github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

externalized strings from user info views

pull/803/head
Justin Richer 2015-03-11 14:00:14 -04:00
parent 86e95d9e6e
commit 61a596dc15
3 changed files with 29 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoJWTView.java
View File

@ -39,6 +39,7 @@ import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import com.google.common.base.Strings; import com.google.common.base.Strings;
@ -59,6 +60,8 @@ import com.nimbusds.jwt.SignedJWT;
@Component(UserInfoJWTView.VIEWNAME) @Component(UserInfoJWTView.VIEWNAME)
public class UserInfoJWTView extends UserInfoView { public class UserInfoJWTView extends UserInfoView {
public static final String CLIENT = "client";
/** /**
* Logger for this class * Logger for this class
*/ */
@ -66,6 +69,10 @@ public class UserInfoJWTView extends UserInfoView {
public static final String VIEWNAME = "userInfoJwtView"; public static final String VIEWNAME = "userInfoJwtView";
public static final String JOSE_MEDIA_TYPE_VALUE = "application/jwt";
public static final MediaType JOSE_MEDIA_TYPE = new MediaType("application", "jwt");
@Autowired @Autowired
private JWTSigningAndValidationService jwtService; private JWTSigningAndValidationService jwtService;
@ -83,13 +90,13 @@ public class UserInfoJWTView extends UserInfoView {
HttpServletRequest request, HttpServletResponse response) { HttpServletRequest request, HttpServletResponse response) {
try { try {
ClientDetailsEntity client = (ClientDetailsEntity)model.get("client"); ClientDetailsEntity client = (ClientDetailsEntity)model.get(CLIENT);
// use the parser to import the user claims into the object // use the parser to import the user claims into the object
StringWriter writer = new StringWriter(); StringWriter writer = new StringWriter();
gson.toJson(json, writer); gson.toJson(json, writer);
response.setContentType("application/jwt"); response.setContentType(JOSE_MEDIA_TYPE_VALUE);
JWTClaimsSet claims = JWTClaimsSet.parse(writer.toString()); JWTClaimsSet claims = JWTClaimsSet.parse(writer.toString());

19
openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java
View File

@ -47,10 +47,15 @@ import com.google.gson.JsonParser;
@Component(UserInfoView.VIEWNAME) @Component(UserInfoView.VIEWNAME)
public class UserInfoView extends AbstractView { public class UserInfoView extends AbstractView {
private static JsonParser jsonParser = new JsonParser(); public static final String REQUESTED_CLAIMS = "requestedClaims";
public static final String AUTHORIZED_CLAIMS = "authorizedClaims";
public static final String SCOPE = "scope";
public static final String USER_INFO = "userInfo";
public static final String VIEWNAME = "userInfoView"; public static final String VIEWNAME = "userInfoView";
private static JsonParser jsonParser = new JsonParser();
/** /**
* Logger for this class * Logger for this class
*/ */
@ -89,20 +94,20 @@ public class UserInfoView extends AbstractView {
@Override @Override
protected void renderMergedOutputModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) { protected void renderMergedOutputModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) {
UserInfo userInfo = (UserInfo) model.get("userInfo"); UserInfo userInfo = (UserInfo) model.get(USER_INFO);
Set<String> scope = (Set<String>) model.get("scope"); Set<String> scope = (Set<String>) model.get(SCOPE);
response.setContentType(MediaType.APPLICATION_JSON_VALUE); response.setContentType(MediaType.APPLICATION_JSON_VALUE);
JsonObject authorizedClaims = null; JsonObject authorizedClaims = null;
JsonObject requestedClaims = null; JsonObject requestedClaims = null;
if (model.get("authorizedClaims") != null) { if (model.get(AUTHORIZED_CLAIMS) != null) {
authorizedClaims = jsonParser.parse((String) model.get("authorizedClaims")).getAsJsonObject(); authorizedClaims = jsonParser.parse((String) model.get(AUTHORIZED_CLAIMS)).getAsJsonObject();
} }
if (model.get("requestedClaims") != null) { if (model.get(REQUESTED_CLAIMS) != null) {
requestedClaims = jsonParser.parse((String) model.get("requestedClaims")).getAsJsonObject(); requestedClaims = jsonParser.parse((String) model.get(REQUESTED_CLAIMS)).getAsJsonObject();
} }
JsonObject json = toJsonFromRequestObj(userInfo, scope, authorizedClaims, requestedClaims); JsonObject json = toJsonFromRequestObj(userInfo, scope, authorizedClaims, requestedClaims);

19
openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
View File

@ -72,14 +72,11 @@ public class UserInfoEndpoint {
*/ */
private static final Logger logger = LoggerFactory.getLogger(UserInfoEndpoint.class); private static final Logger logger = LoggerFactory.getLogger(UserInfoEndpoint.class);
private static final MediaType JOSE_MEDIA_TYPE = new MediaType("application", "jwt");
private static final String JOSE_MEDIA_TYPE_VALUE = "application/jwt";
/** /**
* Get information about the user as specified in the accessToken included in this request * Get information about the user as specified in the accessToken included in this request
*/ */
@PreAuthorize("hasRole('ROLE_USER') and #oauth2.hasScope('" + SystemScopeService.OPENID_SCOPE + "')") @PreAuthorize("hasRole('ROLE_USER') and #oauth2.hasScope('" + SystemScopeService.OPENID_SCOPE + "')")
@RequestMapping(method= {RequestMethod.GET, RequestMethod.POST}, produces = {MediaType.APPLICATION_JSON_VALUE, JOSE_MEDIA_TYPE_VALUE}) @RequestMapping(method= {RequestMethod.GET, RequestMethod.POST}, produces = {MediaType.APPLICATION_JSON_VALUE, UserInfoJWTView.JOSE_MEDIA_TYPE_VALUE})
public String getInfo(@RequestParam(value="claims", required=false) String claimsRequestJsonString, public String getInfo(@RequestParam(value="claims", required=false) String claimsRequestJsonString,
@RequestHeader(value="Accept", required=false) String acceptHeader, @RequestHeader(value="Accept", required=false) String acceptHeader,
OAuth2Authentication auth, Model model) { OAuth2Authentication auth, Model model) {
@ -99,21 +96,21 @@ public class UserInfoEndpoint {
return HttpCodeView.VIEWNAME; return HttpCodeView.VIEWNAME;
} }
model.addAttribute("scope", auth.getOAuth2Request().getScope()); model.addAttribute(UserInfoView.SCOPE, auth.getOAuth2Request().getScope());
model.addAttribute("authorizedClaims", auth.getOAuth2Request().getExtensions().get("claims")); model.addAttribute(UserInfoView.AUTHORIZED_CLAIMS, auth.getOAuth2Request().getExtensions().get("claims"));
if (!Strings.isNullOrEmpty(claimsRequestJsonString)) { if (!Strings.isNullOrEmpty(claimsRequestJsonString)) {
model.addAttribute("requestedClaims", claimsRequestJsonString); model.addAttribute(UserInfoView.REQUESTED_CLAIMS, claimsRequestJsonString);
} }
model.addAttribute("userInfo", userInfo); model.addAttribute(UserInfoView.USER_INFO, userInfo);
// content negotiation // content negotiation
// start off by seeing if the client has registered for a signed/encrypted JWT from here // start off by seeing if the client has registered for a signed/encrypted JWT from here
ClientDetailsEntity client = clientService.loadClientByClientId(auth.getOAuth2Request().getClientId()); ClientDetailsEntity client = clientService.loadClientByClientId(auth.getOAuth2Request().getClientId());
model.addAttribute("client", client); model.addAttribute(UserInfoJWTView.CLIENT, client);
List<MediaType> mediaTypes = MediaType.parseMediaTypes(acceptHeader); List<MediaType> mediaTypes = MediaType.parseMediaTypes(acceptHeader);
MediaType.sortBySpecificityAndQuality(mediaTypes); MediaType.sortBySpecificityAndQuality(mediaTypes);
@ -123,7 +120,7 @@ public class UserInfoEndpoint {
|| client.getUserInfoEncryptedResponseEnc() != null) { || client.getUserInfoEncryptedResponseEnc() != null) {
// client has a preference, see if they ask for plain JSON specifically on this request // client has a preference, see if they ask for plain JSON specifically on this request
for (MediaType m : mediaTypes) { for (MediaType m : mediaTypes) {
if (!m.isWildcardType() && m.isCompatibleWith(JOSE_MEDIA_TYPE)) { if (!m.isWildcardType() && m.isCompatibleWith(UserInfoJWTView.JOSE_MEDIA_TYPE)) {
return UserInfoJWTView.VIEWNAME; return UserInfoJWTView.VIEWNAME;
} else if (!m.isWildcardType() && m.isCompatibleWith(MediaType.APPLICATION_JSON)) { } else if (!m.isWildcardType() && m.isCompatibleWith(MediaType.APPLICATION_JSON)) {
return UserInfoView.VIEWNAME; return UserInfoView.VIEWNAME;
@ -137,7 +134,7 @@ public class UserInfoEndpoint {
for (MediaType m : mediaTypes) { for (MediaType m : mediaTypes) {
if (!m.isWildcardType() && m.isCompatibleWith(MediaType.APPLICATION_JSON)) { if (!m.isWildcardType() && m.isCompatibleWith(MediaType.APPLICATION_JSON)) {
return UserInfoView.VIEWNAME; return UserInfoView.VIEWNAME;
} else if (!m.isWildcardType() && m.isCompatibleWith(JOSE_MEDIA_TYPE)) { } else if (!m.isWildcardType() && m.isCompatibleWith(UserInfoJWTView.JOSE_MEDIA_TYPE)) {
return UserInfoJWTView.VIEWNAME; return UserInfoJWTView.VIEWNAME;
} }
} }