github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Removed SWD code

pull/306/merge
Amanda Anganes 2013-03-22 15:23:08 -04:00
parent fcc95f8a0a
commit 36b08dcd6e
4 changed files with 0 additions and 413 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
openid-connect-server/src/main/java/org/mitre/swd/view/JsonOpenIdConfigurationView.java
View File

@ -1,85 +0,0 @@
/*******************************************************************************
* Copyright 2012 The MITRE Corporation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.swd.view;
import java.io.IOException;
import java.io.Writer;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.springframework.validation.BeanPropertyBindingResult;
import org.springframework.web.servlet.view.AbstractView;
import com.google.gson.ExclusionStrategy;
import com.google.gson.FieldAttributes;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
@Component("jsonOpenIdConfigurationView")
public class JsonOpenIdConfigurationView extends AbstractView {
private static Logger logger = LoggerFactory.getLogger(JsonOpenIdConfigurationView.class);
@Override
protected void renderMergedOutputModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) {
Gson gson = new GsonBuilder().setExclusionStrategies(new ExclusionStrategy() {
@Override
public boolean shouldSkipField(FieldAttributes f) {
return false;
}
@Override
public boolean shouldSkipClass(Class<?> clazz) {
// skip the JPA binding wrapper
if (clazz.equals(BeanPropertyBindingResult.class)) {
return true;
} else {
return false;
}
}
})
.create();
response.setContentType("application/json");
Object obj = model.get("entity");
if (obj == null) {
obj = model;
}
Writer out;
try {
out = response.getWriter();
gson.toJson(obj, out);
} catch (IOException e) {
logger.error("IOException in JsonOpenIdConfigurationView.java: ", e);
}
}
}

95
openid-connect-server/src/main/java/org/mitre/swd/view/SwdResponse.java
View File

@ -1,95 +0,0 @@
/*******************************************************************************
* Copyright 2012 The MITRE Corporation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
package org.mitre.swd.view;
import java.io.IOException;
import java.io.Writer;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.springframework.validation.BeanPropertyBindingResult;
import org.springframework.web.servlet.view.AbstractView;
import com.google.gson.ExclusionStrategy;
import com.google.gson.FieldAttributes;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
/**
* @author jricher
*
*/
@Component("jsonSwdResponseView")
public class SwdResponse extends AbstractView {
private static Logger logger = LoggerFactory.getLogger(SwdResponse.class);
/* (non-Javadoc)
* @see org.springframework.web.servlet.view.AbstractView#renderMergedOutputModel(java.util.Map, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
@Override
protected void renderMergedOutputModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) {
Gson gson = new GsonBuilder().setExclusionStrategies(new ExclusionStrategy() {
@Override
public boolean shouldSkipField(FieldAttributes f) {
return false;
}
@Override
public boolean shouldSkipClass(Class<?> clazz) {
// skip the JPA binding wrapper
if (clazz.equals(BeanPropertyBindingResult.class)) {
return true;
} else {
return false;
}
}
})
.create();
response.setContentType("application/json");
Object obj = model.get("entity");
if (obj == null) {
obj = model;
}
Writer out;
try {
out = response.getWriter();
gson.toJson(obj, out);
} catch (IOException e) {
logger.error("IOException in SwdResponse.java: ", e);
}
}
}

105
openid-connect-server/src/main/java/org/mitre/swd/view/XrdJsonResponse.java
View File

@ -1,105 +0,0 @@
/*******************************************************************************
* Copyright 2012 The MITRE Corporation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
package org.mitre.swd.view;
import java.io.IOException;
import java.io.Writer;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.springframework.validation.BeanPropertyBindingResult;
import org.springframework.web.servlet.view.AbstractView;
import com.google.gson.ExclusionStrategy;
import com.google.gson.FieldAttributes;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.google.gson.JsonArray;
import com.google.gson.JsonObject;
/**
* @author jricher
*
*/
@Component("jsonXrdResponseView")
public class XrdJsonResponse extends AbstractView {
private static Logger logger = LoggerFactory.getLogger(XrdJsonResponse.class);
/* (non-Javadoc)
* @see org.springframework.web.servlet.view.AbstractView#renderMergedOutputModel(java.util.Map, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
@Override
protected void renderMergedOutputModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) {
Gson gson = new GsonBuilder().setExclusionStrategies(new ExclusionStrategy() {
@Override
public boolean shouldSkipField(FieldAttributes f) {
return false;
}
@Override
public boolean shouldSkipClass(Class<?> clazz) {
// skip the JPA binding wrapper
if (clazz.equals(BeanPropertyBindingResult.class)) {
return true;
} else {
return false;
}
}
})
.create();
response.setContentType("application/json");
Map<String, String> links = (Map<String, String>) model.get("links");
JsonObject obj = new JsonObject();
JsonArray linksList = new JsonArray();
obj.add("links", linksList);
// map of "rel" -> "link" values
for (Map.Entry<String, String> link : links.entrySet()) {
JsonObject l = new JsonObject();
l.addProperty("rel", link.getKey());
l.addProperty("link", link.getValue());
linksList.add(l);
}
Writer out;
try {
out = response.getWriter();
gson.toJson(obj, out);
} catch (IOException e) {
logger.error("IOException in XrdJsonResponse.java: ", e);
}
}
}

128
openid-connect-server/src/main/java/org/mitre/swd/web/SimpleWebDiscoveryEndpoint.java
View File

@ -1,128 +0,0 @@
/*******************************************************************************
* Copyright 2012 The MITRE Corporation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.swd.web;
import java.security.Principal;
import java.util.HashMap;
import java.util.Map;
import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;
import com.google.common.collect.Lists;
@Controller
public class SimpleWebDiscoveryEndpoint {
@Autowired
ConfigurationPropertiesBean config;
@RequestMapping(value="/.well-known/simple-web-discovery",
params={"principal", "service=http://openid.net/specs/connect/1.0/issuer"}, produces = "application/json")
public ModelAndView openIdConnectIssuerDiscovery(@RequestParam("principal") String principal, ModelAndView modelAndView) {
String baseUrl = config.getIssuer();
// look up user, see if they're local
// if so, return this server
// otherwise, return an error page
Map<String, Object> m = new HashMap<String, Object>();
m.put("locations", Lists.newArrayList(baseUrl));
modelAndView.getModel().put("entity", m);
modelAndView.setViewName("jsonSwdResponseView");
return modelAndView;
}
@RequestMapping(value={"/.well-known/host-meta", "/.well-known/host-meta.json"},
params={"resource", "rel=http://openid.net/specs/connect/1.0/issuer"}, produces = "application/json")
public ModelAndView xrdDiscovery(@RequestParam("resource") String resource, ModelAndView modelAndView) {
Map<String, String> relMap = new HashMap<String, String>();
relMap.put("http://openid.net/specs/connect/1.0/issuer", config.getIssuer());
modelAndView.getModel().put("links", relMap);
modelAndView.setViewName("jsonXrdResponseView");
return modelAndView;
}
@RequestMapping("/.well-known/openid-configuration")
public ModelAndView providerConfiguration(ModelAndView modelAndView, Principal p) {
/*
*
version string Version of the provider response. "3.0" is the default.
issuer string The https: URL with no query or fragment component that the OP asserts as its Issuer Identifier
authorization_endpoint string URL of the OP's Authentication and Authorization Endpoint [OpenID.Messages]
token_endpoint string URL of the OP's OAuth 2.0 Token Endpoint [OpenID.Messages]
userinfo_endpoint string URL of the OP's UserInfo Endpoint [OpenID.Messages]
refresh_session_endpoint string URL of the OP's Refresh Session Endpoint [OpenID.Session]
end_session_endpoint string URL of the OP's End Session Endpoint [OpenID.Session]
jwk_url string URL of the OP's JSON Web Key [JWK] document. Server's signing Key
jwk_encryption_url string URL of the OP's JSON Web Key [JWK] document. Server's Encryption Key, if not present, its value is the same as the URL provided by jwk_url
x509_url string URL of the OP's X.509 certificates in PEM format.
x509_encryption_url string URL of the OP's X.509 certificates in PEM format. Server's Encryption Key, if not present its value is the same as the URL provided by x509_url
registration_endpoint string URL of the OP's Dynamic Client Registration Endpoint [OpenID.Registration]
scopes_supported array A JSON array containing a list of the OAuth 2.0 [OAuth2.0] scope values that this server supports. The server MUST support the openid scope value.
response_types_supported array A JSON array containing a list of the OAuth 2.0 response_type that this server supports. The server MUST support the code, id_token, and the token id_token response_type.
acrs_supported array A JSON array containing a list of the Authentication Context Class References that this server supports.
subject_types_supported array A JSON array containing a list of the user identifier types that this server supports. Valid types include pairwise and public.
userinfo_algs_supported array A JSON array containing a list of the JWS [JWS] and JWE [JWE] signing and encryption algorithms [JWA] supported by the UserInfo Endpoint to encode the JWT [JWT].
id_token_algs_supported array A JSON array containing a list of the JWS and JWE signing and encryption algorithms [JWA] supported by the Authorization Server for the ID Token to encode the JWT [JWT].
request_object_algs_supported array A JSON array containing a list of the JWS and JWE signing and encryption algorithms [JWA] supported by the Authorization Server for the OpenID Request Object described in Section 2.1.2.1 of OpenID Connect Messages [OpenID.Messages] to encode the JWT [JWT]. Servers SHOULD support RS256.
token_endpoint_auth_methods_supported array A JSON array containing a list of authentication types supported by this Token Endpoint. The options are client_secret_post, client_secret_basic, client_secret_jwt, and private_key_jwt, as described in Section 2.2.1 of OpenID Connect Messages 1.0 [OpenID.Messages]. Other Authentication types may be defined by extension. If unspecified or omitted, the default is client_secret_basic HTTP Basic Authentication Scheme as specified in Section 2.3.1 of OAuth 2.0 [OAuth2.0].
token_endpoint_auth_algs_supported array A JSON array containing a list of the JWS signing algorithms [JWA] supported by the Token Endpoint for the private_key_jwt method to encode the JWT [JWT]. Servers SHOULD support RS256.
*
*/
String baseUrl = config.getIssuer();
if (!baseUrl.endsWith("/")) {
baseUrl = baseUrl.concat("/");
}
Map<String, Object> m = new HashMap<String, Object>();
m.put("version", "3.0");
m.put("issuer", config.getIssuer());
m.put("authorization_endpoint", baseUrl + "authorize");
m.put("token_endpoint", baseUrl + "token");
m.put("userinfo_endpoint", baseUrl + "userinfo");
//m.put("refresh_session_endpoint", baseUrl + "/refresh_session");
//m.put("end_session_endpoint", baseUrl + "/end_session");
m.put("jwk_url", baseUrl + "jwk");
m.put("x509_url", baseUrl + "x509");
m.put("registration_endpoint", baseUrl + "register");
m.put("scopes_supported", Lists.newArrayList("openid", "email", "profile", "address", "phone"));
m.put("response_types_supported", Lists.newArrayList("code"));
m.put("token_endpoint_auth_methods_supported", Lists.newArrayList("client_secret_post", "client_secret_basic", "private_key_jwt", "none"));
modelAndView.getModel().put("entity", m);
// TODO: everything in the list up there
modelAndView.setViewName("jsonOpenIdConfigurationView");
return modelAndView;
}
}