From 29d1c7d54a08b3575cb4b3864e5bd1f4a3007c45 Mon Sep 17 00:00:00 2001 From: Justin Richer Date: Tue, 10 Sep 2013 14:16:34 -0400 Subject: [PATCH] userinfo endpoint now uses OAuth2Authentication exclusively (which is all it was really doing before) --- .../mitre/openid/connect/web/UserInfoEndpoint.java | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java index db4c7393b..1ad0884d5 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java @@ -53,15 +53,15 @@ public class UserInfoEndpoint { */ @PreAuthorize("hasRole('ROLE_USER') and #oauth2.hasScope('openid')") @RequestMapping(value="/userinfo", method= {RequestMethod.GET, RequestMethod.POST}, produces = "application/json") - public String getInfo(@RequestParam(value="claims", required=false) String claimsRequestJsonString, Principal p, Model model) { + public String getInfo(@RequestParam(value="claims", required=false) String claimsRequestJsonString, OAuth2Authentication auth, Model model) { - if (p == null) { + if (auth == null) { logger.error("getInfo failed; no principal. Requester is not authorized."); model.addAttribute("code", HttpStatus.FORBIDDEN); return "httpCodeView"; } - String username = p.getName(); + String username = auth.getName(); UserInfo userInfo = userInfoService.getByUsername(username); if (userInfo == null) { @@ -74,12 +74,8 @@ public class UserInfoEndpoint { model.addAttribute("claimsRequest", claimsRequestJsonString); } - if (p instanceof OAuth2Authentication) { - OAuth2Authentication authentication = (OAuth2Authentication)p; - - model.addAttribute("scope", authentication.getOAuth2Request().getScope()); - model.addAttribute("requestObject", authentication.getOAuth2Request().getRequestParameters().get("request")); - } + model.addAttribute("scope", auth.getOAuth2Request().getScope()); + model.addAttribute("requestObject", auth.getOAuth2Request().getRequestParameters().get("request")); model.addAttribute("userInfo", userInfo);