToNewIdMap = new HashMap<Long, Long>();
/**
* @return the accessTokenOldToNewIdMap
*/
private Map<Long, Long> refreshTokenOldToNewIdMap = new HashMap<>();
private Map<Long, Long> refreshTokenToAuthHolderRefs = new HashMap<>();
private Map<Long, String> refreshTokenToClientRefs = new HashMap<>();
private Map<Long, Long> whitelistedSiteOldToNewIdMap = new HashMap<>();
public Map<Long, Long> getAccessTokenOldToNewIdMap() {
return accessTokenOldToNewIdMap;
}
/**
* @return the accessTokenToAuthHolderRefs
*/
public Map<Long, Long> getAccessTokenToAuthHolderRefs() {
return accessTokenToAuthHolderRefs;
}
/**
* @return the accessTokenToClientRefs
*/
public Map<Long, String> getAccessTokenToClientRefs() {
return accessTokenToClientRefs;
}
/**
* @return the accessTokenToRefreshTokenRefs
*/
public Map<Long, Long> getAccessTokenToRefreshTokenRefs() {
return accessTokenToRefreshTokenRefs;
}
/**
* @return the authHolderOldToNewIdMap
*/
public Map<Long, Long> getAuthHolderOldToNewIdMap() {
return authHolderOldToNewIdMap;
}
/**
* @return the grantOldToNewIdMap
*/
public Map<Long, Long> getGrantOldToNewIdMap() {
return grantOldToNewIdMap;
}
/**
* @return the grantToAccessTokensRefs
*/
public Map<Long, Set<Long>> getGrantToAccessTokensRefs() {
return grantToAccessTokensRefs;
}
/**
* @return the refreshTokenOldToNewIdMap
*/
public Map<Long, Long> getRefreshTokenOldToNewIdMap() {
return refreshTokenOldToNewIdMap;
}
/**
* @return the refreshTokenToAuthHolderRefs
*/
public Map<Long, Long> getRefreshTokenToAuthHolderRefs() {
return refreshTokenToAuthHolderRefs;
}
/**
* @return the refreshTokenToClientRefs
*/
public Map<Long, String> getRefreshTokenToClientRefs() {
return refreshTokenToClientRefs;
}
/**
* @return the whitelistedSiteOldToNewIdMap
*/
public Map<Long, Long> getWhitelistedSiteOldToNewIdMap() {
return whitelistedSiteOldToNewIdMap;
}

11
openid-connect-common/src/main/java/org/mitre/openid/connect/service/OIDCTokenService.java
View File

@ -44,9 +44,8 @@ public interface OIDCTokenService {
* @param accessToken
* @return
*/
public JWT createIdToken(
ClientDetailsEntity client, OAuth2Request request, Date issueTime,
String sub, OAuth2AccessTokenEntity accessToken);
JWT createIdToken(ClientDetailsEntity client, OAuth2Request request, Date issueTime, String sub,
OAuth2AccessTokenEntity accessToken);
/**
* Create a registration access token for the given client.
@ -54,7 +53,7 @@ public interface OIDCTokenService {
* @param client
* @return
*/
public OAuth2AccessTokenEntity createRegistrationAccessToken(ClientDetailsEntity client);
OAuth2AccessTokenEntity createRegistrationAccessToken(ClientDetailsEntity client);
/**
* Create a resource access token for the given client (protected resource).
@ -62,13 +61,13 @@ public interface OIDCTokenService {
* @param client
* @return
*/
public OAuth2AccessTokenEntity createResourceAccessToken(ClientDetailsEntity client);
OAuth2AccessTokenEntity createResourceAccessToken(ClientDetailsEntity client);
/**
* Rotate the registration or resource token for a client
* @param client
* @return
*/
public OAuth2AccessTokenEntity rotateRegistrationAccessTokenForClient(ClientDetailsEntity client);
OAuth2AccessTokenEntity rotateRegistrationAccessTokenForClient(ClientDetailsEntity client);
}

2
openid-connect-common/src/main/java/org/mitre/openid/connect/service/PairwiseIdentiferService.java
View File

@ -38,6 +38,6 @@ public interface PairwiseIdentiferService {
* @param client
* @return
*/
public String getIdentifier(UserInfo userInfo, ClientDetailsEntity client);
String getIdentifier(UserInfo userInfo, ClientDetailsEntity client);
}

4
openid-connect-common/src/main/java/org/mitre/openid/connect/service/ScopeClaimTranslationService.java
View File

@ -28,8 +28,8 @@ import java.util.Set;
*/
public interface ScopeClaimTranslationService {
public Set<String> getClaimsForScope(String scope);
Set<String> getClaimsForScope(String scope);
public Set<String> getClaimsForScopeSet(Set<String> scopes);
Set<String> getClaimsForScopeSet(Set<String> scopes);
}

6
openid-connect-common/src/main/java/org/mitre/openid/connect/service/StatsService.java
View File

@ -38,7 +38,7 @@ public interface StatsService {
*
* @return
*/
public Map<String, Integer> getSummaryStats();
Map<String, Integer> getSummaryStats();
/**
* Calculate the usage count for a single client
@ -46,11 +46,11 @@ public interface StatsService {
* @param clientId the id of the client to search on
* @return
*/
public ClientStat getCountForClientId(String clientId);
ClientStat getCountForClientId(String clientId);
/**
* Trigger the stats to be recalculated upon next update.
*/
public void resetCache();
void resetCache();
}

6
openid-connect-common/src/main/java/org/mitre/openid/connect/service/UserInfoService.java
View File

@ -33,7 +33,7 @@ public interface UserInfoService {
* @param username
* @return
*/
public UserInfo getByUsername(String username);
UserInfo getByUsername(String username);
/**
* Get the UserInfo for the given username (usually maps to the
@ -43,7 +43,7 @@ public interface UserInfoService {
* @param clientId
* @return
*/
public UserInfo getByUsernameAndClientId(String username, String clientId);
UserInfo getByUsernameAndClientId(String username, String clientId);
/**
* Get the user registered at this server with the given email address.
@ -51,6 +51,6 @@ public interface UserInfoService {
* @param email
* @return
*/
public UserInfo getByEmailAddress(String email);
UserInfo getByEmailAddress(String email);
}

12
openid-connect-common/src/main/java/org/mitre/openid/connect/service/WhitelistedSiteService.java
View File

@ -34,7 +34,7 @@ public interface WhitelistedSiteService {
*
* @return the WhitelistedSite collection, or null
*/
public Collection<WhitelistedSite> getAll();
Collection<WhitelistedSite> getAll();
/**
* Returns the WhitelistedSite for the given id
@ -43,7 +43,7 @@ public interface WhitelistedSiteService {
* id the id of the WhitelistedSite
* @return a valid WhitelistedSite if it exists, null otherwise
*/
public WhitelistedSite getById(Long id);
WhitelistedSite getById(Long id);
/**
* Find a WhitelistedSite by its associated ClientDetails reference
@ -51,7 +51,7 @@ public interface WhitelistedSiteService {
* @param client the Relying Party
* @return the corresponding WhitelistedSite if one exists for the RP, or null
*/
public WhitelistedSite getByClientId(String clientId);
WhitelistedSite getByClientId(String clientId);
@ -61,7 +61,7 @@ public interface WhitelistedSiteService {
* @param address
* the WhitelistedSite object to remove
*/
public void remove(WhitelistedSite whitelistedSite);
void remove(WhitelistedSite whitelistedSite);
/**
* Persists a new WhitelistedSite
@ -70,11 +70,11 @@ public interface WhitelistedSiteService {
* the WhitelistedSite to be saved
* @return
*/
public WhitelistedSite saveNew(WhitelistedSite whitelistedSite);
WhitelistedSite saveNew(WhitelistedSite whitelistedSite);
/**
* Updates an existing whitelisted site
*/
public WhitelistedSite update(WhitelistedSite oldWhitelistedSite, WhitelistedSite whitelistedSite);
WhitelistedSite update(WhitelistedSite oldWhitelistedSite, WhitelistedSite whitelistedSite);
}

15
openid-connect-common/src/main/java/org/mitre/openid/connect/view/JWKSetView.java
View File

@ -39,39 +39,28 @@ import com.nimbusds.jose.jwk.JWKSet;
/**
* @author jricher
*
*/
@Component(JWKSetView.VIEWNAME)
public class JWKSetView extends AbstractView {
public static final String VIEWNAME = "jwkSet";
/**
* Logger for this class
*/
private static final Logger logger = LoggerFactory.getLogger(JWKSetView.class);
public static final String VIEWNAME = "jwkSet";
@Override
protected void renderMergedOutputModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) {
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
//BiMap<String, PublicKey> keyMap = (BiMap<String, PublicKey>) model.get("keys");
Map<String, JWK> keys = (Map<String, JWK>) model.get("keys");
JWKSet jwkSet = new JWKSet(new ArrayList<>(keys.values()));
try {
Writer out = response.getWriter();
out.write(jwkSet.toString());
} catch (IOException e) {
logger.error("IOException in JWKSetView.java: ", e);
}
}
}

17
openid-connect-common/src/main/java/org/mitre/openid/connect/web/UserInfoInterceptor.java
View File

@ -52,25 +52,20 @@ import com.google.gson.JsonSerializer;
public class UserInfoInterceptor extends HandlerInterceptorAdapter {
private Gson gson = new GsonBuilder()
.registerTypeHierarchyAdapter(GrantedAuthority.class, new JsonSerializer<GrantedAuthority>() {
@Override
public JsonElement serialize(GrantedAuthority src, Type typeOfSrc, JsonSerializationContext context) {
return new JsonPrimitive(src.getAuthority());
}
})
.registerTypeHierarchyAdapter(GrantedAuthority.class,
(JsonSerializer<GrantedAuthority>) (src, typeOfSrc, context) -> new JsonPrimitive(src.getAuthority()))
.create();
@Autowired (required = false)
@Autowired(required = false)
private UserInfoService userInfoService;
private AuthenticationTrustResolver trustResolver = new AuthenticationTrustResolverImpl();
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth instanceof Authentication){
if (auth != null){
request.setAttribute("userAuthorities", gson.toJson(auth.getAuthorities()));
}
@ -88,11 +83,7 @@ public class UserInfoInterceptor extends HandlerInterceptorAdapter {
} else {
// don't bother checking if we don't have a principal or a userInfoService to work with
if (auth != null && auth.getName() != null && userInfoService != null) {
// try to look up a user based on the principal's name
UserInfo user = userInfoService.getByUsername(auth.getName());
// if we have one, inject it so views can use it
if (user != null) {
request.setAttribute("userInfo", user);
request.setAttribute("userInfoJson", user.toJson());