Removed patches to SECOAUTH and updated to current head revision. Updated code to match changes, filed issues 2-4 in github issue tracker for some cleanup still remaining. Updated OAuth2AccessTokenEntity to contain an IdToken, which is persisted as a string. NOTE: to deploy, you will need to update your database tables to include the column "idTokenString VARCHAR(256)". accesstoken.sql has been updated to reflect this.

2012-02-22 13:58:20 -05:00 · 2012-02-22 13:58:20 -05:00 · 4d4def75f1
parent 6c1c71809d
commit 4d4def75f1
7 changed files with 132 additions and 21 deletions
--- a/server/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java
+++ b/server/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java
@ -470,4 +470,14 @@ public class ClientDetailsEntity implements ClientDetails {
 	}
 	/**
 	 * TODO: Implement
 	 * See github issue #3
 	 */
 	@Override
 	public int getAccessTokenValiditySeconds() {
 		// TODO Auto-generated method stub
 		return 0;
 	}
 }
--- a/server/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java
+++ b/server/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java
@ -4,6 +4,7 @@
 package org.mitre.oauth2.model;
 import java.util.Date;
 import java.util.Map;
 import java.util.Set;
 import javax.persistence.Basic;
@ -18,11 +19,12 @@ import javax.persistence.Lob;
 import javax.persistence.ManyToOne;
 import javax.persistence.NamedQueries;
 import javax.persistence.NamedQuery;
 import javax.persistence.OneToMany;
 import javax.persistence.Table;
 import javax.persistence.Temporal;
 import javax.persistence.Transient;
 import org.mitre.jwt.model.Jwt;
 import org.mitre.openid.connect.model.IdToken;
 import org.springframework.security.oauth2.common.OAuth2AccessToken;
 import org.springframework.security.oauth2.common.OAuth2RefreshToken;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
@ -40,10 +42,17 @@ import org.springframework.security.oauth2.provider.OAuth2Authentication;
 })
 public class OAuth2AccessTokenEntity extends OAuth2AccessToken {
 	public static String ID_TOKEN = "id_token";
 	private ClientDetailsEntity client;
 	private OAuth2Authentication authentication; // the authentication that made this access
 	private String idTokenString;
 	//JWT-encoded representation of this access token entity
 	private Jwt jwt;
 	/**
 	 * 
 	 */
@ -51,6 +60,18 @@ public class OAuth2AccessTokenEntity extends OAuth2AccessToken {
 		super(null);
 	}
 	/**
 	 * Override this method to insert the ID Token
 	 */
 	@Override
 	@Transient
 	public Map<String, Object> getAdditionalInformation() {
 		Map<String, Object> map = super.getAdditionalInformation();
 		map.put(ID_TOKEN, idTokenString);
 		return map;
 	}
 	/**
     * @return the authentication
@ -94,17 +115,21 @@ public class OAuth2AccessTokenEntity extends OAuth2AccessToken {
    @Id
    @Column(name="id")
    public String getValue() {
-	    // TODO Auto-generated method stub
+	    return jwt.toString();
 	    return super.getValue();
    }
-	/* (non-Javadoc)
+    /**
-     * @see org.springframework.security.oauth2.common.OAuth2AccessToken#setValue(java.lang.String)
+     * Set the "value" of this Access Token
     * 
     * @param value
     */
    @Override
    public void setValue(String value) {
-	    // TODO Auto-generated method stub
+	   try {
-	    super.setValue(value);
+		   Jwt valueJwt = Jwt.parse(value);
 		   setJwt(valueJwt);
 	   } catch (IllegalArgumentException e) {
 		   //TODO: What to do in this case?
 	   }
    }
 	/* (non-Javadoc)
@ -207,4 +232,52 @@ public class OAuth2AccessTokenEntity extends OAuth2AccessToken {
 	}
 	/**
 	 * This is transient b/c the IdToken is not serializable. Instead,
 	 * the toString of the IdToken is persisted in idTokenString 
 	 * @return the idToken
 	 */
    @Transient
 	public IdToken getIdToken() {
 		return IdToken.parse(idTokenString);
 	}
 	/**
 	 * @param idToken the idToken to set
 	 */
 	public void setIdToken(IdToken idToken) {
 		this.idTokenString = idToken.toString();
 	}
 	/**
 	 * @return the idTokenString
 	 */
 	@Basic
 	public String getIdTokenString() {
 		return idTokenString;
 	}
 	/**
 	 * @param idTokenString the idTokenString to set
 	 */
 	public void setIdTokenString(String idTokenString) {
 		this.idTokenString = idTokenString;
 	}
 	/**
 	 * @return the jwt
 	 */
 	@Transient
 	public Jwt getJwt() {
 		return jwt;
 	}
 	/**
 	 * @param jwt the jwt to set
 	 */
 	public void setJwt(Jwt jwt) {
 		this.jwt = jwt;
 	}
 }
--- a/server/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java
+++ b/server/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java
@ -21,6 +21,7 @@ import javax.persistence.Table;
 import javax.persistence.Temporal;
 import javax.persistence.Transient;
 import org.mitre.jwt.model.Jwt;
 import org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken;
 /**
@ -37,6 +38,9 @@ public class OAuth2RefreshTokenEntity extends ExpiringOAuth2RefreshToken {
 	private ClientDetailsEntity client;
 	//JWT-encoded representation of this access token entity
 	private Jwt jwt;
 	private  Set<String> scope; // we save the scope issued to the refresh token so that we can reissue a new access token	
 	/**
@ -44,6 +48,7 @@ public class OAuth2RefreshTokenEntity extends ExpiringOAuth2RefreshToken {
 	 */
 	public OAuth2RefreshTokenEntity() {
 		// TODO Auto-generated constructor stub
 		super(null, null);
 	}
 	/* (non-Javadoc)
@ -54,16 +59,15 @@ public class OAuth2RefreshTokenEntity extends ExpiringOAuth2RefreshToken {
    @Column(name="id")
    public String getValue() {
 	    // TODO Auto-generated method stub
-	    return super.getValue();
+	    return jwt.toString();
    }
 	/* (non-Javadoc)
     * @see org.springframework.security.oauth2.common.OAuth2RefreshToken#setValue(java.lang.String)
     */
    @Override
    public void setValue(String value) {
 	    // TODO Auto-generated method stub
-	    super.setValue(value);
+	    setJwt(Jwt.parse(value));
    }
 	/* (non-Javadoc)
@ -80,10 +84,10 @@ public class OAuth2RefreshTokenEntity extends ExpiringOAuth2RefreshToken {
 	/* (non-Javadoc)
     * @see org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken#setExpiration(java.util.Date)
     */
-    @Override
+    
    public void setExpiration(Date expiration) {
 	    // TODO Auto-generated method stub
-	    super.setExpiration(expiration);
+	    //super.setExpiration(expiration);
    }
    /**
@ -131,6 +135,19 @@ public class OAuth2RefreshTokenEntity extends ExpiringOAuth2RefreshToken {
    	this.scope = scope;
    }
    /**
     * @return the jwt
     */
    @Transient
    public Jwt getJwt() {
    	return jwt;
    }
    /**
     * @param jwt the jwt to set
     */
    public void setJwt(Jwt jwt) {
    	this.jwt = jwt;
    }
 }
--- a/server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
+++ b/server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
@ -25,7 +25,6 @@ import org.springframework.security.oauth2.common.exceptions.InvalidClientExcept
 import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
 import org.springframework.security.oauth2.provider.AuthorizationRequest;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
 import org.springframework.security.oauth2.provider.client.ClientAuthenticationToken;
 import org.springframework.stereotype.Service;
 import com.google.common.collect.Sets;
@ -216,6 +215,18 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi
 		}
    }
 	/**
 	 * TODO: Implement
 	 * See github issue #2
 	 */
 	@Override
 	public OAuth2AccessTokenEntity getAccessToken(OAuth2Authentication authentication) {
 		OAuth2AccessTokenEntity accessToken = new OAuth2AccessTokenEntity();
 		return accessToken;
 	}
 	@Override
    public OAuth2RefreshTokenEntity getRefreshToken(String refreshTokenValue) throws AuthenticationException {
 		OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenByValue(refreshTokenValue);
--- a/server/src/main/java/org/mitre/openid/connect/token/ConnectAuthCodeTokenGranter.java
+++ b/server/src/main/java/org/mitre/openid/connect/token/ConnectAuthCodeTokenGranter.java
@ -109,8 +109,8 @@ public class ConnectAuthCodeTokenGranter implements TokenGranter {
 		}
 		AuthorizationRequest unconfirmedAuthorizationRequest = storedAuth.getAuthenticationRequest();
-		if (unconfirmedAuthorizationRequest.getRequestedRedirect() != null
+		if (unconfirmedAuthorizationRequest.getRedirectUri() != null
-				&& !unconfirmedAuthorizationRequest.getRequestedRedirect().equals(redirectUri)) {
+				&& !unconfirmedAuthorizationRequest.getRedirectUri().equals(redirectUri)) {
 			throw new RedirectMismatchException("Redirect URI mismatch.");
 		}
@ -147,8 +147,7 @@ public class ConnectAuthCodeTokenGranter implements TokenGranter {
 			//See github issue #1
 			IdToken idToken = idTokenService.generateIdToken(userId, "http://id.mitre.org/openidconnect");
-			
+			token.setIdToken(idToken);
 			//TODO: insert IdToken into OAuth2AccessTokenEntity
 		}		
 		return token;
--- a/server/src/main/webapp/db/tables/accesstoken.sql
+++ b/server/src/main/webapp/db/tables/accesstoken.sql
@ -4,5 +4,6 @@ CREATE TABLE accesstoken (
 	tokenType VARCHAR(256),
 	refresh_token_id VARCHAR(256),
 	client_id VARCHAR(256),
-	authentication LONGBLOB
+	authentication LONGBLOB,
 	idTokenString VARCHAR(256)
 );
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit 92f3ec73e303878f264610ca9d9ff9386b1f6264
+Subproject commit 2e7150fc0fd1307bc4adb33112bd9487e5b9715f
		`@ -1 +1 @@`
			`Subproject commit 92f3ec73e303878f264610ca9d9ff9386b1f6264`				`Subproject commit 2e7150fc0fd1307bc4adb33112bd9487e5b9715f`