github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Changes to facilitate data export, additional robustness

pull/650/head
arielak 2014-04-25 15:39:20 -04:00
parent 775a0c6143
commit 317b9e8657
3 changed files with 279 additions and 201 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthenticationHolderEntity.java
View File

@ -33,8 +33,10 @@ import org.springframework.security.oauth2.provider.OAuth2Authentication;
@Entity @Entity
@Table(name = "authentication_holder") @Table(name = "authentication_holder")
@NamedQueries ({ @NamedQueries ({
@NamedQuery(name = "AuthenticationHolderEntity.getByAuthentication", query = "select a from AuthenticationHolderEntity a where a.authentication = :authentication") @NamedQuery(name = "AuthenticationHolderEntity.getByAuthentication", query = "select a from AuthenticationHolderEntity a where a.authentication = :authentication"),
@NamedQuery(name = "AuthenticationHolderEntity.getAll", query = "select a from AuthenticationHolderEntity a")
}) })
public class AuthenticationHolderEntity { public class AuthenticationHolderEntity {
private Long id; private Long id;

215
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_0.java
View File

@ -1,37 +1,31 @@
/******************************************************************************* /**
* Copyright 2014 The MITRE Corporation * *****************************************************************************
* and the MIT Kerberos and Internet Trust Consortium * Copyright 2014 The MITRE Corporation and the MIT Kerberos and Internet Trust
* Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License"); you may not
* you may not use this file except in compliance with the License. * use this file except in compliance with the License. You may obtain a copy of
* You may obtain a copy of the License at * the License at
* *
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
* *
* Unless required by applicable law or agreed to in writing, software * Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* See the License for the specific language governing permissions and * License for the specific language governing permissions and limitations under
* limitations under the License. * the License.
******************************************************************************/ *****************************************************************************
*/
package org.mitre.openid.connect.service.impl; package org.mitre.openid.connect.service.impl;
import com.google.common.io.BaseEncoding; import com.google.common.io.BaseEncoding;
import com.google.gson.Gson;
import java.io.IOException;
import org.mitre.openid.connect.service.MITREidDataService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.google.gson.stream.JsonReader; import com.google.gson.stream.JsonReader;
import com.google.gson.stream.JsonToken; import com.google.gson.stream.JsonToken;
import com.google.gson.stream.JsonWriter; import com.google.gson.stream.JsonWriter;
import java.io.ByteArrayOutputStream; import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectOutputStream; import java.io.ObjectOutputStream;
import java.io.OutputStreamWriter; import java.io.OutputStreamWriter;
import java.util.Collection;
import java.util.Map;
import java.util.Map.Entry; import java.util.Map.Entry;
import java.util.Set; import java.util.Set;
import org.mitre.oauth2.model.AuthenticationHolderEntity; import org.mitre.oauth2.model.AuthenticationHolderEntity;
@ -44,10 +38,14 @@ import org.mitre.oauth2.repository.OAuth2TokenRepository;
import org.mitre.openid.connect.model.ApprovedSite; import org.mitre.openid.connect.model.ApprovedSite;
import org.mitre.openid.connect.model.WhitelistedSite; import org.mitre.openid.connect.model.WhitelistedSite;
import org.mitre.openid.connect.repository.ApprovedSiteRepository; import org.mitre.openid.connect.repository.ApprovedSiteRepository;
import org.mitre.openid.connect.service.MITREidDataService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.provider.AuthorizationRequest; import org.springframework.security.oauth2.provider.AuthorizationRequest;
import org.springframework.security.oauth2.provider.OAuth2Authentication; import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.stereotype.Service;
/** /**
* *
@ -56,41 +54,24 @@ import org.springframework.security.oauth2.provider.OAuth2Authentication;
* @author jricher * @author jricher
* @author arielak * @author arielak
*/ */
@Service
public class MITREidDataService_1_0 implements MITREidDataService { public class MITREidDataService_1_0 implements MITREidDataService {
private final static Logger logger = LoggerFactory.getLogger(MITREidDataService_1_0.class); private final static Logger logger = LoggerFactory.getLogger(MITREidDataService_1_0.class);
// member names // member names
private static final String REFRESHTOKENS = "refreshtokens"; private static final String REFRESHTOKENS = "refreshTokens";
private static final String ACCESSTOKENS = "accesstokens"; private static final String ACCESSTOKENS = "accessTokens";
private static final String AUTHENTICATIONHOLDERS = "authenticationholders"; private static final String AUTHENTICATIONHOLDERS = "authenticationHolders";
private static final String GRANTS = "grants"; private static final String GRANTS = "grants";
private static final String CLIENTS = "clients"; private static final String CLIENTS = "clients";
@Autowired @Autowired
private OAuth2ClientRepository clientRepo; private OAuth2ClientRepository clientRepository;
@Autowired @Autowired
private ApprovedSiteRepository approvedSiteRepo; private ApprovedSiteRepository approvedSiteRepository;
@Autowired @Autowired
private AuthenticationHolderRepository authHolderRepo; private AuthenticationHolderRepository authHolderRepository;
@Autowired @Autowired
private OAuth2TokenRepository tokenRepo; private OAuth2TokenRepository tokenRepository;
public void setClientRepo(OAuth2ClientRepository clientRepo) {
this.clientRepo = clientRepo;
}
public void setApprovedSiteRepo(ApprovedSiteRepository approvedSiteRepo) {
this.approvedSiteRepo = approvedSiteRepo;
}
public void setAuthHolderRepo(AuthenticationHolderRepository authHolderRepo) {
this.authHolderRepo = authHolderRepo;
}
public void setTokenRepo(OAuth2TokenRepository tokenRepo) {
this.tokenRepo = tokenRepo;
}
/* (non-Javadoc) /* (non-Javadoc)
* @see org.mitre.openid.connect.service.MITREidDataService#export(com.google.gson.stream.JsonWriter) * @see org.mitre.openid.connect.service.MITREidDataService#export(com.google.gson.stream.JsonWriter)
@ -138,7 +119,7 @@ public class MITREidDataService_1_0 implements MITREidDataService {
* @param writer * @param writer
*/ */
private void writeRefreshTokens(JsonWriter writer) { private void writeRefreshTokens(JsonWriter writer) {
for (OAuth2RefreshTokenEntity token : tokenRepo.getAllRefreshTokens()) { for (OAuth2RefreshTokenEntity token : tokenRepository.getAllRefreshTokens()) {
try { try {
writer.value(token.getJwt().serialize()); writer.value(token.getJwt().serialize());
logger.debug("Wrote refresh token {}", token.getId()); logger.debug("Wrote refresh token {}", token.getId());
@ -153,7 +134,7 @@ public class MITREidDataService_1_0 implements MITREidDataService {
* @param writer * @param writer
*/ */
private void writeAccessTokens(JsonWriter writer) { private void writeAccessTokens(JsonWriter writer) {
for (OAuth2AccessTokenEntity token : tokenRepo.getAllAccessTokens()) { for (OAuth2AccessTokenEntity token : tokenRepository.getAllAccessTokens()) {
try { try {
writer.value(token.getJwt().serialize()); writer.value(token.getJwt().serialize());
logger.debug("Wrote access token {}", token.getId()); logger.debug("Wrote access token {}", token.getId());
@ -168,7 +149,7 @@ public class MITREidDataService_1_0 implements MITREidDataService {
* @param writer * @param writer
*/ */
private void writeAuthenticationHolders(JsonWriter writer) { private void writeAuthenticationHolders(JsonWriter writer) {
for(AuthenticationHolderEntity holder : authHolderRepo.getAll()) { for (AuthenticationHolderEntity holder : authHolderRepository.getAll()) {
try { try {
writer.beginObject(); writer.beginObject();
writer.name("id").value(holder.getId()); writer.name("id").value(holder.getId());
@ -176,9 +157,8 @@ public class MITREidDataService_1_0 implements MITREidDataService {
writer.name("authentication"); writer.name("authentication");
writer.beginObject(); writer.beginObject();
OAuth2Authentication oa2Auth = holder.getAuthentication(); OAuth2Authentication oa2Auth = holder.getAuthentication();
AuthorizationRequest authReq = oa2Auth.getAuthorizationRequest();
writer.name("clientAuthorization"); writer.name("clientAuthorization");
writeAuthorizationRequest(authReq, writer); writeAuthorizationRequest(oa2Auth.getAuthorizationRequest(), writer);
String userAuthentication = base64UrlEncodeObject(oa2Auth.getUserAuthentication()); String userAuthentication = base64UrlEncodeObject(oa2Auth.getUserAuthentication());
writer.name("userAuthentication").value(userAuthentication); writer.name("userAuthentication").value(userAuthentication);
writer.endObject(); writer.endObject();
@ -194,17 +174,15 @@ public class MITREidDataService_1_0 implements MITREidDataService {
//used by writeAuthenticationHolders //used by writeAuthenticationHolders
private void writeAuthorizationRequest(AuthorizationRequest authReq, JsonWriter writer) throws IOException { private void writeAuthorizationRequest(AuthorizationRequest authReq, JsonWriter writer) throws IOException {
writer.beginObject(); writer.beginObject();
Map<String, String> authParams = authReq.getAuthorizationParameters();
writer.name("authorizationParameters"); writer.name("authorizationParameters");
writer.beginObject(); writer.beginObject();
for(Entry<String, String> entry: authParams.entrySet()) { for (Entry<String, String> entry : authReq.getAuthorizationParameters().entrySet()) {
writer.name(entry.getKey()).value(entry.getValue()); writer.name(entry.getKey()).value(entry.getValue());
} }
writer.endObject(); writer.endObject();
Map<String, String> approvalParams = authReq.getApprovalParameters();
writer.name("approvalParameters"); writer.name("approvalParameters");
writer.beginObject(); writer.beginObject();
for(Entry<String, String> entry: approvalParams.entrySet()) { for (Entry<String, String> entry : authReq.getApprovalParameters().entrySet()) {
writer.name(entry.getKey()).value(entry.getValue()); writer.name(entry.getKey()).value(entry.getValue());
} }
writer.endObject(); writer.endObject();
@ -216,28 +194,25 @@ public class MITREidDataService_1_0 implements MITREidDataService {
writer.value(s); writer.value(s);
} }
writer.endArray(); writer.endArray();
Set<String> resourceIds = authReq.getResourceIds();
writer.name("resourceIds"); writer.name("resourceIds");
writer.beginArray(); writer.beginArray();
for(String s : resourceIds) { for (String s : authReq.getResourceIds()) {
writer.value(s); writer.value(s);
} }
writer.endArray(); writer.endArray();
Collection<GrantedAuthority> authorities = authReq.getAuthorities();
writer.name("authorities"); writer.name("authorities");
writer.beginArray(); writer.beginArray();
for(GrantedAuthority authority : authorities) { for (GrantedAuthority authority : authReq.getAuthorities()) {
writer.value(authority.getAuthority()); writer.value(authority.getAuthority());
} }
writer.endArray(); writer.endArray();
writer.name("isApproved").value(authReq.isApproved()); writer.name("approved").value(authReq.isApproved());
writer.name("isDenied").value(authReq.isDenied()); writer.name("denied").value(authReq.isDenied());
writer.name("state").value(authReq.getState()); writer.name("state").value(authReq.getState());
writer.name("redirectUri").value(authReq.getRedirectUri()); writer.name("redirectUri").value(authReq.getRedirectUri());
Set<String> responseTypes = authReq.getResponseTypes();
writer.name("responseTypes"); writer.name("responseTypes");
writer.beginArray(); writer.beginArray();
for(String s : responseTypes) { for (String s : authReq.getResponseTypes()) {
writer.value(s); writer.value(s);
} }
writer.endArray(); writer.endArray();
@ -255,7 +230,7 @@ public class MITREidDataService_1_0 implements MITREidDataService {
* @param writer * @param writer
*/ */
private void writeGrants(JsonWriter writer) { private void writeGrants(JsonWriter writer) {
for (ApprovedSite site : approvedSiteRepo.getAll()) { for (ApprovedSite site : approvedSiteRepository.getAll()) {
try { try {
writer.beginObject(); writer.beginObject();
writer.name("id").value(site.getId()); writer.name("id").value(site.getId());
@ -298,13 +273,114 @@ public class MITREidDataService_1_0 implements MITREidDataService {
* @param writer * @param writer
*/ */
private void writeClients(JsonWriter writer) { private void writeClients(JsonWriter writer) {
Gson gson = new Gson(); for (ClientDetailsEntity client : clientRepository.getAllClients()) {
for(ClientDetailsEntity client : clientRepo.getAllClients()) {
String clientStr = gson.toJson(client);
try { try {
//writer.beginObject(); writer.beginObject();
writer.value(clientStr); writer.name("id").value(client.getClientId());
//writer.endObject(); writer.name("resourceIds");
writer.beginArray();
for (String s : client.getResourceIds()) {
writer.value(s);
}
writer.endArray();
writer.name("secret").value(client.getClientSecret());
writer.name("scope");
writer.beginArray();
for (String s : client.getScope()) {
writer.value(s);
}
writer.endArray();
writer.name("authorities");
writer.beginArray();
for (GrantedAuthority authority : client.getAuthorities()) {
writer.value(authority.getAuthority());
}
writer.endArray();
writer.name("accessTokenValiditySeconds").value(client.getAccessTokenValiditySeconds());
writer.name("refreshTokenValiditySeconds").value(client.getRefreshTokenValiditySeconds());
writer.name("additionalInformation");
writer.beginObject();
for (Entry<String, Object> entry : client.getAdditionalInformation().entrySet()) {
writer.name(entry.getKey()).value(entry.getValue().toString());
}
writer.endObject();
writer.name("redirectUris");
writer.beginArray();
for (String s : client.getRedirectUris()) {
writer.value(s);
}
writer.endArray();
writer.name("name").value(client.getClientName());
writer.name("uri").value(client.getClientUri());
writer.name("logoUri").value(client.getLogoUri());
writer.name("contacts");
writer.beginArray();
for (String s : client.getContacts()) {
writer.value(s);
}
writer.endArray();
writer.name("tosUri").value(client.getTosUri());
writer.name("tokenEndpointAuthMethod")
.value((client.getTokenEndpointAuthMethod() != null) ? client.getTokenEndpointAuthMethod().getValue() : null);
writer.name("grantTypes");
writer.beginArray();
for (String s : client.getGrantTypes()) {
writer.value(s);
}
writer.endArray();
writer.name("responseTypes");
writer.beginArray();
for (String s : client.getResponseTypes()) {
writer.value(s);
}
writer.endArray();
writer.name("policyUri").value(client.getPolicyUri());
writer.name("jwksUri").value(client.getJwksUri());
writer.name("applicationType")
.value((client.getApplicationType() != null) ? client.getApplicationType().getValue() : null);
writer.name("sectorIdentifierUri").value(client.getSectorIdentifierUri());
writer.name("subjectType")
.value((client.getSubjectType() != null) ? client.getSubjectType().getValue() : null);
writer.name("requestObjectSigningAlg")
.value((client.getRequestObjectSigningAlgEmbed() != null) ? client.getRequestObjectSigningAlgEmbed().getAlgorithmName() : null);
writer.name("userInfoEncryptedResponseAlg")
.value((client.getUserInfoEncryptedResponseAlgEmbed() != null) ? client.getUserInfoEncryptedResponseAlgEmbed().getAlgorithmName() : null);
writer.name("userInfoEncryptedResponseEnc")
.value((client.getUserInfoEncryptedResponseEncEmbed() != null) ? client.getUserInfoEncryptedResponseEncEmbed().getAlgorithmName() : null);
writer.name("userInfoSignedResponseAlg")
.value((client.getUserInfoSignedResponseAlgEmbed() != null) ? client.getUserInfoSignedResponseAlgEmbed().getAlgorithmName() : null);
writer.name("defaultMaxAge").value(client.getDefaultMaxAge());
Boolean requireAuthTime = null;
try {
requireAuthTime = client.getRequireAuthTime();
} catch (NullPointerException e) {}
if(requireAuthTime != null) {
writer.name("requireAuthTime");
writer.value(requireAuthTime);
}
writer.name("defaultACRValues");
writer.beginArray();
for (String s : client.getDefaultACRvalues()) {
writer.value(s);
}
writer.endArray();
writer.name("intitateLoginUri").value(client.getInitiateLoginUri());
writer.name("postLogoutRedirectUri").value(client.getPostLogoutRedirectUri());
writer.name("requestUris");
writer.beginArray();
for (String s : client.getRequestUris()) {
writer.value(s);
}
writer.endArray();
writer.name("description").value(client.getClientDescription());
writer.name("allowIntrospection").value(client.isAllowIntrospection());
writer.name("allowRefresh").value(client.isAllowRefresh());
writer.name("reuseRefreshToken").value(client.isReuseRefreshToken());
writer.name("dynamicallyRegistered").value(client.isDynamicallyRegistered());
writer.endObject();
logger.debug("Wrote client {}", client.getId()); logger.debug("Wrote client {}", client.getId());
} catch (IOException ex) { } catch (IOException ex) {
logger.error("Unable to write client {}", client.getId(), ex); logger.error("Unable to write client {}", client.getId(), ex);
@ -397,5 +473,4 @@ public class MITREidDataService_1_0 implements MITREidDataService {
// TODO Auto-generated method stub // TODO Auto-generated method stub
reader.skipValue(); reader.skipValue();
} }
} }

3
openid-connect-server/src/main/java/org/mitre/openid/connect/web/DataAPI.java
View File

@ -60,7 +60,8 @@ public class DataAPI {
@Autowired @Autowired
private ConfigurationPropertiesBean config; private ConfigurationPropertiesBean config;
private MITREidDataService dataService_1_0 = new MITREidDataService_1_0(); @Autowired
private MITREidDataService dataService_1_0;
@RequestMapping(method = RequestMethod.POST, consumes = "application/json") @RequestMapping(method = RequestMethod.POST, consumes = "application/json")
public String importData(Reader in, Model m) throws IOException { public String importData(Reader in, Model m) throws IOException {