github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Changes to facilitate data export, additional robustness

pull/650/head
arielak 2014-04-25 15:39:20 -04:00
parent 775a0c6143
commit 317b9e8657
3 changed files with 279 additions and 201 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthenticationHolderEntity.java
View File

@ -33,8 +33,10 @@ import org.springframework.security.oauth2.provider.OAuth2Authentication;
@Entity
@Table(name = "authentication_holder")
@NamedQueries ({
@NamedQuery(name = "AuthenticationHolderEntity.getByAuthentication", query = "select a from AuthenticationHolderEntity a where a.authentication = :authentication")
@NamedQuery(name = "AuthenticationHolderEntity.getByAuthentication", query = "select a from AuthenticationHolderEntity a where a.authentication = :authentication"),
@NamedQuery(name = "AuthenticationHolderEntity.getAll", query = "select a from AuthenticationHolderEntity a")
})
public class AuthenticationHolderEntity {
private Long id;

215
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_0.java
View File

@ -1,37 +1,31 @@
/*******************************************************************************
* Copyright 2014 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
/**
* *****************************************************************************
* Copyright 2014 The MITRE Corporation and the MIT Kerberos and Internet Trust
* Consortium
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* Licensed under the Apache License, Version 2.0 (the "License"); you may not
* use this file except in compliance with the License. You may obtain a copy of
* the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations under
* the License.
*****************************************************************************
*/
package org.mitre.openid.connect.service.impl;
import com.google.common.io.BaseEncoding;
import com.google.gson.Gson;
import java.io.IOException;
import org.mitre.openid.connect.service.MITREidDataService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.google.gson.stream.JsonReader;
import com.google.gson.stream.JsonToken;
import com.google.gson.stream.JsonWriter;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectOutputStream;
import java.io.OutputStreamWriter;
import java.util.Collection;
import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;
import org.mitre.oauth2.model.AuthenticationHolderEntity;
@ -44,10 +38,14 @@ import org.mitre.oauth2.repository.OAuth2TokenRepository;
import org.mitre.openid.connect.model.ApprovedSite;
import org.mitre.openid.connect.model.WhitelistedSite;
import org.mitre.openid.connect.repository.ApprovedSiteRepository;
import org.mitre.openid.connect.service.MITREidDataService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.provider.AuthorizationRequest;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.stereotype.Service;
/**
*
@ -56,41 +54,24 @@ import org.springframework.security.oauth2.provider.OAuth2Authentication;
* @author jricher
* @author arielak
*/
@Service
public class MITREidDataService_1_0 implements MITREidDataService {
private final static Logger logger = LoggerFactory.getLogger(MITREidDataService_1_0.class);
// member names
private static final String REFRESHTOKENS = "refreshtokens";
private static final String ACCESSTOKENS = "accesstokens";
private static final String AUTHENTICATIONHOLDERS = "authenticationholders";
private static final String REFRESHTOKENS = "refreshTokens";
private static final String ACCESSTOKENS = "accessTokens";
private static final String AUTHENTICATIONHOLDERS = "authenticationHolders";
private static final String GRANTS = "grants";
private static final String CLIENTS = "clients";
@Autowired
private OAuth2ClientRepository clientRepo;
private OAuth2ClientRepository clientRepository;
@Autowired
private ApprovedSiteRepository approvedSiteRepo;
private ApprovedSiteRepository approvedSiteRepository;
@Autowired
private AuthenticationHolderRepository authHolderRepo;
private AuthenticationHolderRepository authHolderRepository;
@Autowired
private OAuth2TokenRepository tokenRepo;
public void setClientRepo(OAuth2ClientRepository clientRepo) {
this.clientRepo = clientRepo;
}
public void setApprovedSiteRepo(ApprovedSiteRepository approvedSiteRepo) {
this.approvedSiteRepo = approvedSiteRepo;
}
public void setAuthHolderRepo(AuthenticationHolderRepository authHolderRepo) {
this.authHolderRepo = authHolderRepo;
}
public void setTokenRepo(OAuth2TokenRepository tokenRepo) {
this.tokenRepo = tokenRepo;
}
private OAuth2TokenRepository tokenRepository;
/* (non-Javadoc)
* @see org.mitre.openid.connect.service.MITREidDataService#export(com.google.gson.stream.JsonWriter)
@ -138,7 +119,7 @@ public class MITREidDataService_1_0 implements MITREidDataService {
* @param writer
*/
private void writeRefreshTokens(JsonWriter writer) {
for (OAuth2RefreshTokenEntity token : tokenRepo.getAllRefreshTokens()) {
for (OAuth2RefreshTokenEntity token : tokenRepository.getAllRefreshTokens()) {
try {
writer.value(token.getJwt().serialize());
logger.debug("Wrote refresh token {}", token.getId());
@ -153,7 +134,7 @@ public class MITREidDataService_1_0 implements MITREidDataService {
* @param writer
*/
private void writeAccessTokens(JsonWriter writer) {
for (OAuth2AccessTokenEntity token : tokenRepo.getAllAccessTokens()) {
for (OAuth2AccessTokenEntity token : tokenRepository.getAllAccessTokens()) {
try {
writer.value(token.getJwt().serialize());
logger.debug("Wrote access token {}", token.getId());
@ -168,7 +149,7 @@ public class MITREidDataService_1_0 implements MITREidDataService {
* @param writer
*/
private void writeAuthenticationHolders(JsonWriter writer) {
for(AuthenticationHolderEntity holder : authHolderRepo.getAll()) {
for (AuthenticationHolderEntity holder : authHolderRepository.getAll()) {
try {
writer.beginObject();
writer.name("id").value(holder.getId());
@ -176,9 +157,8 @@ public class MITREidDataService_1_0 implements MITREidDataService {
writer.name("authentication");
writer.beginObject();
OAuth2Authentication oa2Auth = holder.getAuthentication();
AuthorizationRequest authReq = oa2Auth.getAuthorizationRequest();
writer.name("clientAuthorization");
writeAuthorizationRequest(authReq, writer);
writeAuthorizationRequest(oa2Auth.getAuthorizationRequest(), writer);
String userAuthentication = base64UrlEncodeObject(oa2Auth.getUserAuthentication());
writer.name("userAuthentication").value(userAuthentication);
writer.endObject();
@ -194,17 +174,15 @@ public class MITREidDataService_1_0 implements MITREidDataService {
//used by writeAuthenticationHolders
private void writeAuthorizationRequest(AuthorizationRequest authReq, JsonWriter writer) throws IOException {
writer.beginObject();
Map<String, String> authParams = authReq.getAuthorizationParameters();
writer.name("authorizationParameters");
writer.beginObject();
for(Entry<String, String> entry: authParams.entrySet()) {
for (Entry<String, String> entry : authReq.getAuthorizationParameters().entrySet()) {
writer.name(entry.getKey()).value(entry.getValue());
}
writer.endObject();
Map<String, String> approvalParams = authReq.getApprovalParameters();
writer.name("approvalParameters");
writer.beginObject();
for(Entry<String, String> entry: approvalParams.entrySet()) {
for (Entry<String, String> entry : authReq.getApprovalParameters().entrySet()) {
writer.name(entry.getKey()).value(entry.getValue());
}
writer.endObject();
@ -216,28 +194,25 @@ public class MITREidDataService_1_0 implements MITREidDataService {
writer.value(s);
}
writer.endArray();
Set<String> resourceIds = authReq.getResourceIds();
writer.name("resourceIds");
writer.beginArray();
for(String s : resourceIds) {
for (String s : authReq.getResourceIds()) {
writer.value(s);
}
writer.endArray();
Collection<GrantedAuthority> authorities = authReq.getAuthorities();
writer.name("authorities");
writer.beginArray();
for(GrantedAuthority authority : authorities) {
for (GrantedAuthority authority : authReq.getAuthorities()) {
writer.value(authority.getAuthority());
}
writer.endArray();
writer.name("isApproved").value(authReq.isApproved());
writer.name("isDenied").value(authReq.isDenied());
writer.name("approved").value(authReq.isApproved());
writer.name("denied").value(authReq.isDenied());
writer.name("state").value(authReq.getState());
writer.name("redirectUri").value(authReq.getRedirectUri());
Set<String> responseTypes = authReq.getResponseTypes();
writer.name("responseTypes");
writer.beginArray();
for(String s : responseTypes) {
for (String s : authReq.getResponseTypes()) {
writer.value(s);
}
writer.endArray();
@ -255,7 +230,7 @@ public class MITREidDataService_1_0 implements MITREidDataService {
* @param writer
*/
private void writeGrants(JsonWriter writer) {
for (ApprovedSite site : approvedSiteRepo.getAll()) {
for (ApprovedSite site : approvedSiteRepository.getAll()) {
try {
writer.beginObject();
writer.name("id").value(site.getId());
@ -298,13 +273,114 @@ public class MITREidDataService_1_0 implements MITREidDataService {
* @param writer
*/
private void writeClients(JsonWriter writer) {
Gson gson = new Gson();
for(ClientDetailsEntity client : clientRepo.getAllClients()) {
String clientStr = gson.toJson(client);
for (ClientDetailsEntity client : clientRepository.getAllClients()) {
try {
//writer.beginObject();
writer.value(clientStr);
//writer.endObject();
writer.beginObject();
writer.name("id").value(client.getClientId());
writer.name("resourceIds");
writer.beginArray();
for (String s : client.getResourceIds()) {
writer.value(s);
}
writer.endArray();
writer.name("secret").value(client.getClientSecret());
writer.name("scope");
writer.beginArray();
for (String s : client.getScope()) {
writer.value(s);
}
writer.endArray();
writer.name("authorities");
writer.beginArray();
for (GrantedAuthority authority : client.getAuthorities()) {
writer.value(authority.getAuthority());
}
writer.endArray();
writer.name("accessTokenValiditySeconds").value(client.getAccessTokenValiditySeconds());
writer.name("refreshTokenValiditySeconds").value(client.getRefreshTokenValiditySeconds());
writer.name("additionalInformation");
writer.beginObject();
for (Entry<String, Object> entry : client.getAdditionalInformation().entrySet()) {
writer.name(entry.getKey()).value(entry.getValue().toString());
}
writer.endObject();
writer.name("redirectUris");
writer.beginArray();
for (String s : client.getRedirectUris()) {
writer.value(s);
}
writer.endArray();
writer.name("name").value(client.getClientName());
writer.name("uri").value(client.getClientUri());
writer.name("logoUri").value(client.getLogoUri());
writer.name("contacts");
writer.beginArray();
for (String s : client.getContacts()) {
writer.value(s);
}
writer.endArray();
writer.name("tosUri").value(client.getTosUri());
writer.name("tokenEndpointAuthMethod")
.value((client.getTokenEndpointAuthMethod() != null) ? client.getTokenEndpointAuthMethod().getValue() : null);
writer.name("grantTypes");
writer.beginArray();
for (String s : client.getGrantTypes()) {
writer.value(s);
}
writer.endArray();
writer.name("responseTypes");
writer.beginArray();
for (String s : client.getResponseTypes()) {
writer.value(s);
}
writer.endArray();
writer.name("policyUri").value(client.getPolicyUri());
writer.name("jwksUri").value(client.getJwksUri());
writer.name("applicationType")
.value((client.getApplicationType() != null) ? client.getApplicationType().getValue() : null);
writer.name("sectorIdentifierUri").value(client.getSectorIdentifierUri());
writer.name("subjectType")
.value((client.getSubjectType() != null) ? client.getSubjectType().getValue() : null);
writer.name("requestObjectSigningAlg")
.value((client.getRequestObjectSigningAlgEmbed() != null) ? client.getRequestObjectSigningAlgEmbed().getAlgorithmName() : null);
writer.name("userInfoEncryptedResponseAlg")
.value((client.getUserInfoEncryptedResponseAlgEmbed() != null) ? client.getUserInfoEncryptedResponseAlgEmbed().getAlgorithmName() : null);
writer.name("userInfoEncryptedResponseEnc")
.value((client.getUserInfoEncryptedResponseEncEmbed() != null) ? client.getUserInfoEncryptedResponseEncEmbed().getAlgorithmName() : null);
writer.name("userInfoSignedResponseAlg")
.value((client.getUserInfoSignedResponseAlgEmbed() != null) ? client.getUserInfoSignedResponseAlgEmbed().getAlgorithmName() : null);
writer.name("defaultMaxAge").value(client.getDefaultMaxAge());
Boolean requireAuthTime = null;
try {
requireAuthTime = client.getRequireAuthTime();
} catch (NullPointerException e) {}
if(requireAuthTime != null) {
writer.name("requireAuthTime");
writer.value(requireAuthTime);
}
writer.name("defaultACRValues");
writer.beginArray();
for (String s : client.getDefaultACRvalues()) {
writer.value(s);
}
writer.endArray();
writer.name("intitateLoginUri").value(client.getInitiateLoginUri());
writer.name("postLogoutRedirectUri").value(client.getPostLogoutRedirectUri());
writer.name("requestUris");
writer.beginArray();
for (String s : client.getRequestUris()) {
writer.value(s);
}
writer.endArray();
writer.name("description").value(client.getClientDescription());
writer.name("allowIntrospection").value(client.isAllowIntrospection());
writer.name("allowRefresh").value(client.isAllowRefresh());
writer.name("reuseRefreshToken").value(client.isReuseRefreshToken());
writer.name("dynamicallyRegistered").value(client.isDynamicallyRegistered());
writer.endObject();
logger.debug("Wrote client {}", client.getId());
} catch (IOException ex) {
logger.error("Unable to write client {}", client.getId(), ex);
@ -397,5 +473,4 @@ public class MITREidDataService_1_0 implements MITREidDataService {
// TODO Auto-generated method stub
reader.skipValue();
}
}

3
openid-connect-server/src/main/java/org/mitre/openid/connect/web/DataAPI.java
View File

@ -60,7 +60,8 @@ public class DataAPI {
@Autowired
private ConfigurationPropertiesBean config;
private MITREidDataService dataService_1_0 = new MITREidDataService_1_0();
@Autowired
private MITREidDataService dataService_1_0;
@RequestMapping(method = RequestMethod.POST, consumes = "application/json")
public String importData(Reader in, Model m) throws IOException {