From 40f39a18e04d645fbde0cadd68735619ab0178df Mon Sep 17 00:00:00 2001 From: Justin Richer Date: Mon, 30 Jul 2012 13:03:33 -0400 Subject: [PATCH] cleaning up introspection endpoint --- .../openid/connect/model/IdTokenClaims.java | 5 --- .../oauth2/web/IntrospectionEndpoint.java | 35 +++++++++++++------ 2 files changed, 24 insertions(+), 16 deletions(-) diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/IdTokenClaims.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/IdTokenClaims.java index 4e151faf3..29fa5d56e 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/IdTokenClaims.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/IdTokenClaims.java @@ -136,11 +136,6 @@ public class IdTokenClaims extends JwtClaims { } } - // - // FIXME: - // This doesn't handle loading JsonNull values from the claims set, and this is endemic to the whole claims structure!!!! - // - /** * Load this IdToken from a JSON Object */ diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java b/openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java index 265bd634d..b05e6ce1f 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java @@ -15,9 +15,13 @@ ******************************************************************************/ package org.mitre.oauth2.web; +import java.security.Principal; + import org.mitre.oauth2.model.OAuth2AccessTokenEntity; import org.mitre.oauth2.service.OAuth2TokenEntityService; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.oauth2.provider.OAuth2Authentication; +import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; @@ -37,19 +41,28 @@ public class IntrospectionEndpoint { this.tokenServices = tokenServices; } - // TODO @RequestMapping("/oauth/verify") - public ModelAndView verify(@RequestParam("token") String tokenValue, - ModelAndView modelAndView) { - OAuth2AccessTokenEntity token = tokenServices.readAccessToken(tokenValue); + public ModelAndView verify(Principal p, ModelAndView modelAndView) { + + // assume the token's not valid until proven otherwise + modelAndView.setViewName("tokenNotFound"); + + if (p != null && p instanceof OAuth2Authentication) { + OAuth2Authentication auth = (OAuth2Authentication)p; + + if (auth.getDetails() != null && auth.getDetails() instanceof OAuth2AuthenticationDetails) { + OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails)auth.getDetails(); + + String tokenValue = details.getTokenValue(); + + OAuth2AccessTokenEntity token = tokenServices.readAccessToken(tokenValue); - if (token == null) { - // if it's not a valid token, we'll print a 404 - modelAndView.setViewName("tokenNotFound"); - } else { - // if it's a valid token, we'll print out the scope and expiration - modelAndView.setViewName("tokenIntrospection"); - modelAndView.addObject("entity", token); + if (token != null) { + // if it's a valid token, we'll print out the scope and expiration + modelAndView.setViewName("tokenIntrospection"); + modelAndView.addObject("entity", token); + } + } } return modelAndView;