github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Commented out properties on ClientDetailsEntity.java that were not annotated. TODO: uncomment and annotate with JPA annotations. 

Added resource_ids.sql, table definition for resource ids. This needs to be added to everyone's databases in order to run the Authorization Server.
Testing & working on AuthZ server. @ needing to set up user-approval page.
pull/59/head
Amanda Anganes 2012-03-16 16:22:02 -04:00
parent 13eeb433a9
commit 409a5295f6
4 changed files with 147 additions and 128 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

220
server/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java
View File

@ -64,39 +64,39 @@ public class ClientDetailsEntity implements ClientDetails {
* this Client. This is used by some providers to enable a web UI to modify the
* Client information.
*/
private Set<String> contacts;
private String applicationType;//native or web
private String applicationName;
private String logo_url;
private Set<String> redirectUris; //Connect allows clients to have more than one redirectUri registered
private AuthType tokenEndpointAuthType = AuthType.client_secret_basic;
private String policyUrl;
private String jwk_url;
private String jwk_encryption_url;
private String x509Url;
private String x509EncryptionUrl;
private String sectorIdentifierUrl;
private String userIdType;
// private Set<String> contacts;
//
// private String applicationType;//native or web
// private String applicationName;
// private String logo_url;
// private Set<String> redirectUris; //Connect allows clients to have more than one redirectUri registered
// private AuthType tokenEndpointAuthType = AuthType.client_secret_basic;
// private String policyUrl;
// private String jwk_url;
// private String jwk_encryption_url;
// private String x509Url;
// private String x509EncryptionUrl;
// private String sectorIdentifierUrl;
// private String userIdType;
/**
* OPTIONAL. The JWS [JWS] signature algorithm that MUST be required
* by the Authorization Server. All OpenID Request Objects from
* this client_id MUST be rejected if not signed by this algorithm.
*/
private String requireSignedRequestObject;
private String userInfoSignedResponseAlg;
private Set<String> userInfoEncryptedResponseAlgs;
private String idTokenSignedResponseAlg;
private Set<String> idTokenEncryptedResponseAlgs;
// private String requireSignedRequestObject;
//
// private String userInfoSignedResponseAlg;
// private Set<String> userInfoEncryptedResponseAlgs;
// private String idTokenSignedResponseAlg;
// private Set<String> idTokenEncryptedResponseAlgs;
//Maximum age for any authentications
private Integer defaultMaxAge;
private Boolean requireAuthTime;
private String defaultACR;
// private Integer defaultMaxAge;
//
// private Boolean requireAuthTime;
//
// private String defaultACR;
// TODO:
/*
@ -525,300 +525,300 @@ public class ClientDetailsEntity implements ClientDetails {
return 0;
}
/**
/* *//**
* @return the contacts
*/
*//*
public Set<String> getContacts() {
return contacts;
}
/**
*//**
* @param contacts the contacts to set
*/
*//*
public void setContacts(Set<String> contacts) {
this.contacts = contacts;
}
/**
*//**
* @return the applicationType
*/
*//*
public String getApplicationType() {
return applicationType;
}
/**
*//**
* @param applicationType the applicationType to set
*/
*//*
public void setApplicationType(String applicationType) {
this.applicationType = applicationType;
}
/**
*//**
* @return the applicationName
*/
*//*
public String getApplicationName() {
return applicationName;
}
/**
*//**
* @param applicationName the applicationName to set
*/
*//*
public void setApplicationName(String applicationName) {
this.applicationName = applicationName;
}
/**
*//**
* @return the logo_url
*/
*//*
public String getLogo_url() {
return logo_url;
}
/**
*//**
* @param logo_url the logo_url to set
*/
*//*
public void setLogo_url(String logo_url) {
this.logo_url = logo_url;
}
/**
*//**
* @return the redirectUris
*/
*//*
public Set<String> getRedirectUris() {
return redirectUris;
}
/**
*//**
* @param redirectUris the redirectUris to set
*/
*//*
public void setRedirectUris(Set<String> redirectUris) {
this.redirectUris = redirectUris;
}
/**
*//**
* @return the tokenEndpointAuthType
*/
*//*
public AuthType getTokenEndpointAuthType() {
return tokenEndpointAuthType;
}
/**
*//**
* @param tokenEndpointAuthType the tokenEndpointAuthType to set
*/
*//*
public void setTokenEndpointAuthType(AuthType tokenEndpointAuthType) {
this.tokenEndpointAuthType = tokenEndpointAuthType;
}
/**
*//**
* @return the policyUrl
*/
*//*
public String getPolicyUrl() {
return policyUrl;
}
/**
*//**
* @param policyUrl the policyUrl to set
*/
*//*
public void setPolicyUrl(String policyUrl) {
this.policyUrl = policyUrl;
}
/**
*//**
* @return the jwk_url
*/
*//*
public String getJwk_url() {
return jwk_url;
}
/**
*//**
* @param jwk_url the jwk_url to set
*/
*//*
public void setJwk_url(String jwk_url) {
this.jwk_url = jwk_url;
}
/**
*//**
* @return the jwk_encryption_url
*/
*//*
public String getJwk_encryption_url() {
return jwk_encryption_url;
}
/**
*//**
* @param jwk_encryption_url the jwk_encryption_url to set
*/
*//*
public void setJwk_encryption_url(String jwk_encryption_url) {
this.jwk_encryption_url = jwk_encryption_url;
}
/**
*//**
* @return the x509Url
*/
*//*
public String getX509Url() {
return x509Url;
}
/**
*//**
* @param x509Url the x509Url to set
*/
*//*
public void setX509Url(String x509Url) {
this.x509Url = x509Url;
}
/**
*//**
* @return the x509EncryptionUrl
*/
*//*
public String getX509EncryptionUrl() {
return x509EncryptionUrl;
}
/**
*//**
* @param x509EncryptionUrl the x509EncryptionUrl to set
*/
*//*
public void setX509EncryptionUrl(String x509EncryptionUrl) {
this.x509EncryptionUrl = x509EncryptionUrl;
}
/**
*//**
* @return the sectorIdentifierUrl
*/
*//*
public String getSectorIdentifierUrl() {
return sectorIdentifierUrl;
}
/**
*//**
* @param sectorIdentifierUrl the sectorIdentifierUrl to set
*/
*//*
public void setSectorIdentifierUrl(String sectorIdentifierUrl) {
this.sectorIdentifierUrl = sectorIdentifierUrl;
}
/**
*//**
* @return the userIdType
*/
*//*
public String getUserIdType() {
return userIdType;
}
/**
*//**
* @param userIdType the userIdType to set
*/
*//*
public void setUserIdType(String userIdType) {
this.userIdType = userIdType;
}
/**
*//**
* @return the requireSignedRequestObject
*/
*//*
public String getRequireSignedRequestObject() {
return requireSignedRequestObject;
}
/**
*//**
* @param requireSignedRequestObject the requireSignedRequestObject to set
*/
*//*
public void setRequireSignedRequestObject(String requireSignedRequestObject) {
this.requireSignedRequestObject = requireSignedRequestObject;
}
/**
*//**
* @return the userInfoSignedResponseAlg
*/
*//*
public String getUserInfoSignedResponseAlg() {
return userInfoSignedResponseAlg;
}
/**
*//**
* @param userInfoSignedResponseAlg the userInfoSignedResponseAlg to set
*/
*//*
public void setUserInfoSignedResponseAlg(String userInfoSignedResponseAlg) {
this.userInfoSignedResponseAlg = userInfoSignedResponseAlg;
}
/**
*//**
* @return the userInfoEncryptedResponseAlgs
*/
*//*
public Set<String> getUserInfoEncryptedResponseAlgs() {
return userInfoEncryptedResponseAlgs;
}
/**
*//**
* @param userInfoEncryptedResponseAlgs the userInfoEncryptedResponseAlgs to set
*/
*//*
public void setUserInfoEncryptedResponseAlgs(
Set<String> userInfoEncryptedResponseAlgs) {
this.userInfoEncryptedResponseAlgs = userInfoEncryptedResponseAlgs;
}
/**
*//**
* @return the idTokenEncryptedResponseAlgs
*/
*//*
public Set<String> getIdTokenEncryptedResponseAlgs() {
return idTokenEncryptedResponseAlgs;
}
/**
*//**
* @param idTokenEncryptedResponseAlgs the idTokenEncryptedResponseAlgs to set
*/
*//*
public void setIdTokenEncryptedResponseAlgs(
Set<String> idTokenEncryptedResponseAlgs) {
this.idTokenEncryptedResponseAlgs = idTokenEncryptedResponseAlgs;
}
/**
*//**
* @return the idTokenSignedResponseAlg
*/
*//*
public String getIdTokenSignedResponseAlg() {
return idTokenSignedResponseAlg;
}
/**
*//**
* @param idTokenSignedResponseAlg the idTokenSignedResponseAlg to set
*/
*//*
public void setIdTokenSignedResponseAlg(String idTokenSignedResponseAlg) {
this.idTokenSignedResponseAlg = idTokenSignedResponseAlg;
}
/**
*//**
* @return the defaultMaxAge
*/
*//*
public Integer getDefaultMaxAge() {
return defaultMaxAge;
}
/**
*//**
* @param defaultMaxAge the defaultMaxAge to set
*/
*//*
public void setDefaultMaxAge(Integer defaultMaxAge) {
this.defaultMaxAge = defaultMaxAge;
}
/**
*//**
* @return the requireAuthTime
*/
*//*
public Boolean getRequireAuthTime() {
return requireAuthTime;
}
/**
*//**
* @param requireAuthTime the requireAuthTime to set
*/
*//*
public void setRequireAuthTime(Boolean requireAuthTime) {
this.requireAuthTime = requireAuthTime;
}
/**
*//**
* @return the defaultACR
*/
*//*
public String getDefaultACR() {
return defaultACR;
}
/**
*//**
* @param defaultACR the defaultACR to set
*/
*//*
public void setDefaultACR(String defaultACR) {
this.defaultACR = defaultACR;
}
*/
}

42
server/src/main/java/org/mitre/openid/connect/web/AuthorizationEndpoint.java
View File

@ -1,24 +1,48 @@
package org.mitre.openid.connect.web;
import java.util.TreeMap;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.oauth2.provider.AuthorizationRequest;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;
@Controller
@RequestMapping("/authorize")
@RequestMapping("/")
public class AuthorizationEndpoint {
@Autowired
private ClientDetailsService clientDetailsService;
//TODO: this endpoint needs to be protected
@RequestMapping("/oauth/confirm_access")
public ModelAndView getAccessConfirmation(
@ModelAttribute AuthorizationRequest clientAuth) throws Exception {
ClientDetails client = clientDetailsService
.loadClientByClientId(clientAuth.getClientId());
TreeMap<String, Object> model = new TreeMap<String, Object>();
model.put("auth_request", clientAuth);
model.put("client", client);
return new ModelAndView("oauth/approve", model);
}
public void setClientDetailsService(
ClientDetailsService clientDetailsService) {
this.clientDetailsService = clientDetailsService;
}
public ClientDetailsService getClientDetailsService() {
return this.clientDetailsService;
}
/*
* handle "code" flow
*
*/
/*
* handle "idtoken token" flow
*
*/
/*
* Other flows get handled outside of our endpoints by SSOA
*/

9
server/src/main/webapp/WEB-INF/spring/application-context.xml
View File

@ -31,15 +31,6 @@
<bean class="org.mitre.oauth2.service.impl.DefaultOAuth2ClientDetailsEntityService"/>
</constructor-arg>
</bean>
<!-- Authorization Code Service, used by TokenGranter -->
<!-- <bean id="jdbcAuthCodeServices" class="org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeServices"> -->
<!-- <constructor-arg> -->
<!-- <ref bean="dataSource"/> -->
<!-- </constructor-arg> -->
<!-- </bean> -->
<bean id="authCodeServices" class="org.springframework.security.oauth2.provider.code.InMemoryAuthorizationCodeServices"/>

4
server/src/main/webapp/db/tables/resource_ids.sql Normal file
View File

@ -0,0 +1,4 @@
CREATE TABLE resource_ids (
owner_id VARCHAR(256),
resourceids VARCHAR(256)
);