Merge branch 'master' of github.com:mitreid-connect/OpenID-Connect-Java-Spring-Server
Amanda Anganes
commit
714def4bc7
|
|
@ -18,10 +18,13 @@ package org.mitre.openid.connect.client;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.io.UnsupportedEncodingException;
|
import java.io.UnsupportedEncodingException;
|
||||||
import java.math.BigInteger;
|
import java.math.BigInteger;
|
||||||
|
import java.net.URI;
|
||||||
|
import java.net.URISyntaxException;
|
||||||
import java.net.URLEncoder;
|
import java.net.URLEncoder;
|
||||||
import java.security.PublicKey;
|
import java.security.PublicKey;
|
||||||
import java.security.SecureRandom;
|
import java.security.SecureRandom;
|
||||||
import java.security.interfaces.RSAPublicKey;
|
import java.security.interfaces.RSAPublicKey;
|
||||||
|
import java.util.ArrayList;
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
import java.util.Date;
|
import java.util.Date;
|
||||||
import java.util.Enumeration;
|
import java.util.Enumeration;
|
||||||
|
|
@ -35,8 +38,12 @@ import javax.servlet.http.HttpServletResponse;
|
||||||
import javax.servlet.http.HttpSession;
|
import javax.servlet.http.HttpSession;
|
||||||
|
|
||||||
import org.apache.commons.lang.StringUtils;
|
import org.apache.commons.lang.StringUtils;
|
||||||
|
import org.apache.http.NameValuePair;
|
||||||
import org.apache.http.client.HttpClient;
|
import org.apache.http.client.HttpClient;
|
||||||
|
import org.apache.http.client.utils.URIUtils;
|
||||||
|
import org.apache.http.client.utils.URLEncodedUtils;
|
||||||
import org.apache.http.impl.client.DefaultHttpClient;
|
import org.apache.http.impl.client.DefaultHttpClient;
|
||||||
|
import org.apache.http.message.BasicNameValuePair;
|
||||||
import org.mitre.jwt.model.JwtClaims;
|
import org.mitre.jwt.model.JwtClaims;
|
||||||
import org.mitre.jwt.signer.JwsAlgorithm;
|
import org.mitre.jwt.signer.JwsAlgorithm;
|
||||||
import org.mitre.jwt.signer.JwtSigner;
|
import org.mitre.jwt.signer.JwtSigner;
|
||||||
|
|
@ -46,6 +53,7 @@ import org.mitre.jwt.signer.service.impl.JwtSigningAndValidationServiceDefault;
|
||||||
import org.mitre.key.fetch.KeyFetcher;
|
import org.mitre.key.fetch.KeyFetcher;
|
||||||
import org.mitre.openid.connect.config.OIDCServerConfiguration;
|
import org.mitre.openid.connect.config.OIDCServerConfiguration;
|
||||||
import org.mitre.openid.connect.model.IdToken;
|
import org.mitre.openid.connect.model.IdToken;
|
||||||
|
import org.springframework.http.HttpMethod;
|
||||||
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
|
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
|
||||||
import org.springframework.security.authentication.AuthenticationServiceException;
|
import org.springframework.security.authentication.AuthenticationServiceException;
|
||||||
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.Authentication;
|
||||||
|
|
@ -60,6 +68,7 @@ import org.springframework.web.client.RestTemplate;
|
||||||
import com.google.gson.JsonElement;
|
import com.google.gson.JsonElement;
|
||||||
import com.google.gson.JsonObject;
|
import com.google.gson.JsonObject;
|
||||||
import com.google.gson.JsonParser;
|
import com.google.gson.JsonParser;
|
||||||
|
import com.sun.xml.ws.mex.client.schema.GetMetadata;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Abstract OpenID Connect Authentication Filter class
|
* Abstract OpenID Connect Authentication Filter class
|
||||||
|
|
@ -97,10 +106,12 @@ public class AbstractOIDCAuthenticationFilter extends
|
||||||
public static String buildRedirectURI(HttpServletRequest request, String[] ignoreFields) {
|
public static String buildRedirectURI(HttpServletRequest request, String[] ignoreFields) {
|
||||||
|
|
||||||
List<String> ignore = (ignoreFields != null) ? Arrays.asList(ignoreFields) : null;
|
List<String> ignore = (ignoreFields != null) ? Arrays.asList(ignoreFields) : null;
|
||||||
|
|
||||||
boolean isFirst = true;
|
boolean isFirst = true;
|
||||||
|
|
||||||
StringBuffer sb = request.getRequestURL();
|
StringBuffer sb = request.getRequestURL();
|
||||||
|
List<NameValuePair> queryparams = new ArrayList<NameValuePair>();
|
||||||
|
|
||||||
|
|
||||||
for (Enumeration<?> e = request.getParameterNames(); e.hasMoreElements();) {
|
for (Enumeration<?> e = request.getParameterNames(); e.hasMoreElements();) {
|
||||||
|
|
||||||
|
|
@ -115,21 +126,23 @@ public class AbstractOIDCAuthenticationFilter extends
|
||||||
if (value == null) {
|
if (value == null) {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
queryparams.add(new BasicNameValuePair(name,value));
|
||||||
|
|
||||||
if (isFirst) {
|
//if (isFirst) {
|
||||||
sb.append("?");
|
// sb.append("?");
|
||||||
isFirst = false;
|
// isFirst = false;
|
||||||
}
|
//}
|
||||||
|
|
||||||
sb.append(name).append("=").append(value);
|
//sb.append(name).append("=").append(value);
|
||||||
|
|
||||||
if (e.hasMoreElements()) {
|
//if (e.hasMoreElements()) {
|
||||||
sb.append("&");
|
// sb.append("&");
|
||||||
}
|
//}
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
return sb.append("?").append(URLEncodedUtils.format(queryparams, "UTF-8")).toString();
|
||||||
return sb.toString();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -147,28 +160,15 @@ public class AbstractOIDCAuthenticationFilter extends
|
||||||
* parameters.
|
* parameters.
|
||||||
*/
|
*/
|
||||||
public static String buildURL(String baseURI, Map<String, String> queryStringFields) {
|
public static String buildURL(String baseURI, Map<String, String> queryStringFields) {
|
||||||
// TODO: replace this with URIUtils call
|
|
||||||
StringBuilder URLBuilder = new StringBuilder(baseURI);
|
StringBuilder URLBuilder = new StringBuilder(baseURI);
|
||||||
|
List<NameValuePair> queryparams = new ArrayList<NameValuePair>();
|
||||||
char appendChar = '?';
|
char appendChar = '?';
|
||||||
|
|
||||||
for (Map.Entry<String, String> param : queryStringFields.entrySet()) {
|
// build a NameValuePair list for the query paramaters
|
||||||
|
for (Map.Entry<String, String> param : queryStringFields.entrySet()){
|
||||||
try {
|
queryparams.add(new BasicNameValuePair(param.getKey(),param.getValue()));
|
||||||
|
|
||||||
URLBuilder.append(appendChar)
|
|
||||||
.append(param.getKey())
|
|
||||||
.append('=')
|
|
||||||
.append(URLEncoder.encode(param.getValue(), "UTF-8"));
|
|
||||||
|
|
||||||
} catch (UnsupportedEncodingException uee) {
|
|
||||||
|
|
||||||
throw new IllegalStateException(uee);
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
appendChar = '&';
|
|
||||||
}
|
}
|
||||||
|
URLBuilder.append(appendChar).append(URLEncodedUtils.format(queryparams, "UTF-8"));
|
||||||
|
|
||||||
return URLBuilder.toString();
|
return URLBuilder.toString();
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue