From 380d31c5cd7f47b2575272c76337d1e0c9f2204a Mon Sep 17 00:00:00 2001 From: koboldeveloper Date: Tue, 2 Sep 2014 16:43:36 -0400 Subject: [PATCH] oauth2 models creation via factory Implement factory pattern for oauth2 models instantiation, and use models interface in components - service, repository, etc --- .../impl/TestSignedAuthRequestUrlBuilder.java | 2 +- .../service/impl/SymmetricCacheService.java | 3 +- .../oauth2/model/AuthorizationCodeEntity.java | 76 +- .../oauth2/model/ClientDetailsEntity.java | 928 +++---------- .../mitre/oauth2/model/RegisteredClient.java | 588 +++----- .../DefaultAuthenticationHolderEntity.java} | 20 +- .../impl/DefaultAuthorizationCodeEntity.java | 124 ++ .../impl/DefaultClientDetailsEntity.java | 1214 +++++++++++++++++ .../DefaultOAuth2AccessTokenEntity.java} | 106 +- .../DefaultOAuth2RefreshTokenEntity.java} | 62 +- .../model/impl/DefaultRegisteredClient.java | 912 +++++++++++++ .../DefaultSystemScope.java} | 43 +- .../mitre/oauth2/model/impl/ModelFactory.java | 150 ++ .../ClientDetailsEntityJsonProcessor.java | 8 +- .../openid/connect/model/ApprovedSite.java | 23 +- .../oauth2/model/ClientDetailsEntityTest.java | 9 +- .../oauth2/model/RegisteredClientTest.java | 25 +- .../ClientDetailsEntityJsonProcessorTest.java | 5 +- .../webapp/WEB-INF/application-context.xml | 8 +- .../JpaAuthenticationHolderRepository.java | 4 +- .../impl/JpaAuthorizationCodeRepository.java | 2 +- .../impl/JpaOAuth2ClientRepository.java | 4 +- .../impl/JpaOAuth2TokenRepository.java | 26 +- .../impl/JpaSystemScopeRepository.java | 4 +- .../impl/BlacklistAwareRedirectResolver.java | 1 - ...DefaultOAuth2AuthorizationCodeService.java | 6 +- .../DefaultOAuth2ProviderTokenService.java | 21 +- .../impl/DefaultSystemScopeService.java | 4 +- .../token/JwtAssertionTokenGranter.java | 3 +- .../impl/DefaultApprovedSiteService.java | 4 +- .../service/impl/DefaultOIDCTokenService.java | 13 +- .../mitre/openid/connect/web/ClientAPI.java | 2 - .../ClientDynamicRegistrationEndpoint.java | 26 +- ...ProtectedResourceRegistrationEndpoint.java | 29 +- .../TestDefaultIntrospectionAuthorizer.java | 12 +- ...TestDefaultOAuth2ProviderTokenService.java | 19 +- .../impl/TestDefaultSystemScopeService.java | 35 +- .../impl/TestDefaultApprovedSiteService.java | 3 +- .../impl/TestDefaultUserInfoService.java | 22 +- .../TestUUIDPairwiseIdentiferService.java | 11 +- 40 files changed, 3125 insertions(+), 1432 deletions(-) rename openid-connect-common/src/main/java/org/mitre/oauth2/model/{AuthenticationHolderEntity.java => impl/DefaultAuthenticationHolderEntity.java} (72%) create mode 100644 openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultAuthorizationCodeEntity.java create mode 100644 openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultClientDetailsEntity.java rename openid-connect-common/src/main/java/org/mitre/oauth2/model/{OAuth2AccessTokenEntity.java => impl/DefaultOAuth2AccessTokenEntity.java} (64%) rename openid-connect-common/src/main/java/org/mitre/oauth2/model/{OAuth2RefreshTokenEntity.java => impl/DefaultOAuth2RefreshTokenEntity.java} (65%) create mode 100644 openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultRegisteredClient.java rename openid-connect-common/src/main/java/org/mitre/oauth2/model/{SystemScope.java => impl/DefaultSystemScope.java} (88%) create mode 100644 openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/ModelFactory.java diff --git a/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestSignedAuthRequestUrlBuilder.java b/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestSignedAuthRequestUrlBuilder.java index 34eead9dd..e3d677224 100644 --- a/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestSignedAuthRequestUrlBuilder.java +++ b/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestSignedAuthRequestUrlBuilder.java @@ -44,8 +44,8 @@ import com.google.common.collect.Maps; import com.google.common.collect.Sets; import com.nimbusds.jose.Algorithm; import com.nimbusds.jose.jwk.JWK; -import com.nimbusds.jose.jwk.RSAKey; import com.nimbusds.jose.jwk.KeyUse; +import com.nimbusds.jose.jwk.RSAKey; import com.nimbusds.jose.util.Base64URL; import com.nimbusds.jwt.ReadOnlyJWTClaimsSet; import com.nimbusds.jwt.SignedJWT; diff --git a/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/SymmetricCacheService.java b/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/SymmetricCacheService.java index 843ecad87..b44c7fac8 100644 --- a/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/SymmetricCacheService.java +++ b/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/SymmetricCacheService.java @@ -22,7 +22,6 @@ import java.util.Map; import java.util.concurrent.ExecutionException; import java.util.concurrent.TimeUnit; -import com.nimbusds.jose.Algorithm; import org.mitre.jwt.signer.service.JwtSigningAndValidationService; import org.mitre.oauth2.model.ClientDetailsEntity; import org.slf4j.Logger; @@ -36,8 +35,8 @@ import com.google.common.cache.LoadingCache; import com.google.common.collect.ImmutableMap; import com.google.common.util.concurrent.UncheckedExecutionException; import com.nimbusds.jose.jwk.JWK; -import com.nimbusds.jose.jwk.OctetSequenceKey; import com.nimbusds.jose.jwk.KeyUse; +import com.nimbusds.jose.jwk.OctetSequenceKey; import com.nimbusds.jose.util.Base64URL; /** diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java index 7411ba5e5..a74e852ff 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java @@ -14,19 +14,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ -package org.mitre.oauth2.model; -import javax.persistence.Basic; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.FetchType; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.Lob; -import javax.persistence.NamedQueries; -import javax.persistence.NamedQuery; -import javax.persistence.Table; +package org.mitre.oauth2.model; import org.springframework.security.oauth2.provider.OAuth2Authentication; @@ -36,85 +25,36 @@ import org.springframework.security.oauth2.provider.OAuth2Authentication; * @author aanganes * */ -@Entity -@Table(name = "authorization_code") -@NamedQueries({ - @NamedQuery(name = "AuthorizationCodeEntity.getByValue", query = "select a from AuthorizationCodeEntity a where a.code = :code") -}) -public class AuthorizationCodeEntity { - - private Long id; - - private String code; - - private OAuth2Authentication authentication; - - /** - * Default constructor. - */ - public AuthorizationCodeEntity() { - - } - - /** - * Create a new AuthorizationCodeEntity with the given code and AuthorizationRequestHolder. - * - * @param code the authorization code - * @param authRequest the AuthoriztionRequestHolder associated with the original code request - */ - public AuthorizationCodeEntity(String code, OAuth2Authentication authRequest) { - this.code = code; - this.authentication = authRequest; - } +public interface AuthorizationCodeEntity { /** * @return the id */ - @Id - @GeneratedValue(strategy = GenerationType.IDENTITY) - @Column(name = "id") - public Long getId() { - return id; - } + Long getId(); /** * @param id the id to set */ - public void setId(Long id) { - this.id = id; - } + void setId(Long id); /** * @return the code */ - @Basic - @Column(name = "code") - public String getCode() { - return code; - } + String getCode(); /** * @param code the code to set */ - public void setCode(String code) { - this.code = code; - } + void setCode(String code); /** * @return the authentication */ - @Lob - @Basic(fetch=FetchType.EAGER) - @Column(name="authentication") - public OAuth2Authentication getAuthentication() { - return authentication; - } + OAuth2Authentication getAuthentication(); /** * @param authentication the authentication to set */ - public void setAuthentication(OAuth2Authentication authentication) { - this.authentication = authentication; - } + void setAuthentication(OAuth2Authentication authentication); } diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java index 252a41cad..b77c8a86a 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java @@ -14,41 +14,14 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ -/** - * - */ + package org.mitre.oauth2.model; import java.util.Date; import java.util.HashMap; -import java.util.HashSet; import java.util.Map; import java.util.Set; -import javax.persistence.AttributeOverride; -import javax.persistence.AttributeOverrides; -import javax.persistence.Basic; -import javax.persistence.CollectionTable; -import javax.persistence.Column; -import javax.persistence.ElementCollection; -import javax.persistence.Embedded; -import javax.persistence.Entity; -import javax.persistence.EnumType; -import javax.persistence.Enumerated; -import javax.persistence.FetchType; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; -import javax.persistence.JoinColumn; -import javax.persistence.NamedQueries; -import javax.persistence.NamedQuery; -import javax.persistence.PrePersist; -import javax.persistence.PreUpdate; -import javax.persistence.Table; -import javax.persistence.Temporal; -import javax.persistence.TemporalType; -import javax.persistence.Transient; - import org.mitre.jose.JWEAlgorithmEmbed; import org.mitre.jose.JWEEncryptionMethodEmbed; import org.mitre.jose.JWSAlgorithmEmbed; @@ -63,79 +36,7 @@ import com.nimbusds.jose.JWSAlgorithm; * @author jricher * */ -@Entity -@Table(name = "client_details") -@NamedQueries({ - @NamedQuery(name = "ClientDetailsEntity.findAll", query = "SELECT c FROM ClientDetailsEntity c"), - @NamedQuery(name = "ClientDetailsEntity.getByClientId", query = "select c from ClientDetailsEntity c where c.clientId = :clientId") -}) -public class ClientDetailsEntity implements ClientDetails { - - /** - * - */ - private static final int DEFAULT_ID_TOKEN_VALIDITY_SECONDS = 600; - - private static final long serialVersionUID = -1617727085733786296L; - - private Long id; - - /** Fields from the OAuth2 Dynamic Registration Specification */ - private String clientId = null; // client_id - private String clientSecret = null; // client_secret - private Set redirectUris = new HashSet(); // redirect_uris - private String clientName; // client_name - private String clientUri; // client_uri - private String logoUri; // logo_uri - private Set contacts; // contacts - private String tosUri; // tos_uri - private AuthMethod tokenEndpointAuthMethod = AuthMethod.SECRET_BASIC; // token_endpoint_auth_method - private Set scope = new HashSet(); // scope - private Set grantTypes = new HashSet(); // grant_types - private Set responseTypes = new HashSet(); // response_types - private String policyUri; - private String jwksUri; - - /** Fields from OIDC Client Registration Specification **/ - private AppType applicationType; // application_type - private String sectorIdentifierUri; // sector_identifier_uri - private SubjectType subjectType; // subject_type - - private JWSAlgorithmEmbed requestObjectSigningAlg = null; // request_object_signing_alg - - private JWSAlgorithmEmbed userInfoSignedResponseAlg = null; // user_info_signed_response_alg - private JWEAlgorithmEmbed userInfoEncryptedResponseAlg = null; // user_info_encrypted_response_alg - private JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc = null; // user_info_encrypted_response_enc - - private JWSAlgorithmEmbed idTokenSignedResponseAlg = null; // id_token_signed_response_alg - private JWEAlgorithmEmbed idTokenEncryptedResponseAlg = null; // id_token_encrypted_response_alg - private JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc = null; // id_token_encrypted_response_enc - - private JWSAlgorithmEmbed tokenEndpointAuthSigningAlg = null; // token_endpoint_auth_signing_alg - - private Integer defaultMaxAge; // default_max_age - private Boolean requireAuthTime; // require_auth_time - private Set defaultACRvalues; // default_acr_values - - private String initiateLoginUri; // initiate_login_uri - private String postLogoutRedirectUri; // post_logout_redirect_uri - - private Set requestUris; // request_uris - - /** Fields to support the ClientDetails interface **/ - private Set authorities = new HashSet(); - private Integer accessTokenValiditySeconds = 0; // in seconds - private Integer refreshTokenValiditySeconds = 0; // in seconds - private Set resourceIds = new HashSet(); - private Map additionalInformation = new HashMap(); - - /** Our own fields **/ - private String clientDescription = ""; // human-readable description - private boolean reuseRefreshToken = true; // do we let someone reuse a refresh token? - private boolean dynamicallyRegistered = false; // was this client dynamically registered? - private boolean allowIntrospection = false; // do we let this client call the introspection endpoint? - private Integer idTokenValiditySeconds; //timeout for id tokens - private Date createdAt; // time the client was created +public interface ClientDetailsEntity extends ClientDetails { public enum AuthMethod { SECRET_POST("client_secret_post"), @@ -219,824 +120,315 @@ public class ClientDetailsEntity implements ClientDetails { } } - /** - * Create a blank ClientDetailsEntity - */ - public ClientDetailsEntity() { - - } - - @PrePersist - @PreUpdate - private void prePersist() { - // make sure that ID tokens always time out, default to 5 minutes - if (getIdTokenValiditySeconds() == null) { - setIdTokenValiditySeconds(DEFAULT_ID_TOKEN_VALIDITY_SECONDS); - } - } - /** * @return the id */ - @Id - @GeneratedValue(strategy = GenerationType.IDENTITY) - @Column(name = "id") - public Long getId() { - return id; - } - + Long getId(); + /** * * @param id the id to set */ - public void setId(Long id) { - this.id = id; - } + void setId(Long id); /** * @return the clientDescription */ - @Basic - @Column(name="client_description") - public String getClientDescription() { - return clientDescription; - } + String getClientDescription(); /** * @param clientDescription Human-readable long description of the client (optional) */ - public void setClientDescription(String clientDescription) { - this.clientDescription = clientDescription; - } + void setClientDescription(String clientDescription); /** * @return the allowRefresh */ - @Transient - public boolean isAllowRefresh() { - if (grantTypes != null) { - return getAuthorizedGrantTypes().contains("refresh_token"); - } else { - return false; // if there are no grants, we can't be refreshing them, can we? - } - } + boolean isAllowRefresh(); - @Basic - @Column(name="reuse_refresh_tokens") - public boolean isReuseRefreshToken() { - return reuseRefreshToken; - } + boolean isReuseRefreshToken(); - public void setReuseRefreshToken(boolean reuseRefreshToken) { - this.reuseRefreshToken = reuseRefreshToken; - } + void setReuseRefreshToken(boolean reuseRefreshToken); /** * Number of seconds ID token is valid for. MUST be a positive integer, can not be null. * * @return the idTokenValiditySeconds */ - @Basic - @Column(name="id_token_validity_seconds") - public Integer getIdTokenValiditySeconds() { - return idTokenValiditySeconds; - } + Integer getIdTokenValiditySeconds(); /** * @param idTokenValiditySeconds the idTokenValiditySeconds to set */ - public void setIdTokenValiditySeconds(Integer idTokenValiditySeconds) { - this.idTokenValiditySeconds = idTokenValiditySeconds; - } + void setIdTokenValiditySeconds(Integer idTokenValiditySeconds); /** * @return the dynamicallyRegistered */ - @Basic - @Column(name="dynamically_registered") - public boolean isDynamicallyRegistered() { - return dynamicallyRegistered; - } + boolean isDynamicallyRegistered(); /** * @param dynamicallyRegistered the dynamicallyRegistered to set */ - public void setDynamicallyRegistered(boolean dynamicallyRegistered) { - this.dynamicallyRegistered = dynamicallyRegistered; - } - - - - + void setDynamicallyRegistered(boolean dynamicallyRegistered); /** * @return the allowIntrospection */ - @Basic - @Column(name="allow_introspection") - public boolean isAllowIntrospection() { - return allowIntrospection; - } + boolean isAllowIntrospection(); /** * @param allowIntrospection the allowIntrospection to set */ - public void setAllowIntrospection(boolean allowIntrospection) { - this.allowIntrospection = allowIntrospection; - } - - /** - * - */ - @Override - @Transient - public boolean isSecretRequired() { - if (getTokenEndpointAuthMethod() != null && - (getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_BASIC) || - getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_POST) || - getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_JWT))) { - return true; - } else { - return false; - } - - } - - /** - * If the scope list is not null or empty, then this client has been scoped. - */ - @Override - @Transient - public boolean isScoped() { - return getScope() != null && !getScope().isEmpty(); - } - - /** - * @return the clientId - */ - @Basic - @Override - @Column(name="client_id") - public String getClientId() { - return clientId; - } - + void setAllowIntrospection(boolean allowIntrospection); + /** * @param clientId The OAuth2 client_id, must be unique to this client */ - public void setClientId(String clientId) { - this.clientId = clientId; - } - - /** - * @return the clientSecret - */ - @Basic - @Override - @Column(name="client_secret") - public String getClientSecret() { - return clientSecret; - } + void setClientId(String clientId); /** * @param clientSecret the OAuth2 client_secret (optional) */ - public void setClientSecret(String clientSecret) { - this.clientSecret = clientSecret; - } - - /** - * @return the scope - */ - @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable( - name="client_scope", - joinColumns=@JoinColumn(name="owner_id") - ) - @Override - @Column(name="scope") - public Set getScope() { - return scope; - } - + void setClientSecret(String clientSecret); + /** * @param scope the set of scopes allowed to be issued to this client */ - public void setScope(Set scope) { - this.scope = scope; - } + void setScope(Set scope); /** * @return the authorizedGrantTypes */ - @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable( - name="client_grant_type", - joinColumns=@JoinColumn(name="owner_id") - ) - @Column(name="grant_type") - public Set getGrantTypes() { - return grantTypes; - } + Set getGrantTypes(); /** * @param authorizedGrantTypes the OAuth2 grant types that this client is allowed to use */ - public void setGrantTypes(Set grantTypes) { - this.grantTypes = grantTypes; - } + void setGrantTypes(Set grantTypes); /** - * passthrough for SECOAUTH api + * @return the authorizedGrantTypes */ @Override - public Set getAuthorizedGrantTypes() { - return getGrantTypes(); - } - - /** - * @return the authorities - */ - @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable( - name="client_authority", - joinColumns=@JoinColumn(name="owner_id") - ) - @Override - @Column(name="authority") - public Set getAuthorities() { - return authorities; - } + Set getAuthorities(); /** * @param authorities the Spring Security authorities this client is given */ - public void setAuthorities(Set authorities) { - this.authorities = authorities; - } - - @Override - @Basic - @Column(name="access_token_validity_seconds") - public Integer getAccessTokenValiditySeconds() { - return accessTokenValiditySeconds; - } + void setAuthorities(Set authorities); /** * @param accessTokenTimeout the accessTokenTimeout to set */ - public void setAccessTokenValiditySeconds(Integer accessTokenValiditySeconds) { - this.accessTokenValiditySeconds = accessTokenValiditySeconds; - } - - @Override - @Basic - @Column(name="refresh_token_validity_seconds") - public Integer getRefreshTokenValiditySeconds() { - return refreshTokenValiditySeconds; - } - + void setAccessTokenValiditySeconds(Integer accessTokenValiditySeconds); + /** * @param refreshTokenTimeout Lifetime of refresh tokens, in seconds (optional - leave null for no timeout) */ - public void setRefreshTokenValiditySeconds(Integer refreshTokenValiditySeconds) { - this.refreshTokenValiditySeconds = refreshTokenValiditySeconds; - } + void setRefreshTokenValiditySeconds(Integer refreshTokenValiditySeconds); /** * @return the registeredRedirectUri */ - @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable( - name="client_redirect_uri", - joinColumns=@JoinColumn(name="owner_id") - ) - @Column(name="redirect_uri") - public Set getRedirectUris() { - return redirectUris; - } + Set getRedirectUris(); /** * @param registeredRedirectUri the registeredRedirectUri to set */ - public void setRedirectUris(Set redirectUris) { - this.redirectUris = redirectUris; - } - - /** - * Pass-through method to fulfill the ClientDetails interface with a bad name - */ - @Override - @Transient - public Set getRegisteredRedirectUri() { - return getRedirectUris(); - } - - /** - * @return the resourceIds - */ - @Override - @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable( - name="client_resource", - joinColumns=@JoinColumn(name="owner_id") - ) - @Column(name="resource_id") - public Set getResourceIds() { - return resourceIds; - } - + void setRedirectUris(Set redirectUris); + /** * @param resourceIds the resourceIds to set */ - public void setResourceIds(Set resourceIds) { - this.resourceIds = resourceIds; - } + void setResourceIds(Set resourceIds); + + AppType getApplicationType(); + void setApplicationType(AppType applicationType); - /** - * This library does not make use of this field, so it is not - * stored using our persistence layer. - * - * However, it's somehow required by SECOUATH. - * - * @return an empty map - */ - @Override - @Transient - public Map getAdditionalInformation() { - return this.additionalInformation; - } + String getClientName(); + void setClientName(String clientName); + AuthMethod getTokenEndpointAuthMethod(); + void setTokenEndpointAuthMethod(AuthMethod tokenEndpointAuthMethod); - @Enumerated(EnumType.STRING) - @Column(name="application_type") - public AppType getApplicationType() { - return applicationType; - } + SubjectType getSubjectType(); - public void setApplicationType(AppType applicationType) { - this.applicationType = applicationType; - } + void setSubjectType(SubjectType subjectType); - @Basic - @Column(name="client_name") - public String getClientName() { - return clientName; - } + Set getContacts(); - public void setClientName(String clientName) { - this.clientName = clientName; - } + void setContacts(Set contacts); - @Enumerated(EnumType.STRING) - @Column(name="token_endpoint_auth_method") - public AuthMethod getTokenEndpointAuthMethod() { - return tokenEndpointAuthMethod; - } + String getLogoUri(); - public void setTokenEndpointAuthMethod(AuthMethod tokenEndpointAuthMethod) { - this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; - } - - @Enumerated(EnumType.STRING) - @Column(name="subject_type") - public SubjectType getSubjectType() { - return subjectType; - } - - public void setSubjectType(SubjectType subjectType) { - this.subjectType = subjectType; - } - - @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable( - name="client_contact", - joinColumns=@JoinColumn(name="owner_id") - ) - @Column(name="contact") - public Set getContacts() { - return contacts; - } - - public void setContacts(Set contacts) { - this.contacts = contacts; - } - - @Basic - @Column(name="logo_uri") - public String getLogoUri() { - return logoUri; - } - - public void setLogoUri(String logoUri) { - this.logoUri = logoUri; - } - - @Basic - @Column(name="policy_uri") - public String getPolicyUri() { - return policyUri; - } - - public void setPolicyUri(String policyUri) { - this.policyUri = policyUri; - } + void setLogoUri(String logoUri); + String getPolicyUri(); + + void setPolicyUri(String policyUri); + /** * @return the clientUrl */ - @Basic - @Column(name="client_uri") - public String getClientUri() { - return clientUri; - } - + String getClientUri(); + /** * @param clientUrl the clientUrl to set */ - public void setClientUri(String clientUri) { - this.clientUri = clientUri; - } - + void setClientUri(String clientUri); + /** * @return the tosUrl */ - @Basic - @Column(name="tos_uri") - public String getTosUri() { - return tosUri; - } - + String getTosUri(); + /** * @param tosUrl the tosUrl to set */ - public void setTosUri(String tosUri) { - this.tosUri = tosUri; - } + void setTosUri(String tosUri); + + String getJwksUri(); + + void setJwksUri(String jwksUri); + + String getSectorIdentifierUri(); + + void setSectorIdentifierUri(String sectorIdentifierUri); + + JWSAlgorithmEmbed getRequestObjectSigningAlgEmbed(); + + void setRequestObjectSigningAlgEmbed(JWSAlgorithmEmbed requestObjectSigningAlg); + + JWSAlgorithmEmbed getUserInfoSignedResponseAlgEmbed(); + + void setUserInfoSignedResponseAlgEmbed(JWSAlgorithmEmbed userInfoSignedResponseAlg); + + JWEAlgorithmEmbed getUserInfoEncryptedResponseAlgEmbed(); - @Basic - @Column(name="jwks_uri") - public String getJwksUri() { - return jwksUri; - } - - public void setJwksUri(String jwksUri) { - this.jwksUri = jwksUri; - } - - @Basic - @Column(name="sector_identifier_uri") - public String getSectorIdentifierUri() { - return sectorIdentifierUri; - } - - public void setSectorIdentifierUri(String sectorIdentifierUri) { - this.sectorIdentifierUri = sectorIdentifierUri; - } - - @Embedded - @AttributeOverrides({ - @AttributeOverride(name = "algorithmName", column=@Column(name="request_object_signing_alg")) - }) - public JWSAlgorithmEmbed getRequestObjectSigningAlgEmbed() { - return requestObjectSigningAlg; - } - - public void setRequestObjectSigningAlgEmbed(JWSAlgorithmEmbed requestObjectSigningAlg) { - this.requestObjectSigningAlg = requestObjectSigningAlg; - } - - @Embedded - @AttributeOverrides({ - @AttributeOverride(name = "algorithmName", column=@Column(name="user_info_signed_response_alg")) - }) - public JWSAlgorithmEmbed getUserInfoSignedResponseAlgEmbed() { - return userInfoSignedResponseAlg; - } - - public void setUserInfoSignedResponseAlgEmbed(JWSAlgorithmEmbed userInfoSignedResponseAlg) { - this.userInfoSignedResponseAlg = userInfoSignedResponseAlg; - } - - @Embedded - @AttributeOverrides({ - @AttributeOverride(name = "algorithmName", column=@Column(name="user_info_encrypted_response_alg")) - }) - public JWEAlgorithmEmbed getUserInfoEncryptedResponseAlgEmbed() { - return userInfoEncryptedResponseAlg; - } - - public void setUserInfoEncryptedResponseAlgEmbed(JWEAlgorithmEmbed userInfoEncryptedResponseAlg) { - this.userInfoEncryptedResponseAlg = userInfoEncryptedResponseAlg; - } - - @Embedded - @AttributeOverrides({ - @AttributeOverride(name = "algorithmName", column=@Column(name="user_info_encrypted_response_enc")) - }) - public JWEEncryptionMethodEmbed getUserInfoEncryptedResponseEncEmbed() { - return userInfoEncryptedResponseEnc; - } - - public void setUserInfoEncryptedResponseEncEmbed(JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc) { - this.userInfoEncryptedResponseEnc = userInfoEncryptedResponseEnc; - } - - @Embedded - @AttributeOverrides({ - @AttributeOverride(name = "algorithmName", column=@Column(name="id_token_signed_response_alg")) - }) - public JWSAlgorithmEmbed getIdTokenSignedResponseAlgEmbed() { - return idTokenSignedResponseAlg; - } - - public void setIdTokenSignedResponseAlgEmbed(JWSAlgorithmEmbed idTokenSignedResponseAlg) { - this.idTokenSignedResponseAlg = idTokenSignedResponseAlg; - } - - @Embedded - @AttributeOverrides({ - @AttributeOverride(name = "algorithmName", column=@Column(name="id_token_encrypted_response_alg")) - }) - public JWEAlgorithmEmbed getIdTokenEncryptedResponseAlgEmbed() { - return idTokenEncryptedResponseAlg; - } - - public void setIdTokenEncryptedResponseAlgEmbed(JWEAlgorithmEmbed idTokenEncryptedResponseAlg) { - this.idTokenEncryptedResponseAlg = idTokenEncryptedResponseAlg; - } - - @Embedded - @AttributeOverrides({ - @AttributeOverride(name = "algorithmName", column=@Column(name="id_token_encrypted_response_enc")) - }) - public JWEEncryptionMethodEmbed getIdTokenEncryptedResponseEncEmbed() { - return idTokenEncryptedResponseEnc; - } - - public void setIdTokenEncryptedResponseEncEmbed(JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc) { - this.idTokenEncryptedResponseEnc = idTokenEncryptedResponseEnc; - } - - @Embedded - @AttributeOverrides({ - @AttributeOverride(name = "algorithmName", column=@Column(name="token_endpoint_auth_signing_alg")) - }) - public JWSAlgorithmEmbed getTokenEndpointAuthSigningAlgEmbed() { - return tokenEndpointAuthSigningAlg; - } - - public void setTokenEndpointAuthSigningAlgEmbed(JWSAlgorithmEmbed tokenEndpointAuthSigningAlgEmbed) { - this.tokenEndpointAuthSigningAlg = tokenEndpointAuthSigningAlgEmbed; - } - - // - // Transient passthrough methods for JOSE elements - // - - @Transient - public JWSAlgorithm getRequestObjectSigningAlg() { - if (requestObjectSigningAlg != null) { - return requestObjectSigningAlg.getAlgorithm(); - } else { - return null; - } - } - - public void setRequestObjectSigningAlg(JWSAlgorithm requestObjectSigningAlg) { - this.requestObjectSigningAlg = new JWSAlgorithmEmbed(requestObjectSigningAlg); - } - - @Transient - public JWSAlgorithm getUserInfoSignedResponseAlg() { - if (userInfoSignedResponseAlg != null) { - return userInfoSignedResponseAlg.getAlgorithm(); - } else { - return null; - } - } - - public void setUserInfoSignedResponseAlg(JWSAlgorithm userInfoSignedResponseAlg) { - this.userInfoSignedResponseAlg = new JWSAlgorithmEmbed(userInfoSignedResponseAlg); - } - - @Transient - public JWEAlgorithm getUserInfoEncryptedResponseAlg() { - if (userInfoEncryptedResponseAlg != null) { - return userInfoEncryptedResponseAlg.getAlgorithm(); - } else { - return null; - } - } - - public void setUserInfoEncryptedResponseAlg(JWEAlgorithm userInfoEncryptedResponseAlg) { - this.userInfoEncryptedResponseAlg = new JWEAlgorithmEmbed(userInfoEncryptedResponseAlg); - } - - @Transient - public EncryptionMethod getUserInfoEncryptedResponseEnc() { - if (userInfoEncryptedResponseEnc != null) { - return userInfoEncryptedResponseEnc.getAlgorithm(); - } else { - return null; - } - } - - public void setUserInfoEncryptedResponseEnc(EncryptionMethod userInfoEncryptedResponseEnc) { - this.userInfoEncryptedResponseEnc = new JWEEncryptionMethodEmbed(userInfoEncryptedResponseEnc); - } - - @Transient - public JWSAlgorithm getIdTokenSignedResponseAlg() { - if (idTokenSignedResponseAlg != null) { - return idTokenSignedResponseAlg.getAlgorithm(); - } else { - return null; - } - } - - public void setIdTokenSignedResponseAlg(JWSAlgorithm idTokenSignedResponseAlg) { - this.idTokenSignedResponseAlg = new JWSAlgorithmEmbed(idTokenSignedResponseAlg); - } - - @Transient - public JWEAlgorithm getIdTokenEncryptedResponseAlg() { - if (idTokenEncryptedResponseAlg != null) { - return idTokenEncryptedResponseAlg.getAlgorithm(); - } else { - return null; - } - } - - public void setIdTokenEncryptedResponseAlg(JWEAlgorithm idTokenEncryptedResponseAlg) { - this.idTokenEncryptedResponseAlg = new JWEAlgorithmEmbed(idTokenEncryptedResponseAlg); - } - - @Transient - public EncryptionMethod getIdTokenEncryptedResponseEnc() { - if (idTokenEncryptedResponseEnc != null) { - return idTokenEncryptedResponseEnc.getAlgorithm(); - } else { - return null; - } - } - - public void setIdTokenEncryptedResponseEnc(EncryptionMethod idTokenEncryptedResponseEnc) { - this.idTokenEncryptedResponseEnc = new JWEEncryptionMethodEmbed(idTokenEncryptedResponseEnc); - } - - @Transient - public JWSAlgorithm getTokenEndpointAuthSigningAlg() { - if (tokenEndpointAuthSigningAlg != null) { - return tokenEndpointAuthSigningAlg.getAlgorithm(); - } else { - return null; - } - } - - public void setTokenEndpointAuthSigningAlg(JWSAlgorithm tokenEndpointAuthSigningAlg) { - this.tokenEndpointAuthSigningAlg = new JWSAlgorithmEmbed(tokenEndpointAuthSigningAlg); - } - - // END Transient JOSE methods - - @Basic - @Column(name="default_max_age") - public Integer getDefaultMaxAge() { - return defaultMaxAge; - } - - public void setDefaultMaxAge(Integer defaultMaxAge) { - this.defaultMaxAge = defaultMaxAge; - } - - @Basic - @Column(name="require_auth_time") - public Boolean getRequireAuthTime() { - return requireAuthTime; - } - - public void setRequireAuthTime(Boolean requireAuthTime) { - this.requireAuthTime = requireAuthTime; - } + void setUserInfoEncryptedResponseAlgEmbed(JWEAlgorithmEmbed userInfoEncryptedResponseAlg); + + JWEEncryptionMethodEmbed getUserInfoEncryptedResponseEncEmbed(); + + void setUserInfoEncryptedResponseEncEmbed(JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc); + + JWSAlgorithmEmbed getIdTokenSignedResponseAlgEmbed(); + + void setIdTokenSignedResponseAlgEmbed(JWSAlgorithmEmbed idTokenSignedResponseAlg); + + JWEAlgorithmEmbed getIdTokenEncryptedResponseAlgEmbed(); + + void setIdTokenEncryptedResponseAlgEmbed(JWEAlgorithmEmbed idTokenEncryptedResponseAlg); + + JWEEncryptionMethodEmbed getIdTokenEncryptedResponseEncEmbed(); + + void setIdTokenEncryptedResponseEncEmbed(JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc); + + JWSAlgorithmEmbed getTokenEndpointAuthSigningAlgEmbed(); + + void setTokenEndpointAuthSigningAlgEmbed(JWSAlgorithmEmbed tokenEndpointAuthSigningAlgEmbed); + + JWSAlgorithm getRequestObjectSigningAlg(); + + void setRequestObjectSigningAlg(JWSAlgorithm requestObjectSigningAlg); + + JWSAlgorithm getUserInfoSignedResponseAlg(); + + void setUserInfoSignedResponseAlg(JWSAlgorithm userInfoSignedResponseAlg); + + JWEAlgorithm getUserInfoEncryptedResponseAlg(); + + void setUserInfoEncryptedResponseAlg(JWEAlgorithm userInfoEncryptedResponseAlg); + + EncryptionMethod getUserInfoEncryptedResponseEnc(); + void setUserInfoEncryptedResponseEnc(EncryptionMethod userInfoEncryptedResponseEnc); + + JWSAlgorithm getIdTokenSignedResponseAlg(); + + void setIdTokenSignedResponseAlg(JWSAlgorithm idTokenSignedResponseAlg); + + JWEAlgorithm getIdTokenEncryptedResponseAlg(); + + void setIdTokenEncryptedResponseAlg(JWEAlgorithm idTokenEncryptedResponseAlg); + + EncryptionMethod getIdTokenEncryptedResponseEnc(); + + void setIdTokenEncryptedResponseEnc(EncryptionMethod idTokenEncryptedResponseEnc); + + JWSAlgorithm getTokenEndpointAuthSigningAlg(); + + void setTokenEndpointAuthSigningAlg(JWSAlgorithm tokenEndpointAuthSigningAlg); + + Integer getDefaultMaxAge(); + + void setDefaultMaxAge(Integer defaultMaxAge); + + Boolean getRequireAuthTime(); + + void setRequireAuthTime(Boolean requireAuthTime); + /** * @return the responseTypes */ - @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable( - name="client_response_type", - joinColumns=@JoinColumn(name="owner_id") - ) - @Column(name="response_type") - public Set getResponseTypes() { - return responseTypes; - } - + Set getResponseTypes(); + /** * @param responseTypes the responseTypes to set */ - public void setResponseTypes(Set responseTypes) { - this.responseTypes = responseTypes; - } - + void setResponseTypes(Set responseTypes); + /** * @return the defaultACRvalues */ - @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable( - name="client_default_acr_value", - joinColumns=@JoinColumn(name="owner_id") - ) - @Column(name="default_acr_value") - public Set getDefaultACRvalues() { - return defaultACRvalues; - } - + Set getDefaultACRvalues(); + /** * @param defaultACRvalues the defaultACRvalues to set */ - public void setDefaultACRvalues(Set defaultACRvalues) { - this.defaultACRvalues = defaultACRvalues; - } - + void setDefaultACRvalues(Set defaultACRvalues); + /** * @return the initiateLoginUri */ - @Basic - @Column(name="initiate_login_uri") - public String getInitiateLoginUri() { - return initiateLoginUri; - } - + String getInitiateLoginUri(); + /** * @param initiateLoginUri the initiateLoginUri to set */ - public void setInitiateLoginUri(String initiateLoginUri) { - this.initiateLoginUri = initiateLoginUri; - } - + void setInitiateLoginUri(String initiateLoginUri); + /** * @return the postLogoutRedirectUri */ - @Basic - @Column(name="post_logout_redirect_uri") - public String getPostLogoutRedirectUri() { - return postLogoutRedirectUri; - } - + String getPostLogoutRedirectUri(); + /** * @param postLogoutRedirectUri the postLogoutRedirectUri to set */ - public void setPostLogoutRedirectUri(String postLogoutRedirectUri) { - this.postLogoutRedirectUri = postLogoutRedirectUri; - } - + void setPostLogoutRedirectUri(String postLogoutRedirectUri); + /** * @return the requestUris */ - @ElementCollection(fetch = FetchType.EAGER) - @CollectionTable( - name="client_request_uri", - joinColumns=@JoinColumn(name="owner_id") - ) - @Column(name="request_uri") - public Set getRequestUris() { - return requestUris; - } - + Set getRequestUris(); + /** * @param requestUris the requestUris to set */ - public void setRequestUris(Set requestUris) { - this.requestUris = requestUris; - } - + void setRequestUris(Set requestUris); + /** * @return the createdAt */ - @Temporal(TemporalType.TIMESTAMP) - @Column(name="created_at") - public Date getCreatedAt() { - return createdAt; - } - + Date getCreatedAt(); + /** * @param createdAt the createdAt to set */ - public void setCreatedAt(Date createdAt) { - this.createdAt = createdAt; - } - - /** - * Our framework doesn't use this construct, we use WhitelistedSites and ApprovedSites instead. - */ - @Override - public boolean isAutoApprove(String scope) { - return false; - } - + void setCreatedAt(Date createdAt); + } diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/RegisteredClient.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/RegisteredClient.java index 50a2cd3d1..af475aaa6 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/RegisteredClient.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/RegisteredClient.java @@ -14,9 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ -/** - * - */ + package org.mitre.oauth2.model; import java.util.Date; @@ -39,861 +37,691 @@ import com.nimbusds.jose.JWSAlgorithm; * @author jricher * */ -public class RegisteredClient { - - // these fields are needed in addition to the ones in ClientDetailsEntity - private String registrationAccessToken; - private String registrationClientUri; - private Date clientSecretExpiresAt; - private Date clientIdIssuedAt; - private ClientDetailsEntity client; - - /** - * - */ - public RegisteredClient() { - this.client = new ClientDetailsEntity(); - } - - /** - * @param client - */ - public RegisteredClient(ClientDetailsEntity client) { - this.client = client; - } - - /** - * @param client - * @param registrationAccessToken - * @param registrationClientUri - */ - public RegisteredClient(ClientDetailsEntity client, String registrationAccessToken, String registrationClientUri) { - this.client = client; - this.registrationAccessToken = registrationAccessToken; - this.registrationClientUri = registrationClientUri; - } +public interface RegisteredClient { /** * @return the client */ - public ClientDetailsEntity getClient() { - return client; - } + ClientDetailsEntity getClient(); + /** * @param client the client to set */ - public void setClient(ClientDetailsEntity client) { - this.client = client; - } + void setClient(ClientDetailsEntity client); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getClientDescription() */ - public String getClientDescription() { - return client.getClientDescription(); - } + String getClientDescription(); + /** * @param clientDescription * @see org.mitre.oauth2.model.ClientDetailsEntity#setClientDescription(java.lang.String) */ - public void setClientDescription(String clientDescription) { - client.setClientDescription(clientDescription); - } + void setClientDescription(String clientDescription); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#isAllowRefresh() */ - public boolean isAllowRefresh() { - return client.isAllowRefresh(); - } + boolean isAllowRefresh(); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#isReuseRefreshToken() */ - public boolean isReuseRefreshToken() { - return client.isReuseRefreshToken(); - } + boolean isReuseRefreshToken(); + /** * @param reuseRefreshToken * @see org.mitre.oauth2.model.ClientDetailsEntity#setReuseRefreshToken(boolean) */ - public void setReuseRefreshToken(boolean reuseRefreshToken) { - client.setReuseRefreshToken(reuseRefreshToken); - } + void setReuseRefreshToken(boolean reuseRefreshToken); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenValiditySeconds() */ - public Integer getIdTokenValiditySeconds() { - return client.getIdTokenValiditySeconds(); - } + Integer getIdTokenValiditySeconds(); + /** * @param idTokenValiditySeconds * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenValiditySeconds(java.lang.Integer) */ - public void setIdTokenValiditySeconds(Integer idTokenValiditySeconds) { - client.setIdTokenValiditySeconds(idTokenValiditySeconds); - } + void setIdTokenValiditySeconds(Integer idTokenValiditySeconds); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#isDynamicallyRegistered() */ - public boolean isDynamicallyRegistered() { - return client.isDynamicallyRegistered(); - } + boolean isDynamicallyRegistered(); + /** * @param dynamicallyRegistered * @see org.mitre.oauth2.model.ClientDetailsEntity#setDynamicallyRegistered(boolean) */ - public void setDynamicallyRegistered(boolean dynamicallyRegistered) { - client.setDynamicallyRegistered(dynamicallyRegistered); - } + void setDynamicallyRegistered(boolean dynamicallyRegistered); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#isAllowIntrospection() */ - public boolean isAllowIntrospection() { - return client.isAllowIntrospection(); - } + boolean isAllowIntrospection(); + /** * @param allowIntrospection * @see org.mitre.oauth2.model.ClientDetailsEntity#setAllowIntrospection(boolean) */ - public void setAllowIntrospection(boolean allowIntrospection) { - client.setAllowIntrospection(allowIntrospection); - } + void setAllowIntrospection(boolean allowIntrospection); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#isSecretRequired() */ - public boolean isSecretRequired() { - return client.isSecretRequired(); - } + boolean isSecretRequired(); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#isScoped() */ - public boolean isScoped() { - return client.isScoped(); - } + boolean isScoped(); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getClientId() */ - public String getClientId() { - return client.getClientId(); - } + String getClientId(); + /** * @param clientId * @see org.mitre.oauth2.model.ClientDetailsEntity#setClientId(java.lang.String) */ - public void setClientId(String clientId) { - client.setClientId(clientId); - } + void setClientId(String clientId); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getClientSecret() */ - public String getClientSecret() { - return client.getClientSecret(); - } + String getClientSecret(); + /** * @param clientSecret * @see org.mitre.oauth2.model.ClientDetailsEntity#setClientSecret(java.lang.String) */ - public void setClientSecret(String clientSecret) { - client.setClientSecret(clientSecret); - } + void setClientSecret(String clientSecret); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getScope() */ - public Set getScope() { - return client.getScope(); - } + Set getScope(); + /** * @param scope * @see org.mitre.oauth2.model.ClientDetailsEntity#setScope(java.util.Set) */ - public void setScope(Set scope) { - client.setScope(scope); - } + void setScope(Set scope); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getGrantTypes() */ - public Set getGrantTypes() { - return client.getGrantTypes(); - } + Set getGrantTypes(); + /** * @param grantTypes * @see org.mitre.oauth2.model.ClientDetailsEntity#setGrantTypes(java.util.Set) */ - public void setGrantTypes(Set grantTypes) { - client.setGrantTypes(grantTypes); - } + void setGrantTypes(Set grantTypes); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getAuthorizedGrantTypes() */ - public Set getAuthorizedGrantTypes() { - return client.getAuthorizedGrantTypes(); - } + Set getAuthorizedGrantTypes(); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getAuthorities() */ - public Set getAuthorities() { - return client.getAuthorities(); - } + Set getAuthorities(); + /** * @param authorities * @see org.mitre.oauth2.model.ClientDetailsEntity#setAuthorities(java.util.Set) */ - public void setAuthorities(Set authorities) { - client.setAuthorities(authorities); - } + void setAuthorities(Set authorities); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getAccessTokenValiditySeconds() */ - public Integer getAccessTokenValiditySeconds() { - return client.getAccessTokenValiditySeconds(); - } + Integer getAccessTokenValiditySeconds(); + /** * @param accessTokenValiditySeconds * @see org.mitre.oauth2.model.ClientDetailsEntity#setAccessTokenValiditySeconds(java.lang.Integer) */ - public void setAccessTokenValiditySeconds(Integer accessTokenValiditySeconds) { - client.setAccessTokenValiditySeconds(accessTokenValiditySeconds); - } + void setAccessTokenValiditySeconds(Integer accessTokenValiditySeconds); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getRefreshTokenValiditySeconds() */ - public Integer getRefreshTokenValiditySeconds() { - return client.getRefreshTokenValiditySeconds(); - } + Integer getRefreshTokenValiditySeconds(); + /** * @param refreshTokenValiditySeconds * @see org.mitre.oauth2.model.ClientDetailsEntity#setRefreshTokenValiditySeconds(java.lang.Integer) */ - public void setRefreshTokenValiditySeconds(Integer refreshTokenValiditySeconds) { - client.setRefreshTokenValiditySeconds(refreshTokenValiditySeconds); - } + void setRefreshTokenValiditySeconds(Integer refreshTokenValiditySeconds); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getRedirectUris() */ - public Set getRedirectUris() { - return client.getRedirectUris(); - } + Set getRedirectUris(); + /** * @param redirectUris * @see org.mitre.oauth2.model.ClientDetailsEntity#setRedirectUris(java.util.Set) */ - public void setRedirectUris(Set redirectUris) { - client.setRedirectUris(redirectUris); - } + void setRedirectUris(Set redirectUris); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getRegisteredRedirectUri() */ - public Set getRegisteredRedirectUri() { - return client.getRegisteredRedirectUri(); - } + Set getRegisteredRedirectUri(); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getResourceIds() */ - public Set getResourceIds() { - return client.getResourceIds(); - } + Set getResourceIds(); + /** * @param resourceIds * @see org.mitre.oauth2.model.ClientDetailsEntity#setResourceIds(java.util.Set) */ - public void setResourceIds(Set resourceIds) { - client.setResourceIds(resourceIds); - } + void setResourceIds(Set resourceIds); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getAdditionalInformation() */ - public Map getAdditionalInformation() { - return client.getAdditionalInformation(); - } + Map getAdditionalInformation(); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getApplicationType() */ - public AppType getApplicationType() { - return client.getApplicationType(); - } + AppType getApplicationType(); + /** * @param applicationType * @see org.mitre.oauth2.model.ClientDetailsEntity#setApplicationType(org.mitre.oauth2.model.ClientDetailsEntity.AppType) */ - public void setApplicationType(AppType applicationType) { - client.setApplicationType(applicationType); - } + void setApplicationType(AppType applicationType); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getClientName() */ - public String getClientName() { - return client.getClientName(); - } + String getClientName(); + /** * @param clientName * @see org.mitre.oauth2.model.ClientDetailsEntity#setClientName(java.lang.String) */ - public void setClientName(String clientName) { - client.setClientName(clientName); - } + void setClientName(String clientName); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getTokenEndpointAuthMethod() */ - public AuthMethod getTokenEndpointAuthMethod() { - return client.getTokenEndpointAuthMethod(); - } + AuthMethod getTokenEndpointAuthMethod(); + /** * @param tokenEndpointAuthMethod * @see org.mitre.oauth2.model.ClientDetailsEntity#setTokenEndpointAuthMethod(org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod) */ - public void setTokenEndpointAuthMethod(AuthMethod tokenEndpointAuthMethod) { - client.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); - } + void setTokenEndpointAuthMethod(AuthMethod tokenEndpointAuthMethod); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getSubjectType() */ - public SubjectType getSubjectType() { - return client.getSubjectType(); - } + SubjectType getSubjectType(); + /** * @param subjectType * @see org.mitre.oauth2.model.ClientDetailsEntity#setSubjectType(org.mitre.oauth2.model.ClientDetailsEntity.SubjectType) */ - public void setSubjectType(SubjectType subjectType) { - client.setSubjectType(subjectType); - } + void setSubjectType(SubjectType subjectType); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getContacts() */ - public Set getContacts() { - return client.getContacts(); - } + Set getContacts(); + /** * @param contacts * @see org.mitre.oauth2.model.ClientDetailsEntity#setContacts(java.util.Set) */ - public void setContacts(Set contacts) { - client.setContacts(contacts); - } + void setContacts(Set contacts); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getLogoUri() */ - public String getLogoUri() { - return client.getLogoUri(); - } + String getLogoUri(); + /** * @param logoUri * @see org.mitre.oauth2.model.ClientDetailsEntity#setLogoUri(java.lang.String) */ - public void setLogoUri(String logoUri) { - client.setLogoUri(logoUri); - } + void setLogoUri(String logoUri); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getPolicyUri() */ - public String getPolicyUri() { - return client.getPolicyUri(); - } + String getPolicyUri(); + /** * @param policyUri * @see org.mitre.oauth2.model.ClientDetailsEntity#setPolicyUri(java.lang.String) */ - public void setPolicyUri(String policyUri) { - client.setPolicyUri(policyUri); - } + void setPolicyUri(String policyUri); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getClientUri() */ - public String getClientUri() { - return client.getClientUri(); - } + String getClientUri(); + /** * @param clientUri * @see org.mitre.oauth2.model.ClientDetailsEntity#setClientUri(java.lang.String) */ - public void setClientUri(String clientUri) { - client.setClientUri(clientUri); - } + void setClientUri(String clientUri); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getTosUri() */ - public String getTosUri() { - return client.getTosUri(); - } + String getTosUri(); + /** * @param tosUri * @see org.mitre.oauth2.model.ClientDetailsEntity#setTosUri(java.lang.String) */ - public void setTosUri(String tosUri) { - client.setTosUri(tosUri); - } + void setTosUri(String tosUri); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getJwksUri() */ - public String getJwksUri() { - return client.getJwksUri(); - } + String getJwksUri(); + /** * @param jwksUri * @see org.mitre.oauth2.model.ClientDetailsEntity#setJwksUri(java.lang.String) */ - public void setJwksUri(String jwksUri) { - client.setJwksUri(jwksUri); - } + void setJwksUri(String jwksUri); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getSectorIdentifierUri() */ - public String getSectorIdentifierUri() { - return client.getSectorIdentifierUri(); - } + String getSectorIdentifierUri(); + /** * @param sectorIdentifierUri * @see org.mitre.oauth2.model.ClientDetailsEntity#setSectorIdentifierUri(java.lang.String) */ - public void setSectorIdentifierUri(String sectorIdentifierUri) { - client.setSectorIdentifierUri(sectorIdentifierUri); - } + void setSectorIdentifierUri(String sectorIdentifierUri); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getDefaultMaxAge() */ - public Integer getDefaultMaxAge() { - return client.getDefaultMaxAge(); - } + Integer getDefaultMaxAge(); + /** * @param defaultMaxAge * @see org.mitre.oauth2.model.ClientDetailsEntity#setDefaultMaxAge(java.lang.Integer) */ - public void setDefaultMaxAge(Integer defaultMaxAge) { - client.setDefaultMaxAge(defaultMaxAge); - } + void setDefaultMaxAge(Integer defaultMaxAge); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getRequireAuthTime() */ - public Boolean getRequireAuthTime() { - return client.getRequireAuthTime(); - } + Boolean getRequireAuthTime(); + /** * @param requireAuthTime * @see org.mitre.oauth2.model.ClientDetailsEntity#setRequireAuthTime(java.lang.Boolean) */ - public void setRequireAuthTime(Boolean requireAuthTime) { - client.setRequireAuthTime(requireAuthTime); - } + void setRequireAuthTime(Boolean requireAuthTime); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getResponseTypes() */ - public Set getResponseTypes() { - return client.getResponseTypes(); - } + Set getResponseTypes(); + /** * @param responseTypes * @see org.mitre.oauth2.model.ClientDetailsEntity#setResponseTypes(java.util.Set) */ - public void setResponseTypes(Set responseTypes) { - client.setResponseTypes(responseTypes); - } + void setResponseTypes(Set responseTypes); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getDefaultACRvalues() */ - public Set getDefaultACRvalues() { - return client.getDefaultACRvalues(); - } + Set getDefaultACRvalues(); + /** * @param defaultACRvalues * @see org.mitre.oauth2.model.ClientDetailsEntity#setDefaultACRvalues(java.util.Set) */ - public void setDefaultACRvalues(Set defaultACRvalues) { - client.setDefaultACRvalues(defaultACRvalues); - } + void setDefaultACRvalues(Set defaultACRvalues); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getInitiateLoginUri() */ - public String getInitiateLoginUri() { - return client.getInitiateLoginUri(); - } + String getInitiateLoginUri(); + /** * @param initiateLoginUri * @see org.mitre.oauth2.model.ClientDetailsEntity#setInitiateLoginUri(java.lang.String) */ - public void setInitiateLoginUri(String initiateLoginUri) { - client.setInitiateLoginUri(initiateLoginUri); - } + void setInitiateLoginUri(String initiateLoginUri); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getPostLogoutRedirectUri() */ - public String getPostLogoutRedirectUri() { - return client.getPostLogoutRedirectUri(); - } + String getPostLogoutRedirectUri(); + /** * @param postLogoutRedirectUri * @see org.mitre.oauth2.model.ClientDetailsEntity#setPostLogoutRedirectUri(java.lang.String) */ - public void setPostLogoutRedirectUri(String postLogoutRedirectUri) { - client.setPostLogoutRedirectUri(postLogoutRedirectUri); - } + void setPostLogoutRedirectUri(String postLogoutRedirectUri); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getRequestUris() */ - public Set getRequestUris() { - return client.getRequestUris(); - } + Set getRequestUris(); + /** * @param requestUris * @see org.mitre.oauth2.model.ClientDetailsEntity#setRequestUris(java.util.Set) */ - public void setRequestUris(Set requestUris) { - client.setRequestUris(requestUris); - } + void setRequestUris(Set requestUris); + /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getRequestObjectSigningAlgEmbed() */ - public JWSAlgorithmEmbed getRequestObjectSigningAlgEmbed() { - return client.getRequestObjectSigningAlgEmbed(); - } + JWSAlgorithmEmbed getRequestObjectSigningAlgEmbed(); /** * @param requestObjectSigningAlg * @see org.mitre.oauth2.model.ClientDetailsEntity#setRequestObjectSigningAlgEmbed(org.mitre.jose.JWSAlgorithmEmbed) */ - public void setRequestObjectSigningAlgEmbed(JWSAlgorithmEmbed requestObjectSigningAlg) { - client.setRequestObjectSigningAlgEmbed(requestObjectSigningAlg); - } + void setRequestObjectSigningAlgEmbed( + JWSAlgorithmEmbed requestObjectSigningAlg); /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoSignedResponseAlgEmbed() */ - public JWSAlgorithmEmbed getUserInfoSignedResponseAlgEmbed() { - return client.getUserInfoSignedResponseAlgEmbed(); - } + JWSAlgorithmEmbed getUserInfoSignedResponseAlgEmbed(); /** * @param userInfoSignedResponseAlg * @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoSignedResponseAlgEmbed(org.mitre.jose.JWSAlgorithmEmbed) */ - public void setUserInfoSignedResponseAlgEmbed(JWSAlgorithmEmbed userInfoSignedResponseAlg) { - client.setUserInfoSignedResponseAlgEmbed(userInfoSignedResponseAlg); - } + void setUserInfoSignedResponseAlgEmbed( + JWSAlgorithmEmbed userInfoSignedResponseAlg); /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseAlgEmbed() */ - public JWEAlgorithmEmbed getUserInfoEncryptedResponseAlgEmbed() { - return client.getUserInfoEncryptedResponseAlgEmbed(); - } + JWEAlgorithmEmbed getUserInfoEncryptedResponseAlgEmbed(); /** * @param userInfoEncryptedResponseAlg * @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseAlgEmbed(org.mitre.jose.JWEAlgorithmEmbed) */ - public void setUserInfoEncryptedResponseAlgEmbed(JWEAlgorithmEmbed userInfoEncryptedResponseAlg) { - client.setUserInfoEncryptedResponseAlgEmbed(userInfoEncryptedResponseAlg); - } + void setUserInfoEncryptedResponseAlgEmbed( + JWEAlgorithmEmbed userInfoEncryptedResponseAlg); /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseEncEmbed() */ - public JWEEncryptionMethodEmbed getUserInfoEncryptedResponseEncEmbed() { - return client.getUserInfoEncryptedResponseEncEmbed(); - } + JWEEncryptionMethodEmbed getUserInfoEncryptedResponseEncEmbed(); /** * @param userInfoEncryptedResponseEnc * @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseEncEmbed(org.mitre.jose.JWEEncryptionMethodEmbed) */ - public void setUserInfoEncryptedResponseEncEmbed(JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc) { - client.setUserInfoEncryptedResponseEncEmbed(userInfoEncryptedResponseEnc); - } + void setUserInfoEncryptedResponseEncEmbed( + JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc); /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenSignedResponseAlgEmbed() */ - public JWSAlgorithmEmbed getIdTokenSignedResponseAlgEmbed() { - return client.getIdTokenSignedResponseAlgEmbed(); - } + JWSAlgorithmEmbed getIdTokenSignedResponseAlgEmbed(); /** * @param idTokenSignedResponseAlg * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenSignedResponseAlgEmbed(org.mitre.jose.JWSAlgorithmEmbed) */ - public void setIdTokenSignedResponseAlgEmbed(JWSAlgorithmEmbed idTokenSignedResponseAlg) { - client.setIdTokenSignedResponseAlgEmbed(idTokenSignedResponseAlg); - } + void setIdTokenSignedResponseAlgEmbed( + JWSAlgorithmEmbed idTokenSignedResponseAlg); /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseAlgEmbed() */ - public JWEAlgorithmEmbed getIdTokenEncryptedResponseAlgEmbed() { - return client.getIdTokenEncryptedResponseAlgEmbed(); - } + JWEAlgorithmEmbed getIdTokenEncryptedResponseAlgEmbed(); /** * @param idTokenEncryptedResponseAlg * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseAlgEmbed(org.mitre.jose.JWEAlgorithmEmbed) */ - public void setIdTokenEncryptedResponseAlgEmbed(JWEAlgorithmEmbed idTokenEncryptedResponseAlg) { - client.setIdTokenEncryptedResponseAlgEmbed(idTokenEncryptedResponseAlg); - } + void setIdTokenEncryptedResponseAlgEmbed( + JWEAlgorithmEmbed idTokenEncryptedResponseAlg); /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseEncEmbed() */ - public JWEEncryptionMethodEmbed getIdTokenEncryptedResponseEncEmbed() { - return client.getIdTokenEncryptedResponseEncEmbed(); - } + JWEEncryptionMethodEmbed getIdTokenEncryptedResponseEncEmbed(); /** * @param idTokenEncryptedResponseEnc * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseEncEmbed(org.mitre.jose.JWEEncryptionMethodEmbed) */ - public void setIdTokenEncryptedResponseEncEmbed(JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc) { - client.setIdTokenEncryptedResponseEncEmbed(idTokenEncryptedResponseEnc); - } + void setIdTokenEncryptedResponseEncEmbed( + JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc); /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getRequestObjectSigningAlg() */ - public JWSAlgorithm getRequestObjectSigningAlg() { - return client.getRequestObjectSigningAlg(); - } + JWSAlgorithm getRequestObjectSigningAlg(); /** * @param requestObjectSigningAlg * @see org.mitre.oauth2.model.ClientDetailsEntity#setRequestObjectSigningAlg(com.nimbusds.jose.JWSAlgorithm) */ - public void setRequestObjectSigningAlg(JWSAlgorithm requestObjectSigningAlg) { - client.setRequestObjectSigningAlg(requestObjectSigningAlg); - } + void setRequestObjectSigningAlg(JWSAlgorithm requestObjectSigningAlg); /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoSignedResponseAlg() */ - public JWSAlgorithm getUserInfoSignedResponseAlg() { - return client.getUserInfoSignedResponseAlg(); - } + JWSAlgorithm getUserInfoSignedResponseAlg(); /** * @param userInfoSignedResponseAlg * @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoSignedResponseAlg(com.nimbusds.jose.JWSAlgorithm) */ - public void setUserInfoSignedResponseAlg(JWSAlgorithm userInfoSignedResponseAlg) { - client.setUserInfoSignedResponseAlg(userInfoSignedResponseAlg); - } + void setUserInfoSignedResponseAlg(JWSAlgorithm userInfoSignedResponseAlg); /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseAlg() */ - public JWEAlgorithm getUserInfoEncryptedResponseAlg() { - return client.getUserInfoEncryptedResponseAlg(); - } + JWEAlgorithm getUserInfoEncryptedResponseAlg(); /** * @param userInfoEncryptedResponseAlg * @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseAlg(com.nimbusds.jose.JWEAlgorithm) */ - public void setUserInfoEncryptedResponseAlg(JWEAlgorithm userInfoEncryptedResponseAlg) { - client.setUserInfoEncryptedResponseAlg(userInfoEncryptedResponseAlg); - } + void setUserInfoEncryptedResponseAlg( + JWEAlgorithm userInfoEncryptedResponseAlg); /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseEnc() */ - public EncryptionMethod getUserInfoEncryptedResponseEnc() { - return client.getUserInfoEncryptedResponseEnc(); - } + EncryptionMethod getUserInfoEncryptedResponseEnc(); /** * @param userInfoEncryptedResponseEnc * @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseEnc(com.nimbusds.jose.EncryptionMethod) */ - public void setUserInfoEncryptedResponseEnc(EncryptionMethod userInfoEncryptedResponseEnc) { - client.setUserInfoEncryptedResponseEnc(userInfoEncryptedResponseEnc); - } + void setUserInfoEncryptedResponseEnc( + EncryptionMethod userInfoEncryptedResponseEnc); /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenSignedResponseAlg() */ - public JWSAlgorithm getIdTokenSignedResponseAlg() { - return client.getIdTokenSignedResponseAlg(); - } + JWSAlgorithm getIdTokenSignedResponseAlg(); /** * @param idTokenSignedResponseAlg * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenSignedResponseAlg(com.nimbusds.jose.JWSAlgorithm) */ - public void setIdTokenSignedResponseAlg(JWSAlgorithm idTokenSignedResponseAlg) { - client.setIdTokenSignedResponseAlg(idTokenSignedResponseAlg); - } + void setIdTokenSignedResponseAlg(JWSAlgorithm idTokenSignedResponseAlg); /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseAlg() */ - public JWEAlgorithm getIdTokenEncryptedResponseAlg() { - return client.getIdTokenEncryptedResponseAlg(); - } + JWEAlgorithm getIdTokenEncryptedResponseAlg(); /** * @param idTokenEncryptedResponseAlg * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseAlg(com.nimbusds.jose.JWEAlgorithm) */ - public void setIdTokenEncryptedResponseAlg(JWEAlgorithm idTokenEncryptedResponseAlg) { - client.setIdTokenEncryptedResponseAlg(idTokenEncryptedResponseAlg); - } + void setIdTokenEncryptedResponseAlg(JWEAlgorithm idTokenEncryptedResponseAlg); /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseEnc() */ - public EncryptionMethod getIdTokenEncryptedResponseEnc() { - return client.getIdTokenEncryptedResponseEnc(); - } + EncryptionMethod getIdTokenEncryptedResponseEnc(); /** * @param idTokenEncryptedResponseEnc * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseEnc(com.nimbusds.jose.EncryptionMethod) */ - public void setIdTokenEncryptedResponseEnc(EncryptionMethod idTokenEncryptedResponseEnc) { - client.setIdTokenEncryptedResponseEnc(idTokenEncryptedResponseEnc); - } + void setIdTokenEncryptedResponseEnc( + EncryptionMethod idTokenEncryptedResponseEnc); /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getTokenEndpointAuthSigningAlgEmbed() */ - public JWSAlgorithmEmbed getTokenEndpointAuthSigningAlgEmbed() { - return client.getTokenEndpointAuthSigningAlgEmbed(); - } + JWSAlgorithmEmbed getTokenEndpointAuthSigningAlgEmbed(); /** * @param tokenEndpointAuthSigningAlgEmbed * @see org.mitre.oauth2.model.ClientDetailsEntity#setTokenEndpointAuthSigningAlgEmbed(org.mitre.jose.JWSAlgorithmEmbed) */ - public void setTokenEndpointAuthSigningAlgEmbed(JWSAlgorithmEmbed tokenEndpointAuthSigningAlgEmbed) { - client.setTokenEndpointAuthSigningAlgEmbed(tokenEndpointAuthSigningAlgEmbed); - } + void setTokenEndpointAuthSigningAlgEmbed( + JWSAlgorithmEmbed tokenEndpointAuthSigningAlgEmbed); /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getTokenEndpointAuthSigningAlg() */ - public JWSAlgorithm getTokenEndpointAuthSigningAlg() { - return client.getTokenEndpointAuthSigningAlg(); - } + JWSAlgorithm getTokenEndpointAuthSigningAlg(); /** * @param tokenEndpointAuthSigningAlg * @see org.mitre.oauth2.model.ClientDetailsEntity#setTokenEndpointAuthSigningAlg(com.nimbusds.jose.JWSAlgorithm) */ - public void setTokenEndpointAuthSigningAlg(JWSAlgorithm tokenEndpointAuthSigningAlg) { - client.setTokenEndpointAuthSigningAlg(tokenEndpointAuthSigningAlg); - } + void setTokenEndpointAuthSigningAlg(JWSAlgorithm tokenEndpointAuthSigningAlg); /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getCreatedAt() */ - public Date getCreatedAt() { - return client.getCreatedAt(); - } + Date getCreatedAt(); + /** * @param createdAt * @see org.mitre.oauth2.model.ClientDetailsEntity#setCreatedAt(java.util.Date) */ - public void setCreatedAt(Date createdAt) { - client.setCreatedAt(createdAt); - } + void setCreatedAt(Date createdAt); + /** * @return the registrationAccessToken */ - public String getRegistrationAccessToken() { - return registrationAccessToken; - } + String getRegistrationAccessToken(); + /** * @param registrationAccessToken the registrationAccessToken to set */ - public void setRegistrationAccessToken(String registrationAccessToken) { - this.registrationAccessToken = registrationAccessToken; - } + void setRegistrationAccessToken(String registrationAccessToken); + /** * @return the registrationClientUri */ - public String getRegistrationClientUri() { - return registrationClientUri; - } + String getRegistrationClientUri(); + /** * @param registrationClientUri the registrationClientUri to set */ - public void setRegistrationClientUri(String registrationClientUri) { - this.registrationClientUri = registrationClientUri; - } + void setRegistrationClientUri(String registrationClientUri); + /** * @return the clientSecretExpiresAt */ - public Date getClientSecretExpiresAt() { - return clientSecretExpiresAt; - } + Date getClientSecretExpiresAt(); + /** * @param clientSecretExpiresAt the clientSecretExpiresAt to set */ - public void setClientSecretExpiresAt(Date expiresAt) { - this.clientSecretExpiresAt = expiresAt; - } + void setClientSecretExpiresAt(Date expiresAt); + /** * @return the clientIdIssuedAt */ - public Date getClientIdIssuedAt() { - return clientIdIssuedAt; - } + Date getClientIdIssuedAt(); + /** * @param clientIdIssuedAt the clientIdIssuedAt to set */ - public void setClientIdIssuedAt(Date issuedAt) { - this.clientIdIssuedAt = issuedAt; - } - - + void setClientIdIssuedAt(Date issuedAt); } diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthenticationHolderEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultAuthenticationHolderEntity.java similarity index 72% rename from openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthenticationHolderEntity.java rename to openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultAuthenticationHolderEntity.java index cfe901f3e..f555fbbce 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthenticationHolderEntity.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultAuthenticationHolderEntity.java @@ -14,7 +14,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ -package org.mitre.oauth2.model; + +package org.mitre.oauth2.model.impl; import javax.persistence.Basic; import javax.persistence.Column; @@ -28,15 +29,20 @@ import javax.persistence.NamedQueries; import javax.persistence.NamedQuery; import javax.persistence.Table; +import org.mitre.oauth2.model.AuthenticationHolderEntity; import org.springframework.security.oauth2.provider.OAuth2Authentication; +/** + * @author jricher + * + */ @Entity @Table(name = "authentication_holder") @NamedQueries ({ - @NamedQuery(name = "AuthenticationHolderEntity.getByAuthentication", query = "select a from AuthenticationHolderEntity a where a.authentication = :authentication"), - @NamedQuery(name = "AuthenticationHolderEntity.getUnusedAuthenticationHolders", query = "select a from AuthenticationHolderEntity a where a.id not in (select t.authenticationHolder.id from OAuth2AccessTokenEntity t) and a.id not in (select r.authenticationHolder.id from OAuth2RefreshTokenEntity r)") + @NamedQuery(name = "DefaultAuthenticationHolderEntity.getByAuthentication", query = "select a from DefaultAuthenticationHolderEntity a where a.authentication = :authentication"), + @NamedQuery(name = "DefaultAuthenticationHolderEntity.getUnusedAuthenticationHolders", query = "select a from DefaultAuthenticationHolderEntity a where a.id not in (select t.authenticationHolder.id from DefaultOAuth2AccessTokenEntity t) and a.id not in (select r.authenticationHolder.id from DefaultOAuth2RefreshTokenEntity r)") }) -public class AuthenticationHolderEntity { +public class DefaultAuthenticationHolderEntity implements AuthenticationHolderEntity { private Long id; @@ -44,7 +50,7 @@ public class AuthenticationHolderEntity { private OAuth2Authentication authentication; - public AuthenticationHolderEntity() { + DefaultAuthenticationHolderEntity() { } @@ -79,7 +85,5 @@ public class AuthenticationHolderEntity { public void setAuthentication(OAuth2Authentication authentication) { this.authentication = authentication; } - - - + } diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultAuthorizationCodeEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultAuthorizationCodeEntity.java new file mode 100644 index 000000000..fecb69275 --- /dev/null +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultAuthorizationCodeEntity.java @@ -0,0 +1,124 @@ +/******************************************************************************* + * Copyright 2014 The MITRE Corporation + * and the MIT Kerberos and Internet Trust Consortium + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + +package org.mitre.oauth2.model.impl; + +import javax.persistence.Basic; +import javax.persistence.Column; +import javax.persistence.Entity; +import javax.persistence.FetchType; +import javax.persistence.GeneratedValue; +import javax.persistence.GenerationType; +import javax.persistence.Id; +import javax.persistence.Lob; +import javax.persistence.NamedQueries; +import javax.persistence.NamedQuery; +import javax.persistence.Table; + +import org.mitre.oauth2.model.AuthorizationCodeEntity; +import org.springframework.security.oauth2.provider.OAuth2Authentication; + +/** + * Entity class for authorization codes + * + * @author aanganes + * + */ +@Entity +@Table(name = "authorization_code") +@NamedQueries({ + @NamedQuery(name = "DefaultAuthorizationCodeEntity.getByValue", query = "select a from DefaultAuthorizationCodeEntity a where a.code = :code") +}) +public class DefaultAuthorizationCodeEntity implements AuthorizationCodeEntity { + + private Long id; + + private String code; + + private OAuth2Authentication authentication; + + /** + * Default constructor. + */ + DefaultAuthorizationCodeEntity() { + + } + + /** + * Create a new AuthorizationCodeEntity with the given code and AuthorizationRequestHolder. + * + * @param code the authorization code + * @param authRequest the AuthoriztionRequestHolder associated with the original code request + */ + /* + public DefaultAuthorizationCodeEntity(String code, OAuth2Authentication authRequest) { + this.code = code; + this.authentication = authRequest; + } + */ + + /** + * @return the id + */ + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + @Column(name = "id") + public Long getId() { + return id; + } + + /** + * @param id the id to set + */ + public void setId(Long id) { + this.id = id; + } + + /** + * @return the code + */ + @Basic + @Column(name = "code") + public String getCode() { + return code; + } + + /** + * @param code the code to set + */ + public void setCode(String code) { + this.code = code; + } + + /** + * @return the authentication + */ + @Lob + @Basic(fetch=FetchType.EAGER) + @Column(name="authentication") + public OAuth2Authentication getAuthentication() { + return authentication; + } + + /** + * @param authentication the authentication to set + */ + public void setAuthentication(OAuth2Authentication authentication) { + this.authentication = authentication; + } + +} diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultClientDetailsEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultClientDetailsEntity.java new file mode 100644 index 000000000..9ae2e6710 --- /dev/null +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultClientDetailsEntity.java @@ -0,0 +1,1214 @@ +/******************************************************************************* + * Copyright 2014 The MITRE Corporation + * and the MIT Kerberos and Internet Trust Consortium + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + +package org.mitre.oauth2.model.impl; + +import java.util.Date; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Map; +import java.util.Set; + +import javax.persistence.AttributeOverride; +import javax.persistence.AttributeOverrides; +import javax.persistence.Basic; +import javax.persistence.CollectionTable; +import javax.persistence.Column; +import javax.persistence.ElementCollection; +import javax.persistence.Embedded; +import javax.persistence.Entity; +import javax.persistence.EnumType; +import javax.persistence.Enumerated; +import javax.persistence.FetchType; +import javax.persistence.GeneratedValue; +import javax.persistence.GenerationType; +import javax.persistence.Id; +import javax.persistence.JoinColumn; +import javax.persistence.NamedQueries; +import javax.persistence.NamedQuery; +import javax.persistence.PrePersist; +import javax.persistence.PreUpdate; +import javax.persistence.Table; +import javax.persistence.Temporal; +import javax.persistence.TemporalType; +import javax.persistence.Transient; + +import org.mitre.jose.JWEAlgorithmEmbed; +import org.mitre.jose.JWEEncryptionMethodEmbed; +import org.mitre.jose.JWSAlgorithmEmbed; +import org.mitre.oauth2.model.ClientDetailsEntity; +import org.springframework.security.core.GrantedAuthority; + +import com.nimbusds.jose.EncryptionMethod; +import com.nimbusds.jose.JWEAlgorithm; +import com.nimbusds.jose.JWSAlgorithm; + +/** + * @author jricher + * + */ +@Entity +@Table(name = "client_details") +@NamedQueries({ + @NamedQuery(name = "DefaultClientDetailsEntity.findAll", query = "SELECT c FROM DefaultClientDetailsEntity c"), + @NamedQuery(name = "DefaultClientDetailsEntity.getByClientId", query = "select c from DefaultClientDetailsEntity c where c.clientId = :clientId") +}) +public class DefaultClientDetailsEntity implements ClientDetailsEntity { + + /** + * + */ + private static final int DEFAULT_ID_TOKEN_VALIDITY_SECONDS = 600; + + private static final long serialVersionUID = -1617727085733786296L; + + private Long id; + + /** Fields from the OAuth2 Dynamic Registration Specification */ + private String clientId = null; // client_id + private String clientSecret = null; // client_secret + private Set redirectUris = new HashSet(); // redirect_uris + private String clientName; // client_name + private String clientUri; // client_uri + private String logoUri; // logo_uri + private Set contacts; // contacts + private String tosUri; // tos_uri + private AuthMethod tokenEndpointAuthMethod = AuthMethod.SECRET_BASIC; // token_endpoint_auth_method + private Set scope = new HashSet(); // scope + private Set grantTypes = new HashSet(); // grant_types + private Set responseTypes = new HashSet(); // response_types + private String policyUri; + private String jwksUri; + + /** Fields from OIDC Client Registration Specification **/ + private AppType applicationType; // application_type + private String sectorIdentifierUri; // sector_identifier_uri + private SubjectType subjectType; // subject_type + + private JWSAlgorithmEmbed requestObjectSigningAlg = null; // request_object_signing_alg + + private JWSAlgorithmEmbed userInfoSignedResponseAlg = null; // user_info_signed_response_alg + private JWEAlgorithmEmbed userInfoEncryptedResponseAlg = null; // user_info_encrypted_response_alg + private JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc = null; // user_info_encrypted_response_enc + + private JWSAlgorithmEmbed idTokenSignedResponseAlg = null; // id_token_signed_response_alg + private JWEAlgorithmEmbed idTokenEncryptedResponseAlg = null; // id_token_encrypted_response_alg + private JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc = null; // id_token_encrypted_response_enc + + private JWSAlgorithmEmbed tokenEndpointAuthSigningAlg = null; // token_endpoint_auth_signing_alg + + private Integer defaultMaxAge; // default_max_age + private Boolean requireAuthTime; // require_auth_time + private Set defaultACRvalues; // default_acr_values + + private String initiateLoginUri; // initiate_login_uri + private String postLogoutRedirectUri; // post_logout_redirect_uri + + private Set requestUris; // request_uris + + /** Fields to support the ClientDetails interface **/ + private Set authorities = new HashSet(); + private Integer accessTokenValiditySeconds = 0; // in seconds + private Integer refreshTokenValiditySeconds = 0; // in seconds + private Set resourceIds = new HashSet(); + private Map additionalInformation = new HashMap(); + + /** Our own fields **/ + private String clientDescription = ""; // human-readable description + private boolean reuseRefreshToken = true; // do we let someone reuse a refresh token? + private boolean dynamicallyRegistered = false; // was this client dynamically registered? + private boolean allowIntrospection = false; // do we let this client call the introspection endpoint? + private Integer idTokenValiditySeconds; //timeout for id tokens + private Date createdAt; // time the client was created + + /** + * Create a blank DefaultClientDetailsEntity + */ + DefaultClientDetailsEntity() { + + } + + @PrePersist + @PreUpdate + private void prePersist() { + // make sure that ID tokens always time out, default to 5 minutes + if (getIdTokenValiditySeconds() == null) { + setIdTokenValiditySeconds(DEFAULT_ID_TOKEN_VALIDITY_SECONDS); + } + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getId() + */ + @Override + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + @Column(name = "id") + public Long getId() { + return id; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setId(java.lang.Long) + */ + @Override + public void setId(Long id) { + this.id = id; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getClientDescription() + */ + @Override + @Basic + @Column(name="client_description") + public String getClientDescription() { + return clientDescription; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setClientDescription(java.lang.String) + */ + @Override + public void setClientDescription(String clientDescription) { + this.clientDescription = clientDescription; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#isAllowRefresh() + */ + @Override + @Transient + public boolean isAllowRefresh() { + if (grantTypes != null) { + return getAuthorizedGrantTypes().contains("refresh_token"); + } else { + return false; // if there are no grants, we can't be refreshing them, can we? + } + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#isReuseRefreshToken() + */ + @Override + @Basic + @Column(name="reuse_refresh_tokens") + public boolean isReuseRefreshToken() { + return reuseRefreshToken; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setReuseRefreshToken(boolean) + */ + @Override + public void setReuseRefreshToken(boolean reuseRefreshToken) { + this.reuseRefreshToken = reuseRefreshToken; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getIdTokenValiditySeconds() + */ + @Override + @Basic + @Column(name="id_token_validity_seconds") + public Integer getIdTokenValiditySeconds() { + return idTokenValiditySeconds; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setIdTokenValiditySeconds(java.lang.Integer) + */ + @Override + public void setIdTokenValiditySeconds(Integer idTokenValiditySeconds) { + this.idTokenValiditySeconds = idTokenValiditySeconds; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#isDynamicallyRegistered() + */ + @Override + @Basic + @Column(name="dynamically_registered") + public boolean isDynamicallyRegistered() { + return dynamicallyRegistered; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setDynamicallyRegistered(boolean) + */ + @Override + public void setDynamicallyRegistered(boolean dynamicallyRegistered) { + this.dynamicallyRegistered = dynamicallyRegistered; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#isAllowIntrospection() + */ + @Override + @Basic + @Column(name="allow_introspection") + public boolean isAllowIntrospection() { + return allowIntrospection; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setAllowIntrospection(boolean) + */ + @Override + public void setAllowIntrospection(boolean allowIntrospection) { + this.allowIntrospection = allowIntrospection; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#isSecretRequired() + */ + @Override + @Transient + public boolean isSecretRequired() { + if (getTokenEndpointAuthMethod() != null && + (getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_BASIC) || + getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_POST) || + getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_JWT))) { + return true; + } else { + return false; + } + + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#isScoped() + */ + @Override + @Transient + public boolean isScoped() { + return getScope() != null && !getScope().isEmpty(); + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getClientId() + */ + @Override + @Basic + @Column(name="client_id") + public String getClientId() { + return clientId; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setClientId(java.lang.String) + */ + @Override + public void setClientId(String clientId) { + this.clientId = clientId; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getClientSecret() + */ + @Override + @Basic + @Column(name="client_secret") + public String getClientSecret() { + return clientSecret; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setClientSecret(java.lang.String) + */ + @Override + public void setClientSecret(String clientSecret) { + this.clientSecret = clientSecret; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getScope() + */ + @Override + @ElementCollection(fetch = FetchType.EAGER) + @CollectionTable( + name="client_scope", + joinColumns=@JoinColumn(name="owner_id") + ) + @Column(name="scope") + public Set getScope() { + return scope; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setScope(java.util.Set) + */ + @Override + public void setScope(Set scope) { + this.scope = scope; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getGrantTypes() + */ + @Override + @ElementCollection(fetch = FetchType.EAGER) + @CollectionTable( + name="client_grant_type", + joinColumns=@JoinColumn(name="owner_id") + ) + @Column(name="grant_type") + public Set getGrantTypes() { + return grantTypes; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setGrantTypes(java.util.Set) + */ + @Override + public void setGrantTypes(Set grantTypes) { + this.grantTypes = grantTypes; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getAuthorizedGrantTypes() + */ + @Override + public Set getAuthorizedGrantTypes() { + return getGrantTypes(); + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getAuthorities() + */ + @Override + @ElementCollection(fetch = FetchType.EAGER) + @CollectionTable( + name="client_authority", + joinColumns=@JoinColumn(name="owner_id") + ) + @Column(name="authority") + public Set getAuthorities() { + return authorities; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setAuthorities(java.util.Set) + */ + @Override + public void setAuthorities(Set authorities) { + this.authorities = authorities; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getAccessTokenValiditySeconds() + */ + @Override + @Basic + @Column(name="access_token_validity_seconds") + public Integer getAccessTokenValiditySeconds() { + return accessTokenValiditySeconds; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setAccessTokenValiditySeconds(java.lang.Integer) + */ + @Override + public void setAccessTokenValiditySeconds(Integer accessTokenValiditySeconds) { + this.accessTokenValiditySeconds = accessTokenValiditySeconds; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getRefreshTokenValiditySeconds() + */ + @Override + @Basic + @Column(name="refresh_token_validity_seconds") + public Integer getRefreshTokenValiditySeconds() { + return refreshTokenValiditySeconds; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setRefreshTokenValiditySeconds(java.lang.Integer) + */ + @Override + public void setRefreshTokenValiditySeconds(Integer refreshTokenValiditySeconds) { + this.refreshTokenValiditySeconds = refreshTokenValiditySeconds; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getRedirectUris() + */ + @Override + @ElementCollection(fetch = FetchType.EAGER) + @CollectionTable( + name="client_redirect_uri", + joinColumns=@JoinColumn(name="owner_id") + ) + @Column(name="redirect_uri") + public Set getRedirectUris() { + return redirectUris; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setRedirectUris(java.util.Set) + */ + @Override + public void setRedirectUris(Set redirectUris) { + this.redirectUris = redirectUris; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getRegisteredRedirectUri() + */ + @Override + @Transient + public Set getRegisteredRedirectUri() { + return getRedirectUris(); + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getResourceIds() + */ + @Override + @ElementCollection(fetch = FetchType.EAGER) + @CollectionTable( + name="client_resource", + joinColumns=@JoinColumn(name="owner_id") + ) + @Column(name="resource_id") + public Set getResourceIds() { + return resourceIds; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setResourceIds(java.util.Set) + */ + @Override + public void setResourceIds(Set resourceIds) { + this.resourceIds = resourceIds; + } + + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getAdditionalInformation() + */ + @Override + @Transient + public Map getAdditionalInformation() { + return this.additionalInformation; + } + + + + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getApplicationType() + */ + @Override + @Enumerated(EnumType.STRING) + @Column(name="application_type") + public AppType getApplicationType() { + return applicationType; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setApplicationType(org.mitre.oauth2.model.impl.DefaultClientDetailsEntity.AppType) + */ + @Override + public void setApplicationType(AppType applicationType) { + this.applicationType = applicationType; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getClientName() + */ + @Override + @Basic + @Column(name="client_name") + public String getClientName() { + return clientName; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setClientName(java.lang.String) + */ + @Override + public void setClientName(String clientName) { + this.clientName = clientName; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getTokenEndpointAuthMethod() + */ + @Override + @Enumerated(EnumType.STRING) + @Column(name="token_endpoint_auth_method") + public AuthMethod getTokenEndpointAuthMethod() { + return tokenEndpointAuthMethod; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setTokenEndpointAuthMethod(org.mitre.oauth2.model.impl.DefaultClientDetailsEntity.AuthMethod) + */ + @Override + public void setTokenEndpointAuthMethod(AuthMethod tokenEndpointAuthMethod) { + this.tokenEndpointAuthMethod = tokenEndpointAuthMethod; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getSubjectType() + */ + @Override + @Enumerated(EnumType.STRING) + @Column(name="subject_type") + public SubjectType getSubjectType() { + return subjectType; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setSubjectType(org.mitre.oauth2.model.impl.DefaultClientDetailsEntity.SubjectType) + */ + @Override + public void setSubjectType(SubjectType subjectType) { + this.subjectType = subjectType; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getContacts() + */ + @Override + @ElementCollection(fetch = FetchType.EAGER) + @CollectionTable( + name="client_contact", + joinColumns=@JoinColumn(name="owner_id") + ) + @Column(name="contact") + public Set getContacts() { + return contacts; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setContacts(java.util.Set) + */ + @Override + public void setContacts(Set contacts) { + this.contacts = contacts; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getLogoUri() + */ + @Override + @Basic + @Column(name="logo_uri") + public String getLogoUri() { + return logoUri; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setLogoUri(java.lang.String) + */ + @Override + public void setLogoUri(String logoUri) { + this.logoUri = logoUri; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getPolicyUri() + */ + @Override + @Basic + @Column(name="policy_uri") + public String getPolicyUri() { + return policyUri; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setPolicyUri(java.lang.String) + */ + @Override + public void setPolicyUri(String policyUri) { + this.policyUri = policyUri; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getClientUri() + */ + @Override + @Basic + @Column(name="client_uri") + public String getClientUri() { + return clientUri; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setClientUri(java.lang.String) + */ + @Override + public void setClientUri(String clientUri) { + this.clientUri = clientUri; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getTosUri() + */ + @Override + @Basic + @Column(name="tos_uri") + public String getTosUri() { + return tosUri; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setTosUri(java.lang.String) + */ + @Override + public void setTosUri(String tosUri) { + this.tosUri = tosUri; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getJwksUri() + */ + @Override + @Basic + @Column(name="jwks_uri") + public String getJwksUri() { + return jwksUri; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setJwksUri(java.lang.String) + */ + @Override + public void setJwksUri(String jwksUri) { + this.jwksUri = jwksUri; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getSectorIdentifierUri() + */ + @Override + @Basic + @Column(name="sector_identifier_uri") + public String getSectorIdentifierUri() { + return sectorIdentifierUri; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setSectorIdentifierUri(java.lang.String) + */ + @Override + public void setSectorIdentifierUri(String sectorIdentifierUri) { + this.sectorIdentifierUri = sectorIdentifierUri; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getRequestObjectSigningAlgEmbed() + */ + @Override + @Embedded + @AttributeOverrides({ + @AttributeOverride(name = "algorithmName", column=@Column(name="request_object_signing_alg")) + }) + public JWSAlgorithmEmbed getRequestObjectSigningAlgEmbed() { + return requestObjectSigningAlg; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setRequestObjectSigningAlgEmbed(org.mitre.jose.JWSAlgorithmEmbed) + */ + @Override + public void setRequestObjectSigningAlgEmbed(JWSAlgorithmEmbed requestObjectSigningAlg) { + this.requestObjectSigningAlg = requestObjectSigningAlg; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getUserInfoSignedResponseAlgEmbed() + */ + @Override + @Embedded + @AttributeOverrides({ + @AttributeOverride(name = "algorithmName", column=@Column(name="user_info_signed_response_alg")) + }) + public JWSAlgorithmEmbed getUserInfoSignedResponseAlgEmbed() { + return userInfoSignedResponseAlg; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setUserInfoSignedResponseAlgEmbed(org.mitre.jose.JWSAlgorithmEmbed) + */ + @Override + public void setUserInfoSignedResponseAlgEmbed(JWSAlgorithmEmbed userInfoSignedResponseAlg) { + this.userInfoSignedResponseAlg = userInfoSignedResponseAlg; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getUserInfoEncryptedResponseAlgEmbed() + */ + @Override + @Embedded + @AttributeOverrides({ + @AttributeOverride(name = "algorithmName", column=@Column(name="user_info_encrypted_response_alg")) + }) + public JWEAlgorithmEmbed getUserInfoEncryptedResponseAlgEmbed() { + return userInfoEncryptedResponseAlg; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setUserInfoEncryptedResponseAlgEmbed(org.mitre.jose.JWEAlgorithmEmbed) + */ + @Override + public void setUserInfoEncryptedResponseAlgEmbed(JWEAlgorithmEmbed userInfoEncryptedResponseAlg) { + this.userInfoEncryptedResponseAlg = userInfoEncryptedResponseAlg; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getUserInfoEncryptedResponseEncEmbed() + */ + @Override + @Embedded + @AttributeOverrides({ + @AttributeOverride(name = "algorithmName", column=@Column(name="user_info_encrypted_response_enc")) + }) + public JWEEncryptionMethodEmbed getUserInfoEncryptedResponseEncEmbed() { + return userInfoEncryptedResponseEnc; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setUserInfoEncryptedResponseEncEmbed(org.mitre.jose.JWEEncryptionMethodEmbed) + */ + @Override + public void setUserInfoEncryptedResponseEncEmbed(JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc) { + this.userInfoEncryptedResponseEnc = userInfoEncryptedResponseEnc; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getIdTokenSignedResponseAlgEmbed() + */ + @Override + @Embedded + @AttributeOverrides({ + @AttributeOverride(name = "algorithmName", column=@Column(name="id_token_signed_response_alg")) + }) + public JWSAlgorithmEmbed getIdTokenSignedResponseAlgEmbed() { + return idTokenSignedResponseAlg; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setIdTokenSignedResponseAlgEmbed(org.mitre.jose.JWSAlgorithmEmbed) + */ + @Override + public void setIdTokenSignedResponseAlgEmbed(JWSAlgorithmEmbed idTokenSignedResponseAlg) { + this.idTokenSignedResponseAlg = idTokenSignedResponseAlg; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getIdTokenEncryptedResponseAlgEmbed() + */ + @Override + @Embedded + @AttributeOverrides({ + @AttributeOverride(name = "algorithmName", column=@Column(name="id_token_encrypted_response_alg")) + }) + public JWEAlgorithmEmbed getIdTokenEncryptedResponseAlgEmbed() { + return idTokenEncryptedResponseAlg; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setIdTokenEncryptedResponseAlgEmbed(org.mitre.jose.JWEAlgorithmEmbed) + */ + @Override + public void setIdTokenEncryptedResponseAlgEmbed(JWEAlgorithmEmbed idTokenEncryptedResponseAlg) { + this.idTokenEncryptedResponseAlg = idTokenEncryptedResponseAlg; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getIdTokenEncryptedResponseEncEmbed() + */ + @Override + @Embedded + @AttributeOverrides({ + @AttributeOverride(name = "algorithmName", column=@Column(name="id_token_encrypted_response_enc")) + }) + public JWEEncryptionMethodEmbed getIdTokenEncryptedResponseEncEmbed() { + return idTokenEncryptedResponseEnc; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setIdTokenEncryptedResponseEncEmbed(org.mitre.jose.JWEEncryptionMethodEmbed) + */ + @Override + public void setIdTokenEncryptedResponseEncEmbed(JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc) { + this.idTokenEncryptedResponseEnc = idTokenEncryptedResponseEnc; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getTokenEndpointAuthSigningAlgEmbed() + */ + @Override + @Embedded + @AttributeOverrides({ + @AttributeOverride(name = "algorithmName", column=@Column(name="token_endpoint_auth_signing_alg")) + }) + public JWSAlgorithmEmbed getTokenEndpointAuthSigningAlgEmbed() { + return tokenEndpointAuthSigningAlg; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setTokenEndpointAuthSigningAlgEmbed(org.mitre.jose.JWSAlgorithmEmbed) + */ + @Override + public void setTokenEndpointAuthSigningAlgEmbed(JWSAlgorithmEmbed tokenEndpointAuthSigningAlgEmbed) { + this.tokenEndpointAuthSigningAlg = tokenEndpointAuthSigningAlgEmbed; + } + + // + // Transient passthrough methods for JOSE elements + // + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getRequestObjectSigningAlg() + */ + @Override + @Transient + public JWSAlgorithm getRequestObjectSigningAlg() { + if (requestObjectSigningAlg != null) { + return requestObjectSigningAlg.getAlgorithm(); + } else { + return null; + } + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setRequestObjectSigningAlg(com.nimbusds.jose.JWSAlgorithm) + */ + @Override + public void setRequestObjectSigningAlg(JWSAlgorithm requestObjectSigningAlg) { + this.requestObjectSigningAlg = new JWSAlgorithmEmbed(requestObjectSigningAlg); + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getUserInfoSignedResponseAlg() + */ + @Override + @Transient + public JWSAlgorithm getUserInfoSignedResponseAlg() { + if (userInfoSignedResponseAlg != null) { + return userInfoSignedResponseAlg.getAlgorithm(); + } else { + return null; + } + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setUserInfoSignedResponseAlg(com.nimbusds.jose.JWSAlgorithm) + */ + @Override + public void setUserInfoSignedResponseAlg(JWSAlgorithm userInfoSignedResponseAlg) { + this.userInfoSignedResponseAlg = new JWSAlgorithmEmbed(userInfoSignedResponseAlg); + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getUserInfoEncryptedResponseAlg() + */ + @Override + @Transient + public JWEAlgorithm getUserInfoEncryptedResponseAlg() { + if (userInfoEncryptedResponseAlg != null) { + return userInfoEncryptedResponseAlg.getAlgorithm(); + } else { + return null; + } + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setUserInfoEncryptedResponseAlg(com.nimbusds.jose.JWEAlgorithm) + */ + @Override + public void setUserInfoEncryptedResponseAlg(JWEAlgorithm userInfoEncryptedResponseAlg) { + this.userInfoEncryptedResponseAlg = new JWEAlgorithmEmbed(userInfoEncryptedResponseAlg); + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getUserInfoEncryptedResponseEnc() + */ + @Override + @Transient + public EncryptionMethod getUserInfoEncryptedResponseEnc() { + if (userInfoEncryptedResponseEnc != null) { + return userInfoEncryptedResponseEnc.getAlgorithm(); + } else { + return null; + } + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setUserInfoEncryptedResponseEnc(com.nimbusds.jose.EncryptionMethod) + */ + @Override + public void setUserInfoEncryptedResponseEnc(EncryptionMethod userInfoEncryptedResponseEnc) { + this.userInfoEncryptedResponseEnc = new JWEEncryptionMethodEmbed(userInfoEncryptedResponseEnc); + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getIdTokenSignedResponseAlg() + */ + @Override + @Transient + public JWSAlgorithm getIdTokenSignedResponseAlg() { + if (idTokenSignedResponseAlg != null) { + return idTokenSignedResponseAlg.getAlgorithm(); + } else { + return null; + } + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setIdTokenSignedResponseAlg(com.nimbusds.jose.JWSAlgorithm) + */ + @Override + public void setIdTokenSignedResponseAlg(JWSAlgorithm idTokenSignedResponseAlg) { + this.idTokenSignedResponseAlg = new JWSAlgorithmEmbed(idTokenSignedResponseAlg); + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getIdTokenEncryptedResponseAlg() + */ + @Override + @Transient + public JWEAlgorithm getIdTokenEncryptedResponseAlg() { + if (idTokenEncryptedResponseAlg != null) { + return idTokenEncryptedResponseAlg.getAlgorithm(); + } else { + return null; + } + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setIdTokenEncryptedResponseAlg(com.nimbusds.jose.JWEAlgorithm) + */ + @Override + public void setIdTokenEncryptedResponseAlg(JWEAlgorithm idTokenEncryptedResponseAlg) { + this.idTokenEncryptedResponseAlg = new JWEAlgorithmEmbed(idTokenEncryptedResponseAlg); + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getIdTokenEncryptedResponseEnc() + */ + @Override + @Transient + public EncryptionMethod getIdTokenEncryptedResponseEnc() { + if (idTokenEncryptedResponseEnc != null) { + return idTokenEncryptedResponseEnc.getAlgorithm(); + } else { + return null; + } + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setIdTokenEncryptedResponseEnc(com.nimbusds.jose.EncryptionMethod) + */ + @Override + public void setIdTokenEncryptedResponseEnc(EncryptionMethod idTokenEncryptedResponseEnc) { + this.idTokenEncryptedResponseEnc = new JWEEncryptionMethodEmbed(idTokenEncryptedResponseEnc); + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getTokenEndpointAuthSigningAlg() + */ + @Override + @Transient + public JWSAlgorithm getTokenEndpointAuthSigningAlg() { + if (tokenEndpointAuthSigningAlg != null) { + return tokenEndpointAuthSigningAlg.getAlgorithm(); + } else { + return null; + } + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setTokenEndpointAuthSigningAlg(com.nimbusds.jose.JWSAlgorithm) + */ + @Override + public void setTokenEndpointAuthSigningAlg(JWSAlgorithm tokenEndpointAuthSigningAlg) { + this.tokenEndpointAuthSigningAlg = new JWSAlgorithmEmbed(tokenEndpointAuthSigningAlg); + } + + // END Transient JOSE methods + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getDefaultMaxAge() + */ + @Override + @Basic + @Column(name="default_max_age") + public Integer getDefaultMaxAge() { + return defaultMaxAge; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setDefaultMaxAge(java.lang.Integer) + */ + @Override + public void setDefaultMaxAge(Integer defaultMaxAge) { + this.defaultMaxAge = defaultMaxAge; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getRequireAuthTime() + */ + @Override + @Basic + @Column(name="require_auth_time") + public Boolean getRequireAuthTime() { + return requireAuthTime; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setRequireAuthTime(java.lang.Boolean) + */ + @Override + public void setRequireAuthTime(Boolean requireAuthTime) { + this.requireAuthTime = requireAuthTime; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getResponseTypes() + */ + @Override + @ElementCollection(fetch = FetchType.EAGER) + @CollectionTable( + name="client_response_type", + joinColumns=@JoinColumn(name="owner_id") + ) + @Column(name="response_type") + public Set getResponseTypes() { + return responseTypes; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setResponseTypes(java.util.Set) + */ + @Override + public void setResponseTypes(Set responseTypes) { + this.responseTypes = responseTypes; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getDefaultACRvalues() + */ + @Override + @ElementCollection(fetch = FetchType.EAGER) + @CollectionTable( + name="client_default_acr_value", + joinColumns=@JoinColumn(name="owner_id") + ) + @Column(name="default_acr_value") + public Set getDefaultACRvalues() { + return defaultACRvalues; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setDefaultACRvalues(java.util.Set) + */ + @Override + public void setDefaultACRvalues(Set defaultACRvalues) { + this.defaultACRvalues = defaultACRvalues; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getInitiateLoginUri() + */ + @Override + @Basic + @Column(name="initiate_login_uri") + public String getInitiateLoginUri() { + return initiateLoginUri; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setInitiateLoginUri(java.lang.String) + */ + @Override + public void setInitiateLoginUri(String initiateLoginUri) { + this.initiateLoginUri = initiateLoginUri; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getPostLogoutRedirectUri() + */ + @Override + @Basic + @Column(name="post_logout_redirect_uri") + public String getPostLogoutRedirectUri() { + return postLogoutRedirectUri; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setPostLogoutRedirectUri(java.lang.String) + */ + @Override + public void setPostLogoutRedirectUri(String postLogoutRedirectUri) { + this.postLogoutRedirectUri = postLogoutRedirectUri; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getRequestUris() + */ + @Override + @ElementCollection(fetch = FetchType.EAGER) + @CollectionTable( + name="client_request_uri", + joinColumns=@JoinColumn(name="owner_id") + ) + @Column(name="request_uri") + public Set getRequestUris() { + return requestUris; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setRequestUris(java.util.Set) + */ + @Override + public void setRequestUris(Set requestUris) { + this.requestUris = requestUris; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#getCreatedAt() + */ + @Override + @Temporal(TemporalType.TIMESTAMP) + @Column(name="created_at") + public Date getCreatedAt() { + return createdAt; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#setCreatedAt(java.util.Date) + */ + @Override + public void setCreatedAt(Date createdAt) { + this.createdAt = createdAt; + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.model.impl.MyInt#isAutoApprove(java.lang.String) + */ + @Override + public boolean isAutoApprove(String scope) { + return false; + } + +} diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultOAuth2AccessTokenEntity.java similarity index 64% rename from openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java rename to openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultOAuth2AccessTokenEntity.java index c1cd1be64..829624df0 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultOAuth2AccessTokenEntity.java @@ -14,10 +14,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ -/** - * - */ -package org.mitre.oauth2.model; + +package org.mitre.oauth2.model.impl; import java.text.ParseException; import java.util.Date; @@ -44,6 +42,10 @@ import javax.persistence.Table; import javax.persistence.Temporal; import javax.persistence.Transient; +import org.mitre.oauth2.model.AuthenticationHolderEntity; +import org.mitre.oauth2.model.ClientDetailsEntity; +import org.mitre.oauth2.model.OAuth2AccessTokenEntity; +import org.mitre.oauth2.model.OAuth2RefreshTokenEntity; import org.springframework.security.oauth2.common.OAuth2AccessToken; import org.springframework.security.oauth2.common.OAuth2RefreshToken; @@ -57,42 +59,40 @@ import com.nimbusds.jwt.JWTParser; @Entity @Table(name = "access_token") @NamedQueries({ - @NamedQuery(name = "OAuth2AccessTokenEntity.getAll", query = "select a from OAuth2AccessTokenEntity a"), - @NamedQuery(name = "OAuth2AccessTokenEntity.getAllExpiredByDate", query = "select a from OAuth2AccessTokenEntity a where a.expiration <= :date"), - @NamedQuery(name = "OAuth2AccessTokenEntity.getByRefreshToken", query = "select a from OAuth2AccessTokenEntity a where a.refreshToken = :refreshToken"), - @NamedQuery(name = "OAuth2AccessTokenEntity.getByClient", query = "select a from OAuth2AccessTokenEntity a where a.client = :client"), - @NamedQuery(name = "OAuth2AccessTokenEntity.getByAuthentication", query = "select a from OAuth2AccessTokenEntity a where a.authenticationHolder.authentication = :authentication"), - @NamedQuery(name = "OAuth2AccessTokenEntity.getByIdToken", query = "select a from OAuth2AccessTokenEntity a where a.idToken = :idToken"), - @NamedQuery(name = "OAuth2AccessTokenEntity.getByTokenValue", query = "select a from OAuth2AccessTokenEntity a where a.value = :tokenValue") + @NamedQuery(name = "DefaultOAuth2AccessTokenEntity.getAll", query = "select a from DefaultOAuth2AccessTokenEntity a"), + @NamedQuery(name = "DefaultOAuth2AccessTokenEntity.getAllExpiredByDate", query = "select a from DefaultOAuth2AccessTokenEntity a where a.expiration <= :date"), + @NamedQuery(name = "DefaultOAuth2AccessTokenEntity.getByRefreshToken", query = "select a from DefaultOAuth2AccessTokenEntity a where a.refreshToken = :refreshToken"), + @NamedQuery(name = "DefaultOAuth2AccessTokenEntity.getByClient", query = "select a from DefaultOAuth2AccessTokenEntity a where a.client = :client"), + @NamedQuery(name = "DefaultOAuth2AccessTokenEntity.getByAuthentication", query = "select a from DefaultOAuth2AccessTokenEntity a where a.authenticationHolder.authentication = :authentication"), + @NamedQuery(name = "DefaultOAuth2AccessTokenEntity.getByIdToken", query = "select a from DefaultOAuth2AccessTokenEntity a where a.idToken = :idToken"), + @NamedQuery(name = "DefaultOAuth2AccessTokenEntity.getByTokenValue", query = "select a from DefaultOAuth2AccessTokenEntity a where a.value = :tokenValue") }) -//@JsonSerialize(using = OAuth2AccessTokenSerializer.class) -//@JsonDeserialize(using = OAuth2AccessTokenDeserializer.class) -public class OAuth2AccessTokenEntity implements OAuth2AccessToken { +public class DefaultOAuth2AccessTokenEntity implements OAuth2AccessTokenEntity { public static String ID_TOKEN_FIELD_NAME = "id_token"; private Long id; - private ClientDetailsEntity client; + private DefaultClientDetailsEntity client; - private AuthenticationHolderEntity authenticationHolder; // the authentication that made this access + private DefaultAuthenticationHolderEntity authenticationHolder; // the authentication that made this access private JWT jwtValue; // JWT-encoded access token value - private OAuth2AccessTokenEntity idToken; // JWT-encoded OpenID Connect IdToken + private DefaultOAuth2AccessTokenEntity idToken; // JWT-encoded OpenID Connect IdToken private Date expiration; private String tokenType = OAuth2AccessToken.BEARER_TYPE; - private OAuth2RefreshTokenEntity refreshToken; + private DefaultOAuth2RefreshTokenEntity refreshToken; private Set scope; /** * Create a new, blank access token */ - public OAuth2AccessTokenEntity() { + DefaultOAuth2AccessTokenEntity() { } @@ -132,33 +132,49 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken { */ @ManyToOne @JoinColumn(name = "auth_holder_id") - public AuthenticationHolderEntity getAuthenticationHolder() { + public DefaultAuthenticationHolderEntity getAuthenticationHolder() { return authenticationHolder; } /** * @param authentication the authentication to set */ - public void setAuthenticationHolder(AuthenticationHolderEntity authenticationHolder) { + public void setAuthenticationHolder(DefaultAuthenticationHolderEntity authenticationHolder) { this.authenticationHolder = authenticationHolder; } - + + public void setAuthenticationHolder(AuthenticationHolderEntity authenticationHolder) { + if (!(authenticationHolder instanceof DefaultAuthenticationHolderEntity)) { + throw new IllegalArgumentException("Not a storable authentication holder entity!"); + } + // force a pass through to the entity version + setAuthenticationHolder((DefaultAuthenticationHolderEntity)authenticationHolder); + } + /** * @return the client */ @ManyToOne @JoinColumn(name = "client_id") - public ClientDetailsEntity getClient() { + public DefaultClientDetailsEntity getClient() { return client; } - + /** * @param client the client to set */ - public void setClient(ClientDetailsEntity client) { + public void setClient(DefaultClientDetailsEntity client) { this.client = client; } - + + public void setClient(ClientDetailsEntity client) { + if (!(client instanceof DefaultClientDetailsEntity)) { + throw new IllegalArgumentException("Not a storable client details entity!"); + } + // force a pass through to the entity version + setClient((DefaultClientDetailsEntity)client); + } + /** * Get the string-encoded value of this access token. */ @@ -205,20 +221,28 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken { @Override @ManyToOne @JoinColumn(name="refresh_token_id") - public OAuth2RefreshTokenEntity getRefreshToken() { + public DefaultOAuth2RefreshTokenEntity getRefreshToken() { return refreshToken; } - - public void setRefreshToken(OAuth2RefreshTokenEntity refreshToken) { + + public void setRefreshToken(DefaultOAuth2RefreshTokenEntity refreshToken) { this.refreshToken = refreshToken; } - - public void setRefreshToken(OAuth2RefreshToken refreshToken) { - if (!(refreshToken instanceof OAuth2RefreshTokenEntity)) { + + public void setRefreshToken(OAuth2RefreshTokenEntity refreshToken) { + if (!(refreshToken instanceof DefaultOAuth2RefreshTokenEntity)) { throw new IllegalArgumentException("Not a storable refresh token entity!"); } // force a pass through to the entity version - setRefreshToken((OAuth2RefreshTokenEntity)refreshToken); + setRefreshToken((DefaultOAuth2RefreshTokenEntity)refreshToken); + } + + public void setRefreshToken(OAuth2RefreshToken refreshToken) { + if (!(refreshToken instanceof DefaultOAuth2RefreshTokenEntity)) { + throw new IllegalArgumentException("Not a storable refresh token entity!"); + } + // force a pass through to the entity version + setRefreshToken((DefaultOAuth2RefreshTokenEntity)refreshToken); } @Override @@ -246,17 +270,25 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken { */ @OneToOne(cascade=CascadeType.ALL) // one-to-one mapping for now @JoinColumn(name = "id_token_id") - public OAuth2AccessTokenEntity getIdToken() { + public DefaultOAuth2AccessTokenEntity getIdToken() { return idToken; } - + /** * @param idToken the idToken to set */ - public void setIdToken(OAuth2AccessTokenEntity idToken) { + public void setIdToken(DefaultOAuth2AccessTokenEntity idToken) { this.idToken = idToken; } - + + public void setIdToken(OAuth2AccessTokenEntity idToken) { + if (!(idToken instanceof DefaultOAuth2AccessTokenEntity)) { + throw new IllegalArgumentException("Not a storable access token entity!"); + } + // force a pass through to the entity version + setIdToken((DefaultOAuth2AccessTokenEntity)idToken); + } + /** * @return the idTokenString */ diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultOAuth2RefreshTokenEntity.java similarity index 65% rename from openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java rename to openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultOAuth2RefreshTokenEntity.java index 6b061cfd1..d6277a7e3 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultOAuth2RefreshTokenEntity.java @@ -14,10 +14,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ -/** - * - */ -package org.mitre.oauth2.model; + +package org.mitre.oauth2.model.impl; import java.text.ParseException; import java.util.Date; @@ -37,7 +35,9 @@ import javax.persistence.Table; import javax.persistence.Temporal; import javax.persistence.Transient; -import org.springframework.security.oauth2.common.OAuth2RefreshToken; +import org.mitre.oauth2.model.AuthenticationHolderEntity; +import org.mitre.oauth2.model.ClientDetailsEntity; +import org.mitre.oauth2.model.OAuth2RefreshTokenEntity; import com.nimbusds.jwt.JWT; import com.nimbusds.jwt.JWTParser; @@ -49,19 +49,19 @@ import com.nimbusds.jwt.JWTParser; @Entity @Table(name = "refresh_token") @NamedQueries({ - @NamedQuery(name = "OAuth2RefreshTokenEntity.getAll", query = "select r from OAuth2RefreshTokenEntity r"), - @NamedQuery(name = "OAuth2RefreshTokenEntity.getAllExpiredByDate", query = "select r from OAuth2RefreshTokenEntity r where r.expiration <= :date"), - @NamedQuery(name = "OAuth2RefreshTokenEntity.getByClient", query = "select r from OAuth2RefreshTokenEntity r where r.client = :client"), - @NamedQuery(name = "OAuth2RefreshTokenEntity.getByTokenValue", query = "select r from OAuth2RefreshTokenEntity r where r.value = :tokenValue"), - @NamedQuery(name = "OAuth2RefreshTokenEntity.getByAuthentication", query = "select r from OAuth2RefreshTokenEntity r where r.authenticationHolder.authentication = :authentication") + @NamedQuery(name = "DefaultOAuth2RefreshTokenEntity.getAll", query = "select r from DefaultOAuth2RefreshTokenEntity r"), + @NamedQuery(name = "DefaultOAuth2RefreshTokenEntity.getAllExpiredByDate", query = "select r from DefaultOAuth2RefreshTokenEntity r where r.expiration <= :date"), + @NamedQuery(name = "DefaultOAuth2RefreshTokenEntity.getByClient", query = "select r from DefaultOAuth2RefreshTokenEntity r where r.client = :client"), + @NamedQuery(name = "DefaultOAuth2RefreshTokenEntity.getByTokenValue", query = "select r from DefaultOAuth2RefreshTokenEntity r where r.value = :tokenValue"), + @NamedQuery(name = "DefaultOAuth2RefreshTokenEntity.getByAuthentication", query = "select r from DefaultOAuth2RefreshTokenEntity r where r.authenticationHolder.authentication = :authentication") }) -public class OAuth2RefreshTokenEntity implements OAuth2RefreshToken { +public class DefaultOAuth2RefreshTokenEntity implements OAuth2RefreshTokenEntity { private Long id; - private AuthenticationHolderEntity authenticationHolder; - - private ClientDetailsEntity client; + private DefaultAuthenticationHolderEntity authenticationHolder; + + private DefaultClientDetailsEntity client; //JWT-encoded representation of this access token entity private JWT jwt; @@ -72,7 +72,7 @@ public class OAuth2RefreshTokenEntity implements OAuth2RefreshToken { /** * */ - public OAuth2RefreshTokenEntity() { + DefaultOAuth2RefreshTokenEntity() { } @@ -101,17 +101,25 @@ public class OAuth2RefreshTokenEntity implements OAuth2RefreshToken { */ @ManyToOne @JoinColumn(name = "auth_holder_id") - public AuthenticationHolderEntity getAuthenticationHolder() { + public DefaultAuthenticationHolderEntity getAuthenticationHolder() { return authenticationHolder; } /** * @param authentication the authentication to set */ - public void setAuthenticationHolder(AuthenticationHolderEntity authenticationHolder) { + public void setAuthenticationHolder(DefaultAuthenticationHolderEntity authenticationHolder) { this.authenticationHolder = authenticationHolder; } - + + public void setAuthenticationHolder(AuthenticationHolderEntity authenticationHolder) { + if (!(authenticationHolder instanceof DefaultAuthenticationHolderEntity)) { + throw new IllegalArgumentException("Not a storable authentication holder entity!"); + } + // force a pass through to the entity version + setAuthenticationHolder((DefaultAuthenticationHolderEntity)authenticationHolder); + } + /** * Get the JWT-encoded value of this token */ @@ -160,17 +168,25 @@ public class OAuth2RefreshTokenEntity implements OAuth2RefreshToken { */ @ManyToOne(fetch = FetchType.EAGER) @JoinColumn(name = "client_id") - public ClientDetailsEntity getClient() { + public DefaultClientDetailsEntity getClient() { return client; } - + /** * @param client the client to set */ - public void setClient(ClientDetailsEntity client) { + public void setClient(DefaultClientDetailsEntity client) { this.client = client; } - + + public void setClient(ClientDetailsEntity client) { + if (!(client instanceof DefaultClientDetailsEntity)) { + throw new IllegalArgumentException("Not a storable client details entity!"); + } + // force a pass through to the entity version + setClient((DefaultClientDetailsEntity)client); + } + /** * Get the JWT object directly * @return the jwt @@ -186,5 +202,5 @@ public class OAuth2RefreshTokenEntity implements OAuth2RefreshToken { public void setJwt(JWT jwt) { this.jwt = jwt; } - + } diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultRegisteredClient.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultRegisteredClient.java new file mode 100644 index 000000000..92e18c08a --- /dev/null +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultRegisteredClient.java @@ -0,0 +1,912 @@ +/******************************************************************************* + * Copyright 2014 The MITRE Corporation + * and the MIT Kerberos and Internet Trust Consortium + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + +package org.mitre.oauth2.model.impl; + +import java.util.Date; +import java.util.Map; +import java.util.Set; + +import org.mitre.jose.JWEAlgorithmEmbed; +import org.mitre.jose.JWEEncryptionMethodEmbed; +import org.mitre.jose.JWSAlgorithmEmbed; +import org.mitre.oauth2.model.ClientDetailsEntity; +import org.mitre.oauth2.model.ClientDetailsEntity.AppType; +import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod; +import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType; +import org.mitre.oauth2.model.RegisteredClient; +import org.springframework.security.core.GrantedAuthority; + +import com.nimbusds.jose.EncryptionMethod; +import com.nimbusds.jose.JWEAlgorithm; +import com.nimbusds.jose.JWSAlgorithm; + +/** + * @author jricher + * + */ +public class DefaultRegisteredClient implements RegisteredClient { + + // these fields are needed in addition to the ones in ClientDetailsEntity + private String registrationAccessToken; + private String registrationClientUri; + private Date clientSecretExpiresAt; + private Date clientIdIssuedAt; + private DefaultClientDetailsEntity client; + + /** + * + */ + DefaultRegisteredClient() { + this.client = ModelFactory.instance().getClientDetailsInstance(); + } + + /** + * @param client + */ + /* + public DefaultRegisteredClient(ClientDetailsEntity client) { + this.client = client; + } + */ + + /** + * @param client + * @param registrationAccessToken + * @param registrationClientUri + */ + /* + public DefaultRegisteredClient(ClientDetailsEntity client, String registrationAccessToken, String registrationClientUri) { + this.client = client; + this.registrationAccessToken = registrationAccessToken; + this.registrationClientUri = registrationClientUri; + } + */ + + /** + * @return the client + */ + public DefaultClientDetailsEntity getClient() { + return client; + } + /** + * @param client the client to set + */ + public void setClient(DefaultClientDetailsEntity client) { + this.client = client; + } + + public void setClient(ClientDetailsEntity client) { + if (!(client instanceof DefaultClientDetailsEntity)) { + throw new IllegalArgumentException("Not a storable client details entity!"); + } + // force a pass through to the entity version + setClient((DefaultClientDetailsEntity)client); + } + + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getClientDescription() + */ + public String getClientDescription() { + return client.getClientDescription(); + } + /** + * @param clientDescription + * @see org.mitre.oauth2.model.ClientDetailsEntity#setClientDescription(java.lang.String) + */ + public void setClientDescription(String clientDescription) { + client.setClientDescription(clientDescription); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#isAllowRefresh() + */ + public boolean isAllowRefresh() { + return client.isAllowRefresh(); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#isReuseRefreshToken() + */ + public boolean isReuseRefreshToken() { + return client.isReuseRefreshToken(); + } + /** + * @param reuseRefreshToken + * @see org.mitre.oauth2.model.ClientDetailsEntity#setReuseRefreshToken(boolean) + */ + public void setReuseRefreshToken(boolean reuseRefreshToken) { + client.setReuseRefreshToken(reuseRefreshToken); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenValiditySeconds() + */ + public Integer getIdTokenValiditySeconds() { + return client.getIdTokenValiditySeconds(); + } + /** + * @param idTokenValiditySeconds + * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenValiditySeconds(java.lang.Integer) + */ + public void setIdTokenValiditySeconds(Integer idTokenValiditySeconds) { + client.setIdTokenValiditySeconds(idTokenValiditySeconds); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#isDynamicallyRegistered() + */ + public boolean isDynamicallyRegistered() { + return client.isDynamicallyRegistered(); + } + /** + * @param dynamicallyRegistered + * @see org.mitre.oauth2.model.ClientDetailsEntity#setDynamicallyRegistered(boolean) + */ + public void setDynamicallyRegistered(boolean dynamicallyRegistered) { + client.setDynamicallyRegistered(dynamicallyRegistered); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#isAllowIntrospection() + */ + public boolean isAllowIntrospection() { + return client.isAllowIntrospection(); + } + /** + * @param allowIntrospection + * @see org.mitre.oauth2.model.ClientDetailsEntity#setAllowIntrospection(boolean) + */ + public void setAllowIntrospection(boolean allowIntrospection) { + client.setAllowIntrospection(allowIntrospection); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#isSecretRequired() + */ + public boolean isSecretRequired() { + return client.isSecretRequired(); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#isScoped() + */ + public boolean isScoped() { + return client.isScoped(); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getClientId() + */ + public String getClientId() { + return client.getClientId(); + } + /** + * @param clientId + * @see org.mitre.oauth2.model.ClientDetailsEntity#setClientId(java.lang.String) + */ + public void setClientId(String clientId) { + client.setClientId(clientId); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getClientSecret() + */ + public String getClientSecret() { + return client.getClientSecret(); + } + /** + * @param clientSecret + * @see org.mitre.oauth2.model.ClientDetailsEntity#setClientSecret(java.lang.String) + */ + public void setClientSecret(String clientSecret) { + client.setClientSecret(clientSecret); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getScope() + */ + public Set getScope() { + return client.getScope(); + } + /** + * @param scope + * @see org.mitre.oauth2.model.ClientDetailsEntity#setScope(java.util.Set) + */ + public void setScope(Set scope) { + client.setScope(scope); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getGrantTypes() + */ + public Set getGrantTypes() { + return client.getGrantTypes(); + } + /** + * @param grantTypes + * @see org.mitre.oauth2.model.ClientDetailsEntity#setGrantTypes(java.util.Set) + */ + public void setGrantTypes(Set grantTypes) { + client.setGrantTypes(grantTypes); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getAuthorizedGrantTypes() + */ + public Set getAuthorizedGrantTypes() { + return client.getAuthorizedGrantTypes(); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getAuthorities() + */ + public Set getAuthorities() { + return client.getAuthorities(); + } + /** + * @param authorities + * @see org.mitre.oauth2.model.ClientDetailsEntity#setAuthorities(java.util.Set) + */ + public void setAuthorities(Set authorities) { + client.setAuthorities(authorities); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getAccessTokenValiditySeconds() + */ + public Integer getAccessTokenValiditySeconds() { + return client.getAccessTokenValiditySeconds(); + } + /** + * @param accessTokenValiditySeconds + * @see org.mitre.oauth2.model.ClientDetailsEntity#setAccessTokenValiditySeconds(java.lang.Integer) + */ + public void setAccessTokenValiditySeconds(Integer accessTokenValiditySeconds) { + client.setAccessTokenValiditySeconds(accessTokenValiditySeconds); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getRefreshTokenValiditySeconds() + */ + public Integer getRefreshTokenValiditySeconds() { + return client.getRefreshTokenValiditySeconds(); + } + /** + * @param refreshTokenValiditySeconds + * @see org.mitre.oauth2.model.ClientDetailsEntity#setRefreshTokenValiditySeconds(java.lang.Integer) + */ + public void setRefreshTokenValiditySeconds(Integer refreshTokenValiditySeconds) { + client.setRefreshTokenValiditySeconds(refreshTokenValiditySeconds); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getRedirectUris() + */ + public Set getRedirectUris() { + return client.getRedirectUris(); + } + /** + * @param redirectUris + * @see org.mitre.oauth2.model.ClientDetailsEntity#setRedirectUris(java.util.Set) + */ + public void setRedirectUris(Set redirectUris) { + client.setRedirectUris(redirectUris); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getRegisteredRedirectUri() + */ + public Set getRegisteredRedirectUri() { + return client.getRegisteredRedirectUri(); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getResourceIds() + */ + public Set getResourceIds() { + return client.getResourceIds(); + } + /** + * @param resourceIds + * @see org.mitre.oauth2.model.ClientDetailsEntity#setResourceIds(java.util.Set) + */ + public void setResourceIds(Set resourceIds) { + client.setResourceIds(resourceIds); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getAdditionalInformation() + */ + public Map getAdditionalInformation() { + return client.getAdditionalInformation(); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getApplicationType() + */ + public AppType getApplicationType() { + return client.getApplicationType(); + } + /** + * @param applicationType + * @see org.mitre.oauth2.model.ClientDetailsEntity#setApplicationType(org.mitre.oauth2.model.ClientDetailsEntity.AppType) + */ + public void setApplicationType(AppType applicationType) { + client.setApplicationType(applicationType); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getClientName() + */ + public String getClientName() { + return client.getClientName(); + } + /** + * @param clientName + * @see org.mitre.oauth2.model.ClientDetailsEntity#setClientName(java.lang.String) + */ + public void setClientName(String clientName) { + client.setClientName(clientName); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getTokenEndpointAuthMethod() + */ + public AuthMethod getTokenEndpointAuthMethod() { + return client.getTokenEndpointAuthMethod(); + } + /** + * @param tokenEndpointAuthMethod + * @see org.mitre.oauth2.model.ClientDetailsEntity#setTokenEndpointAuthMethod(org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod) + */ + public void setTokenEndpointAuthMethod(AuthMethod tokenEndpointAuthMethod) { + client.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getSubjectType() + */ + public SubjectType getSubjectType() { + return client.getSubjectType(); + } + /** + * @param subjectType + * @see org.mitre.oauth2.model.ClientDetailsEntity#setSubjectType(org.mitre.oauth2.model.ClientDetailsEntity.SubjectType) + */ + public void setSubjectType(SubjectType subjectType) { + client.setSubjectType(subjectType); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getContacts() + */ + public Set getContacts() { + return client.getContacts(); + } + /** + * @param contacts + * @see org.mitre.oauth2.model.ClientDetailsEntity#setContacts(java.util.Set) + */ + public void setContacts(Set contacts) { + client.setContacts(contacts); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getLogoUri() + */ + public String getLogoUri() { + return client.getLogoUri(); + } + /** + * @param logoUri + * @see org.mitre.oauth2.model.ClientDetailsEntity#setLogoUri(java.lang.String) + */ + public void setLogoUri(String logoUri) { + client.setLogoUri(logoUri); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getPolicyUri() + */ + public String getPolicyUri() { + return client.getPolicyUri(); + } + /** + * @param policyUri + * @see org.mitre.oauth2.model.ClientDetailsEntity#setPolicyUri(java.lang.String) + */ + public void setPolicyUri(String policyUri) { + client.setPolicyUri(policyUri); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getClientUri() + */ + public String getClientUri() { + return client.getClientUri(); + } + /** + * @param clientUri + * @see org.mitre.oauth2.model.ClientDetailsEntity#setClientUri(java.lang.String) + */ + public void setClientUri(String clientUri) { + client.setClientUri(clientUri); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getTosUri() + */ + public String getTosUri() { + return client.getTosUri(); + } + /** + * @param tosUri + * @see org.mitre.oauth2.model.ClientDetailsEntity#setTosUri(java.lang.String) + */ + public void setTosUri(String tosUri) { + client.setTosUri(tosUri); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getJwksUri() + */ + public String getJwksUri() { + return client.getJwksUri(); + } + /** + * @param jwksUri + * @see org.mitre.oauth2.model.ClientDetailsEntity#setJwksUri(java.lang.String) + */ + public void setJwksUri(String jwksUri) { + client.setJwksUri(jwksUri); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getSectorIdentifierUri() + */ + public String getSectorIdentifierUri() { + return client.getSectorIdentifierUri(); + } + /** + * @param sectorIdentifierUri + * @see org.mitre.oauth2.model.ClientDetailsEntity#setSectorIdentifierUri(java.lang.String) + */ + public void setSectorIdentifierUri(String sectorIdentifierUri) { + client.setSectorIdentifierUri(sectorIdentifierUri); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getDefaultMaxAge() + */ + public Integer getDefaultMaxAge() { + return client.getDefaultMaxAge(); + } + /** + * @param defaultMaxAge + * @see org.mitre.oauth2.model.ClientDetailsEntity#setDefaultMaxAge(java.lang.Integer) + */ + public void setDefaultMaxAge(Integer defaultMaxAge) { + client.setDefaultMaxAge(defaultMaxAge); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getRequireAuthTime() + */ + public Boolean getRequireAuthTime() { + return client.getRequireAuthTime(); + } + /** + * @param requireAuthTime + * @see org.mitre.oauth2.model.ClientDetailsEntity#setRequireAuthTime(java.lang.Boolean) + */ + public void setRequireAuthTime(Boolean requireAuthTime) { + client.setRequireAuthTime(requireAuthTime); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getResponseTypes() + */ + public Set getResponseTypes() { + return client.getResponseTypes(); + } + /** + * @param responseTypes + * @see org.mitre.oauth2.model.ClientDetailsEntity#setResponseTypes(java.util.Set) + */ + public void setResponseTypes(Set responseTypes) { + client.setResponseTypes(responseTypes); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getDefaultACRvalues() + */ + public Set getDefaultACRvalues() { + return client.getDefaultACRvalues(); + } + /** + * @param defaultACRvalues + * @see org.mitre.oauth2.model.ClientDetailsEntity#setDefaultACRvalues(java.util.Set) + */ + public void setDefaultACRvalues(Set defaultACRvalues) { + client.setDefaultACRvalues(defaultACRvalues); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getInitiateLoginUri() + */ + public String getInitiateLoginUri() { + return client.getInitiateLoginUri(); + } + /** + * @param initiateLoginUri + * @see org.mitre.oauth2.model.ClientDetailsEntity#setInitiateLoginUri(java.lang.String) + */ + public void setInitiateLoginUri(String initiateLoginUri) { + client.setInitiateLoginUri(initiateLoginUri); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getPostLogoutRedirectUri() + */ + public String getPostLogoutRedirectUri() { + return client.getPostLogoutRedirectUri(); + } + /** + * @param postLogoutRedirectUri + * @see org.mitre.oauth2.model.ClientDetailsEntity#setPostLogoutRedirectUri(java.lang.String) + */ + public void setPostLogoutRedirectUri(String postLogoutRedirectUri) { + client.setPostLogoutRedirectUri(postLogoutRedirectUri); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getRequestUris() + */ + public Set getRequestUris() { + return client.getRequestUris(); + } + /** + * @param requestUris + * @see org.mitre.oauth2.model.ClientDetailsEntity#setRequestUris(java.util.Set) + */ + public void setRequestUris(Set requestUris) { + client.setRequestUris(requestUris); + } + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getRequestObjectSigningAlgEmbed() + */ + public JWSAlgorithmEmbed getRequestObjectSigningAlgEmbed() { + return client.getRequestObjectSigningAlgEmbed(); + } + + /** + * @param requestObjectSigningAlg + * @see org.mitre.oauth2.model.ClientDetailsEntity#setRequestObjectSigningAlgEmbed(org.mitre.jose.JWSAlgorithmEmbed) + */ + public void setRequestObjectSigningAlgEmbed(JWSAlgorithmEmbed requestObjectSigningAlg) { + client.setRequestObjectSigningAlgEmbed(requestObjectSigningAlg); + } + + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoSignedResponseAlgEmbed() + */ + public JWSAlgorithmEmbed getUserInfoSignedResponseAlgEmbed() { + return client.getUserInfoSignedResponseAlgEmbed(); + } + + /** + * @param userInfoSignedResponseAlg + * @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoSignedResponseAlgEmbed(org.mitre.jose.JWSAlgorithmEmbed) + */ + public void setUserInfoSignedResponseAlgEmbed(JWSAlgorithmEmbed userInfoSignedResponseAlg) { + client.setUserInfoSignedResponseAlgEmbed(userInfoSignedResponseAlg); + } + + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseAlgEmbed() + */ + public JWEAlgorithmEmbed getUserInfoEncryptedResponseAlgEmbed() { + return client.getUserInfoEncryptedResponseAlgEmbed(); + } + + /** + * @param userInfoEncryptedResponseAlg + * @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseAlgEmbed(org.mitre.jose.JWEAlgorithmEmbed) + */ + public void setUserInfoEncryptedResponseAlgEmbed(JWEAlgorithmEmbed userInfoEncryptedResponseAlg) { + client.setUserInfoEncryptedResponseAlgEmbed(userInfoEncryptedResponseAlg); + } + + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseEncEmbed() + */ + public JWEEncryptionMethodEmbed getUserInfoEncryptedResponseEncEmbed() { + return client.getUserInfoEncryptedResponseEncEmbed(); + } + + /** + * @param userInfoEncryptedResponseEnc + * @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseEncEmbed(org.mitre.jose.JWEEncryptionMethodEmbed) + */ + public void setUserInfoEncryptedResponseEncEmbed(JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc) { + client.setUserInfoEncryptedResponseEncEmbed(userInfoEncryptedResponseEnc); + } + + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenSignedResponseAlgEmbed() + */ + public JWSAlgorithmEmbed getIdTokenSignedResponseAlgEmbed() { + return client.getIdTokenSignedResponseAlgEmbed(); + } + + /** + * @param idTokenSignedResponseAlg + * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenSignedResponseAlgEmbed(org.mitre.jose.JWSAlgorithmEmbed) + */ + public void setIdTokenSignedResponseAlgEmbed(JWSAlgorithmEmbed idTokenSignedResponseAlg) { + client.setIdTokenSignedResponseAlgEmbed(idTokenSignedResponseAlg); + } + + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseAlgEmbed() + */ + public JWEAlgorithmEmbed getIdTokenEncryptedResponseAlgEmbed() { + return client.getIdTokenEncryptedResponseAlgEmbed(); + } + + /** + * @param idTokenEncryptedResponseAlg + * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseAlgEmbed(org.mitre.jose.JWEAlgorithmEmbed) + */ + public void setIdTokenEncryptedResponseAlgEmbed(JWEAlgorithmEmbed idTokenEncryptedResponseAlg) { + client.setIdTokenEncryptedResponseAlgEmbed(idTokenEncryptedResponseAlg); + } + + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseEncEmbed() + */ + public JWEEncryptionMethodEmbed getIdTokenEncryptedResponseEncEmbed() { + return client.getIdTokenEncryptedResponseEncEmbed(); + } + + /** + * @param idTokenEncryptedResponseEnc + * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseEncEmbed(org.mitre.jose.JWEEncryptionMethodEmbed) + */ + public void setIdTokenEncryptedResponseEncEmbed(JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc) { + client.setIdTokenEncryptedResponseEncEmbed(idTokenEncryptedResponseEnc); + } + + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getRequestObjectSigningAlg() + */ + public JWSAlgorithm getRequestObjectSigningAlg() { + return client.getRequestObjectSigningAlg(); + } + + /** + * @param requestObjectSigningAlg + * @see org.mitre.oauth2.model.ClientDetailsEntity#setRequestObjectSigningAlg(com.nimbusds.jose.JWSAlgorithm) + */ + public void setRequestObjectSigningAlg(JWSAlgorithm requestObjectSigningAlg) { + client.setRequestObjectSigningAlg(requestObjectSigningAlg); + } + + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoSignedResponseAlg() + */ + public JWSAlgorithm getUserInfoSignedResponseAlg() { + return client.getUserInfoSignedResponseAlg(); + } + + /** + * @param userInfoSignedResponseAlg + * @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoSignedResponseAlg(com.nimbusds.jose.JWSAlgorithm) + */ + public void setUserInfoSignedResponseAlg(JWSAlgorithm userInfoSignedResponseAlg) { + client.setUserInfoSignedResponseAlg(userInfoSignedResponseAlg); + } + + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseAlg() + */ + public JWEAlgorithm getUserInfoEncryptedResponseAlg() { + return client.getUserInfoEncryptedResponseAlg(); + } + + /** + * @param userInfoEncryptedResponseAlg + * @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseAlg(com.nimbusds.jose.JWEAlgorithm) + */ + public void setUserInfoEncryptedResponseAlg(JWEAlgorithm userInfoEncryptedResponseAlg) { + client.setUserInfoEncryptedResponseAlg(userInfoEncryptedResponseAlg); + } + + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseEnc() + */ + public EncryptionMethod getUserInfoEncryptedResponseEnc() { + return client.getUserInfoEncryptedResponseEnc(); + } + + /** + * @param userInfoEncryptedResponseEnc + * @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseEnc(com.nimbusds.jose.EncryptionMethod) + */ + public void setUserInfoEncryptedResponseEnc(EncryptionMethod userInfoEncryptedResponseEnc) { + client.setUserInfoEncryptedResponseEnc(userInfoEncryptedResponseEnc); + } + + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenSignedResponseAlg() + */ + public JWSAlgorithm getIdTokenSignedResponseAlg() { + return client.getIdTokenSignedResponseAlg(); + } + + /** + * @param idTokenSignedResponseAlg + * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenSignedResponseAlg(com.nimbusds.jose.JWSAlgorithm) + */ + public void setIdTokenSignedResponseAlg(JWSAlgorithm idTokenSignedResponseAlg) { + client.setIdTokenSignedResponseAlg(idTokenSignedResponseAlg); + } + + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseAlg() + */ + public JWEAlgorithm getIdTokenEncryptedResponseAlg() { + return client.getIdTokenEncryptedResponseAlg(); + } + + /** + * @param idTokenEncryptedResponseAlg + * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseAlg(com.nimbusds.jose.JWEAlgorithm) + */ + public void setIdTokenEncryptedResponseAlg(JWEAlgorithm idTokenEncryptedResponseAlg) { + client.setIdTokenEncryptedResponseAlg(idTokenEncryptedResponseAlg); + } + + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseEnc() + */ + public EncryptionMethod getIdTokenEncryptedResponseEnc() { + return client.getIdTokenEncryptedResponseEnc(); + } + + /** + * @param idTokenEncryptedResponseEnc + * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseEnc(com.nimbusds.jose.EncryptionMethod) + */ + public void setIdTokenEncryptedResponseEnc(EncryptionMethod idTokenEncryptedResponseEnc) { + client.setIdTokenEncryptedResponseEnc(idTokenEncryptedResponseEnc); + } + + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getTokenEndpointAuthSigningAlgEmbed() + */ + public JWSAlgorithmEmbed getTokenEndpointAuthSigningAlgEmbed() { + return client.getTokenEndpointAuthSigningAlgEmbed(); + } + + /** + * @param tokenEndpointAuthSigningAlgEmbed + * @see org.mitre.oauth2.model.ClientDetailsEntity#setTokenEndpointAuthSigningAlgEmbed(org.mitre.jose.JWSAlgorithmEmbed) + */ + public void setTokenEndpointAuthSigningAlgEmbed(JWSAlgorithmEmbed tokenEndpointAuthSigningAlgEmbed) { + client.setTokenEndpointAuthSigningAlgEmbed(tokenEndpointAuthSigningAlgEmbed); + } + + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getTokenEndpointAuthSigningAlg() + */ + public JWSAlgorithm getTokenEndpointAuthSigningAlg() { + return client.getTokenEndpointAuthSigningAlg(); + } + + /** + * @param tokenEndpointAuthSigningAlg + * @see org.mitre.oauth2.model.ClientDetailsEntity#setTokenEndpointAuthSigningAlg(com.nimbusds.jose.JWSAlgorithm) + */ + public void setTokenEndpointAuthSigningAlg(JWSAlgorithm tokenEndpointAuthSigningAlg) { + client.setTokenEndpointAuthSigningAlg(tokenEndpointAuthSigningAlg); + } + + /** + * @return + * @see org.mitre.oauth2.model.ClientDetailsEntity#getCreatedAt() + */ + public Date getCreatedAt() { + return client.getCreatedAt(); + } + /** + * @param createdAt + * @see org.mitre.oauth2.model.ClientDetailsEntity#setCreatedAt(java.util.Date) + */ + public void setCreatedAt(Date createdAt) { + client.setCreatedAt(createdAt); + } + /** + * @return the registrationAccessToken + */ + public String getRegistrationAccessToken() { + return registrationAccessToken; + } + /** + * @param registrationAccessToken the registrationAccessToken to set + */ + public void setRegistrationAccessToken(String registrationAccessToken) { + this.registrationAccessToken = registrationAccessToken; + } + /** + * @return the registrationClientUri + */ + public String getRegistrationClientUri() { + return registrationClientUri; + } + /** + * @param registrationClientUri the registrationClientUri to set + */ + public void setRegistrationClientUri(String registrationClientUri) { + this.registrationClientUri = registrationClientUri; + } + /** + * @return the clientSecretExpiresAt + */ + public Date getClientSecretExpiresAt() { + return clientSecretExpiresAt; + } + /** + * @param clientSecretExpiresAt the clientSecretExpiresAt to set + */ + public void setClientSecretExpiresAt(Date expiresAt) { + this.clientSecretExpiresAt = expiresAt; + } + /** + * @return the clientIdIssuedAt + */ + public Date getClientIdIssuedAt() { + return clientIdIssuedAt; + } + /** + * @param clientIdIssuedAt the clientIdIssuedAt to set + */ + public void setClientIdIssuedAt(Date issuedAt) { + this.clientIdIssuedAt = issuedAt; + } + + + +} diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultSystemScope.java similarity index 88% rename from openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java rename to openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultSystemScope.java index ff30857a3..e1311a039 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/DefaultSystemScope.java @@ -14,10 +14,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ -/** - * - */ -package org.mitre.oauth2.model; + +package org.mitre.oauth2.model.impl; import javax.persistence.Basic; import javax.persistence.Column; @@ -30,6 +28,8 @@ import javax.persistence.NamedQuery; import javax.persistence.Table; import javax.persistence.Transient; +import org.mitre.oauth2.model.SystemScope; + /** * @author jricher * @@ -37,10 +37,10 @@ import javax.persistence.Transient; @Entity @Table(name = "system_scope") @NamedQueries({ - @NamedQuery(name = "SystemScope.findAll", query = "select s from SystemScope s ORDER BY s.id"), - @NamedQuery(name = "SystemScope.getByValue", query = "select s from SystemScope s WHERE s.value = :value") + @NamedQuery(name = "DefaultSystemScope.findAll", query = "select s from DefaultSystemScope s ORDER BY s.id"), + @NamedQuery(name = "DefaultSystemScope.getByValue", query = "select s from DefaultSystemScope s WHERE s.value = :value") }) -public class SystemScope { +public class DefaultSystemScope implements SystemScope { private Long id; private String value; // scope value @@ -55,18 +55,20 @@ public class SystemScope { /** * Make a blank system scope with no value */ - public SystemScope() { - + DefaultSystemScope() { + } /** * Make a system scope with the given scope value * @param value */ - public SystemScope(String value) { + /* + public DefaultSystemScope(String value) { this.value = value; } - + */ + /** * @return the id */ @@ -76,12 +78,14 @@ public class SystemScope { public Long getId() { return id; } + /** * @param id the id to set */ public void setId(Long id) { this.id = id; } + /** * @return the value */ @@ -90,12 +94,14 @@ public class SystemScope { public String getValue() { return value; } + /** * @param value the value to set */ public void setValue(String value) { this.value = value; } + /** * @return the description */ @@ -104,12 +110,14 @@ public class SystemScope { public String getDescription() { return description; } + /** * @param description the description to set */ public void setDescription(String description) { this.description = description; } + /** * @return the icon */ @@ -118,12 +126,14 @@ public class SystemScope { public String getIcon() { return icon; } + /** * @param icon the icon to set */ public void setIcon(String icon) { this.icon = icon; } + /** * @return the allowDynReg */ @@ -132,6 +142,7 @@ public class SystemScope { public boolean isAllowDynReg() { return allowDynReg; } + /** * @param allowDynReg the allowDynReg to set */ @@ -184,7 +195,6 @@ public class SystemScope { this.structuredParamDescription = d; } - /** * @return the structuredValue */ @@ -199,8 +209,7 @@ public class SystemScope { public void setStructuredValue(String structuredValue) { this.structuredValue = structuredValue; } - - + /* (non-Javadoc) * @see java.lang.Object#hashCode() */ @@ -231,10 +240,10 @@ public class SystemScope { if (obj == null) { return false; } - if (!(obj instanceof SystemScope)) { + if (!(obj instanceof DefaultSystemScope)) { return false; } - SystemScope other = (SystemScope) obj; + DefaultSystemScope other = (DefaultSystemScope) obj; if (allowDynReg != other.allowDynReg) { return false; } @@ -294,7 +303,7 @@ public class SystemScope { */ @Override public String toString() { - return "SystemScope [id=" + id + ", value=" + value + ", description=" + description + ", icon=" + icon + ", allowDynReg=" + allowDynReg + ", defaultScope=" + defaultScope + ", structured=" + structured + ", structuredParamDescription=" + structuredParamDescription + ", structuredValue=" + return "DefaultSystemScope [id=" + id + ", value=" + value + ", description=" + description + ", icon=" + icon + ", allowDynReg=" + allowDynReg + ", defaultScope=" + defaultScope + ", structured=" + structured + ", structuredParamDescription=" + structuredParamDescription + ", structuredValue=" + structuredValue + "]"; } diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/ModelFactory.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/ModelFactory.java new file mode 100644 index 000000000..a6ace4a7d --- /dev/null +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/impl/ModelFactory.java @@ -0,0 +1,150 @@ +package org.mitre.oauth2.model.impl; + +import org.mitre.oauth2.model.AuthenticationHolderEntity; +import org.mitre.oauth2.model.AuthorizationCodeEntity; +import org.mitre.oauth2.model.ClientDetailsEntity; +import org.mitre.oauth2.model.OAuth2AccessTokenEntity; +import org.mitre.oauth2.model.OAuth2RefreshTokenEntity; +import org.mitre.oauth2.model.RegisteredClient; +import org.mitre.oauth2.model.SystemScope; + +public class ModelFactory { + + private static ModelFactory factory = new ModelFactory(); + + private Class authHolderType = DefaultAuthenticationHolderEntity.class; + private Class authCodeType = DefaultAuthorizationCodeEntity.class; + private Class clientDetailsType = DefaultClientDetailsEntity.class; + private Class accessTokenType = DefaultOAuth2AccessTokenEntity.class; + private Class refreshTokenType = DefaultOAuth2RefreshTokenEntity.class; + private Class regClientType = DefaultRegisteredClient.class; + private Class sysScopeType = DefaultSystemScope.class; + + private ModelFactory() { + + } + + public static ModelFactory instance() { + return factory; + } + + @SuppressWarnings("unchecked") + public void setClientDetailsType(String type) { + try { + Class localType = Class.forName(type); + setClientDetailsType((Class)localType); + } catch (Throwable ex) { + throw new RuntimeException("failed while setting class", ex); + } + } + + @SuppressWarnings("unchecked") + public void setAccessTokenType(String type) { + try { + Class localType = Class.forName(type); + setAccessTokenType((Class)localType); + } catch (Throwable ex) { + throw new RuntimeException("failed while setting class", ex); + } + } + + @SuppressWarnings("unchecked") + public void setRefreshTokenType(String type) { + try { + Class localType = Class.forName(type); + setRefreshTokenType((Class)localType); + } catch (Throwable ex) { + throw new RuntimeException("failed while setting class", ex); + } + } + + public void setClientDetailsType(Class type) { + this.clientDetailsType = type; + } + + public void setAccessTokenType(Class type) { + this.accessTokenType = type; + } + + public void setRefreshTokenType(Class type) { + this.refreshTokenType = type; + } + + @SuppressWarnings("unchecked") + public T getClientDetailsInstance() { + T instance = null; + try { + instance = (T)this.clientDetailsType.newInstance(); + } catch (Throwable ex) { + throw new RuntimeException("failed to instanciate client details", ex); + } + return instance; + } + + @SuppressWarnings("unchecked") + public T getAccessTokenInstance() { + T instance = null; + try { + instance = (T)this.accessTokenType.newInstance(); + } catch (Throwable ex) { + throw new RuntimeException("failed to instanciate access token", ex); + } + return instance; + } + + @SuppressWarnings("unchecked") + public T getRefreshTokenInstance() { + T instance = null; + try { + instance = (T)this.refreshTokenType.newInstance(); + } catch (Throwable ex) { + throw new RuntimeException("failed to instanciate refresh token", ex); + } + return instance; + } + + @SuppressWarnings("unchecked") + public T getAuthCodeInstance() { + T instance = null; + try { + instance = (T)this.authCodeType.newInstance(); + } catch (Throwable ex) { + throw new RuntimeException("failed to instanciate authorization code", ex); + } + return instance; + } + + @SuppressWarnings("unchecked") + public T getAuthHolderInstance() { + T instance = null; + try { + instance = (T)this.authHolderType.newInstance(); + } catch (Throwable ex) { + throw new RuntimeException("failed to instanciate authentication holder", ex); + } + return instance; + } + + @SuppressWarnings("unchecked") + public T getRegisteredClientInstance() { + T instance = null; + try { + instance = (T)this.regClientType.newInstance(); + } catch (Throwable ex) { + throw new RuntimeException("failed to instanciate registered client", ex); + } + return instance; + } + + @SuppressWarnings("unchecked") + public T getSystemScopeInstance() { + T instance = null; + try { + instance = (T)this.sysScopeType.newInstance(); + } catch (Throwable ex) { + throw new RuntimeException("failed to instanciate system scope", ex); + } + return instance; + } + +} diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessor.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessor.java index fe3f09368..b5c81ae7b 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessor.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessor.java @@ -32,6 +32,7 @@ import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.ClientDetailsEntity.AppType; import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod; import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType; +import org.mitre.oauth2.model.impl.ModelFactory; import org.mitre.oauth2.model.RegisteredClient; import com.google.common.base.Joiner; @@ -65,8 +66,8 @@ public class ClientDetailsEntityJsonProcessor { if (jsonEl.isJsonObject()) { JsonObject o = jsonEl.getAsJsonObject(); - ClientDetailsEntity c = new ClientDetailsEntity(); - + ClientDetailsEntity c = ModelFactory.instance().getClientDetailsInstance(); + // TODO: make these field names into constants // these two fields should only be sent in the update request, and MUST match existing values @@ -162,7 +163,8 @@ public class ClientDetailsEntityJsonProcessor { JsonObject o = jsonEl.getAsJsonObject(); ClientDetailsEntity c = parse(jsonEl); - RegisteredClient rc = new RegisteredClient(c); + RegisteredClient rc = ModelFactory.instance().getRegisteredClientInstance(); + rc.setClient(c); // get any fields from the registration rc.setRegistrationAccessToken(getAsString(o, "registration_access_token")); rc.setRegistrationClientUri(getAsString(o, "registration_client_uri")); diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java index c02ad4a18..2f84d0c47 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java @@ -16,6 +16,7 @@ ******************************************************************************/ package org.mitre.openid.connect.model; +import java.util.Collection; import java.util.Date; import java.util.Set; @@ -39,6 +40,7 @@ import javax.persistence.Temporal; import javax.persistence.Transient; import org.mitre.oauth2.model.OAuth2AccessTokenEntity; +import org.mitre.oauth2.model.impl.DefaultOAuth2AccessTokenEntity; import com.google.common.collect.Sets; @@ -78,7 +80,7 @@ public class ApprovedSite { private WhitelistedSite whitelistedSite; //Link to any access tokens approved through this stored decision - private Set approvedAccessTokens = Sets.newHashSet(); + private Set approvedAccessTokens = Sets.newHashSet(); /** * Empty constructor @@ -189,7 +191,7 @@ public class ApprovedSite { public void setAllowedScopes(Set allowedScopes) { this.allowedScopes = allowedScopes; } - + /** * @return the timeoutDate */ @@ -247,14 +249,25 @@ public class ApprovedSite { @OneToMany(cascade=CascadeType.ALL, fetch=FetchType.EAGER) @JoinColumn(name="approved_site_id") - public Set getApprovedAccessTokens() { + public Set getApprovedAccessTokens() { return approvedAccessTokens; } - + /** * @param approvedAccessTokens the approvedAccessTokens to set */ - public void setApprovedAccessTokens(Set approvedAccessTokens) { + public void setApprovedAccessTokens(Set approvedAccessTokens) { this.approvedAccessTokens = approvedAccessTokens; } + + public void setApprovedAccessTokens(Collection approvedAccessTokens) { + Set tmpTokens = Sets.newHashSet(); + for(OAuth2AccessTokenEntity aToken : approvedAccessTokens) { + if(aToken instanceof DefaultOAuth2AccessTokenEntity) { + tmpTokens.add((DefaultOAuth2AccessTokenEntity)aToken); + } + } + setApprovedAccessTokens(tmpTokens); + } + } diff --git a/openid-connect-common/src/test/java/org/mitre/oauth2/model/ClientDetailsEntityTest.java b/openid-connect-common/src/test/java/org/mitre/oauth2/model/ClientDetailsEntityTest.java index 38db8f258..8c8aa8710 100644 --- a/openid-connect-common/src/test/java/org/mitre/oauth2/model/ClientDetailsEntityTest.java +++ b/openid-connect-common/src/test/java/org/mitre/oauth2/model/ClientDetailsEntityTest.java @@ -24,6 +24,7 @@ import static org.junit.Assert.assertEquals; import java.util.Date; import org.junit.Test; +import org.mitre.oauth2.model.impl.ModelFactory; import com.google.common.collect.ImmutableSet; import com.nimbusds.jose.EncryptionMethod; @@ -34,16 +35,16 @@ import com.nimbusds.jose.JWEAlgorithm; * */ public class ClientDetailsEntityTest { - + /** * Test method for {@link org.mitre.oauth2.model.ClientDetailsEntity#ClientDetailsEntity()}. */ @Test public void testClientDetailsEntity() { Date now = new Date(); - - ClientDetailsEntity c = new ClientDetailsEntity(); - + + ClientDetailsEntity c = ModelFactory.instance().getClientDetailsInstance(); + c.setClientId("s6BhdRkqt3"); c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk"); c.setApplicationType(ClientDetailsEntity.AppType.WEB); diff --git a/openid-connect-common/src/test/java/org/mitre/oauth2/model/RegisteredClientTest.java b/openid-connect-common/src/test/java/org/mitre/oauth2/model/RegisteredClientTest.java index 0eaaecc20..c3f475853 100644 --- a/openid-connect-common/src/test/java/org/mitre/oauth2/model/RegisteredClientTest.java +++ b/openid-connect-common/src/test/java/org/mitre/oauth2/model/RegisteredClientTest.java @@ -24,6 +24,7 @@ import static org.junit.Assert.assertEquals; import java.sql.Date; import org.junit.Test; +import org.mitre.oauth2.model.impl.ModelFactory; import com.google.common.collect.ImmutableSet; import com.nimbusds.jose.EncryptionMethod; @@ -34,7 +35,7 @@ import com.nimbusds.jose.JWEAlgorithm; * */ public class RegisteredClientTest { - + /** * Test method for {@link org.mitre.oauth2.model.RegisteredClient#RegisteredClient()}. */ @@ -42,9 +43,9 @@ public class RegisteredClientTest { public void testRegisteredClient() { // make sure all the pass-through getters and setters work - - RegisteredClient c = new RegisteredClient(); - + + RegisteredClient c = ModelFactory.instance().getRegisteredClientInstance(); + c.setClientId("s6BhdRkqt3"); c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk"); c.setClientSecretExpiresAt(new Date(1577858400L * 1000L)); @@ -87,7 +88,7 @@ public class RegisteredClientTest { */ @Test public void testRegisteredClientClientDetailsEntity() { - ClientDetailsEntity c = new ClientDetailsEntity(); + ClientDetailsEntity c = ModelFactory.instance().getClientDetailsInstance(); c.setClientId("s6BhdRkqt3"); c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk"); @@ -105,7 +106,8 @@ public class RegisteredClientTest { c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA")); // Create a RegisteredClient based on a ClientDetailsEntity object and set several properties - RegisteredClient rc = new RegisteredClient(c); + RegisteredClient rc = ModelFactory.instance().getRegisteredClientInstance(); + rc.setClient(c); rc.setClientSecretExpiresAt(new Date(1577858400L * 1000L)); rc.setRegistrationAccessToken("this.is.an.access.token.value.ffx83"); rc.setRegistrationClientUri("https://server.example.com/connect/register?client_id=s6BhdRkqt3"); @@ -135,8 +137,8 @@ public class RegisteredClientTest { */ @Test public void testRegisteredClientClientDetailsEntityStringString() { - ClientDetailsEntity c = new ClientDetailsEntity(); - + ClientDetailsEntity c = ModelFactory.instance().getClientDetailsInstance(); + c.setClientId("s6BhdRkqt3"); c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk"); c.setApplicationType(ClientDetailsEntity.AppType.WEB); @@ -153,8 +155,11 @@ public class RegisteredClientTest { c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA")); // Create a RegisteredClient based on a ClientDetails, a token, and a server URI - RegisteredClient rc = new RegisteredClient(c, "this.is.an.access.token.value.ffx83", "https://server.example.com/connect/register?client_id=s6BhdRkqt3"); - + RegisteredClient rc = ModelFactory.instance().getRegisteredClientInstance(); + rc.setClient(c); + rc.setRegistrationAccessToken("this.is.an.access.token.value.ffx83"); + rc.setRegistrationClientUri("https://server.example.com/connect/register?client_id=s6BhdRkqt3"); + // make sure all the pass-throughs work assertEquals("s6BhdRkqt3", rc.getClientId()); assertEquals("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk", rc.getClientSecret()); diff --git a/openid-connect-common/src/test/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessorTest.java b/openid-connect-common/src/test/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessorTest.java index c922544f3..2aa686704 100644 --- a/openid-connect-common/src/test/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessorTest.java +++ b/openid-connect-common/src/test/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessorTest.java @@ -27,6 +27,7 @@ import java.sql.Date; import org.junit.Test; import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.RegisteredClient; +import org.mitre.oauth2.model.impl.ModelFactory; import com.google.common.collect.ImmutableSet; import com.google.gson.JsonElement; @@ -153,8 +154,8 @@ public class ClientDetailsEntityJsonProcessorTest { */ @Test public void testSerialize() { - RegisteredClient c = new RegisteredClient(); - + RegisteredClient c = ModelFactory.instance().getRegisteredClientInstance(); + c.setClientId("s6BhdRkqt3"); c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk"); c.setClientSecretExpiresAt(new Date(1577858400L * 1000L)); diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/application-context.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/application-context.xml index e6586f03f..e04531b99 100644 --- a/openid-connect-server-webapp/src/main/webapp/WEB-INF/application-context.xml +++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/application-context.xml @@ -28,7 +28,13 @@ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.2.xsd"> - + + + + + + + diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthenticationHolderRepository.java b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthenticationHolderRepository.java index afb4e1779..75379e105 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthenticationHolderRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthenticationHolderRepository.java @@ -45,7 +45,7 @@ public class JpaAuthenticationHolderRepository implements AuthenticationHolderRe @Override public AuthenticationHolderEntity getByAuthentication(OAuth2Authentication a) { - TypedQuery query = manager.createNamedQuery("AuthenticationHolderEntity.getByAuthentication", AuthenticationHolderEntity.class); + TypedQuery query = manager.createNamedQuery("DefaultAuthenticationHolderEntity.getByAuthentication", AuthenticationHolderEntity.class); query.setParameter("authentication", a); return JpaUtil.getSingleResult(query.getResultList()); } @@ -81,7 +81,7 @@ public class JpaAuthenticationHolderRepository implements AuthenticationHolderRe @Override @Transactional public List getOrphanedAuthenticationHolders() { - TypedQuery query = manager.createNamedQuery("AuthenticationHolderEntity.getUnusedAuthenticationHolders", AuthenticationHolderEntity.class); + TypedQuery query = manager.createNamedQuery("DefaultAuthenticationHolderEntity.getUnusedAuthenticationHolders", AuthenticationHolderEntity.class); query.setMaxResults(MAXEXPIREDRESULTS); List unusedAuthenticationHolders = query.getResultList(); return unusedAuthenticationHolders; diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java index e5dd29380..207629250 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java @@ -62,7 +62,7 @@ public class JpaAuthorizationCodeRepository implements AuthorizationCodeReposito @Transactional public OAuth2Authentication consume(String code) throws InvalidGrantException { - TypedQuery query = manager.createNamedQuery("AuthorizationCodeEntity.getByValue", AuthorizationCodeEntity.class); + TypedQuery query = manager.createNamedQuery("DefaultAuthorizationCodeEntity.getByValue", AuthorizationCodeEntity.class); query.setParameter("code", code); AuthorizationCodeEntity result = JpaUtil.getSingleResult(query.getResultList()); diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2ClientRepository.java b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2ClientRepository.java index 139db6dfe..dced4410b 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2ClientRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2ClientRepository.java @@ -57,7 +57,7 @@ public class JpaOAuth2ClientRepository implements OAuth2ClientRepository { */ @Override public ClientDetailsEntity getClientByClientId(String clientId) { - TypedQuery query = manager.createNamedQuery("ClientDetailsEntity.getByClientId", ClientDetailsEntity.class); + TypedQuery query = manager.createNamedQuery("DefaultClientDetailsEntity.getByClientId", ClientDetailsEntity.class); query.setParameter("clientId", clientId); return JpaUtil.getSingleResult(query.getResultList()); } @@ -93,7 +93,7 @@ public class JpaOAuth2ClientRepository implements OAuth2ClientRepository { @Override public Collection getAllClients() { - TypedQuery query = manager.createNamedQuery("ClientDetailsEntity.findAll", ClientDetailsEntity.class); + TypedQuery query = manager.createNamedQuery("DefaultClientDetailsEntity.findAll", ClientDetailsEntity.class); return query.getResultList(); } diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2TokenRepository.java b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2TokenRepository.java index 2cd217fda..30ed57266 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2TokenRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2TokenRepository.java @@ -44,20 +44,20 @@ public class JpaOAuth2TokenRepository implements OAuth2TokenRepository { @Override public Set getAllAccessTokens() { - TypedQuery query = manager.createNamedQuery("OAuth2AccessTokenEntity.getAll", OAuth2AccessTokenEntity.class); + TypedQuery query = manager.createNamedQuery("DefaultOAuth2AccessTokenEntity.getAll", OAuth2AccessTokenEntity.class); return new LinkedHashSet(query.getResultList()); } @Override public Set getAllRefreshTokens() { - TypedQuery query = manager.createNamedQuery("OAuth2RefreshTokenEntity.getAll", OAuth2RefreshTokenEntity.class); + TypedQuery query = manager.createNamedQuery("DefaultOAuth2RefreshTokenEntity.getAll", OAuth2RefreshTokenEntity.class); return new LinkedHashSet(query.getResultList()); } @Override public OAuth2AccessTokenEntity getAccessTokenByValue(String accessTokenValue) { - TypedQuery query = manager.createNamedQuery("OAuth2AccessTokenEntity.getByTokenValue", OAuth2AccessTokenEntity.class); + TypedQuery query = manager.createNamedQuery("DefaultOAuth2AccessTokenEntity.getByTokenValue", OAuth2AccessTokenEntity.class); query.setParameter("tokenValue", accessTokenValue); return JpaUtil.getSingleResult(query.getResultList()); } @@ -87,7 +87,7 @@ public class JpaOAuth2TokenRepository implements OAuth2TokenRepository { @Override @Transactional public void clearAccessTokensForRefreshToken(OAuth2RefreshTokenEntity refreshToken) { - TypedQuery query = manager.createNamedQuery("OAuth2AccessTokenEntity.getByRefreshToken", OAuth2AccessTokenEntity.class); + TypedQuery query = manager.createNamedQuery("DefaultOAuth2AccessTokenEntity.getByRefreshToken", OAuth2AccessTokenEntity.class); query.setParameter("refreshToken", refreshToken); List accessTokens = query.getResultList(); for (OAuth2AccessTokenEntity accessToken : accessTokens) { @@ -97,7 +97,7 @@ public class JpaOAuth2TokenRepository implements OAuth2TokenRepository { @Override public OAuth2RefreshTokenEntity getRefreshTokenByValue(String refreshTokenValue) { - TypedQuery query = manager.createNamedQuery("OAuth2RefreshTokenEntity.getByTokenValue", OAuth2RefreshTokenEntity.class); + TypedQuery query = manager.createNamedQuery("DefaultOAuth2RefreshTokenEntity.getByTokenValue", OAuth2RefreshTokenEntity.class); query.setParameter("tokenValue", refreshTokenValue); return JpaUtil.getSingleResult(query.getResultList()); } @@ -127,13 +127,13 @@ public class JpaOAuth2TokenRepository implements OAuth2TokenRepository { @Override @Transactional public void clearTokensForClient(ClientDetailsEntity client) { - TypedQuery queryA = manager.createNamedQuery("OAuth2AccessTokenEntity.getByClient", OAuth2AccessTokenEntity.class); + TypedQuery queryA = manager.createNamedQuery("DefaultOAuth2AccessTokenEntity.getByClient", OAuth2AccessTokenEntity.class); queryA.setParameter("client", client); List accessTokens = queryA.getResultList(); for (OAuth2AccessTokenEntity accessToken : accessTokens) { removeAccessToken(accessToken); } - TypedQuery queryR = manager.createNamedQuery("OAuth2RefreshTokenEntity.getByClient", OAuth2RefreshTokenEntity.class); + TypedQuery queryR = manager.createNamedQuery("DefaultOAuth2RefreshTokenEntity.getByClient", OAuth2RefreshTokenEntity.class); queryR.setParameter("client", client); List refreshTokens = queryR.getResultList(); for (OAuth2RefreshTokenEntity refreshToken : refreshTokens) { @@ -146,7 +146,7 @@ public class JpaOAuth2TokenRepository implements OAuth2TokenRepository { */ @Override public List getAccessTokensForClient(ClientDetailsEntity client) { - TypedQuery queryA = manager.createNamedQuery("OAuth2AccessTokenEntity.getByClient", OAuth2AccessTokenEntity.class); + TypedQuery queryA = manager.createNamedQuery("DefaultOAuth2AccessTokenEntity.getByClient", OAuth2AccessTokenEntity.class); queryA.setParameter("client", client); List accessTokens = queryA.getResultList(); return accessTokens; @@ -157,7 +157,7 @@ public class JpaOAuth2TokenRepository implements OAuth2TokenRepository { */ @Override public List getRefreshTokensForClient(ClientDetailsEntity client) { - TypedQuery queryR = manager.createNamedQuery("OAuth2RefreshTokenEntity.getByClient", OAuth2RefreshTokenEntity.class); + TypedQuery queryR = manager.createNamedQuery("DefaultOAuth2RefreshTokenEntity.getByClient", OAuth2RefreshTokenEntity.class); queryR.setParameter("client", client); List refreshTokens = queryR.getResultList(); return refreshTokens; @@ -165,7 +165,7 @@ public class JpaOAuth2TokenRepository implements OAuth2TokenRepository { @Override public OAuth2AccessTokenEntity getByAuthentication(OAuth2Authentication auth) { - TypedQuery queryA = manager.createNamedQuery("OAuth2AccessTokenEntity.getByAuthentication", OAuth2AccessTokenEntity.class); + TypedQuery queryA = manager.createNamedQuery("DefaultOAuth2AccessTokenEntity.getByAuthentication", OAuth2AccessTokenEntity.class); queryA.setParameter("authentication", auth); List accessTokens = queryA.getResultList(); return JpaUtil.getSingleResult(accessTokens); @@ -176,7 +176,7 @@ public class JpaOAuth2TokenRepository implements OAuth2TokenRepository { */ @Override public OAuth2AccessTokenEntity getAccessTokenForIdToken(OAuth2AccessTokenEntity idToken) { - TypedQuery queryA = manager.createNamedQuery("OAuth2AccessTokenEntity.getByIdToken", OAuth2AccessTokenEntity.class); + TypedQuery queryA = manager.createNamedQuery("DefaultOAuth2AccessTokenEntity.getByIdToken", OAuth2AccessTokenEntity.class); queryA.setParameter("idToken", idToken); List accessTokens = queryA.getResultList(); return JpaUtil.getSingleResult(accessTokens); @@ -184,7 +184,7 @@ public class JpaOAuth2TokenRepository implements OAuth2TokenRepository { @Override public Set getAllExpiredAccessTokens() { - TypedQuery query = manager.createNamedQuery("OAuth2AccessTokenEntity.getAllExpiredByDate", OAuth2AccessTokenEntity.class); + TypedQuery query = manager.createNamedQuery("DefaultOAuth2AccessTokenEntity.getAllExpiredByDate", OAuth2AccessTokenEntity.class); query.setParameter("date", new Date()); query.setMaxResults(MAXEXPIREDRESULTS); return new LinkedHashSet(query.getResultList()); @@ -192,7 +192,7 @@ public class JpaOAuth2TokenRepository implements OAuth2TokenRepository { @Override public Set getAllExpiredRefreshTokens() { - TypedQuery query = manager.createNamedQuery("OAuth2RefreshTokenEntity.getAllExpiredByDate", OAuth2RefreshTokenEntity.class); + TypedQuery query = manager.createNamedQuery("DefaultOAuth2RefreshTokenEntity.getAllExpiredByDate", OAuth2RefreshTokenEntity.class); query.setParameter("date", new Date()); query.setMaxResults(MAXEXPIREDRESULTS); return new LinkedHashSet(query.getResultList()); diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaSystemScopeRepository.java b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaSystemScopeRepository.java index 8f27ac655..cf78096cd 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaSystemScopeRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaSystemScopeRepository.java @@ -50,7 +50,7 @@ public class JpaSystemScopeRepository implements SystemScopeRepository { @Override @Transactional public Set getAll() { - TypedQuery query = em.createNamedQuery("SystemScope.findAll", SystemScope.class); + TypedQuery query = em.createNamedQuery("DefaultSystemScope.findAll", SystemScope.class); return new LinkedHashSet(query.getResultList()); } @@ -70,7 +70,7 @@ public class JpaSystemScopeRepository implements SystemScopeRepository { @Override @Transactional public SystemScope getByValue(String value) { - TypedQuery query = em.createNamedQuery("SystemScope.getByValue", SystemScope.class); + TypedQuery query = em.createNamedQuery("DefaultSystemScope.getByValue", SystemScope.class); query.setParameter("value", value); return getSingleResult(query.getResultList()); } diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/BlacklistAwareRedirectResolver.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/BlacklistAwareRedirectResolver.java index e3b95c1fa..c100434f5 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/BlacklistAwareRedirectResolver.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/BlacklistAwareRedirectResolver.java @@ -9,7 +9,6 @@ import org.springframework.security.oauth2.common.exceptions.InvalidRequestExcep import org.springframework.security.oauth2.common.exceptions.OAuth2Exception; import org.springframework.security.oauth2.provider.ClientDetails; import org.springframework.security.oauth2.provider.endpoint.DefaultRedirectResolver; -import org.springframework.security.oauth2.provider.endpoint.RedirectResolver; import org.springframework.stereotype.Component; /** diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java index 8a0a65990..08bdf725f 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java @@ -20,6 +20,7 @@ package org.mitre.oauth2.service.impl; import org.mitre.oauth2.model.AuthorizationCodeEntity; +import org.mitre.oauth2.model.impl.ModelFactory; import org.mitre.oauth2.repository.AuthorizationCodeRepository; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.oauth2.common.exceptions.InvalidGrantException; @@ -54,7 +55,10 @@ public class DefaultOAuth2AuthorizationCodeService implements AuthorizationCodeS public String createAuthorizationCode(OAuth2Authentication authentication) { String code = generator.generate(); - AuthorizationCodeEntity entity = new AuthorizationCodeEntity(code, authentication); + AuthorizationCodeEntity entity = ModelFactory.instance().getAuthCodeInstance(); + entity.setCode(code); + entity.setAuthentication(authentication); + repository.save(entity); return code; diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java index 8030105af..faee43176 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java @@ -30,6 +30,7 @@ import org.mitre.oauth2.model.AuthenticationHolderEntity; import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.OAuth2AccessTokenEntity; import org.mitre.oauth2.model.OAuth2RefreshTokenEntity; +import org.mitre.oauth2.model.impl.ModelFactory; import org.mitre.oauth2.repository.AuthenticationHolderRepository; import org.mitre.oauth2.repository.OAuth2TokenRepository; import org.mitre.oauth2.service.ClientDetailsEntityService; @@ -136,7 +137,7 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi throw new InvalidClientException("Client not found: " + clientAuth.getClientId()); } - OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();//accessTokenFactory.createNewAccessToken(); + OAuth2AccessTokenEntity token = ModelFactory.instance().getAccessTokenInstance(); // attach the client token.setClient(client); @@ -156,15 +157,15 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi } // attach the authorization so that we can look it up later - AuthenticationHolderEntity authHolder = new AuthenticationHolderEntity(); + AuthenticationHolderEntity authHolder = ModelFactory.instance().getAuthHolderInstance(); authHolder.setAuthentication(authentication); authHolder = authenticationHolderRepository.save(authHolder); - + token.setAuthenticationHolder(authHolder); // attach a refresh token, if this client is allowed to request them and the user gets the offline scope if (client.isAllowRefresh() && scopes.contains(SystemScopeService.OFFLINE_ACCESS)) { - OAuth2RefreshTokenEntity refreshToken = new OAuth2RefreshTokenEntity(); //refreshTokenFactory.createNewRefreshToken(); + OAuth2RefreshTokenEntity refreshToken = ModelFactory.instance().getRefreshTokenInstance(); JWTClaimsSet refreshClaims = new JWTClaimsSet(); @@ -206,9 +207,13 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi Long apId = (Long) originalAuthRequest.getExtensions().get("approved_site"); ApprovedSite ap = approvedSiteService.getById(apId); - Set apTokens = ap.getApprovedAccessTokens(); - apTokens.add(savedToken); - ap.setApprovedAccessTokens(apTokens); + + //TODO: FIX - JAVA GENERICS ISSUE + Set apTokens = ap.getApprovedAccessTokens(); + HashSet tmpTokens = Sets.newHashSet(apTokens); + tmpTokens.add(savedToken); + ap.setApprovedAccessTokens(tmpTokens); + approvedSiteService.save(ap); } @@ -253,7 +258,7 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi // TODO: have the option to recycle the refresh token here, too // for now, we just reuse it as long as it's valid, which is the original intent - OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity(); + OAuth2AccessTokenEntity token = ModelFactory.instance().getAccessTokenInstance(); // get the stored scopes from the authentication holder's authorization request; these are the scopes associated with the refresh token Set refreshScopes = new HashSet(refreshToken.getAuthenticationHolder().getAuthentication().getOAuth2Request().getScope()); diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java index 167c447c8..f57337e02 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java @@ -24,6 +24,7 @@ import java.util.List; import java.util.Set; import org.mitre.oauth2.model.SystemScope; +import org.mitre.oauth2.model.impl.ModelFactory; import org.mitre.oauth2.repository.SystemScopeRepository; import org.mitre.oauth2.service.SystemScopeService; import org.springframework.beans.factory.annotation.Autowired; @@ -86,7 +87,8 @@ public class DefaultSystemScopeService implements SystemScopeService { SystemScope s = getByValue(base); if (s == null) { // make a fake one otherwise - s = new SystemScope(base); + s = ModelFactory.instance().getSystemScopeInstance(); + s.setValue(base); if (parts.size() > 1) { s.setStructured(true); } diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/token/JwtAssertionTokenGranter.java b/openid-connect-server/src/main/java/org/mitre/oauth2/token/JwtAssertionTokenGranter.java index 79278222c..6581808d1 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/token/JwtAssertionTokenGranter.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/token/JwtAssertionTokenGranter.java @@ -25,6 +25,7 @@ import java.util.Date; import org.mitre.jwt.signer.service.JwtSigningAndValidationService; import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.OAuth2AccessTokenEntity; +import org.mitre.oauth2.model.impl.ModelFactory; import org.mitre.oauth2.service.ClientDetailsEntityService; import org.mitre.oauth2.service.OAuth2TokenEntityService; import org.mitre.oauth2.service.SystemScopeService; @@ -99,7 +100,7 @@ public class JwtAssertionTokenGranter extends AbstractTokenGranter { //OAuth2AccessTokenEntity newIdToken = tokenServices.get - OAuth2AccessTokenEntity newIdTokenEntity = new OAuth2AccessTokenEntity(); + OAuth2AccessTokenEntity newIdTokenEntity = ModelFactory.instance().getAccessTokenInstance(); // copy over all existing claims JWTClaimsSet claims = new JWTClaimsSet(idToken.getJWTClaimsSet()); diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultApprovedSiteService.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultApprovedSiteService.java index e3825ef57..1d4bb46c8 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultApprovedSiteService.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultApprovedSiteService.java @@ -79,8 +79,8 @@ public class DefaultApprovedSiteService implements ApprovedSiteService { @Transactional public void remove(ApprovedSite approvedSite) { - //Remove any associated access and refresh tokens - Set accessTokens = approvedSite.getApprovedAccessTokens(); + //Remove any associated access and refresh tokens + Set accessTokens = approvedSite.getApprovedAccessTokens(); for (OAuth2AccessTokenEntity token : accessTokens) { if (token.getRefreshToken() != null) { diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultOIDCTokenService.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultOIDCTokenService.java index cb4b1dc39..1dd3b2a12 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultOIDCTokenService.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultOIDCTokenService.java @@ -28,6 +28,7 @@ import org.mitre.jwt.signer.service.impl.SymmetricCacheService; import org.mitre.oauth2.model.AuthenticationHolderEntity; import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.OAuth2AccessTokenEntity; +import org.mitre.oauth2.model.impl.ModelFactory; import org.mitre.oauth2.repository.AuthenticationHolderRepository; import org.mitre.oauth2.service.SystemScopeService; import org.mitre.openid.connect.config.ConfigurationPropertiesBean; @@ -94,7 +95,7 @@ public class DefaultOIDCTokenService implements OIDCTokenService { } - OAuth2AccessTokenEntity idTokenEntity = new OAuth2AccessTokenEntity(); + OAuth2AccessTokenEntity idTokenEntity = ModelFactory.instance().getAccessTokenInstance(); JWTClaimsSet idClaims = new JWTClaimsSet(); // if the auth time claim was explicitly requested OR if the client always wants the auth time, put it in @@ -208,11 +209,11 @@ public class DefaultOIDCTokenService implements OIDCTokenService { Sets.newHashSet(SystemScopeService.REGISTRATION_TOKEN_SCOPE), null, null, null, null); OAuth2Authentication authentication = new OAuth2Authentication(clientAuth, null); - OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity(); + OAuth2AccessTokenEntity token = ModelFactory.instance().getAccessTokenInstance(); token.setClient(client); token.setScope(Sets.newHashSet(SystemScopeService.REGISTRATION_TOKEN_SCOPE)); - AuthenticationHolderEntity authHolder = new AuthenticationHolderEntity(); + AuthenticationHolderEntity authHolder = ModelFactory.instance().getAuthHolderInstance(); authHolder.setAuthentication(authentication); authHolder = authenticationHolderRepository.save(authHolder); token.setAuthenticationHolder(authHolder); @@ -249,11 +250,11 @@ public class DefaultOIDCTokenService implements OIDCTokenService { Sets.newHashSet(SystemScopeService.RESOURCE_TOKEN_SCOPE), null, null, null, null); OAuth2Authentication authentication = new OAuth2Authentication(clientAuth, null); - OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity(); + OAuth2AccessTokenEntity token = ModelFactory.instance().getAccessTokenInstance(); token.setClient(client); token.setScope(Sets.newHashSet(SystemScopeService.RESOURCE_TOKEN_SCOPE)); - - AuthenticationHolderEntity authHolder = new AuthenticationHolderEntity(); + + AuthenticationHolderEntity authHolder = ModelFactory.instance().getAuthHolderInstance(); authHolder.setAuthentication(authentication); authHolder = authenticationHolderRepository.save(authHolder); token.setAuthenticationHolder(authHolder); diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java index 26656f1a3..dc178ed98 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java @@ -25,7 +25,6 @@ import org.mitre.jose.JWSAlgorithmEmbed; import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod; import org.mitre.oauth2.service.ClientDetailsEntityService; -import org.mitre.openid.connect.model.UserInfo; import org.mitre.openid.connect.service.UserInfoService; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -43,7 +42,6 @@ import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.servlet.ModelAndView; import com.google.common.base.Strings; -import com.google.common.collect.Sets; import com.google.gson.Gson; import com.google.gson.GsonBuilder; import com.google.gson.JsonDeserializationContext; diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java index b5766e890..07e715a72 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java @@ -26,6 +26,7 @@ import java.util.concurrent.TimeUnit; import org.mitre.jwt.signer.service.JwtSigningAndValidationService; import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod; +import org.mitre.oauth2.model.impl.ModelFactory; import org.mitre.oauth2.model.OAuth2AccessTokenEntity; import org.mitre.oauth2.model.RegisteredClient; import org.mitre.oauth2.model.SystemScope; @@ -164,7 +165,12 @@ public class ClientDynamicRegistrationEndpoint { // send it all out to the view - RegisteredClient registered = new RegisteredClient(savedClient, token.getValue(), config.getIssuer() + "register/" + UriUtils.encodePathSegment(savedClient.getClientId(), "UTF-8")); + RegisteredClient registered = ModelFactory.instance().getRegisteredClientInstance(); + registered.setClient(savedClient); + registered.setRegistrationAccessToken(token.getValue()); + String clientUri = config.getIssuer() + "register/" + UriUtils.encodePathSegment(savedClient.getClientId(), "UTF-8"); + registered.setRegistrationClientUri(clientUri); + m.addAttribute("client", registered); m.addAttribute("code", HttpStatus.CREATED); // http 201 @@ -209,8 +215,12 @@ public class ClientDynamicRegistrationEndpoint { try { OAuth2AccessTokenEntity token = fetchValidRegistrationToken(auth, client); - RegisteredClient registered = new RegisteredClient(client, token.getValue(), config.getIssuer() + "register/" + UriUtils.encodePathSegment(client.getClientId(), "UTF-8")); - + RegisteredClient registered = ModelFactory.instance().getRegisteredClientInstance(); + registered.setClient(client); + registered.setRegistrationAccessToken(token.getValue()); + String clientUri = config.getIssuer() + "register/" + UriUtils.encodePathSegment(client.getClientId(), "UTF-8"); + registered.setRegistrationClientUri(clientUri); + // send it all out to the view m.addAttribute("client", registered); m.addAttribute("code", HttpStatus.OK); // http 200 @@ -296,9 +306,13 @@ public class ClientDynamicRegistrationEndpoint { ClientDetailsEntity savedClient = clientService.updateClient(oldClient, newClient); OAuth2AccessTokenEntity token = fetchValidRegistrationToken(auth, savedClient); - - RegisteredClient registered = new RegisteredClient(savedClient, token.getValue(), config.getIssuer() + "register/" + UriUtils.encodePathSegment(savedClient.getClientId(), "UTF-8")); - + + RegisteredClient registered = ModelFactory.instance().getRegisteredClientInstance(); + registered.setClient(savedClient); + registered.setRegistrationAccessToken(token.getValue()); + String clientUri = config.getIssuer() + "register/" + UriUtils.encodePathSegment(savedClient.getClientId(), "UTF-8"); + registered.setRegistrationClientUri(clientUri); + // send it all out to the view m.addAttribute("client", registered); m.addAttribute("code", HttpStatus.OK); // http 200 diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ProtectedResourceRegistrationEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ProtectedResourceRegistrationEndpoint.java index 6e55d73ed..a53cdeeb3 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ProtectedResourceRegistrationEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ProtectedResourceRegistrationEndpoint.java @@ -25,6 +25,7 @@ import java.util.Set; import org.mitre.jwt.signer.service.JwtSigningAndValidationService; import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod; +import org.mitre.oauth2.model.impl.ModelFactory; import org.mitre.oauth2.model.OAuth2AccessTokenEntity; import org.mitre.oauth2.model.RegisteredClient; import org.mitre.oauth2.model.SystemScope; @@ -169,8 +170,12 @@ public class ProtectedResourceRegistrationEndpoint { tokenService.saveAccessToken(token); // send it all out to the view - - RegisteredClient registered = new RegisteredClient(savedClient, token.getValue(), config.getIssuer() + "resource/" + UriUtils.encodePathSegment(savedClient.getClientId(), "UTF-8")); + RegisteredClient registered = ModelFactory.instance().getRegisteredClientInstance(); + registered.setClient(savedClient); + registered.setRegistrationAccessToken(token.getValue()); + String clientUri = config.getIssuer() + "resource/" + UriUtils.encodePathSegment(savedClient.getClientId(), "UTF-8"); + registered.setRegistrationClientUri(clientUri); + m.addAttribute("client", registered); m.addAttribute("code", HttpStatus.CREATED); // http 201 @@ -238,9 +243,13 @@ public class ProtectedResourceRegistrationEndpoint { try { // possibly update the token OAuth2AccessTokenEntity token = fetchValidRegistrationToken(auth, client); - - RegisteredClient registered = new RegisteredClient(client, token.getValue(), config.getIssuer() + "resource/" + UriUtils.encodePathSegment(client.getClientId(), "UTF-8")); - + + RegisteredClient registered = ModelFactory.instance().getRegisteredClientInstance(); + registered.setClient(client); + registered.setRegistrationAccessToken(token.getValue()); + String clientUri = config.getIssuer() + "resource/" + UriUtils.encodePathSegment(client.getClientId(), "UTF-8"); + registered.setRegistrationClientUri(clientUri); + // send it all out to the view m.addAttribute("client", registered); m.addAttribute("code", HttpStatus.OK); // http 200 @@ -349,9 +358,13 @@ public class ProtectedResourceRegistrationEndpoint { // possibly update the token OAuth2AccessTokenEntity token = fetchValidRegistrationToken(auth, savedClient); - - RegisteredClient registered = new RegisteredClient(savedClient, token.getValue(), config.getIssuer() + "resource/" + UriUtils.encodePathSegment(savedClient.getClientId(), "UTF-8")); - + + RegisteredClient registered = ModelFactory.instance().getRegisteredClientInstance(); + registered.setClient(savedClient); + registered.setRegistrationAccessToken(token.getValue()); + String clientUri = config.getIssuer() + "resource/" + UriUtils.encodePathSegment(savedClient.getClientId(), "UTF-8"); + registered.setRegistrationClientUri(clientUri); + // send it all out to the view m.addAttribute("client", registered); m.addAttribute("code", HttpStatus.OK); // http 200 diff --git a/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultIntrospectionAuthorizer.java b/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultIntrospectionAuthorizer.java index 0dde0e0ce..ab9bff014 100755 --- a/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultIntrospectionAuthorizer.java +++ b/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultIntrospectionAuthorizer.java @@ -16,6 +16,12 @@ ******************************************************************************/ package org.mitre.oauth2.service.impl; +import static com.google.common.collect.Sets.newHashSet; +import static org.hamcrest.CoreMatchers.is; +import static org.junit.Assert.assertThat; +import static org.mockito.BDDMockito.given; +import static org.mockito.Mockito.mock; + import java.util.Set; import org.junit.Test; @@ -26,12 +32,6 @@ import org.mockito.Mock; import org.mockito.runners.MockitoJUnitRunner; import org.springframework.security.oauth2.provider.ClientDetails; -import static com.google.common.collect.Sets.newHashSet; -import static org.hamcrest.CoreMatchers.is; -import static org.junit.Assert.assertThat; -import static org.mockito.BDDMockito.given; -import static org.mockito.Mockito.mock; - @RunWith(MockitoJUnitRunner.class) public class TestDefaultIntrospectionAuthorizer { diff --git a/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultOAuth2ProviderTokenService.java b/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultOAuth2ProviderTokenService.java index a0e67a625..bd5204754 100644 --- a/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultOAuth2ProviderTokenService.java +++ b/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultOAuth2ProviderTokenService.java @@ -34,6 +34,9 @@ import org.mitre.oauth2.model.AuthenticationHolderEntity; import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.OAuth2AccessTokenEntity; import org.mitre.oauth2.model.OAuth2RefreshTokenEntity; +import org.mitre.oauth2.model.impl.DefaultAuthenticationHolderEntity; +import org.mitre.oauth2.model.impl.DefaultClientDetailsEntity; +import org.mitre.oauth2.model.impl.DefaultOAuth2RefreshTokenEntity; import org.mitre.oauth2.repository.AuthenticationHolderRepository; import org.mitre.oauth2.repository.OAuth2TokenRepository; import org.mitre.oauth2.service.ClientDetailsEntityService; @@ -113,14 +116,14 @@ public class TestDefaultOAuth2ProviderTokenService { OAuth2Request clientAuth = new OAuth2Request(null, clientId, null, true, scope, null, null, null, null); Mockito.when(authentication.getOAuth2Request()).thenReturn(clientAuth); - client = Mockito.mock(ClientDetailsEntity.class); + client = Mockito.mock(DefaultClientDetailsEntity.class); Mockito.when(client.getClientId()).thenReturn(clientId); Mockito.when(clientDetailsService.loadClientByClientId(clientId)).thenReturn(client); // by default in tests, allow refresh tokens Mockito.when(client.isAllowRefresh()).thenReturn(true); - refreshToken = Mockito.mock(OAuth2RefreshTokenEntity.class); + refreshToken = Mockito.mock(DefaultOAuth2RefreshTokenEntity.class); Mockito.when(tokenRepository.getRefreshTokenByValue(refreshTokenValue)).thenReturn(refreshToken); Mockito.when(refreshToken.getClient()).thenReturn(client); Mockito.when(refreshToken.isExpired()).thenReturn(false); @@ -129,14 +132,14 @@ public class TestDefaultOAuth2ProviderTokenService { storedAuthentication = authentication; storedAuthRequest = clientAuth; - storedAuthHolder = Mockito.mock(AuthenticationHolderEntity.class); + storedAuthHolder = Mockito.mock(DefaultAuthenticationHolderEntity.class); storedScope = Sets.newHashSet(scope); Mockito.when(refreshToken.getAuthenticationHolder()).thenReturn(storedAuthHolder); Mockito.when(storedAuthHolder.getAuthentication()).thenReturn(storedAuthentication); Mockito.when(storedAuthentication.getOAuth2Request()).thenReturn(storedAuthRequest); - Mockito.when(authenticationHolderRepository.save(Matchers.any(AuthenticationHolderEntity.class))).thenReturn(storedAuthHolder); + Mockito.when(authenticationHolderRepository.save(Matchers.any(DefaultAuthenticationHolderEntity.class))).thenReturn(storedAuthHolder); Mockito.when(scopeService.removeRestrictedScopes(Matchers.anySet())).then(AdditionalAnswers.returnsFirstArg()); @@ -215,7 +218,7 @@ public class TestDefaultOAuth2ProviderTokenService { OAuth2AccessTokenEntity token = service.createAccessToken(authentication); Mockito.verify(clientDetailsService).loadClientByClientId(Matchers.anyString()); - Mockito.verify(authenticationHolderRepository).save(Matchers.any(AuthenticationHolderEntity.class)); + Mockito.verify(authenticationHolderRepository).save(Matchers.any(DefaultAuthenticationHolderEntity.class)); Mockito.verify(tokenEnhancer).enhance(Matchers.any(OAuth2AccessTokenEntity.class), Mockito.eq(authentication)); Mockito.verify(tokenRepository).saveAccessToken(Matchers.any(OAuth2AccessTokenEntity.class)); @@ -286,15 +289,15 @@ public class TestDefaultOAuth2ProviderTokenService { @Test public void createAccessToken_checkAttachedAuthentication() { - AuthenticationHolderEntity authHolder = Mockito.mock(AuthenticationHolderEntity.class); + AuthenticationHolderEntity authHolder = Mockito.mock(DefaultAuthenticationHolderEntity.class); Mockito.when(authHolder.getAuthentication()).thenReturn(authentication); - Mockito.when(authenticationHolderRepository.save(Matchers.any(AuthenticationHolderEntity.class))).thenReturn(authHolder); + Mockito.when(authenticationHolderRepository.save(Matchers.any(DefaultAuthenticationHolderEntity.class))).thenReturn(authHolder); OAuth2AccessTokenEntity token = service.createAccessToken(authentication); assertThat(token.getAuthenticationHolder().getAuthentication(), equalTo(authentication)); - Mockito.verify(authenticationHolderRepository).save(Matchers.any(AuthenticationHolderEntity.class)); + Mockito.verify(authenticationHolderRepository).save(Matchers.any(DefaultAuthenticationHolderEntity.class)); } @Test(expected = InvalidTokenException.class) diff --git a/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultSystemScopeService.java b/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultSystemScopeService.java index ae1f7761e..0e9f6e037 100644 --- a/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultSystemScopeService.java +++ b/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultSystemScopeService.java @@ -27,6 +27,7 @@ import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; import org.mitre.oauth2.model.SystemScope; +import org.mitre.oauth2.model.impl.ModelFactory; import org.mitre.oauth2.repository.SystemScopeRepository; import org.mockito.InjectMocks; import org.mockito.Mock; @@ -77,36 +78,44 @@ public class TestDefaultSystemScopeService { */ @Before public void prepare() { - + Mockito.reset(repository); - + // two default and dynamically registerable scopes - defaultDynScope1 = new SystemScope(defaultDynScope1String); - defaultDynScope2 = new SystemScope(defaultDynScope2String); + defaultDynScope1 = ModelFactory.instance().getSystemScopeInstance(); + defaultDynScope1.setValue(defaultDynScope1String); + defaultDynScope2 = ModelFactory.instance().getSystemScopeInstance(); + defaultDynScope2.setValue(defaultDynScope2String); defaultDynScope1.setAllowDynReg(true); defaultDynScope2.setAllowDynReg(true); defaultDynScope1.setDefaultScope(true); defaultDynScope2.setDefaultScope(true); // two strictly default scopes (isAllowDynReg false) - defaultScope1 = new SystemScope(defaultScope1String); - defaultScope2 = new SystemScope(defaultScope2String); + defaultScope1 = ModelFactory.instance().getSystemScopeInstance(); + defaultScope1.setValue(defaultScope1String); + defaultScope2 = ModelFactory.instance().getSystemScopeInstance(); + defaultScope2.setValue(defaultScope2String); defaultScope1.setDefaultScope(true); defaultScope2.setDefaultScope(true); // one strictly dynamically registerable scope (isDefault false) - dynScope1 = new SystemScope(dynScope1String); + dynScope1 = ModelFactory.instance().getSystemScopeInstance(); + dynScope1.setValue(dynScope1String); dynScope1.setAllowDynReg(true); // extraScope1 : extra scope that is neither (defaults to false/false) - extraScope1 = new SystemScope(extraScope1String); + extraScope1 = ModelFactory.instance().getSystemScopeInstance(); + extraScope1.setValue(extraScope1String); // structuredScope1 : structured scope - structuredScope1 = new SystemScope(structuredScope1String); + structuredScope1 = ModelFactory.instance().getSystemScopeInstance(); + structuredScope1.setValue(structuredScope1String); structuredScope1.setStructured(true); // structuredScope1Value : structured scope with value - structuredScope1Value = new SystemScope(structuredScope1String); + structuredScope1Value = ModelFactory.instance().getSystemScopeInstance(); + structuredScope1Value.setValue(structuredScope1String); structuredScope1Value.setStructured(true); structuredScope1Value.setStructuredValue(structuredValue); @@ -123,7 +132,8 @@ public class TestDefaultSystemScopeService { Mockito.when(repository.getByValue(structuredScope1String)).thenAnswer(new Answer() { @Override public SystemScope answer(InvocationOnMock invocation) throws Throwable { - SystemScope s = new SystemScope(structuredScope1String); + SystemScope s = ModelFactory.instance().getSystemScopeInstance(); + s.setValue(structuredScope1String); s.setStructured(true); return s; } @@ -201,7 +211,8 @@ public class TestDefaultSystemScopeService { Mockito.when(repository.getByValue("foo")).thenAnswer(new Answer() { @Override public SystemScope answer(InvocationOnMock invocation) throws Throwable { - SystemScope foo = new SystemScope("foo"); + SystemScope foo = ModelFactory.instance().getSystemScopeInstance(); + foo.setValue("foo"); foo.setStructured(true); return foo; } diff --git a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultApprovedSiteService.java b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultApprovedSiteService.java index d413b0d53..c1ec9c9b5 100644 --- a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultApprovedSiteService.java +++ b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultApprovedSiteService.java @@ -27,6 +27,7 @@ import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; import org.mitre.oauth2.model.ClientDetailsEntity; +import org.mitre.oauth2.model.impl.ModelFactory; import org.mitre.openid.connect.model.ApprovedSite; import org.mitre.openid.connect.repository.ApprovedSiteRepository; import org.mitre.openid.connect.service.ApprovedSiteService; @@ -66,7 +67,7 @@ public class TestDefaultApprovedSiteService { @Before public void prepare() { - client = new ClientDetailsEntity(); + client = ModelFactory.instance().getClientDetailsInstance(); client.setClientId(clientId); site1 = new ApprovedSite(); diff --git a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultUserInfoService.java b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultUserInfoService.java index f785a1fe0..b4dbd79c6 100644 --- a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultUserInfoService.java +++ b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultUserInfoService.java @@ -27,6 +27,7 @@ import org.junit.Test; import org.junit.runner.RunWith; import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType; +import org.mitre.oauth2.model.impl.ModelFactory; import org.mitre.oauth2.service.ClientDetailsEntityService; import org.mitre.openid.connect.model.DefaultUserInfo; import org.mitre.openid.connect.model.UserInfo; @@ -88,9 +89,6 @@ public class TestDefaultUserInfoService { private String sectorIdentifier2 = "https://sector-identifier-12/url2"; private String sectorIdentifier3 = "https://sector-identifier-3/url"; - - - /** * Initialize the service and the mocked repository. * Initialize 2 users, one of them an admin, for use in unit tests. @@ -98,7 +96,6 @@ public class TestDefaultUserInfoService { @Before public void prepare() { - userInfoAdmin = new DefaultUserInfo(); userInfoAdmin.setPreferredUsername(adminUsername); userInfoAdmin.setSub(adminSub); @@ -107,38 +104,35 @@ public class TestDefaultUserInfoService { userInfoRegular.setPreferredUsername(regularUsername); userInfoRegular.setSub(regularSub); - publicClient1 = new ClientDetailsEntity(); + publicClient1 = ModelFactory.instance().getClientDetailsInstance(); publicClient1.setClientId(publicClientId1); - publicClient2 = new ClientDetailsEntity(); + publicClient2 = ModelFactory.instance().getClientDetailsInstance(); publicClient2.setClientId(publicClientId2); publicClient2.setSubjectType(SubjectType.PUBLIC); // pairwise set 1 - pairwiseClient1 = new ClientDetailsEntity(); + pairwiseClient1 = ModelFactory.instance().getClientDetailsInstance(); pairwiseClient1.setClientId(pairwiseClientId1); pairwiseClient1.setSubjectType(SubjectType.PAIRWISE); pairwiseClient1.setSectorIdentifierUri(sectorIdentifier1); - pairwiseClient2 = new ClientDetailsEntity(); + pairwiseClient2 = ModelFactory.instance().getClientDetailsInstance(); pairwiseClient2.setClientId(pairwiseClientId2); pairwiseClient2.setSubjectType(SubjectType.PAIRWISE); pairwiseClient2.setSectorIdentifierUri(sectorIdentifier2); // pairwise set 2 - pairwiseClient3 = new ClientDetailsEntity(); + pairwiseClient3 = ModelFactory.instance().getClientDetailsInstance(); pairwiseClient3.setClientId(pairwiseClientId3); pairwiseClient3.setSubjectType(SubjectType.PAIRWISE); pairwiseClient3.setSectorIdentifierUri(sectorIdentifier3); // pairwise with null sector - pairwiseClient4 = new ClientDetailsEntity(); + pairwiseClient4 = ModelFactory.instance().getClientDetailsInstance(); pairwiseClient4.setClientId(pairwiseClientId4); pairwiseClient4.setSubjectType(SubjectType.PAIRWISE); - - - } /** @@ -236,6 +230,4 @@ public class TestDefaultUserInfoService { } - - } diff --git a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestUUIDPairwiseIdentiferService.java b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestUUIDPairwiseIdentiferService.java index 474efe804..d0482cd9c 100644 --- a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestUUIDPairwiseIdentiferService.java +++ b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestUUIDPairwiseIdentiferService.java @@ -30,6 +30,7 @@ import org.junit.Test; import org.junit.runner.RunWith; import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType; +import org.mitre.oauth2.model.impl.ModelFactory; import org.mitre.openid.connect.model.DefaultUserInfo; import org.mitre.openid.connect.model.PairwiseIdentifier; import org.mitre.openid.connect.model.UserInfo; @@ -95,31 +96,31 @@ public class TestUUIDPairwiseIdentiferService { userInfoRegular.setSub(regularSub); // pairwise set 1 - pairwiseClient1 = new ClientDetailsEntity(); + pairwiseClient1 = ModelFactory.instance().getClientDetailsInstance(); pairwiseClient1.setClientId(pairwiseClientId1); pairwiseClient1.setSubjectType(SubjectType.PAIRWISE); pairwiseClient1.setSectorIdentifierUri(sectorIdentifier1); - pairwiseClient2 = new ClientDetailsEntity(); + pairwiseClient2 = ModelFactory.instance().getClientDetailsInstance(); pairwiseClient2.setClientId(pairwiseClientId2); pairwiseClient2.setSubjectType(SubjectType.PAIRWISE); pairwiseClient2.setSectorIdentifierUri(sectorIdentifier2); // pairwise set 2 - pairwiseClient3 = new ClientDetailsEntity(); + pairwiseClient3 = ModelFactory.instance().getClientDetailsInstance(); pairwiseClient3.setClientId(pairwiseClientId3); pairwiseClient3.setSubjectType(SubjectType.PAIRWISE); pairwiseClient3.setSectorIdentifierUri(sectorIdentifier3); pairwiseClient3.setRedirectUris(pairwiseClient3RedirectUris); // pairwise with null sector - pairwiseClient4 = new ClientDetailsEntity(); + pairwiseClient4 = ModelFactory.instance().getClientDetailsInstance(); pairwiseClient4.setClientId(pairwiseClientId4); pairwiseClient4.setSubjectType(SubjectType.PAIRWISE); pairwiseClient4.setRedirectUris(pairwiseClient4RedirectUris); // pairwise with multiple redirects and no sector (error) - pairwiseClient5 = new ClientDetailsEntity(); + pairwiseClient5 = ModelFactory.instance().getClientDetailsInstance(); pairwiseClient5.setClientId(pairwiseClientId5); pairwiseClient5.setSubjectType(SubjectType.PAIRWISE); pairwiseClient5.setRedirectUris(pairwiseClient5RedirectUris);