github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

removed old error handlers

pull/324/merge
Justin Richer 2013-04-12 16:04:40 -04:00
parent 31e3c5e5e7
commit 743a3023dc
11 changed files with 3 additions and 331 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
openid-connect-server/src/main/java/org/mitre/oauth2/exception/ClientNotFoundException.java
View File

@ -1,58 +0,0 @@
/*******************************************************************************
* Copyright 2012 The MITRE Corporation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.oauth2.exception;
/**
* @author aanganes
*
*/
public class ClientNotFoundException extends RuntimeException {
private static final long serialVersionUID = 1L;
/**
*
*/
public ClientNotFoundException() {
// TODO Auto-generated constructor stub
}
/**
* @param message
*/
public ClientNotFoundException(String message) {
super(message);
// TODO Auto-generated constructor stub
}
/**
* @param cause
*/
public ClientNotFoundException(Throwable cause) {
super(cause);
// TODO Auto-generated constructor stub
}
/**
* @param message
* @param cause
*/
public ClientNotFoundException(String message, Throwable cause) {
super(message, cause);
// TODO Auto-generated constructor stub
}
}

4
openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerAuthenticationProvider.java
View File

@ -8,7 +8,6 @@ import java.util.Date;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService; import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.jwt.signer.service.impl.JWKSetSigningAndValidationServiceCacheService; import org.mitre.jwt.signer.service.impl.JWKSetSigningAndValidationServiceCacheService;
import org.mitre.oauth2.exception.ClientNotFoundException;
import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.service.ClientDetailsEntityService; import org.mitre.oauth2.service.ClientDetailsEntityService;
import org.mitre.openid.connect.config.ConfigurationPropertiesBean; import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
@ -20,6 +19,7 @@ import org.springframework.security.authentication.AuthenticationServiceExceptio
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.oauth2.common.exceptions.InvalidClientException;
import com.nimbusds.jwt.JWT; import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.ReadOnlyJWTClaimsSet; import com.nimbusds.jwt.ReadOnlyJWTClaimsSet;
@ -117,7 +117,7 @@ public class JwtBearerAuthenticationProvider implements AuthenticationProvider {
// IFF we managed to get all the way down here, the token is valid // IFF we managed to get all the way down here, the token is valid
return new JwtBearerAssertionAuthenticationToken(client.getClientId(), jwt, client.getAuthorities()); return new JwtBearerAssertionAuthenticationToken(client.getClientId(), jwt, client.getAuthorities());
} catch (ClientNotFoundException e) { } catch (InvalidClientException e) {
throw new UsernameNotFoundException("Could not find client: " + jwtAuth.getClientId()); throw new UsernameNotFoundException("Could not find client: " + jwtAuth.getClientId());
} catch (ParseException e) { } catch (ParseException e) {
// TODO Auto-generated catch block // TODO Auto-generated catch block

34
openid-connect-server/src/main/java/org/mitre/openid/connect/exception/ExpiredTokenException.java
View File

@ -1,34 +0,0 @@
/*******************************************************************************
* Copyright 2012 The MITRE Corporation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.openid.connect.exception;
/**
* @author aanganes, nemonik
*
*/
public class ExpiredTokenException extends RuntimeException {
private static final long serialVersionUID = 1L;
public ExpiredTokenException() {
super();
}
public ExpiredTokenException(String message) {
super(message);
}
}

34
openid-connect-server/src/main/java/org/mitre/openid/connect/exception/InvalidJwtIssuerException.java
View File

@ -1,34 +0,0 @@
/*******************************************************************************
* Copyright 2012 The MITRE Corporation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.openid.connect.exception;
/**
* @author aanganes, nemonik
*
*/
public class InvalidJwtIssuerException extends RuntimeException {
private static final long serialVersionUID = 1L;
public InvalidJwtIssuerException() {
super();
}
public InvalidJwtIssuerException(String message) {
super(message);
}
}

34
openid-connect-server/src/main/java/org/mitre/openid/connect/exception/InvalidJwtSignatureException.java
View File

@ -1,34 +0,0 @@
/*******************************************************************************
* Copyright 2012 The MITRE Corporation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.openid.connect.exception;
/**
* @author aanganes, nemonik
*
*/
public class InvalidJwtSignatureException extends RuntimeException {
private static final long serialVersionUID = 1L;
public InvalidJwtSignatureException() {
super();
}
public InvalidJwtSignatureException(String message) {
super(message);
}
}

34
openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UnknownUserInfoSchemaException.java
View File

@ -1,34 +0,0 @@
/*******************************************************************************
* Copyright 2012 The MITRE Corporation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.openid.connect.exception;
/**
* @author aanganes, nemonik
*
*/
public class UnknownUserInfoSchemaException extends RuntimeException {
private static final long serialVersionUID = 1L;
public UnknownUserInfoSchemaException() {
super();
}
public UnknownUserInfoSchemaException(String message) {
super(message);
}
}

27
openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UserNotFoundException.java
View File

@ -1,27 +0,0 @@
package org.mitre.openid.connect.exception;
public class UserNotFoundException extends RuntimeException {
private static final long serialVersionUID = 1L;
public UserNotFoundException() {
super();
// TODO Auto-generated constructor stub
}
public UserNotFoundException(String message, Throwable cause) {
super(message, cause);
// TODO Auto-generated constructor stub
}
public UserNotFoundException(String message) {
super(message);
// TODO Auto-generated constructor stub
}
public UserNotFoundException(Throwable cause) {
super(cause);
// TODO Auto-generated constructor stub
}
}

75
openid-connect-server/src/main/java/org/mitre/openid/connect/view/ExceptionAsJSONView.java
View File

@ -1,75 +0,0 @@
/*******************************************************************************
* Copyright 2012 The MITRE Corporation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.openid.connect.view;
import java.io.IOException;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.view.AbstractView;
import com.google.gson.JsonObject;
/**
* @author nemonik
*
*/
@Component("exceptionAsJSONView")
public class ExceptionAsJSONView extends AbstractView {
private static Logger logger = LoggerFactory.getLogger(ExceptionAsJSONView.class);
/*
* (non-Javadoc)
*
* @see
* org.springframework.web.servlet.view.AbstractView#renderMergedOutputModel
* (java.util.Map, javax.servlet.http.HttpServletRequest,
* javax.servlet.http.HttpServletResponse)
*/
@Override
protected void renderMergedOutputModel(Map<String, Object> model, HttpServletRequest requesr, HttpServletResponse response) {
response.setContentType("application/json");
response.setStatus(HttpStatus.BAD_REQUEST.value());
final JsonObject jsonObject = new JsonObject();
Object ex = model.get("exception");
jsonObject.addProperty("error", ex.getClass().getName());
jsonObject.addProperty("error_description",
((Exception) ex).getMessage());
try {
response.getWriter().write(jsonObject.toString());
} catch (IOException e) {
logger.error("IOException in ExceptionAsJSONView.java: ", e);
}
}
}

8
openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
View File

@ -17,8 +17,6 @@ package org.mitre.openid.connect.web;
import java.security.Principal; import java.security.Principal;
import org.mitre.openid.connect.exception.UnknownUserInfoSchemaException;
import org.mitre.openid.connect.exception.UserNotFoundException;
import org.mitre.openid.connect.model.UserInfo; import org.mitre.openid.connect.model.UserInfo;
import org.mitre.openid.connect.service.UserInfoService; import org.mitre.openid.connect.service.UserInfoService;
import org.slf4j.Logger; import org.slf4j.Logger;
@ -48,11 +46,7 @@ public class UserInfoEndpoint {
private static Logger logger = LoggerFactory.getLogger(UserInfoEndpoint.class); private static Logger logger = LoggerFactory.getLogger(UserInfoEndpoint.class);
/** /**
* Get information about the user as specified in the accessToken->idToken included in this request * Get information about the user as specified in the accessToken included in this request
*
* @throws UserNotFoundException if the user does not exist or cannot be found
* @throws UnknownUserInfoSchemaException if an unknown schema is used
* @throws InvalidScopeException if the oauth2 token doesn't have the "openid" scope
*/ */
@PreAuthorize("hasRole('ROLE_USER') and #oauth2.hasScope('openid')") @PreAuthorize("hasRole('ROLE_USER') and #oauth2.hasScope('openid')")
@RequestMapping(value="/userinfo", method= {RequestMethod.GET, RequestMethod.POST}, produces = "application/json") @RequestMapping(value="/userinfo", method= {RequestMethod.GET, RequestMethod.POST}, produces = "application/json")

13
openid-connect-server/src/main/webapp/WEB-INF/application-context.xml
View File

@ -216,19 +216,6 @@
<property name="order" value="1" /> <property name="order" value="1" />
</bean> </bean>
<!-- Map our custom exception classes to named views -->
<bean class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
<property name="exceptionMappings">
<props>
<prop key="org.mitre.openid.connect.web.InvalidJwtSignatureException">exceptionAsJSONView</prop>
<prop key="org.mitre.openid.connect.web.ExpiredTokenException">exceptionAsJSONView</prop>
<prop key="org.mitre.openid.connect.web.InvalidJwtIssuerException">exceptionAsJSONView</prop>
<prop key="org.springframework.security.oauth2.common.exceptions.InsufficientScopeException">exceptionAsJSONView</prop>
<prop key="org.mitre.openid.connect.exception.UserNotFoundException">exception/usernotfound</prop>
</props>
</property>
</bean>
<!-- End view configuration --> <!-- End view configuration -->
<!-- scheduled tasks --> <!-- scheduled tasks -->

13
openid-connect-server/src/main/webapp/WEB-INF/views/exception/usernotfound.jsp
View File

@ -1,13 +0,0 @@
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>User Not Found</title>
</head>
<body>
<% response.setStatus(404); %>
<h1>Error: requested user was not found</h1>
</body>
</html>