Refactor part 4 - should be final bit
Amanda Anganes
parent
51073a7f8d
commit
695091ca82
|
|
@ -18,9 +18,6 @@ package org.mitre.openid.connect.client;
|
|||
import java.io.IOException;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.math.BigInteger;
|
||||
import java.net.URI;
|
||||
import java.net.URISyntaxException;
|
||||
import java.net.URLEncoder;
|
||||
import java.security.PublicKey;
|
||||
import java.security.SecureRandom;
|
||||
import java.security.interfaces.RSAPublicKey;
|
||||
|
|
@ -40,7 +37,6 @@ import javax.servlet.http.HttpSession;
|
|||
import org.apache.commons.lang.StringUtils;
|
||||
import org.apache.http.NameValuePair;
|
||||
import org.apache.http.client.HttpClient;
|
||||
import org.apache.http.client.utils.URIUtils;
|
||||
import org.apache.http.client.utils.URLEncodedUtils;
|
||||
import org.apache.http.impl.client.DefaultHttpClient;
|
||||
import org.apache.http.message.BasicNameValuePair;
|
||||
|
|
@ -53,7 +49,6 @@ import org.mitre.jwt.signer.service.impl.DefaultJwtSigningAndValidationService;
|
|||
import org.mitre.key.fetch.KeyFetcher;
|
||||
import org.mitre.openid.connect.config.OIDCServerConfiguration;
|
||||
import org.mitre.openid.connect.model.IdToken;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
|
||||
import org.springframework.security.authentication.AuthenticationServiceException;
|
||||
import org.springframework.security.core.Authentication;
|
||||
|
|
@ -68,7 +63,6 @@ import org.springframework.web.client.RestTemplate;
|
|||
import com.google.gson.JsonElement;
|
||||
import com.google.gson.JsonObject;
|
||||
import com.google.gson.JsonParser;
|
||||
import com.sun.xml.ws.mex.client.schema.GetMetadata;
|
||||
|
||||
/**
|
||||
* Abstract OpenID Connect Authentication Filter class
|
||||
|
|
@ -107,7 +101,7 @@ public class AbstractOIDCAuthenticationFilter extends
|
|||
|
||||
List<String> ignore = (ignoreFields != null) ? Arrays.asList(ignoreFields) : null;
|
||||
|
||||
boolean isFirst = true;
|
||||
//boolean isFirst = true;
|
||||
|
||||
StringBuffer sb = request.getRequestURL();
|
||||
List<NameValuePair> queryparams = new ArrayList<NameValuePair>();
|
||||
|
|
@ -321,7 +315,7 @@ public class AbstractOIDCAuthenticationFilter extends
|
|||
} else {
|
||||
|
||||
// Extract the id_token to insert into the
|
||||
// OpenIdConnectAuthenticationToken
|
||||
// OIDCAuthenticationToken
|
||||
|
||||
// get out all the token strings
|
||||
String accessTokenValue = null;
|
||||
|
|
@ -427,9 +421,9 @@ public class AbstractOIDCAuthenticationFilter extends
|
|||
|
||||
String userId = idToken.getClaims().getUserId();
|
||||
|
||||
// construct an OpenIdConnectAuthenticationToken and return a Authentication object w/the userId and the idToken
|
||||
// construct an OIDCAuthenticationToken and return a Authentication object w/the userId and the idToken
|
||||
|
||||
OpenIdConnectAuthenticationToken token = new OpenIdConnectAuthenticationToken(userId, idClaims.getIssuer(), serverConfig, idTokenValue, accessTokenValue, refreshTokenValue);
|
||||
OIDCAuthenticationToken token = new OIDCAuthenticationToken(userId, idClaims.getIssuer(), serverConfig, idTokenValue, accessTokenValue, refreshTokenValue);
|
||||
|
||||
Authentication authentication = this.getAuthenticationManager().authenticate(token);
|
||||
|
||||
|
|
|
|||
|
|
@ -22,14 +22,10 @@ import org.springframework.beans.factory.InitializingBean;
|
|||
import org.springframework.security.authentication.AuthenticationProvider;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
|
||||
import org.springframework.security.core.authority.mapping.NullAuthoritiesMapper;
|
||||
import org.springframework.security.core.userdetails.AuthenticationUserDetailsService;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
import com.google.common.base.Strings;
|
||||
import com.google.common.collect.Sets;
|
||||
|
|
@ -38,7 +34,7 @@ import com.google.common.collect.Sets;
|
|||
* @author nemonik
|
||||
*
|
||||
*/
|
||||
public class OpenIdConnectAuthenticationProvider implements
|
||||
public class OIDCAuthenticationProvider implements
|
||||
AuthenticationProvider, InitializingBean {
|
||||
|
||||
private UserInfoFetcher userInfoFetcher = new UserInfoFetcher();
|
||||
|
|
@ -69,13 +65,13 @@ public class OpenIdConnectAuthenticationProvider implements
|
|||
return null;
|
||||
}
|
||||
|
||||
if (authentication instanceof OpenIdConnectAuthenticationToken) {
|
||||
if (authentication instanceof OIDCAuthenticationToken) {
|
||||
|
||||
// Default authorities set
|
||||
// TODO: let this be configured
|
||||
Collection<SimpleGrantedAuthority> authorities = Sets.newHashSet(new SimpleGrantedAuthority("ROLE_USER"));
|
||||
|
||||
OpenIdConnectAuthenticationToken token = (OpenIdConnectAuthenticationToken) authentication;
|
||||
OIDCAuthenticationToken token = (OIDCAuthenticationToken) authentication;
|
||||
|
||||
UserInfo userInfo = userInfoFetcher.loadUserInfo(token);
|
||||
|
||||
|
|
@ -88,7 +84,7 @@ public class OpenIdConnectAuthenticationProvider implements
|
|||
}
|
||||
}
|
||||
|
||||
return new OpenIdConnectAuthenticationToken(token.getUserId(),
|
||||
return new OIDCAuthenticationToken(token.getUserId(),
|
||||
token.getIssuer(),
|
||||
userInfo, authoritiesMapper.mapAuthorities(authorities),
|
||||
token.getIdTokenValue(), token.getAccessTokenValue(), token.getRefreshTokenValue());
|
||||
|
|
@ -113,6 +109,6 @@ public class OpenIdConnectAuthenticationProvider implements
|
|||
*/
|
||||
@Override
|
||||
public boolean supports(Class<?> authentication) {
|
||||
return OpenIdConnectAuthenticationToken.class.isAssignableFrom(authentication);
|
||||
return OIDCAuthenticationToken.class.isAssignableFrom(authentication);
|
||||
}
|
||||
}
|
||||
|
|
@ -19,21 +19,18 @@ import java.util.ArrayList;
|
|||
import java.util.Collection;
|
||||
|
||||
import org.mitre.openid.connect.config.OIDCServerConfiguration;
|
||||
import org.mitre.openid.connect.model.IdToken;
|
||||
import org.mitre.openid.connect.model.UserInfo;
|
||||
import org.springframework.security.authentication.AbstractAuthenticationToken;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.SpringSecurityCoreVersion;
|
||||
|
||||
import com.google.common.collect.ImmutableMap;
|
||||
import com.google.common.collect.Sets;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author Michael Walsh, Justin Richer
|
||||
*
|
||||
*/
|
||||
public class OpenIdConnectAuthenticationToken extends AbstractAuthenticationToken {
|
||||
public class OIDCAuthenticationToken extends AbstractAuthenticationToken {
|
||||
|
||||
private static final long serialVersionUID = 22100073066377804L;
|
||||
|
||||
|
|
@ -48,7 +45,7 @@ public class OpenIdConnectAuthenticationToken extends AbstractAuthenticationToke
|
|||
private final transient UserInfo userInfo; // user info container, don't serialize it b/c it might be huge and can be re-fetched
|
||||
|
||||
/**
|
||||
* Constructs OpenIdConnectAuthenticationToken with a full set of authorities, marking this as authenticated.
|
||||
* Constructs OIDCAuthenticationToken with a full set of authorities, marking this as authenticated.
|
||||
*
|
||||
* Set to authenticated.
|
||||
*
|
||||
|
|
@ -58,7 +55,7 @@ public class OpenIdConnectAuthenticationToken extends AbstractAuthenticationToke
|
|||
* @param principal
|
||||
* @param idToken
|
||||
*/
|
||||
public OpenIdConnectAuthenticationToken(String userId, String issuer,
|
||||
public OIDCAuthenticationToken(String userId, String issuer,
|
||||
UserInfo userInfo, Collection<? extends GrantedAuthority> authorities,
|
||||
String idTokenValue, String accessTokenValue, String refreshTokenValue) {
|
||||
|
||||
|
|
@ -78,7 +75,7 @@ public class OpenIdConnectAuthenticationToken extends AbstractAuthenticationToke
|
|||
}
|
||||
|
||||
/**
|
||||
* Constructs OpenIdConnectAuthenticationToken for use as a data shuttle from the filter to the auth provider.
|
||||
* Constructs OIDCAuthenticationToken for use as a data shuttle from the filter to the auth provider.
|
||||
*
|
||||
* Set to not-authenticated.
|
||||
*
|
||||
|
|
@ -86,7 +83,7 @@ public class OpenIdConnectAuthenticationToken extends AbstractAuthenticationToke
|
|||
* @param userId
|
||||
* @param idToken
|
||||
*/
|
||||
public OpenIdConnectAuthenticationToken(String userId, String issuer,
|
||||
public OIDCAuthenticationToken(String userId, String issuer,
|
||||
OIDCServerConfiguration serverConfiguration,
|
||||
String idTokenValue, String accessTokenValue, String refreshTokenValue) {
|
||||
|
||||
|
|
@ -1,7 +1,5 @@
|
|||
package org.mitre.openid.connect.client;
|
||||
|
||||
import java.net.URI;
|
||||
|
||||
import org.apache.http.client.HttpClient;
|
||||
import org.apache.http.impl.client.DefaultHttpClient;
|
||||
import org.mitre.openid.connect.model.DefaultUserInfo;
|
||||
|
|
@ -11,14 +9,12 @@ import org.springframework.util.LinkedMultiValueMap;
|
|||
import org.springframework.util.MultiValueMap;
|
||||
import org.springframework.web.client.RestTemplate;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import com.google.gson.GsonBuilder;
|
||||
import com.google.gson.JsonObject;
|
||||
import com.google.gson.JsonParser;
|
||||
|
||||
public class UserInfoFetcher {
|
||||
|
||||
public UserInfo loadUserInfo(OpenIdConnectAuthenticationToken token) {
|
||||
public UserInfo loadUserInfo(OIDCAuthenticationToken token) {
|
||||
|
||||
HttpClient httpClient = new DefaultHttpClient();
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue