added SWD endpoint and views

pull/59/head
Justin Richer 2012-01-27 15:22:51 -05:00
parent 4924d6c78c
commit 440eadcfe0
5 changed files with 193 additions and 7 deletions

View File

@ -0,0 +1,61 @@
package org.mitre.swd.view;
import java.io.Writer;
import java.lang.reflect.Type;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.validation.BeanPropertyBindingResult;
import org.springframework.web.servlet.view.AbstractView;
import com.google.gson.ExclusionStrategy;
import com.google.gson.FieldAttributes;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.google.gson.JsonElement;
import com.google.gson.JsonPrimitive;
import com.google.gson.JsonSerializationContext;
import com.google.gson.JsonSerializer;
public class JsonOpenIdConfigurationView extends AbstractView {
@Override
protected void renderMergedOutputModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) throws Exception {
Gson gson = new GsonBuilder().setExclusionStrategies(new ExclusionStrategy() {
@Override
public boolean shouldSkipField(FieldAttributes f) {
return false;
}
@Override
public boolean shouldSkipClass(Class<?> clazz) {
// skip the JPA binding wrapper
if (clazz.equals(BeanPropertyBindingResult.class)) {
return true;
} else {
return false;
}
}
})
.create();
response.setContentType("application/json");
Writer out = response.getWriter();
Object obj = model.get("entity");
if (obj == null) {
obj = model;
}
gson.toJson(obj, out);
}
}

View File

@ -0,0 +1,69 @@
/**
*
*/
package org.mitre.swd.view;
import java.io.Writer;
import java.lang.reflect.Type;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.validation.BeanPropertyBindingResult;
import org.springframework.web.servlet.view.AbstractView;
import com.google.gson.ExclusionStrategy;
import com.google.gson.FieldAttributes;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.google.gson.JsonElement;
import com.google.gson.JsonPrimitive;
import com.google.gson.JsonSerializationContext;
import com.google.gson.JsonSerializer;
/**
* @author jricher
*
*/
public class SwdResponse extends AbstractView {
/* (non-Javadoc)
* @see org.springframework.web.servlet.view.AbstractView#renderMergedOutputModel(java.util.Map, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
@Override
protected void renderMergedOutputModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) throws Exception {
Gson gson = new GsonBuilder().setExclusionStrategies(new ExclusionStrategy() {
@Override
public boolean shouldSkipField(FieldAttributes f) {
return false;
}
@Override
public boolean shouldSkipClass(Class<?> clazz) {
// skip the JPA binding wrapper
if (clazz.equals(BeanPropertyBindingResult.class)) {
return true;
} else {
return false;
}
}
})
.create();
response.setContentType("application/json");
Writer out = response.getWriter();
Object obj = model.get("entity");
if (obj == null) {
obj = model;
}
gson.toJson(obj, out);
}
}

View File

@ -1,19 +1,39 @@
package org.mitre.swd.web;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
@Controller
public class SimpleWebDiscoveryEndpoint {
@RequestMapping(value="/.well-known/simple-web-discovery",
params={"principal", "service=http://openid.net/specs/connect/1.0/issuer"})
public ModelAndView openIdConnectIssuerDiscovery(@RequestParam("principal") String principal, ModelAndView modelAndView) {
public ModelAndView openIdConnectIssuerDiscovery(@RequestParam("principal") String principal, ModelAndView modelAndView, HttpServletRequest request) {
String baseUrl = findBaseUrl(request);
// look up user, see if they're local
// if so, return this server
Map<String, Object> m = new HashMap<String, Object>();
m.put("locations", Lists.newArrayList(baseUrl));
modelAndView.getModel().put("entity", m);
modelAndView.setViewName("jsonSwdResponseView");
return modelAndView;
}
@ -43,13 +63,43 @@ public class SimpleWebDiscoveryEndpoint {
* token_endpoint_auth_algs_supported array A JSON array containing a list of the JWS [JWS] signing algorithms supported by the Token Endpoint for the private_key_jwt method to encode the JWT [JWT]. Servers SHOULD support RS256.
*/
@RequestMapping("/.well-known/openid-configuration")
public ModelAndView providerConfiguration(ModelAndView modelAndView) {
public ModelAndView providerConfiguration(ModelAndView modelAndView, HttpServletRequest request) {
Map m = modelAndView.getModel();
String baseUrl = findBaseUrl(request);
Map<String, Object> m = new HashMap<String, Object>();
m.put("version", "3.0");
m.put("issuer", baseUrl);
m.put("authorization_endpoint", baseUrl + "/authorize");
m.put("token_endpoint", baseUrl + "/oauth");
m.put("userinfo_endpoint", baseUrl + "/userinfo");
m.put("check_id_endpoint", baseUrl + "/checkid");
m.put("refresh_session_endpoint", baseUrl + "/refresh_session");
m.put("end_session_endpoint", baseUrl + "/end_session");
m.put("jwk_url", baseUrl + "/jwk");
m.put("registration_endpoint", baseUrl + "/register_client");
m.put("scopes_supported", Lists.newArrayList("openid"));
m.put("response_types_supported", Lists.newArrayList("code"));
modelAndView.getModel().put("entity", m);
// TODO: everything in the list up there
modelAndView.setViewName("jsonOpenIdConfigurationView");
return modelAndView;
}
private String findBaseUrl(HttpServletRequest request) {
String baseUrl = String.format("%s://%s%s", request.getScheme(), request.getServerName(), request.getContextPath());
if ((request.getScheme().equals("http") && request.getServerPort() != 80)
|| (request.getScheme().equals("https") && request.getServerPort() != 443)) {
// nonstandard port, need to include it
baseUrl = String.format("%s://%s:%d%s", request.getScheme(), request.getServerName(), request.getServerPort(), request.getContextPath());
}
return baseUrl;
}
}

View File

@ -10,5 +10,9 @@
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
<!-- Scans within the base package of the application for @Components to configure as beans -->
<!-- <context:component-scan base-package="org.mitre.pushee.hub.web" /> -->
<context:component-scan base-package="org.mitre">
<context:include-filter type="annotation" expression="org.springframework.stereotype.Controller" />
</context:component-scan>
</beans>

View File

@ -22,15 +22,17 @@
<beans:property name="order" value="2"/>
</beans:bean>
<context:component-scan base-package="org.mitre.openid" />
<!-- Resolve views based on string names -->
<!-- Resolve views based on string names -->
<beans:bean class="org.springframework.web.servlet.view.BeanNameViewResolver" >
<beans:property name="order" value="1"/>
</beans:bean>
<!-- JSON views for each type of model object -->
<beans:bean id="jsonOpenIdConfigurationView" class="org.mitre.swd.view.JsonOpenIdConfigurationView" />
<beans:bean id="jsonSwdResponseView" class="org.mitre.swd.view.SwdResponse" />
<!-- <beans:bean id="jsonUserInfoView" class="org.mitre.openid.connect.model.serializer.JSONUserInfoView"/> -->
<!-- <beans:bean id="jsonIdTokenView" class="org.mitre.openid.connect.model.serializer.JSONIdTokenView"/> -->
<beans:import resource="controllers.xml" />
</beans:beans>