github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'Really_fixing_redirects'

pull/59/head
Amanda Anganes 2012-04-16 12:39:06 -04:00
parent 05b2cf8fff 5d78bc4e0a
commit 6899a16c2f
3 changed files with 22 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
openid-connect-server/src/main/java/org/mitre/openid/connect/token/JdbcUserApprovalHandler.java Normal file
View File

@ -0,0 +1,20 @@
package org.mitre.openid.connect.token;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.provider.AuthorizationRequest;
import org.springframework.security.oauth2.provider.approval.UserApprovalHandler;
public class JdbcUserApprovalHandler implements UserApprovalHandler {
@Override
public boolean isApproved(AuthorizationRequest authorizationRequest,
Authentication userAuthentication) {
//Check database to see if the user identified by the userAuthentication has stored an approval decision
userAuthentication.getPrincipal();
return false;
}
}

1
openid-connect-server/src/main/webapp/WEB-INF/spring/appServlet/servlet-context.xml
View File

@ -55,7 +55,6 @@
token-services-ref="defaultOAuth2ProviderTokenService" token-granter-ref="connectAuthCodeTokenGranter" token-services-ref="defaultOAuth2ProviderTokenService" token-granter-ref="connectAuthCodeTokenGranter"
user-approval-handler-ref="userApprovalHandler" user-approval-handler-ref="userApprovalHandler"
authorization-endpoint-url="/openidconnect/auth" token-endpoint-url="/openidconnect/token" authorization-endpoint-url="/openidconnect/auth" token-endpoint-url="/openidconnect/token"
user-approval-page="redirect:/oauth/confirm_access"
> >
<oauth:authorization-code authorization-code-services-ref="authCodeServices" /> <oauth:authorization-code authorization-code-services-ref="authCodeServices" />
</oauth:authorization-server> </oauth:authorization-server>

5
openid-connect-server/src/main/webapp/WEB-INF/spring/application-context.xml
View File

@ -23,8 +23,7 @@
<security:global-method-security pre-post-annotations="enabled" proxy-target-class="true" authentication-manager-ref="springSecurityAuthenticationManager"/> <security:global-method-security pre-post-annotations="enabled" proxy-target-class="true" authentication-manager-ref="springSecurityAuthenticationManager"/>
<!-- 4/11 AANGANES trying:remove "create-session="stateless"" from below statement --> <security:http pattern="/oauth/token" create-session="stateless" authentication-manager-ref="clientAuthenticationManager"
<http pattern="/oauth/token" authentication-manager-ref="clientAuthenticationManager"
xmlns="http://www.springframework.org/schema/security"> xmlns="http://www.springframework.org/schema/security">
<intercept-url pattern="/oauth/token" access="IS_AUTHENTICATED_FULLY" /> <intercept-url pattern="/oauth/token" access="IS_AUTHENTICATED_FULLY" />
<anonymous enabled="false" /> <anonymous enabled="false" />
@ -32,7 +31,7 @@
<!-- include this only if you need to authenticate clients via request parameters --> <!-- include this only if you need to authenticate clients via request parameters -->
<custom-filter ref="clientCredentialsTokenEndpointFilter" before="BASIC_AUTH_FILTER" /> <custom-filter ref="clientCredentialsTokenEndpointFilter" before="BASIC_AUTH_FILTER" />
<access-denied-handler ref="oauthAccessDeniedHandler" /> <access-denied-handler ref="oauthAccessDeniedHandler" />
</http> </security:http>
<security:http use-expressions="true" auto-config="true" pattern="/oauth/authorize" authentication-manager-ref="springSecurityAuthenticationManager"> <security:http use-expressions="true" auto-config="true" pattern="/oauth/authorize" authentication-manager-ref="springSecurityAuthenticationManager">
<security:intercept-url pattern="/oauth/authorize" access="hasRole('ROLE_USER')"/> <security:intercept-url pattern="/oauth/authorize" access="hasRole('ROLE_USER')"/>