github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Finished cleanup, ready to create pull request

pull/340/head
Amanda Anganes 2013-05-28 12:43:33 -04:00
parent 713f0a4d25
commit 76e5ff8053
3 changed files with 6 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectOAuth2RequestManager.java
View File

@ -22,11 +22,10 @@ import org.springframework.security.authentication.AuthenticationServiceExceptio
import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.User;
import org.springframework.security.oauth2.common.exceptions.InvalidClientException; import org.springframework.security.oauth2.common.exceptions.InvalidClientException;
import org.springframework.security.oauth2.common.exceptions.InvalidScopeException;
import org.springframework.security.oauth2.common.util.OAuth2Utils; import org.springframework.security.oauth2.common.util.OAuth2Utils;
import org.springframework.security.oauth2.provider.ClientDetails; import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.OAuth2Request; import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.security.oauth2.provider.OAuth2RequestManager; import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import com.google.common.base.Strings; import com.google.common.base.Strings;
@ -34,7 +33,7 @@ import com.nimbusds.jose.util.JSONObjectUtils;
import com.nimbusds.jwt.SignedJWT; import com.nimbusds.jwt.SignedJWT;
@Component("oAuth2RequestManager") @Component("oAuth2RequestManager")
public class ConnectOAuth2RequestManager implements OAuth2RequestManager { public class ConnectOAuth2RequestManager implements OAuth2RequestFactory {
private static Logger logger = LoggerFactory.getLogger(ConnectOAuth2RequestManager.class); private static Logger logger = LoggerFactory.getLogger(ConnectOAuth2RequestManager.class);
@ -224,18 +223,4 @@ public class ConnectOAuth2RequestManager implements OAuth2RequestManager {
return parameters; return parameters;
} }
@Override
public void validateParameters(Map<String, String> parameters, ClientDetails clientDetails) {
if (parameters.containsKey("scope")) {
if (clientDetails.isScoped()) {
Set<String> validScope = clientDetails.getScope();
for (String scope : OAuth2Utils.parseParameterList(parameters.get("scope"))) {
if (!validScope.contains(scope)) {
throw new InvalidScopeException("Invalid scope: " + scope, validScope);
}
}
}
}
}
} }

6
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
View File

@ -27,7 +27,7 @@ import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.oauth2.provider.OAuth2Authentication; import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request; import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.security.oauth2.provider.OAuth2RequestManager; import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails; import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
import org.springframework.stereotype.Controller; import org.springframework.stereotype.Controller;
import org.springframework.ui.Model; import org.springframework.ui.Model;
@ -60,7 +60,7 @@ public class ClientDynamicRegistrationEndpoint {
private SystemScopeService scopeService; private SystemScopeService scopeService;
@Autowired @Autowired
private OAuth2RequestManager oAuth2RequestManager; private OAuth2RequestFactory oAuth2RequestFactory;
private static Logger logger = LoggerFactory.getLogger(ClientDynamicRegistrationEndpoint.class); private static Logger logger = LoggerFactory.getLogger(ClientDynamicRegistrationEndpoint.class);
private JsonParser parser = new JsonParser(); private JsonParser parser = new JsonParser();
@ -470,7 +470,7 @@ public class ClientDynamicRegistrationEndpoint {
Map<String, String> authorizationParameters = Maps.newHashMap(); Map<String, String> authorizationParameters = Maps.newHashMap();
authorizationParameters.put("client_id", client.getClientId()); authorizationParameters.put("client_id", client.getClientId());
authorizationParameters.put("scope", OAuth2AccessTokenEntity.REGISTRATION_TOKEN_SCOPE); authorizationParameters.put("scope", OAuth2AccessTokenEntity.REGISTRATION_TOKEN_SCOPE);
OAuth2Request oAuthRequest = oAuth2RequestManager.createOAuth2Request(authorizationParameters); OAuth2Request oAuthRequest = oAuth2RequestFactory.createOAuth2Request(authorizationParameters);
oAuthRequest.setApproved(true); oAuthRequest.setApproved(true);
oAuthRequest.setAuthorities(Sets.newHashSet(new SimpleGrantedAuthority("ROLE_CLIENT"))); oAuthRequest.setAuthorities(Sets.newHashSet(new SimpleGrantedAuthority("ROLE_CLIENT")));
OAuth2Authentication authentication = new OAuth2Authentication(oAuthRequest, null); OAuth2Authentication authentication = new OAuth2Authentication(oAuthRequest, null);

2
spring-security-oauth

@ -1 +1 @@
Subproject commit 36122b59df500822613db525efdd9b1031b43ab8 Subproject commit 8fa2119b752710022b7ba3b1e3cabbe0875403f4