added SWD endpoint and views

2012-01-27 15:22:51 -05:00 · 2012-01-27 15:22:51 -05:00 · 440eadcfe0
parent 4924d6c78c
commit 440eadcfe0
5 changed files with 193 additions and 7 deletions
--- a/server/src/main/java/org/mitre/swd/view/JsonOpenIdConfigurationView.java
+++ b/server/src/main/java/org/mitre/swd/view/JsonOpenIdConfigurationView.java
@ -0,0 +1,61 @@
+package org.mitre.swd.view;
+
+import java.io.Writer;
+import java.lang.reflect.Type;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.validation.BeanPropertyBindingResult;
+import org.springframework.web.servlet.view.AbstractView;
+
+import com.google.gson.ExclusionStrategy;
+import com.google.gson.FieldAttributes;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import com.google.gson.JsonElement;
+import com.google.gson.JsonPrimitive;
+import com.google.gson.JsonSerializationContext;
+import com.google.gson.JsonSerializer;
+
+public class JsonOpenIdConfigurationView extends AbstractView {
+
+	@Override
+	protected void renderMergedOutputModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) throws Exception {
+		Gson gson = new GsonBuilder().setExclusionStrategies(new ExclusionStrategy() {
+
+			@Override
+			public boolean shouldSkipField(FieldAttributes f) {
+				return false;
+			}
+
+			@Override
+			public boolean shouldSkipClass(Class<?> clazz) {
+				// skip the JPA binding wrapper
+				if (clazz.equals(BeanPropertyBindingResult.class)) {
+					return true;
+				} else {
+					return false;
+				}
+			}
+
+		})
+		.create();
+
+		response.setContentType("application/json");
+
+		Writer out = response.getWriter();
+
+		Object obj = model.get("entity");
+		if (obj == null) {
+			obj = model;
+		}
+
+		gson.toJson(obj, out);
+		
+
+	}
+
+}
--- a/server/src/main/java/org/mitre/swd/view/SwdResponse.java
+++ b/server/src/main/java/org/mitre/swd/view/SwdResponse.java
@ -0,0 +1,69 @@
+/**
+ * 
+ */
+package org.mitre.swd.view;
+
+import java.io.Writer;
+import java.lang.reflect.Type;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.validation.BeanPropertyBindingResult;
+import org.springframework.web.servlet.view.AbstractView;
+
+import com.google.gson.ExclusionStrategy;
+import com.google.gson.FieldAttributes;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import com.google.gson.JsonElement;
+import com.google.gson.JsonPrimitive;
+import com.google.gson.JsonSerializationContext;
+import com.google.gson.JsonSerializer;
+
+/**
+ * @author jricher
+ *
+ */
+public class SwdResponse extends AbstractView {
+
+	/* (non-Javadoc)
+	 * @see org.springframework.web.servlet.view.AbstractView#renderMergedOutputModel(java.util.Map, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+	 */
+	@Override
+	protected void renderMergedOutputModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) throws Exception {
+		Gson gson = new GsonBuilder().setExclusionStrategies(new ExclusionStrategy() {
+
+			@Override
+			public boolean shouldSkipField(FieldAttributes f) {
+				return false;
+			}
+
+			@Override
+			public boolean shouldSkipClass(Class<?> clazz) {
+				// skip the JPA binding wrapper
+				if (clazz.equals(BeanPropertyBindingResult.class)) {
+					return true;
+				} else {
+					return false;
+				}
+			}
+
+		})
+		.create();
+
+		response.setContentType("application/json");
+
+		Writer out = response.getWriter();
+
+		Object obj = model.get("entity");
+		if (obj == null) {
+			obj = model;
+		}
+
+		gson.toJson(obj, out);
+	}
+
+}
--- a/server/src/main/java/org/mitre/swd/web/SimpleWebDiscoveryEndpoint.java
+++ b/server/src/main/java/org/mitre/swd/web/SimpleWebDiscoveryEndpoint.java
@ -1,19 +1,39 @@
 package org.mitre.swd.web;

+import java.util.HashMap;
 import java.util.Map;

+import javax.servlet.ServletRequest;
+import javax.servlet.http.HttpServletRequest;
+
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.servlet.ModelAndView;

+import com.google.common.collect.Lists;
+import com.google.common.collect.Maps;
+
@Controller
 public class SimpleWebDiscoveryEndpoint {

 	@RequestMapping(value="/.well-known/simple-web-discovery", 
 					params={"principal", "service=http://openid.net/specs/connect/1.0/issuer"})
-	public ModelAndView openIdConnectIssuerDiscovery(@RequestParam("principal") String principal, ModelAndView modelAndView) {
+	public ModelAndView openIdConnectIssuerDiscovery(@RequestParam("principal") String principal, ModelAndView modelAndView, HttpServletRequest request) {
+		
+		String baseUrl = findBaseUrl(request);
+		
+		// look up user, see if they're local
+		// if so, return this server
+
+		Map<String, Object> m = new HashMap<String, Object>();
+		m.put("locations", Lists.newArrayList(baseUrl));
+		
+		modelAndView.getModel().put("entity", m);
+
+		modelAndView.setViewName("jsonSwdResponseView");
+
 		return modelAndView;
 	}
 	
@ -43,13 +63,43 @@ public class SimpleWebDiscoveryEndpoint {
 	 * 	token_endpoint_auth_algs_supported 	array 	A JSON array containing a list of the JWS [JWS] signing algorithms supported by the Token Endpoint for the private_key_jwt method to encode the JWT [JWT]. Servers SHOULD support RS256.
 	 */
 	@RequestMapping("/.well-known/openid-configuration")
-	public ModelAndView providerConfiguration(ModelAndView modelAndView) {
+	public ModelAndView providerConfiguration(ModelAndView modelAndView, HttpServletRequest request) {

-		Map m = modelAndView.getModel();
+		String baseUrl = findBaseUrl(request);
+		
+		Map<String, Object> m = new HashMap<String, Object>();
 		m.put("version", "3.0");
+		m.put("issuer", baseUrl);
+		m.put("authorization_endpoint", baseUrl + "/authorize");
+		m.put("token_endpoint", baseUrl + "/oauth");
+		m.put("userinfo_endpoint", baseUrl + "/userinfo");
+		m.put("check_id_endpoint", baseUrl + "/checkid");
+		m.put("refresh_session_endpoint", baseUrl + "/refresh_session");
+		m.put("end_session_endpoint", baseUrl + "/end_session");
+		m.put("jwk_url", baseUrl + "/jwk");
+		m.put("registration_endpoint", baseUrl + "/register_client");
+		m.put("scopes_supported", Lists.newArrayList("openid"));
+		m.put("response_types_supported", Lists.newArrayList("code"));
+				
+		
+		modelAndView.getModel().put("entity", m);
 		// TODO: everything in the list up there
 		
+		modelAndView.setViewName("jsonOpenIdConfigurationView");
+		
 		return modelAndView;
 	}
+
+
+	private String findBaseUrl(HttpServletRequest request) {
+	    String baseUrl = String.format("%s://%s%s", request.getScheme(),  request.getServerName(), request.getContextPath());
+		
+		if ((request.getScheme().equals("http") && request.getServerPort() != 80)
+				|| (request.getScheme().equals("https") && request.getServerPort() != 443)) {
+			// nonstandard port, need to include it
+			baseUrl = String.format("%s://%s:%d%s", request.getScheme(),  request.getServerName(), request.getServerPort(), request.getContextPath());
+		}
+	    return baseUrl;
+    }
 	
 }
--- a/server/src/main/webapp/WEB-INF/spring/appServlet/controllers.xml
+++ b/server/src/main/webapp/WEB-INF/spring/appServlet/controllers.xml
@ -10,5 +10,9 @@
 		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">

 	<!-- Scans within the base package of the application for @Components to configure as beans -->
-	<!-- <context:component-scan base-package="org.mitre.pushee.hub.web" /> -->
+	
+	<context:component-scan base-package="org.mitre">
+		<context:include-filter type="annotation" expression="org.springframework.stereotype.Controller" />
+	</context:component-scan>
+	
 </beans>
--- a/server/src/main/webapp/WEB-INF/spring/appServlet/servlet-context.xml
+++ b/server/src/main/webapp/WEB-INF/spring/appServlet/servlet-context.xml
@ -22,15 +22,17 @@
 		<beans:property name="order" value="2"/>
 	</beans:bean>
 	
-	<context:component-scan base-package="org.mitre.openid" />
-	
-	<!-- Resolve views based on string names -->
+		<!-- Resolve views based on string names -->
 	<beans:bean class="org.springframework.web.servlet.view.BeanNameViewResolver" >
 		<beans:property name="order" value="1"/>
 	</beans:bean>

 	<!-- JSON views for each type of model object -->
+	<beans:bean id="jsonOpenIdConfigurationView" class="org.mitre.swd.view.JsonOpenIdConfigurationView" />
+	<beans:bean id="jsonSwdResponseView" class="org.mitre.swd.view.SwdResponse" />
 <!-- 	<beans:bean id="jsonUserInfoView" class="org.mitre.openid.connect.model.serializer.JSONUserInfoView"/> -->
 <!-- 	<beans:bean id="jsonIdTokenView" class="org.mitre.openid.connect.model.serializer.JSONIdTokenView"/> -->
 	
+	<beans:import resource="controllers.xml" />
+	
 </beans:beans>