Changes to facilitate data export, additional robustness
arielak
parent
775a0c6143
commit
317b9e8657
|
|
@ -33,8 +33,10 @@ import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
||||||
@Entity
|
@Entity
|
||||||
@Table(name = "authentication_holder")
|
@Table(name = "authentication_holder")
|
||||||
@NamedQueries ({
|
@NamedQueries ({
|
||||||
@NamedQuery(name = "AuthenticationHolderEntity.getByAuthentication", query = "select a from AuthenticationHolderEntity a where a.authentication = :authentication")
|
@NamedQuery(name = "AuthenticationHolderEntity.getByAuthentication", query = "select a from AuthenticationHolderEntity a where a.authentication = :authentication"),
|
||||||
|
@NamedQuery(name = "AuthenticationHolderEntity.getAll", query = "select a from AuthenticationHolderEntity a")
|
||||||
})
|
})
|
||||||
|
|
||||||
public class AuthenticationHolderEntity {
|
public class AuthenticationHolderEntity {
|
||||||
|
|
||||||
private Long id;
|
private Long id;
|
||||||
|
|
|
||||||
|
|
@ -1,37 +1,31 @@
|
||||||
/*******************************************************************************
|
/**
|
||||||
* Copyright 2014 The MITRE Corporation
|
* *****************************************************************************
|
||||||
* and the MIT Kerberos and Internet Trust Consortium
|
* Copyright 2014 The MITRE Corporation and the MIT Kerberos and Internet Trust
|
||||||
*
|
* Consortium
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
*
|
||||||
* you may not use this file except in compliance with the License.
|
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
|
||||||
* You may obtain a copy of the License at
|
* use this file except in compliance with the License. You may obtain a copy of
|
||||||
*
|
* the License at
|
||||||
* http://www.apache.org/licenses/LICENSE-2.0
|
*
|
||||||
*
|
* http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
* Unless required by applicable law or agreed to in writing, software
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
* See the License for the specific language governing permissions and
|
* License for the specific language governing permissions and limitations under
|
||||||
* limitations under the License.
|
* the License.
|
||||||
******************************************************************************/
|
*****************************************************************************
|
||||||
|
*/
|
||||||
package org.mitre.openid.connect.service.impl;
|
package org.mitre.openid.connect.service.impl;
|
||||||
|
|
||||||
import com.google.common.io.BaseEncoding;
|
import com.google.common.io.BaseEncoding;
|
||||||
import com.google.gson.Gson;
|
|
||||||
import java.io.IOException;
|
|
||||||
|
|
||||||
import org.mitre.openid.connect.service.MITREidDataService;
|
|
||||||
import org.slf4j.Logger;
|
|
||||||
import org.slf4j.LoggerFactory;
|
|
||||||
|
|
||||||
import com.google.gson.stream.JsonReader;
|
import com.google.gson.stream.JsonReader;
|
||||||
import com.google.gson.stream.JsonToken;
|
import com.google.gson.stream.JsonToken;
|
||||||
import com.google.gson.stream.JsonWriter;
|
import com.google.gson.stream.JsonWriter;
|
||||||
import java.io.ByteArrayOutputStream;
|
import java.io.ByteArrayOutputStream;
|
||||||
|
import java.io.IOException;
|
||||||
import java.io.ObjectOutputStream;
|
import java.io.ObjectOutputStream;
|
||||||
import java.io.OutputStreamWriter;
|
import java.io.OutputStreamWriter;
|
||||||
import java.util.Collection;
|
|
||||||
import java.util.Map;
|
|
||||||
import java.util.Map.Entry;
|
import java.util.Map.Entry;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
import org.mitre.oauth2.model.AuthenticationHolderEntity;
|
import org.mitre.oauth2.model.AuthenticationHolderEntity;
|
||||||
|
|
@ -44,101 +38,88 @@ import org.mitre.oauth2.repository.OAuth2TokenRepository;
|
||||||
import org.mitre.openid.connect.model.ApprovedSite;
|
import org.mitre.openid.connect.model.ApprovedSite;
|
||||||
import org.mitre.openid.connect.model.WhitelistedSite;
|
import org.mitre.openid.connect.model.WhitelistedSite;
|
||||||
import org.mitre.openid.connect.repository.ApprovedSiteRepository;
|
import org.mitre.openid.connect.repository.ApprovedSiteRepository;
|
||||||
|
import org.mitre.openid.connect.service.MITREidDataService;
|
||||||
|
import org.slf4j.Logger;
|
||||||
|
import org.slf4j.LoggerFactory;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.security.core.GrantedAuthority;
|
import org.springframework.security.core.GrantedAuthority;
|
||||||
import org.springframework.security.oauth2.provider.AuthorizationRequest;
|
import org.springframework.security.oauth2.provider.AuthorizationRequest;
|
||||||
import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
||||||
|
import org.springframework.stereotype.Service;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
* Data service to import and export MITREid 1.0 configuration.
|
* Data service to import and export MITREid 1.0 configuration.
|
||||||
*
|
*
|
||||||
* @author jricher
|
* @author jricher
|
||||||
* @author arielak
|
* @author arielak
|
||||||
*/
|
*/
|
||||||
|
@Service
|
||||||
public class MITREidDataService_1_0 implements MITREidDataService {
|
public class MITREidDataService_1_0 implements MITREidDataService {
|
||||||
|
|
||||||
private final static Logger logger = LoggerFactory.getLogger(MITREidDataService_1_0.class);
|
private final static Logger logger = LoggerFactory.getLogger(MITREidDataService_1_0.class);
|
||||||
|
// member names
|
||||||
// member names
|
private static final String REFRESHTOKENS = "refreshTokens";
|
||||||
private static final String REFRESHTOKENS = "refreshtokens";
|
private static final String ACCESSTOKENS = "accessTokens";
|
||||||
private static final String ACCESSTOKENS = "accesstokens";
|
private static final String AUTHENTICATIONHOLDERS = "authenticationHolders";
|
||||||
private static final String AUTHENTICATIONHOLDERS = "authenticationholders";
|
|
||||||
private static final String GRANTS = "grants";
|
private static final String GRANTS = "grants";
|
||||||
private static final String CLIENTS = "clients";
|
private static final String CLIENTS = "clients";
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
private OAuth2ClientRepository clientRepo;
|
private OAuth2ClientRepository clientRepository;
|
||||||
@Autowired
|
@Autowired
|
||||||
private ApprovedSiteRepository approvedSiteRepo;
|
private ApprovedSiteRepository approvedSiteRepository;
|
||||||
@Autowired
|
@Autowired
|
||||||
private AuthenticationHolderRepository authHolderRepo;
|
private AuthenticationHolderRepository authHolderRepository;
|
||||||
@Autowired
|
@Autowired
|
||||||
private OAuth2TokenRepository tokenRepo;
|
private OAuth2TokenRepository tokenRepository;
|
||||||
|
|
||||||
public void setClientRepo(OAuth2ClientRepository clientRepo) {
|
|
||||||
this.clientRepo = clientRepo;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void setApprovedSiteRepo(ApprovedSiteRepository approvedSiteRepo) {
|
/* (non-Javadoc)
|
||||||
this.approvedSiteRepo = approvedSiteRepo;
|
* @see org.mitre.openid.connect.service.MITREidDataService#export(com.google.gson.stream.JsonWriter)
|
||||||
}
|
*/
|
||||||
|
|
||||||
public void setAuthHolderRepo(AuthenticationHolderRepository authHolderRepo) {
|
|
||||||
this.authHolderRepo = authHolderRepo;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void setTokenRepo(OAuth2TokenRepository tokenRepo) {
|
|
||||||
this.tokenRepo = tokenRepo;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* (non-Javadoc)
|
|
||||||
* @see org.mitre.openid.connect.service.MITREidDataService#export(com.google.gson.stream.JsonWriter)
|
|
||||||
*/
|
|
||||||
@Override
|
@Override
|
||||||
public void exportData(JsonWriter writer) throws IOException {
|
public void exportData(JsonWriter writer) throws IOException {
|
||||||
|
|
||||||
// version tag at the root
|
// version tag at the root
|
||||||
writer.name(MITREID_CONNECT_1_0);
|
writer.name(MITREID_CONNECT_1_0);
|
||||||
|
|
||||||
|
writer.beginObject();
|
||||||
|
|
||||||
|
// clients list
|
||||||
|
writer.name(CLIENTS);
|
||||||
|
writer.beginArray();
|
||||||
|
writeClients(writer);
|
||||||
|
writer.endArray();
|
||||||
|
|
||||||
|
writer.name(GRANTS);
|
||||||
|
writer.beginArray();
|
||||||
|
writeGrants(writer);
|
||||||
|
writer.endArray();
|
||||||
|
|
||||||
|
writer.name(AUTHENTICATIONHOLDERS);
|
||||||
|
writer.beginArray();
|
||||||
|
writeAuthenticationHolders(writer);
|
||||||
|
writer.endArray();
|
||||||
|
|
||||||
|
writer.name(ACCESSTOKENS);
|
||||||
|
writer.beginArray();
|
||||||
|
writeAccessTokens(writer);
|
||||||
|
writer.endArray();
|
||||||
|
|
||||||
|
writer.name(REFRESHTOKENS);
|
||||||
|
writer.beginArray();
|
||||||
|
writeRefreshTokens(writer);
|
||||||
|
writer.endArray();
|
||||||
|
|
||||||
|
writer.endObject(); // end mitreid-connect-1.0
|
||||||
|
|
||||||
|
|
||||||
writer.beginObject();
|
|
||||||
|
|
||||||
// clients list
|
|
||||||
writer.name(CLIENTS);
|
|
||||||
writer.beginArray();
|
|
||||||
writeClients(writer);
|
|
||||||
writer.endArray();
|
|
||||||
|
|
||||||
writer.name(GRANTS);
|
|
||||||
writer.beginArray();
|
|
||||||
writeGrants(writer);
|
|
||||||
writer.endArray();
|
|
||||||
|
|
||||||
writer.name(AUTHENTICATIONHOLDERS);
|
|
||||||
writer.beginArray();
|
|
||||||
writeAuthenticationHolders(writer);
|
|
||||||
writer.endArray();
|
|
||||||
|
|
||||||
writer.name(ACCESSTOKENS);
|
|
||||||
writer.beginArray();
|
|
||||||
writeAccessTokens(writer);
|
|
||||||
writer.endArray();
|
|
||||||
|
|
||||||
writer.name(REFRESHTOKENS);
|
|
||||||
writer.beginArray();
|
|
||||||
writeRefreshTokens(writer);
|
|
||||||
writer.endArray();
|
|
||||||
|
|
||||||
writer.endObject(); // end mitreid-connect-1.0
|
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param writer
|
* @param writer
|
||||||
*/
|
*/
|
||||||
private void writeRefreshTokens(JsonWriter writer) {
|
private void writeRefreshTokens(JsonWriter writer) {
|
||||||
for (OAuth2RefreshTokenEntity token : tokenRepo.getAllRefreshTokens()) {
|
for (OAuth2RefreshTokenEntity token : tokenRepository.getAllRefreshTokens()) {
|
||||||
try {
|
try {
|
||||||
writer.value(token.getJwt().serialize());
|
writer.value(token.getJwt().serialize());
|
||||||
logger.debug("Wrote refresh token {}", token.getId());
|
logger.debug("Wrote refresh token {}", token.getId());
|
||||||
|
|
@ -149,11 +130,11 @@ public class MITREidDataService_1_0 implements MITREidDataService {
|
||||||
logger.info("Done writing refresh tokens");
|
logger.info("Done writing refresh tokens");
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param writer
|
* @param writer
|
||||||
*/
|
*/
|
||||||
private void writeAccessTokens(JsonWriter writer) {
|
private void writeAccessTokens(JsonWriter writer) {
|
||||||
for (OAuth2AccessTokenEntity token : tokenRepo.getAllAccessTokens()) {
|
for (OAuth2AccessTokenEntity token : tokenRepository.getAllAccessTokens()) {
|
||||||
try {
|
try {
|
||||||
writer.value(token.getJwt().serialize());
|
writer.value(token.getJwt().serialize());
|
||||||
logger.debug("Wrote access token {}", token.getId());
|
logger.debug("Wrote access token {}", token.getId());
|
||||||
|
|
@ -164,11 +145,11 @@ public class MITREidDataService_1_0 implements MITREidDataService {
|
||||||
logger.info("Done writing access tokens");
|
logger.info("Done writing access tokens");
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param writer
|
* @param writer
|
||||||
*/
|
*/
|
||||||
private void writeAuthenticationHolders(JsonWriter writer) {
|
private void writeAuthenticationHolders(JsonWriter writer) {
|
||||||
for(AuthenticationHolderEntity holder : authHolderRepo.getAll()) {
|
for (AuthenticationHolderEntity holder : authHolderRepository.getAll()) {
|
||||||
try {
|
try {
|
||||||
writer.beginObject();
|
writer.beginObject();
|
||||||
writer.name("id").value(holder.getId());
|
writer.name("id").value(holder.getId());
|
||||||
|
|
@ -176,9 +157,8 @@ public class MITREidDataService_1_0 implements MITREidDataService {
|
||||||
writer.name("authentication");
|
writer.name("authentication");
|
||||||
writer.beginObject();
|
writer.beginObject();
|
||||||
OAuth2Authentication oa2Auth = holder.getAuthentication();
|
OAuth2Authentication oa2Auth = holder.getAuthentication();
|
||||||
AuthorizationRequest authReq = oa2Auth.getAuthorizationRequest();
|
|
||||||
writer.name("clientAuthorization");
|
writer.name("clientAuthorization");
|
||||||
writeAuthorizationRequest(authReq, writer);
|
writeAuthorizationRequest(oa2Auth.getAuthorizationRequest(), writer);
|
||||||
String userAuthentication = base64UrlEncodeObject(oa2Auth.getUserAuthentication());
|
String userAuthentication = base64UrlEncodeObject(oa2Auth.getUserAuthentication());
|
||||||
writer.name("userAuthentication").value(userAuthentication);
|
writer.name("userAuthentication").value(userAuthentication);
|
||||||
writer.endObject();
|
writer.endObject();
|
||||||
|
|
@ -190,21 +170,19 @@ public class MITREidDataService_1_0 implements MITREidDataService {
|
||||||
}
|
}
|
||||||
logger.info("Done writing authentication holders");
|
logger.info("Done writing authentication holders");
|
||||||
}
|
}
|
||||||
|
|
||||||
//used by writeAuthenticationHolders
|
//used by writeAuthenticationHolders
|
||||||
private void writeAuthorizationRequest(AuthorizationRequest authReq, JsonWriter writer) throws IOException {
|
private void writeAuthorizationRequest(AuthorizationRequest authReq, JsonWriter writer) throws IOException {
|
||||||
writer.beginObject();
|
writer.beginObject();
|
||||||
Map<String, String> authParams = authReq.getAuthorizationParameters();
|
|
||||||
writer.name("authorizationParameters");
|
writer.name("authorizationParameters");
|
||||||
writer.beginObject();
|
writer.beginObject();
|
||||||
for(Entry<String, String> entry: authParams.entrySet()) {
|
for (Entry<String, String> entry : authReq.getAuthorizationParameters().entrySet()) {
|
||||||
writer.name(entry.getKey()).value(entry.getValue());
|
writer.name(entry.getKey()).value(entry.getValue());
|
||||||
}
|
}
|
||||||
writer.endObject();
|
writer.endObject();
|
||||||
Map<String, String> approvalParams = authReq.getApprovalParameters();
|
|
||||||
writer.name("approvalParameters");
|
writer.name("approvalParameters");
|
||||||
writer.beginObject();
|
writer.beginObject();
|
||||||
for(Entry<String, String> entry: approvalParams.entrySet()) {
|
for (Entry<String, String> entry : authReq.getApprovalParameters().entrySet()) {
|
||||||
writer.name(entry.getKey()).value(entry.getValue());
|
writer.name(entry.getKey()).value(entry.getValue());
|
||||||
}
|
}
|
||||||
writer.endObject();
|
writer.endObject();
|
||||||
|
|
@ -212,50 +190,47 @@ public class MITREidDataService_1_0 implements MITREidDataService {
|
||||||
Set<String> scope = authReq.getScope();
|
Set<String> scope = authReq.getScope();
|
||||||
writer.name("scope");
|
writer.name("scope");
|
||||||
writer.beginArray();
|
writer.beginArray();
|
||||||
for(String s : scope) {
|
for (String s : scope) {
|
||||||
writer.value(s);
|
writer.value(s);
|
||||||
}
|
}
|
||||||
writer.endArray();
|
writer.endArray();
|
||||||
Set<String> resourceIds = authReq.getResourceIds();
|
|
||||||
writer.name("resourceIds");
|
writer.name("resourceIds");
|
||||||
writer.beginArray();
|
writer.beginArray();
|
||||||
for(String s : resourceIds) {
|
for (String s : authReq.getResourceIds()) {
|
||||||
writer.value(s);
|
writer.value(s);
|
||||||
}
|
}
|
||||||
writer.endArray();
|
writer.endArray();
|
||||||
Collection<GrantedAuthority> authorities = authReq.getAuthorities();
|
|
||||||
writer.name("authorities");
|
writer.name("authorities");
|
||||||
writer.beginArray();
|
writer.beginArray();
|
||||||
for(GrantedAuthority authority : authorities) {
|
for (GrantedAuthority authority : authReq.getAuthorities()) {
|
||||||
writer.value(authority.getAuthority());
|
writer.value(authority.getAuthority());
|
||||||
}
|
}
|
||||||
writer.endArray();
|
writer.endArray();
|
||||||
writer.name("isApproved").value(authReq.isApproved());
|
writer.name("approved").value(authReq.isApproved());
|
||||||
writer.name("isDenied").value(authReq.isDenied());
|
writer.name("denied").value(authReq.isDenied());
|
||||||
writer.name("state").value(authReq.getState());
|
writer.name("state").value(authReq.getState());
|
||||||
writer.name("redirectUri").value(authReq.getRedirectUri());
|
writer.name("redirectUri").value(authReq.getRedirectUri());
|
||||||
Set<String> responseTypes = authReq.getResponseTypes();
|
|
||||||
writer.name("responseTypes");
|
writer.name("responseTypes");
|
||||||
writer.beginArray();
|
writer.beginArray();
|
||||||
for(String s : responseTypes) {
|
for (String s : authReq.getResponseTypes()) {
|
||||||
writer.value(s);
|
writer.value(s);
|
||||||
}
|
}
|
||||||
writer.endArray();
|
writer.endArray();
|
||||||
writer.endObject();
|
writer.endObject();
|
||||||
}
|
}
|
||||||
|
|
||||||
private String base64UrlEncodeObject(Object obj) throws IOException {
|
private String base64UrlEncodeObject(Object obj) throws IOException {
|
||||||
ByteArrayOutputStream baos = new ByteArrayOutputStream();
|
ByteArrayOutputStream baos = new ByteArrayOutputStream();
|
||||||
ObjectOutputStream oos = new ObjectOutputStream(BaseEncoding.base64Url().encodingStream(new OutputStreamWriter(baos)));
|
ObjectOutputStream oos = new ObjectOutputStream(BaseEncoding.base64Url().encodingStream(new OutputStreamWriter(baos)));
|
||||||
oos.writeObject(obj);
|
oos.writeObject(obj);
|
||||||
return baos.toString("ascii");
|
return baos.toString("ascii");
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param writer
|
* @param writer
|
||||||
*/
|
*/
|
||||||
private void writeGrants(JsonWriter writer) {
|
private void writeGrants(JsonWriter writer) {
|
||||||
for (ApprovedSite site : approvedSiteRepo.getAll()) {
|
for (ApprovedSite site : approvedSiteRepository.getAll()) {
|
||||||
try {
|
try {
|
||||||
writer.beginObject();
|
writer.beginObject();
|
||||||
writer.name("id").value(site.getId());
|
writer.name("id").value(site.getId());
|
||||||
|
|
@ -270,7 +245,7 @@ public class MITREidDataService_1_0 implements MITREidDataService {
|
||||||
writer.value(s);
|
writer.value(s);
|
||||||
}
|
}
|
||||||
writer.endArray();
|
writer.endArray();
|
||||||
if(site.getIsWhitelisted()) {
|
if (site.getIsWhitelisted()) {
|
||||||
WhitelistedSite wlSite = site.getWhitelistedSite();
|
WhitelistedSite wlSite = site.getWhitelistedSite();
|
||||||
writer.name("whitelistedSite");
|
writer.name("whitelistedSite");
|
||||||
writer.beginObject();
|
writer.beginObject();
|
||||||
|
|
@ -279,7 +254,7 @@ public class MITREidDataService_1_0 implements MITREidDataService {
|
||||||
writer.name("creatorUserId").value(wlSite.getCreatorUserId());
|
writer.name("creatorUserId").value(wlSite.getCreatorUserId());
|
||||||
writer.name("allowedScopes");
|
writer.name("allowedScopes");
|
||||||
writer.beginArray();
|
writer.beginArray();
|
||||||
for(String s : wlSite.getAllowedScopes()) {
|
for (String s : wlSite.getAllowedScopes()) {
|
||||||
writer.value(s);
|
writer.value(s);
|
||||||
}
|
}
|
||||||
writer.endArray();
|
writer.endArray();
|
||||||
|
|
@ -294,17 +269,118 @@ public class MITREidDataService_1_0 implements MITREidDataService {
|
||||||
logger.info("Done writing grants");
|
logger.info("Done writing grants");
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param writer
|
* @param writer
|
||||||
*/
|
*/
|
||||||
private void writeClients(JsonWriter writer) {
|
private void writeClients(JsonWriter writer) {
|
||||||
Gson gson = new Gson();
|
for (ClientDetailsEntity client : clientRepository.getAllClients()) {
|
||||||
for(ClientDetailsEntity client : clientRepo.getAllClients()) {
|
|
||||||
String clientStr = gson.toJson(client);
|
|
||||||
try {
|
try {
|
||||||
//writer.beginObject();
|
writer.beginObject();
|
||||||
writer.value(clientStr);
|
writer.name("id").value(client.getClientId());
|
||||||
//writer.endObject();
|
writer.name("resourceIds");
|
||||||
|
writer.beginArray();
|
||||||
|
for (String s : client.getResourceIds()) {
|
||||||
|
writer.value(s);
|
||||||
|
}
|
||||||
|
writer.endArray();
|
||||||
|
|
||||||
|
writer.name("secret").value(client.getClientSecret());
|
||||||
|
|
||||||
|
writer.name("scope");
|
||||||
|
writer.beginArray();
|
||||||
|
for (String s : client.getScope()) {
|
||||||
|
writer.value(s);
|
||||||
|
}
|
||||||
|
writer.endArray();
|
||||||
|
|
||||||
|
writer.name("authorities");
|
||||||
|
writer.beginArray();
|
||||||
|
for (GrantedAuthority authority : client.getAuthorities()) {
|
||||||
|
writer.value(authority.getAuthority());
|
||||||
|
}
|
||||||
|
writer.endArray();
|
||||||
|
writer.name("accessTokenValiditySeconds").value(client.getAccessTokenValiditySeconds());
|
||||||
|
writer.name("refreshTokenValiditySeconds").value(client.getRefreshTokenValiditySeconds());
|
||||||
|
writer.name("additionalInformation");
|
||||||
|
writer.beginObject();
|
||||||
|
for (Entry<String, Object> entry : client.getAdditionalInformation().entrySet()) {
|
||||||
|
writer.name(entry.getKey()).value(entry.getValue().toString());
|
||||||
|
}
|
||||||
|
writer.endObject();
|
||||||
|
writer.name("redirectUris");
|
||||||
|
writer.beginArray();
|
||||||
|
for (String s : client.getRedirectUris()) {
|
||||||
|
writer.value(s);
|
||||||
|
}
|
||||||
|
writer.endArray();
|
||||||
|
writer.name("name").value(client.getClientName());
|
||||||
|
writer.name("uri").value(client.getClientUri());
|
||||||
|
writer.name("logoUri").value(client.getLogoUri());
|
||||||
|
writer.name("contacts");
|
||||||
|
writer.beginArray();
|
||||||
|
for (String s : client.getContacts()) {
|
||||||
|
writer.value(s);
|
||||||
|
}
|
||||||
|
writer.endArray();
|
||||||
|
writer.name("tosUri").value(client.getTosUri());
|
||||||
|
writer.name("tokenEndpointAuthMethod")
|
||||||
|
.value((client.getTokenEndpointAuthMethod() != null) ? client.getTokenEndpointAuthMethod().getValue() : null);
|
||||||
|
writer.name("grantTypes");
|
||||||
|
writer.beginArray();
|
||||||
|
for (String s : client.getGrantTypes()) {
|
||||||
|
writer.value(s);
|
||||||
|
}
|
||||||
|
writer.endArray();
|
||||||
|
writer.name("responseTypes");
|
||||||
|
writer.beginArray();
|
||||||
|
for (String s : client.getResponseTypes()) {
|
||||||
|
writer.value(s);
|
||||||
|
}
|
||||||
|
writer.endArray();
|
||||||
|
writer.name("policyUri").value(client.getPolicyUri());
|
||||||
|
writer.name("jwksUri").value(client.getJwksUri());
|
||||||
|
writer.name("applicationType")
|
||||||
|
.value((client.getApplicationType() != null) ? client.getApplicationType().getValue() : null);
|
||||||
|
writer.name("sectorIdentifierUri").value(client.getSectorIdentifierUri());
|
||||||
|
writer.name("subjectType")
|
||||||
|
.value((client.getSubjectType() != null) ? client.getSubjectType().getValue() : null);
|
||||||
|
writer.name("requestObjectSigningAlg")
|
||||||
|
.value((client.getRequestObjectSigningAlgEmbed() != null) ? client.getRequestObjectSigningAlgEmbed().getAlgorithmName() : null);
|
||||||
|
writer.name("userInfoEncryptedResponseAlg")
|
||||||
|
.value((client.getUserInfoEncryptedResponseAlgEmbed() != null) ? client.getUserInfoEncryptedResponseAlgEmbed().getAlgorithmName() : null);
|
||||||
|
writer.name("userInfoEncryptedResponseEnc")
|
||||||
|
.value((client.getUserInfoEncryptedResponseEncEmbed() != null) ? client.getUserInfoEncryptedResponseEncEmbed().getAlgorithmName() : null);
|
||||||
|
writer.name("userInfoSignedResponseAlg")
|
||||||
|
.value((client.getUserInfoSignedResponseAlgEmbed() != null) ? client.getUserInfoSignedResponseAlgEmbed().getAlgorithmName() : null);
|
||||||
|
writer.name("defaultMaxAge").value(client.getDefaultMaxAge());
|
||||||
|
Boolean requireAuthTime = null;
|
||||||
|
try {
|
||||||
|
requireAuthTime = client.getRequireAuthTime();
|
||||||
|
} catch (NullPointerException e) {}
|
||||||
|
if(requireAuthTime != null) {
|
||||||
|
writer.name("requireAuthTime");
|
||||||
|
writer.value(requireAuthTime);
|
||||||
|
}
|
||||||
|
writer.name("defaultACRValues");
|
||||||
|
writer.beginArray();
|
||||||
|
for (String s : client.getDefaultACRvalues()) {
|
||||||
|
writer.value(s);
|
||||||
|
}
|
||||||
|
writer.endArray();
|
||||||
|
writer.name("intitateLoginUri").value(client.getInitiateLoginUri());
|
||||||
|
writer.name("postLogoutRedirectUri").value(client.getPostLogoutRedirectUri());
|
||||||
|
writer.name("requestUris");
|
||||||
|
writer.beginArray();
|
||||||
|
for (String s : client.getRequestUris()) {
|
||||||
|
writer.value(s);
|
||||||
|
}
|
||||||
|
writer.endArray();
|
||||||
|
writer.name("description").value(client.getClientDescription());
|
||||||
|
writer.name("allowIntrospection").value(client.isAllowIntrospection());
|
||||||
|
writer.name("allowRefresh").value(client.isAllowRefresh());
|
||||||
|
writer.name("reuseRefreshToken").value(client.isReuseRefreshToken());
|
||||||
|
writer.name("dynamicallyRegistered").value(client.isDynamicallyRegistered());
|
||||||
|
writer.endObject();
|
||||||
logger.debug("Wrote client {}", client.getId());
|
logger.debug("Wrote client {}", client.getId());
|
||||||
} catch (IOException ex) {
|
} catch (IOException ex) {
|
||||||
logger.error("Unable to write client {}", client.getId(), ex);
|
logger.error("Unable to write client {}", client.getId(), ex);
|
||||||
|
|
@ -313,89 +389,88 @@ public class MITREidDataService_1_0 implements MITREidDataService {
|
||||||
logger.info("Done writing clients");
|
logger.info("Done writing clients");
|
||||||
}
|
}
|
||||||
|
|
||||||
/* (non-Javadoc)
|
/* (non-Javadoc)
|
||||||
* @see org.mitre.openid.connect.service.MITREidDataService#importData(com.google.gson.stream.JsonReader)
|
* @see org.mitre.openid.connect.service.MITREidDataService#importData(com.google.gson.stream.JsonReader)
|
||||||
*/
|
*/
|
||||||
@Override
|
@Override
|
||||||
public void importData(JsonReader reader) throws IOException {
|
public void importData(JsonReader reader) throws IOException {
|
||||||
|
|
||||||
logger.info("Reading configuration for 1.0");
|
logger.info("Reading configuration for 1.0");
|
||||||
|
|
||||||
// this *HAS* to start as an object
|
// this *HAS* to start as an object
|
||||||
reader.beginObject();
|
reader.beginObject();
|
||||||
|
|
||||||
while (reader.hasNext()) {
|
while (reader.hasNext()) {
|
||||||
JsonToken tok = reader.peek();
|
JsonToken tok = reader.peek();
|
||||||
switch(tok) {
|
switch (tok) {
|
||||||
case NAME:
|
case NAME:
|
||||||
String name = reader.nextName();
|
String name = reader.nextName();
|
||||||
|
|
||||||
// find out which member it is
|
// find out which member it is
|
||||||
if (name.equals(CLIENTS)) {
|
if (name.equals(CLIENTS)) {
|
||||||
readClients(reader);
|
readClients(reader);
|
||||||
} else if (name.equals(GRANTS)) {
|
} else if (name.equals(GRANTS)) {
|
||||||
readGrants(reader);
|
readGrants(reader);
|
||||||
} else if (name.equals(AUTHENTICATIONHOLDERS)) {
|
} else if (name.equals(AUTHENTICATIONHOLDERS)) {
|
||||||
readAuthenticationHolders(reader);
|
readAuthenticationHolders(reader);
|
||||||
} else if (name.equals(ACCESSTOKENS)) {
|
} else if (name.equals(ACCESSTOKENS)) {
|
||||||
readAccessTokens(reader);
|
readAccessTokens(reader);
|
||||||
} else if (name.equals(REFRESHTOKENS)) {
|
} else if (name.equals(REFRESHTOKENS)) {
|
||||||
readRefreshTokens(reader);
|
readRefreshTokens(reader);
|
||||||
} else {
|
} else {
|
||||||
// unknown token, skip it
|
// unknown token, skip it
|
||||||
reader.skipValue();
|
reader.skipValue();
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case END_OBJECT:
|
case END_OBJECT:
|
||||||
// the object ended, we're done here
|
// the object ended, we're done here
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param reader
|
* @param reader
|
||||||
* @throws IOException
|
* @throws IOException
|
||||||
*/
|
*/
|
||||||
private void readRefreshTokens(JsonReader reader) throws IOException {
|
private void readRefreshTokens(JsonReader reader) throws IOException {
|
||||||
// TODO Auto-generated method stub
|
// TODO Auto-generated method stub
|
||||||
reader.skipValue();
|
reader.skipValue();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param reader
|
* @param reader
|
||||||
* @throws IOException
|
* @throws IOException
|
||||||
*/
|
*/
|
||||||
private void readAccessTokens(JsonReader reader) throws IOException {
|
private void readAccessTokens(JsonReader reader) throws IOException {
|
||||||
// TODO Auto-generated method stub
|
// TODO Auto-generated method stub
|
||||||
reader.skipValue();
|
reader.skipValue();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param reader
|
* @param reader
|
||||||
* @throws IOException
|
* @throws IOException
|
||||||
*/
|
*/
|
||||||
private void readAuthenticationHolders(JsonReader reader) throws IOException {
|
private void readAuthenticationHolders(JsonReader reader) throws IOException {
|
||||||
// TODO Auto-generated method stub
|
// TODO Auto-generated method stub
|
||||||
reader.skipValue();
|
reader.skipValue();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param reader
|
* @param reader
|
||||||
* @throws IOException
|
* @throws IOException
|
||||||
*/
|
*/
|
||||||
private void readGrants(JsonReader reader) throws IOException {
|
private void readGrants(JsonReader reader) throws IOException {
|
||||||
// TODO Auto-generated method stub
|
// TODO Auto-generated method stub
|
||||||
reader.skipValue();
|
reader.skipValue();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param reader
|
* @param reader
|
||||||
* @throws IOException
|
* @throws IOException
|
||||||
*/
|
*/
|
||||||
private void readClients(JsonReader reader) throws IOException {
|
private void readClients(JsonReader reader) throws IOException {
|
||||||
// TODO Auto-generated method stub
|
// TODO Auto-generated method stub
|
||||||
reader.skipValue();
|
reader.skipValue();
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -60,7 +60,8 @@ public class DataAPI {
|
||||||
@Autowired
|
@Autowired
|
||||||
private ConfigurationPropertiesBean config;
|
private ConfigurationPropertiesBean config;
|
||||||
|
|
||||||
private MITREidDataService dataService_1_0 = new MITREidDataService_1_0();
|
@Autowired
|
||||||
|
private MITREidDataService dataService_1_0;
|
||||||
|
|
||||||
@RequestMapping(method = RequestMethod.POST, consumes = "application/json")
|
@RequestMapping(method = RequestMethod.POST, consumes = "application/json")
|
||||||
public String importData(Reader in, Model m) throws IOException {
|
public String importData(Reader in, Model m) throws IOException {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue