From 67e871467137130acd400f161a9b62c0a26b67ee Mon Sep 17 00:00:00 2001 From: Amanda Anganes Date: Thu, 10 Jan 2013 14:44:36 -0500 Subject: [PATCH] Working on request object userinfo parsing --- .../client/OIDCSignedRequestFilter.java | 2 +- .../openid/connect/view/JSONUserInfoView.java | 24 ++++++++++++++++++- .../RequestObjectAuthorizationEndpoint.java | 6 ++--- .../openid/connect/web/UserInfoEndpoint.java | 1 + 4 files changed, 28 insertions(+), 5 deletions(-) diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCSignedRequestFilter.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCSignedRequestFilter.java index 4fd9ec263..ce5a52cd3 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCSignedRequestFilter.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCSignedRequestFilter.java @@ -64,7 +64,7 @@ public class OIDCSignedRequestFilter extends AbstractOIDCAuthenticationFilter im "An Authorization Endpoint URI must be supplied"); Assert.notNull(oidcServerConfig.getTokenEndpointUrl(), - "A Token ID Endpoint URI must be supplied"); + "A Token Endpoint URI must be supplied"); Assert.notNull(oidcServerConfig.getClientId(), "A Client ID must be supplied"); diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/JSONUserInfoView.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/JSONUserInfoView.java index 8b5002a07..46225f96a 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/JSONUserInfoView.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/JSONUserInfoView.java @@ -75,7 +75,18 @@ public class JSONUserInfoView extends AbstractView { try { out = response.getWriter(); - gson.toJson(toJson(userInfo, scope), out); + + if (model.get("requestObject") != null) { + String jsonString = (String)model.get("requestObject"); + JsonObject requestObject = gson.fromJson(jsonString, JsonObject.class); + + gson.toJson(toJsonFromRequestObj(userInfo, scope, requestObject)); + + } else { + + gson.toJson(toJson(userInfo, scope), out); + + } } catch (IOException e) { @@ -135,4 +146,15 @@ public class JSONUserInfoView extends AbstractView { return obj; } + + private JsonObject toJsonFromRequestObj(UserInfo ui, Set scope, JsonObject requestObj) { + + JsonObject obj = new JsonObject(); + + + + + return obj; + + } } diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java index e01141982..7403e3d5f 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java @@ -105,9 +105,9 @@ public class RequestObjectAuthorizationEndpoint { String requestUri = claims.getClaimAsString("request_uri"); if (requestUri != null) { - if (parameters.containsKey("request_uri") == false) { - parameters.put("request_uri", requestUri); - } + //The spec does not allow a client to send a request parameter AND + //link to a hosted request object at the same time, so this is an error. + //TODO: what error to throw? } // call out to the SECOAUTH endpoint to do the real processing diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java index d619275de..f3bad2dcb 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java @@ -88,6 +88,7 @@ public class UserInfoEndpoint { OAuth2Authentication authentication = (OAuth2Authentication)p; model.addAttribute("scope", authentication.getAuthorizationRequest().getScope()); + model.addAttribute("requestObject", authentication.getAuthorizationRequest().getAuthorizationParameters().get("request")); } model.addAttribute("userInfo", userInfo);