github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Had to hand-merge some things; git got confused

pull/477/head
Amanda Anganes 2013-08-07 10:59:55 -04:00
parent 861beeba64
commit 2d4d7f7be9
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java
View File

@ -36,6 +36,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.oauth2.common.OAuth2AccessToken; import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.util.OAuth2Utils; import org.springframework.security.oauth2.common.util.OAuth2Utils;
import org.springframework.security.oauth2.provider.OAuth2Authentication; import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.security.oauth2.provider.token.TokenEnhancer; import org.springframework.security.oauth2.provider.token.TokenEnhancer;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.RequestContextHolder;
@ -151,12 +152,12 @@ public class ConnectTokenEnhancer implements TokenEnhancer {
} }
// TODO: this ought to be getResponseType // TODO: this ought to be getResponseType
String responseType = authentication.getOAuth2Request().getRequestParameters().get("response_type"); String responseType = authentication.getOAuth2Request().getRequestParameters().get("response_type");
Set<String> responseTypes = OAuth2Utils.parseParameterList(responseType); Set<String> responseTypes = OAuth2Utils.parseParameterList(responseType);
if (responseTypes.contains("token")) { if (responseTypes.contains("token")) {
// calculate the token hash // calculate the token hash
Base64URL at_hash = JWSUtils.getAccessTokenHash(signingAlg, token.getJwt().serialize().getBytes()); Base64URL at_hash = JWSUtils.getAccessTokenHash(signingAlg, token);
//TODO: What should happen if the hash cannot be calculated? //TODO: What should happen if the hash cannot be calculated?
idClaims.setClaim("at_hash", at_hash); idClaims.setClaim("at_hash", at_hash);
} }