refactor: 💡 Remove logos from clients (#23)
DB update can be done - drop column logo_uri from clients
BREAKING CHANGE: 🧨 Removed logo from clients
pull/1580/head
Dominik František Bučík
GitHub
parent
d17c11c035
commit
775e2e8b6a
|
|
@ -143,7 +143,6 @@ CREATE TABLE IF NOT EXISTS client_details (
|
|||
token_endpoint_auth_method VARCHAR(256),
|
||||
subject_type VARCHAR(256),
|
||||
|
||||
logo_uri VARCHAR(2048),
|
||||
policy_uri VARCHAR(2048),
|
||||
client_uri VARCHAR(2048),
|
||||
tos_uri VARCHAR(2048),
|
||||
|
|
|
|||
|
|
@ -142,7 +142,6 @@ CREATE TABLE IF NOT EXISTS client_details (
|
|||
token_endpoint_auth_method VARCHAR(256),
|
||||
subject_type VARCHAR(256),
|
||||
|
||||
logo_uri VARCHAR(2048),
|
||||
policy_uri VARCHAR(2048),
|
||||
client_uri VARCHAR(2048),
|
||||
tos_uri VARCHAR(2048),
|
||||
|
|
|
|||
|
|
@ -153,7 +153,6 @@ CREATE TABLE client_details (
|
|||
token_endpoint_auth_method VARCHAR2(256),
|
||||
subject_type VARCHAR2(256),
|
||||
|
||||
logo_uri VARCHAR2(2048),
|
||||
policy_uri VARCHAR2(2048),
|
||||
client_uri VARCHAR2(2048),
|
||||
tos_uri VARCHAR2(2048),
|
||||
|
|
|
|||
|
|
@ -143,7 +143,6 @@ CREATE TABLE IF NOT EXISTS client_details (
|
|||
token_endpoint_auth_method VARCHAR(256),
|
||||
subject_type VARCHAR(256),
|
||||
|
||||
logo_uri VARCHAR(2048),
|
||||
policy_uri VARCHAR(2048),
|
||||
client_uri VARCHAR(2048),
|
||||
tos_uri VARCHAR(2048),
|
||||
|
|
|
|||
|
|
@ -82,38 +82,6 @@
|
|||
</c:choose>
|
||||
</c:if>
|
||||
|
||||
<c:if test="${ not empty client.logoUri }">
|
||||
<ul class="thumbnails">
|
||||
<li class="span5">
|
||||
<a class="thumbnail" data-toggle="modal" data-target="#logoModal"><img src="api/clients/${ client.id }/logo" /></a>
|
||||
</li>
|
||||
</ul>
|
||||
<!-- Modal -->
|
||||
<div id="logoModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="logoModalLabel" aria-hidden="true">
|
||||
<div class="modal-header">
|
||||
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
|
||||
<h3 id="logoModalLabel">
|
||||
<c:choose>
|
||||
<c:when test="${empty client.clientName}">
|
||||
<em><c:out value="${client.clientId}" /></em>
|
||||
</c:when>
|
||||
<c:otherwise>
|
||||
<em><c:out value="${client.clientName}" /></em>
|
||||
</c:otherwise>
|
||||
</c:choose>
|
||||
</h3>
|
||||
</div>
|
||||
<div class="modal-body">
|
||||
<img src="api/clients/${ client.id }/logo" />
|
||||
<c:if test="${ not empty client.clientUri }">
|
||||
<a href="<c:out value="${ client.clientUri }" />"><c:out value="${ client.clientUri }" /></a>
|
||||
</c:if>
|
||||
</div>
|
||||
<div class="modal-footer">
|
||||
<button class="btn" data-dismiss="modal" aria-hidden="true">Close</button>
|
||||
</div>
|
||||
</div>
|
||||
</c:if>
|
||||
<c:if test="${ (not empty client.clientDescription) || (not empty client.clientUri) || (not empty client.policyUri) || (not empty client.tosUri) || (not empty contacts) }">
|
||||
<div class="muted moreInformationContainer">
|
||||
<c:out value="${client.clientDescription}" />
|
||||
|
|
|
|||
|
|
@ -82,38 +82,6 @@
|
|||
</c:choose>
|
||||
</c:if>
|
||||
|
||||
<c:if test="${ not empty client.logoUri }">
|
||||
<ul class="thumbnails">
|
||||
<li class="span5">
|
||||
<a class="thumbnail" data-toggle="modal" data-target="#logoModal"><img src="api/clients/${ client.id }/logo" /></a>
|
||||
</li>
|
||||
</ul>
|
||||
<!-- Modal -->
|
||||
<div id="logoModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="logoModalLabel" aria-hidden="true">
|
||||
<div class="modal-header">
|
||||
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
|
||||
<h3 id="logoModalLabel">
|
||||
<c:choose>
|
||||
<c:when test="${empty client.clientName}">
|
||||
<em><c:out value="${client.clientId}" /></em>
|
||||
</c:when>
|
||||
<c:otherwise>
|
||||
<em><c:out value="${client.clientName}" /></em>
|
||||
</c:otherwise>
|
||||
</c:choose>
|
||||
</h3>
|
||||
</div>
|
||||
<div class="modal-body">
|
||||
<img src="api/clients/${ client.id }/logo" />
|
||||
<c:if test="${ not empty client.clientUri }">
|
||||
<a href="<c:out value="${ client.clientUri }" />"><c:out value="${ client.clientUri }" /></a>
|
||||
</c:if>
|
||||
</div>
|
||||
<div class="modal-footer">
|
||||
<button class="btn" data-dismiss="modal" aria-hidden="true">Close</button>
|
||||
</div>
|
||||
</div>
|
||||
</c:if>
|
||||
<c:if test="${ (not empty client.clientDescription) || (not empty client.clientUri) || (not empty client.policyUri) || (not empty client.tosUri) || (not empty contacts) }">
|
||||
<div class="muted moreInformationContainer">
|
||||
<c:out value="${client.clientDescription}" />
|
||||
|
|
|
|||
|
|
@ -187,12 +187,6 @@ h1,label {
|
|||
height: 20px;
|
||||
}
|
||||
|
||||
/* Client table images */
|
||||
.client-logo {
|
||||
max-width: 64px;
|
||||
max-height: 64px
|
||||
}
|
||||
|
||||
/* Modal and sheet fight for the same z-index otherwise */
|
||||
.modal-backdrop {
|
||||
z-index: 2040;
|
||||
|
|
|
|||
|
|
@ -40,7 +40,6 @@ var ClientModel = Backbone.Model.extend({
|
|||
redirectUris: [],
|
||||
clientName: null,
|
||||
clientUri: null,
|
||||
logoUri: null,
|
||||
contacts: [],
|
||||
tosUri: null,
|
||||
tokenEndpointAuthMethod: null,
|
||||
|
|
@ -131,9 +130,6 @@ var ClientModel = Backbone.Model.extend({
|
|||
if (this.get('tosUri') != null && this.get('tosUri').toLowerCase().indexOf(term.toLowerCase()) != -1) {
|
||||
matches.push($.t('client.client-table.match.terms'));
|
||||
}
|
||||
if (this.get('logoUri') != null && this.get('logoUri').toLowerCase().indexOf(term.toLowerCase()) != -1) {
|
||||
matches.push($.t('client.client-table.match.logo'));
|
||||
}
|
||||
if (this.get('contacts') != null) {
|
||||
var f = _.filter(this.get('contacts'), function(item) {
|
||||
return item.toLowerCase().indexOf(term.toLowerCase()) != -1;
|
||||
|
|
@ -720,7 +716,6 @@ var ClientFormView = Backbone.View.extend({
|
|||
"change #tokenEndpointAuthMethod input:radio": "toggleClientCredentials",
|
||||
"change #displayClientSecret": "toggleDisplayClientSecret",
|
||||
"change #generateClientSecret": "toggleGenerateClientSecret",
|
||||
"change #logoUri input": "previewLogo",
|
||||
"change #jwkSelector input:radio": "toggleJWKSetType"
|
||||
},
|
||||
|
||||
|
|
@ -760,16 +755,6 @@ var ClientFormView = Backbone.View.extend({
|
|||
$("#refreshTokenValidityTime", this.$el).toggle();
|
||||
},
|
||||
|
||||
previewLogo: function() {
|
||||
if ($('#logoUri input', this.el).val()) {
|
||||
$('#logoPreview', this.el).empty();
|
||||
$('#logoPreview', this.el).attr('src', $('#logoUri input', this.el).val());
|
||||
} else {
|
||||
// $('#logoBlock', this.el).hide();
|
||||
$('#logoPreview', this.el).attr('src', 'resources/images/logo_placeholder.gif');
|
||||
}
|
||||
},
|
||||
|
||||
/**
|
||||
* Set up the form based on the current state of the tokenEndpointAuthMethod
|
||||
* parameter
|
||||
|
|
@ -1047,7 +1032,6 @@ var ClientFormView = Backbone.View.extend({
|
|||
generateClientSecret: generateClientSecret,
|
||||
redirectUris: redirectUris,
|
||||
clientDescription: this.emptyToNull($('#clientDescription textarea').val()),
|
||||
logoUri: this.emptyToNull($('#logoUri input').val()),
|
||||
grantTypes: grantTypes,
|
||||
accessTokenValiditySeconds: accessTokenValiditySeconds,
|
||||
refreshTokenValiditySeconds: refreshTokenValiditySeconds,
|
||||
|
|
@ -1297,7 +1281,6 @@ var ClientFormView = Backbone.View.extend({
|
|||
|
||||
// toggle other dynamic fields
|
||||
this.toggleClientCredentials();
|
||||
this.previewLogo();
|
||||
this.toggleJWKSetType();
|
||||
|
||||
// disable unsupported JOSE algorithms
|
||||
|
|
|
|||
|
|
@ -24,7 +24,6 @@ var DynRegClient = Backbone.Model.extend({
|
|||
redirect_uris: [],
|
||||
client_name: null,
|
||||
client_uri: null,
|
||||
logo_uri: null,
|
||||
contacts: [],
|
||||
tos_uri: null,
|
||||
token_endpoint_auth_method: null,
|
||||
|
|
@ -242,7 +241,6 @@ var DynRegEditView = Backbone.View.extend({
|
|||
"click .btn-save": "saveClient",
|
||||
"click .btn-cancel": "cancel",
|
||||
"click .btn-delete": "deleteClient",
|
||||
"change #logoUri input": "previewLogo",
|
||||
"change #tokenEndpointAuthMethod input:radio": "toggleClientCredentials",
|
||||
"change #jwkSelector input:radio": "toggleJWKSetType"
|
||||
},
|
||||
|
|
@ -279,16 +277,6 @@ var DynRegEditView = Backbone.View.extend({
|
|||
return false;
|
||||
},
|
||||
|
||||
previewLogo: function() {
|
||||
if ($('#logoUri input', this.el).val()) {
|
||||
$('#logoPreview', this.el).empty();
|
||||
$('#logoPreview', this.el).attr('src', $('#logoUri input', this.el).val());
|
||||
} else {
|
||||
// $('#logoBlock', this.el).hide();
|
||||
$('#logoPreview', this.el).attr('src', 'resources/images/logo_placeholder.gif');
|
||||
}
|
||||
},
|
||||
|
||||
/**
|
||||
* Set up the form based on the current state of the tokenEndpointAuthMethod
|
||||
* parameter
|
||||
|
|
@ -458,7 +446,6 @@ var DynRegEditView = Backbone.View.extend({
|
|||
var attrs = {
|
||||
client_name: this.emptyToNull($('#clientName input').val()),
|
||||
redirect_uris: redirectUris,
|
||||
logo_uri: this.emptyToNull($('#logoUri input').val()),
|
||||
grant_types: grantTypes,
|
||||
scope: scopes,
|
||||
client_secret: null, // never send a client secret
|
||||
|
|
@ -680,7 +667,6 @@ var DynRegEditView = Backbone.View.extend({
|
|||
this.listWidgetViews.push(defaultAcrView);
|
||||
|
||||
this.toggleClientCredentials();
|
||||
this.previewLogo();
|
||||
this.toggleJWKSetType();
|
||||
|
||||
// disable unsupported JOSE algorithms
|
||||
|
|
|
|||
|
|
@ -87,8 +87,6 @@
|
|||
"jwk-set": "Public Key Set",
|
||||
"jwk-set-help": "URL for the client's JSON Web Key set (must be reachable by the server)",
|
||||
"jwk-set-value-help": "URL for the client's JSON Web Key set (must be reachable by the server)",
|
||||
"logo": "Logo",
|
||||
"logo-help": "URL that points to a logo image, will be displayed on approval page",
|
||||
"main": "Main",
|
||||
"max-age": "Default Max Age",
|
||||
"max-age-help": "Default maximum session age before re-prompting",
|
||||
|
|
@ -197,7 +195,6 @@
|
|||
"description": "description",
|
||||
"homepage": "home page",
|
||||
"id": "id",
|
||||
"logo": "logo",
|
||||
"name": "name",
|
||||
"policy": "policy",
|
||||
"redirect": "redirect uri",
|
||||
|
|
|
|||
|
|
@ -87,7 +87,6 @@
|
|||
"jwk-set": "Jeu de Clés publique",
|
||||
"jwk-set-help": "URI du jeu de clés Web JSON pour le client (doit être accessible par le serveur)",
|
||||
"jwk-set-value-help": "URI du jeu de clés Web JSON pour le client (doit être accessible par le serveur)",
|
||||
"logo": "Logo",
|
||||
"logo-help": "L'URI qui pointe vers une image de logo sera affichée sur la page d'approbation",
|
||||
"main": "Principal",
|
||||
"max-age": "Age Maximum par Défaut",
|
||||
|
|
@ -197,7 +196,6 @@
|
|||
"description": "description",
|
||||
"homepage": "page d'accueil",
|
||||
"id": "id",
|
||||
"logo": "logo",
|
||||
"name": "nom",
|
||||
"policy": "politique",
|
||||
"redirect": "uri de redirection",
|
||||
|
|
|
|||
|
|
@ -83,8 +83,6 @@
|
|||
"introspection": "Introspektion",
|
||||
"jwk-set": "JWK Set",
|
||||
"jwk-set-help": "Länk till klientens JSON Webb-nyckel-set",
|
||||
"logo": "Logotyp",
|
||||
"logo-help": "Länk till en logotyp. Den visas på bekräftelsesidan.",
|
||||
"main": "Basinformation",
|
||||
"max-age": "Max sessions-längd",
|
||||
"max-age-help": "Default maximal sessions-längd innan användaren tillfrågas igen",
|
||||
|
|
@ -168,7 +166,6 @@
|
|||
"description": "beskrivning",
|
||||
"homepage": "hemsida",
|
||||
"id": "id",
|
||||
"logo": "logotyp",
|
||||
"name": "namn",
|
||||
"policy": "policy",
|
||||
"redirect": "omdirigeringslänk",
|
||||
|
|
|
|||
|
|
@ -85,8 +85,6 @@
|
|||
"jwk-set": "公钥集",
|
||||
"jwk-set-help": "客户端JSON Web Key集的URL (须可被服务器访问)",
|
||||
"jwk-set-value-help": "客户端JSON Web Key集的URL (须可被服务器访问)",
|
||||
"logo": "标志(Logo)",
|
||||
"logo-help": "标志(Logo)图像的URL,将显示在批准页",
|
||||
"main": "首要",
|
||||
"max-age": "默认最长有效时间",
|
||||
"max-age-help": "再提示之前的默认最长会话有效时间",
|
||||
|
|
@ -180,7 +178,6 @@
|
|||
"description": "描述",
|
||||
"homepage": "主页",
|
||||
"id": "身份",
|
||||
"logo": "标志",
|
||||
"name": "名称",
|
||||
"policy": "政策",
|
||||
"redirect": "重定向URI",
|
||||
|
|
|
|||
|
|
@ -85,8 +85,6 @@
|
|||
"jwk-set": "公钥集",
|
||||
"jwk-set-help": "客户端JSON Web Key集的URL (须可被服务器访问)",
|
||||
"jwk-set-value-help": "客户端JSON Web Key集的URL (须可被服务器访问)",
|
||||
"logo": "标志(Logo)",
|
||||
"logo-help": "标志(Logo)图像的URL,将显示在批准页",
|
||||
"main": "首要",
|
||||
"max-age": "默认最长有效时间",
|
||||
"max-age-help": "再提示之前的默认最长会话有效时间",
|
||||
|
|
@ -180,7 +178,6 @@
|
|||
"description": "描述",
|
||||
"homepage": "主页",
|
||||
"id": "身份",
|
||||
"logo": "标志",
|
||||
"name": "名称",
|
||||
"policy": "政策",
|
||||
"redirect": "重定向URI",
|
||||
|
|
|
|||
|
|
@ -85,8 +85,6 @@
|
|||
"jwk-set": "公鑰集",
|
||||
"jwk-set-help": "客戶端JSON Web Key集的URL (須可被伺服器訪問)",
|
||||
"jwk-set-value-help": "客戶端JSON Web Key集的URL (須可被伺服器訪問)",
|
||||
"logo": "標誌(Logo)",
|
||||
"logo-help": "標誌(Logo)圖像的URL,將顯示在批准頁",
|
||||
"main": "首要",
|
||||
"max-age": "默認最長有效時間",
|
||||
"max-age-help": "再提示之前的默認最長會話有效時間",
|
||||
|
|
@ -180,7 +178,6 @@
|
|||
"description": "描述",
|
||||
"homepage": "主頁",
|
||||
"id": "身分",
|
||||
"logo": "標誌",
|
||||
"name": "名稱",
|
||||
"policy": "政策",
|
||||
"redirect": "重定向URI",
|
||||
|
|
|
|||
|
|
@ -21,7 +21,6 @@ var ResRegClient = Backbone.Model.extend({
|
|||
client_secret: null,
|
||||
client_name: null,
|
||||
client_uri: null,
|
||||
logo_uri: null,
|
||||
contacts: [],
|
||||
tos_uri: null,
|
||||
token_endpoint_auth_method: null,
|
||||
|
|
@ -194,7 +193,6 @@ var ResRegEditView = Backbone.View.extend({
|
|||
"click .btn-save": "saveClient",
|
||||
"click .btn-cancel": "cancel",
|
||||
"click .btn-delete": "deleteClient",
|
||||
"change #logoUri input": "previewLogo",
|
||||
"change #tokenEndpointAuthMethod input:radio": "toggleClientCredentials",
|
||||
"change #jwkSelector input:radio": "toggleJWKSetType"
|
||||
},
|
||||
|
|
@ -229,16 +227,6 @@ var ResRegEditView = Backbone.View.extend({
|
|||
return false;
|
||||
},
|
||||
|
||||
previewLogo: function() {
|
||||
if ($('#logoUri input', this.el).val()) {
|
||||
$('#logoPreview', this.el).empty();
|
||||
$('#logoPreview', this.el).attr('src', $('#logoUri input', this.el).val());
|
||||
} else {
|
||||
// $('#logoBlock', this.el).hide();
|
||||
$('#logoPreview', this.el).attr('src', 'resources/images/logo_placeholder.gif');
|
||||
}
|
||||
},
|
||||
|
||||
/**
|
||||
* Set up the form based on the current state of the tokenEndpointAuthMethod
|
||||
* parameter
|
||||
|
|
@ -350,7 +338,6 @@ var ResRegEditView = Backbone.View.extend({
|
|||
|
||||
var attrs = {
|
||||
client_name: $('#clientName input').val(),
|
||||
logo_uri: $('#logoUri input').val(),
|
||||
scope: scopes,
|
||||
client_secret: null, // never send a client secret
|
||||
tos_uri: $('#tosUri input').val(),
|
||||
|
|
@ -455,7 +442,6 @@ var ResRegEditView = Backbone.View.extend({
|
|||
this.listWidgetViews.push(contactView);
|
||||
|
||||
this.toggleClientCredentials();
|
||||
this.previewLogo();
|
||||
this.toggleJWKSetType();
|
||||
|
||||
// disable unsupported JOSE algorithms
|
||||
|
|
|
|||
|
|
@ -25,10 +25,6 @@
|
|||
<td>
|
||||
|
||||
<div class="media">
|
||||
<% if (client.logoUri) { %>
|
||||
<span class="pull-left"><img class="media-object client-logo" src="api/clients/<%- client.id %>/logo"></span>
|
||||
<% } %>
|
||||
|
||||
<div class="media-body">
|
||||
<span class="clientid-substring" title="<%- client.clientId %> (click to display client ID)"><%- client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span>
|
||||
</div>
|
||||
|
|
@ -238,20 +234,6 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<div class="control-group" id="logoUri">
|
||||
<label class="control-label" data-i18n="client.client-form.logo">Logo</label>
|
||||
<div class="controls">
|
||||
<input placeholder="https://" value="<%-client.logoUri ? client.logoUri : ''%>" maxlength="1000" type="text" class=""/>
|
||||
<p class="help-block" data-i18n="client.client-form.logo-help">URL that points to a logo image, will be displayed on approval page</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="control-group" id="logoBlock">
|
||||
<div class="controls">
|
||||
<img src="resources/images/logo_placeholder.gif" alt="logo" id="logoPreview" width="275px" class="thumbnail" />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="control-group" id="tosUri">
|
||||
<label class="control-label" data-i18n="client.client-form.terms">Terms of Service</label>
|
||||
<div class="controls">
|
||||
|
|
|
|||
|
|
@ -154,20 +154,6 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<div class="control-group" id="logoUri">
|
||||
<label class="control-label" data-i18n="client.client-form.logo">Logo</label>
|
||||
<div class="controls">
|
||||
<input placeholder="https://" value="<%-client.logo_uri ? client.logo_uri : ''%>" maxlength="1000" type="text" class=""/>
|
||||
<p class="help-block" data-i18n="client.client-form.logo-help">URL that points to a logo image, will be displayed on approval page</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="control-group" id="logoBlock">
|
||||
<div class="controls">
|
||||
<img src="resources/images/logo_placeholder.gif" alt="logo" id="logoPreview" width="275px" class="thumbnail" />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="control-group" id="tosUri">
|
||||
<label class="control-label" data-i18n="client.client-form.terms">Terms of Service</label>
|
||||
<div class="controls">
|
||||
|
|
|
|||
|
|
@ -146,20 +146,6 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
<div class="control-group" id="logoUri">
|
||||
<label class="control-label" data-i18n="client.client-form.logo">Logo</label>
|
||||
<div class="controls">
|
||||
<input placeholder="https://" value="<%-client.logo_uri ? client.logo_uri : ''%>" maxlength="1000" type="text" class=""/>
|
||||
<p class="help-block" data-i18n="client.client-form.logo-help">URL that points to a logo image, will be displayed on approval page</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="control-group" id="logoBlock">
|
||||
<div class="controls">
|
||||
<img src="resources/images/logo_placeholder.gif" alt="logo" id="logoPreview" width="275px" class="thumbnail" />
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="control-group" id="tosUri">
|
||||
<label class="control-label" data-i18n="client.client-form.terms">Terms of Service</label>
|
||||
<div class="controls">
|
||||
|
|
|
|||
|
|
@ -20,11 +20,20 @@
|
|||
*/
|
||||
package org.mitre.oauth2.model;
|
||||
|
||||
import java.util.Date;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import com.nimbusds.jose.EncryptionMethod;
|
||||
import com.nimbusds.jose.JWEAlgorithm;
|
||||
import com.nimbusds.jose.JWSAlgorithm;
|
||||
import com.nimbusds.jose.jwk.JWKSet;
|
||||
import com.nimbusds.jwt.JWT;
|
||||
import org.mitre.oauth2.model.convert.JWEAlgorithmStringConverter;
|
||||
import org.mitre.oauth2.model.convert.JWEEncryptionMethodStringConverter;
|
||||
import org.mitre.oauth2.model.convert.JWKSetStringConverter;
|
||||
import org.mitre.oauth2.model.convert.JWSAlgorithmStringConverter;
|
||||
import org.mitre.oauth2.model.convert.JWTStringConverter;
|
||||
import org.mitre.oauth2.model.convert.PKCEAlgorithmStringConverter;
|
||||
import org.mitre.oauth2.model.convert.SimpleGrantedAuthorityStringConverter;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.oauth2.provider.ClientDetails;
|
||||
|
||||
import javax.persistence.Basic;
|
||||
import javax.persistence.CollectionTable;
|
||||
|
|
@ -47,22 +56,11 @@ import javax.persistence.Table;
|
|||
import javax.persistence.Temporal;
|
||||
import javax.persistence.TemporalType;
|
||||
import javax.persistence.Transient;
|
||||
|
||||
import org.mitre.oauth2.model.convert.JWEAlgorithmStringConverter;
|
||||
import org.mitre.oauth2.model.convert.JWEEncryptionMethodStringConverter;
|
||||
import org.mitre.oauth2.model.convert.JWKSetStringConverter;
|
||||
import org.mitre.oauth2.model.convert.JWSAlgorithmStringConverter;
|
||||
import org.mitre.oauth2.model.convert.JWTStringConverter;
|
||||
import org.mitre.oauth2.model.convert.PKCEAlgorithmStringConverter;
|
||||
import org.mitre.oauth2.model.convert.SimpleGrantedAuthorityStringConverter;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.oauth2.provider.ClientDetails;
|
||||
|
||||
import com.nimbusds.jose.EncryptionMethod;
|
||||
import com.nimbusds.jose.JWEAlgorithm;
|
||||
import com.nimbusds.jose.JWSAlgorithm;
|
||||
import com.nimbusds.jose.jwk.JWKSet;
|
||||
import com.nimbusds.jwt.JWT;
|
||||
import java.util.Date;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* @author jricher
|
||||
|
|
@ -91,7 +89,6 @@ public class ClientDetailsEntity implements ClientDetails {
|
|||
private Set<String> redirectUris = new HashSet<>();
|
||||
private String clientName;
|
||||
private String clientUri;
|
||||
private String logoUri;
|
||||
private Set<String> contacts;
|
||||
private String tosUri;
|
||||
private AuthMethod tokenEndpointAuthMethod = AuthMethod.SECRET_BASIC;
|
||||
|
|
@ -488,16 +485,6 @@ public class ClientDetailsEntity implements ClientDetails {
|
|||
this.contacts = contacts;
|
||||
}
|
||||
|
||||
@Basic
|
||||
@Column(name="logo_uri")
|
||||
public String getLogoUri() {
|
||||
return logoUri;
|
||||
}
|
||||
|
||||
public void setLogoUri(String logoUri) {
|
||||
this.logoUri = logoUri;
|
||||
}
|
||||
|
||||
@Basic
|
||||
@Column(name="policy_uri")
|
||||
public String getPolicyUri() {
|
||||
|
|
|
|||
|
|
@ -20,21 +20,20 @@
|
|||
*/
|
||||
package org.mitre.oauth2.model;
|
||||
|
||||
import java.util.Date;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
||||
import com.google.gson.JsonObject;
|
||||
import com.nimbusds.jose.EncryptionMethod;
|
||||
import com.nimbusds.jose.JWEAlgorithm;
|
||||
import com.nimbusds.jose.JWSAlgorithm;
|
||||
import com.nimbusds.jose.jwk.JWKSet;
|
||||
import com.nimbusds.jwt.JWT;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
||||
import java.util.Date;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* @author jricher
|
||||
|
|
@ -246,14 +245,6 @@ public class RegisteredClient {
|
|||
client.setContacts(contacts);
|
||||
}
|
||||
|
||||
public String getLogoUri() {
|
||||
return client.getLogoUri();
|
||||
}
|
||||
|
||||
public void setLogoUri(String logoUri) {
|
||||
client.setLogoUri(logoUri);
|
||||
}
|
||||
|
||||
public String getPolicyUri() {
|
||||
return client.getPolicyUri();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,25 +21,6 @@
|
|||
package org.mitre.openid.connect;
|
||||
|
||||
|
||||
import static org.mitre.util.JsonUtils.getAsArray;
|
||||
import static org.mitre.util.JsonUtils.getAsDate;
|
||||
import static org.mitre.util.JsonUtils.getAsJweAlgorithm;
|
||||
import static org.mitre.util.JsonUtils.getAsJweEncryptionMethod;
|
||||
import static org.mitre.util.JsonUtils.getAsJwsAlgorithm;
|
||||
import static org.mitre.util.JsonUtils.getAsPkceAlgorithm;
|
||||
import static org.mitre.util.JsonUtils.getAsString;
|
||||
import static org.mitre.util.JsonUtils.getAsStringSet;
|
||||
|
||||
import java.text.ParseException;
|
||||
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
|
||||
import org.mitre.oauth2.model.RegisteredClient;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import com.google.common.base.Joiner;
|
||||
import com.google.common.base.Splitter;
|
||||
import com.google.common.base.Strings;
|
||||
|
|
@ -50,6 +31,15 @@ import com.google.gson.JsonParser;
|
|||
import com.nimbusds.jose.jwk.JWKSet;
|
||||
import com.nimbusds.jwt.JWT;
|
||||
import com.nimbusds.jwt.JWTParser;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
|
||||
import org.mitre.oauth2.model.RegisteredClient;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import java.text.ParseException;
|
||||
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.APPLICATION_TYPE;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.CLAIMS_REDIRECT_URIS;
|
||||
|
|
@ -70,7 +60,6 @@ import static org.mitre.oauth2.model.RegisteredClientFields.ID_TOKEN_SIGNED_RESP
|
|||
import static org.mitre.oauth2.model.RegisteredClientFields.INITIATE_LOGIN_URI;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.JWKS;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.JWKS_URI;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.LOGO_URI;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.POLICY_URI;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.POST_LOGOUT_REDIRECT_URIS;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.REDIRECT_URIS;
|
||||
|
|
@ -93,6 +82,14 @@ import static org.mitre.oauth2.model.RegisteredClientFields.TOS_URI;
|
|||
import static org.mitre.oauth2.model.RegisteredClientFields.USERINFO_ENCRYPTED_RESPONSE_ALG;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.USERINFO_ENCRYPTED_RESPONSE_ENC;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.USERINFO_SIGNED_RESPONSE_ALG;
|
||||
import static org.mitre.util.JsonUtils.getAsArray;
|
||||
import static org.mitre.util.JsonUtils.getAsDate;
|
||||
import static org.mitre.util.JsonUtils.getAsJweAlgorithm;
|
||||
import static org.mitre.util.JsonUtils.getAsJweEncryptionMethod;
|
||||
import static org.mitre.util.JsonUtils.getAsJwsAlgorithm;
|
||||
import static org.mitre.util.JsonUtils.getAsPkceAlgorithm;
|
||||
import static org.mitre.util.JsonUtils.getAsString;
|
||||
import static org.mitre.util.JsonUtils.getAsStringSet;
|
||||
|
||||
/**
|
||||
* Utility class to handle the parsing and serialization of ClientDetails objects.
|
||||
|
|
@ -124,7 +121,6 @@ public class ClientDetailsEntityJsonProcessor {
|
|||
c.setRedirectUris(getAsStringSet(o, REDIRECT_URIS));
|
||||
c.setClientName(getAsString(o, CLIENT_NAME));
|
||||
c.setClientUri(getAsString(o, CLIENT_URI));
|
||||
c.setLogoUri(getAsString(o, LOGO_URI));
|
||||
c.setContacts(getAsStringSet(o, CONTACTS));
|
||||
c.setTosUri(getAsString(o, TOS_URI));
|
||||
|
||||
|
|
@ -301,7 +297,6 @@ public class ClientDetailsEntityJsonProcessor {
|
|||
o.add(REDIRECT_URIS, getAsArray(c.getRedirectUris()));
|
||||
o.addProperty(CLIENT_NAME, c.getClientName());
|
||||
o.addProperty(CLIENT_URI, c.getClientUri());
|
||||
o.addProperty(LOGO_URI, c.getLogoUri());
|
||||
o.add(CONTACTS, getAsArray(c.getContacts()));
|
||||
o.addProperty(TOS_URI, c.getTosUri());
|
||||
o.addProperty(TOKEN_ENDPOINT_AUTH_METHOD, c.getTokenEndpointAuthMethod() != null ? c.getTokenEndpointAuthMethod().getValue() : null);
|
||||
|
|
|
|||
|
|
@ -1,52 +0,0 @@
|
|||
/*******************************************************************************
|
||||
* Copyright 2018 The MIT Internet Trust Consortium
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*******************************************************************************/
|
||||
|
||||
package org.mitre.openid.connect.model;
|
||||
|
||||
/**
|
||||
* @author jricher
|
||||
*/
|
||||
public class CachedImage {
|
||||
|
||||
private byte[] data;
|
||||
private String contentType;
|
||||
private long length;
|
||||
|
||||
public byte[] getData() {
|
||||
return data;
|
||||
}
|
||||
|
||||
public void setData(byte[] data) {
|
||||
this.data = data;
|
||||
}
|
||||
|
||||
public String getContentType() {
|
||||
return contentType;
|
||||
}
|
||||
|
||||
public void setContentType(String contentType) {
|
||||
this.contentType = contentType;
|
||||
}
|
||||
|
||||
public long getLength() {
|
||||
return length;
|
||||
}
|
||||
|
||||
public void setLength(long length) {
|
||||
this.length = length;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -1,34 +0,0 @@
|
|||
/*******************************************************************************
|
||||
* Copyright 2018 The MIT Internet Trust Consortium
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*******************************************************************************/
|
||||
|
||||
package org.mitre.openid.connect.service;
|
||||
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity;
|
||||
import org.mitre.openid.connect.model.CachedImage;
|
||||
|
||||
/**
|
||||
* @author jricher
|
||||
*
|
||||
*/
|
||||
public interface ClientLogoLoadingService {
|
||||
|
||||
/**
|
||||
* @param client
|
||||
* @return
|
||||
*/
|
||||
CachedImage getLogo(ClientDetailsEntity client);
|
||||
|
||||
}
|
||||
|
|
@ -1,122 +0,0 @@
|
|||
/*******************************************************************************
|
||||
* Copyright 2018 The MIT Internet Trust Consortium
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*******************************************************************************/
|
||||
|
||||
package org.mitre.openid.connect.service.impl;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.concurrent.ExecutionException;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.apache.http.HttpEntity;
|
||||
import org.apache.http.HttpResponse;
|
||||
import org.apache.http.client.HttpClient;
|
||||
import org.apache.http.client.methods.HttpGet;
|
||||
import org.apache.http.impl.client.HttpClientBuilder;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity;
|
||||
import org.mitre.openid.connect.model.CachedImage;
|
||||
import org.mitre.openid.connect.service.ClientLogoLoadingService;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import com.google.common.base.Strings;
|
||||
import com.google.common.cache.CacheBuilder;
|
||||
import com.google.common.cache.CacheLoader;
|
||||
import com.google.common.cache.LoadingCache;
|
||||
import com.google.common.util.concurrent.UncheckedExecutionException;
|
||||
|
||||
/**
|
||||
* @author jricher
|
||||
*
|
||||
*/
|
||||
@Service("inMemoryClientLogoLoadingService")
|
||||
public class InMemoryClientLogoLoadingService implements ClientLogoLoadingService {
|
||||
|
||||
private LoadingCache<ClientDetailsEntity, CachedImage> cache;
|
||||
|
||||
public InMemoryClientLogoLoadingService() {
|
||||
this(HttpClientBuilder.create().useSystemProperties().build());
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
public InMemoryClientLogoLoadingService(HttpClient httpClient) {
|
||||
|
||||
cache = CacheBuilder.newBuilder()
|
||||
.maximumSize(100)
|
||||
.expireAfterAccess(14, TimeUnit.DAYS)
|
||||
.build(new ClientLogoFetcher(httpClient));
|
||||
|
||||
}
|
||||
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see org.mitre.openid.connect.service.ClientLogoLoadingService#getLogo(org.mitre.oauth2.model.ClientDetailsEntity)
|
||||
*/
|
||||
@Override
|
||||
public CachedImage getLogo(ClientDetailsEntity client) {
|
||||
try {
|
||||
if (client != null && !Strings.isNullOrEmpty(client.getLogoUri())) {
|
||||
return cache.get(client);
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
} catch (UncheckedExecutionException | ExecutionException e) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @author jricher
|
||||
*
|
||||
*/
|
||||
public class ClientLogoFetcher extends CacheLoader<ClientDetailsEntity, CachedImage> {
|
||||
private HttpClient httpClient;
|
||||
|
||||
public ClientLogoFetcher() {
|
||||
this(HttpClientBuilder.create().useSystemProperties().build());
|
||||
}
|
||||
|
||||
public ClientLogoFetcher(HttpClient httpClient) {
|
||||
this.httpClient = httpClient;
|
||||
}
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see com.google.common.cache.CacheLoader#load(java.lang.Object)
|
||||
*/
|
||||
@Override
|
||||
public CachedImage load(ClientDetailsEntity key) throws Exception {
|
||||
try {
|
||||
HttpResponse response = httpClient.execute(new HttpGet(key.getLogoUri()));
|
||||
|
||||
HttpEntity entity = response.getEntity();
|
||||
|
||||
CachedImage image = new CachedImage();
|
||||
|
||||
image.setContentType(entity.getContentType().getValue());
|
||||
image.setLength(entity.getContentLength());
|
||||
image.setData(IOUtils.toByteArray(entity.getContent()));
|
||||
|
||||
return image;
|
||||
} catch (IOException e) {
|
||||
throw new IllegalArgumentException("Unable to load client image.");
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
|
@ -17,49 +17,6 @@
|
|||
*******************************************************************************/
|
||||
package org.mitre.openid.connect.web;
|
||||
|
||||
import java.lang.reflect.Type;
|
||||
import java.sql.SQLIntegrityConstraintViolationException;
|
||||
import java.text.ParseException;
|
||||
import java.util.Collection;
|
||||
|
||||
import javax.persistence.PersistenceException;
|
||||
|
||||
import org.eclipse.persistence.exceptions.DatabaseException;
|
||||
import org.mitre.jwt.assertion.AssertionValidator;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
|
||||
import org.mitre.oauth2.model.PKCEAlgorithm;
|
||||
import org.mitre.oauth2.service.ClientDetailsEntityService;
|
||||
import org.mitre.oauth2.web.AuthenticationUtilities;
|
||||
import org.mitre.openid.connect.exception.ValidationException;
|
||||
import org.mitre.openid.connect.model.CachedImage;
|
||||
import org.mitre.openid.connect.service.ClientLogoLoadingService;
|
||||
import org.mitre.openid.connect.view.ClientEntityViewForAdmins;
|
||||
import org.mitre.openid.connect.view.ClientEntityViewForUsers;
|
||||
import org.mitre.openid.connect.view.HttpCodeView;
|
||||
import org.mitre.openid.connect.view.JsonEntityView;
|
||||
import org.mitre.openid.connect.view.JsonErrorView;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Qualifier;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.oauth2.common.util.OAuth2Utils;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.Model;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
import com.google.common.base.Strings;
|
||||
import com.google.common.collect.Sets;
|
||||
import com.google.gson.Gson;
|
||||
|
|
@ -79,6 +36,43 @@ import com.nimbusds.jose.jwk.JWKSet;
|
|||
import com.nimbusds.jwt.JWT;
|
||||
import com.nimbusds.jwt.JWTClaimsSet;
|
||||
import com.nimbusds.jwt.JWTParser;
|
||||
import org.eclipse.persistence.exceptions.DatabaseException;
|
||||
import org.mitre.jwt.assertion.AssertionValidator;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
|
||||
import org.mitre.oauth2.model.PKCEAlgorithm;
|
||||
import org.mitre.oauth2.service.ClientDetailsEntityService;
|
||||
import org.mitre.oauth2.web.AuthenticationUtilities;
|
||||
import org.mitre.openid.connect.exception.ValidationException;
|
||||
import org.mitre.openid.connect.view.ClientEntityViewForAdmins;
|
||||
import org.mitre.openid.connect.view.ClientEntityViewForUsers;
|
||||
import org.mitre.openid.connect.view.HttpCodeView;
|
||||
import org.mitre.openid.connect.view.JsonEntityView;
|
||||
import org.mitre.openid.connect.view.JsonErrorView;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Qualifier;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.oauth2.common.util.OAuth2Utils;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.Model;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
import javax.persistence.PersistenceException;
|
||||
import java.lang.reflect.Type;
|
||||
import java.sql.SQLIntegrityConstraintViolationException;
|
||||
import java.text.ParseException;
|
||||
import java.util.Collection;
|
||||
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.APPLICATION_TYPE;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.CLAIMS_REDIRECT_URIS;
|
||||
|
|
@ -98,7 +92,6 @@ import static org.mitre.oauth2.model.RegisteredClientFields.ID_TOKEN_SIGNED_RESP
|
|||
import static org.mitre.oauth2.model.RegisteredClientFields.INITIATE_LOGIN_URI;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.JWKS;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.JWKS_URI;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.LOGO_URI;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.POLICY_URI;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.POST_LOGOUT_REDIRECT_URIS;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.REDIRECT_URIS;
|
||||
|
|
@ -133,9 +126,6 @@ public class ClientAPI {
|
|||
@Autowired
|
||||
private ClientDetailsEntityService clientService;
|
||||
|
||||
@Autowired
|
||||
private ClientLogoLoadingService clientLogoLoadingService;
|
||||
|
||||
@Autowired
|
||||
@Qualifier("clientAssertionValidator")
|
||||
private AssertionValidator assertionValidator;
|
||||
|
|
@ -506,31 +496,6 @@ public class ClientAPI {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the logo image for a client
|
||||
* @param id
|
||||
*/
|
||||
@RequestMapping(value = "/{id}/logo", method=RequestMethod.GET, produces = { MediaType.IMAGE_GIF_VALUE, MediaType.IMAGE_JPEG_VALUE, MediaType.IMAGE_PNG_VALUE })
|
||||
public ResponseEntity<byte[]> getClientLogo(@PathVariable("id") Long id, Model model) {
|
||||
|
||||
ClientDetailsEntity client = clientService.getClientById(id);
|
||||
|
||||
if (client == null) {
|
||||
return new ResponseEntity<>(HttpStatus.NOT_FOUND);
|
||||
} else if (Strings.isNullOrEmpty(client.getLogoUri())) {
|
||||
return new ResponseEntity<>(HttpStatus.NOT_FOUND);
|
||||
} else {
|
||||
// get the image from cache
|
||||
CachedImage image = clientLogoLoadingService.getLogo(client);
|
||||
|
||||
HttpHeaders headers = new HttpHeaders();
|
||||
headers.setContentType(MediaType.parseMediaType(image.getContentType()));
|
||||
headers.setContentLength(image.getLength());
|
||||
|
||||
return new ResponseEntity<>(image.getData(), headers, HttpStatus.OK);
|
||||
}
|
||||
}
|
||||
|
||||
private ClientDetailsEntity validateSoftwareStatement(ClientDetailsEntity newClient) throws ValidationException {
|
||||
if (newClient.getSoftwareStatement() != null) {
|
||||
if (assertionValidator.isValid(newClient.getSoftwareStatement())) {
|
||||
|
|
@ -632,9 +597,6 @@ public class ClientAPI {
|
|||
case CONTACTS:
|
||||
newClient.setContacts(Sets.newHashSet(claimSet.getStringListClaim(claim)));
|
||||
break;
|
||||
case LOGO_URI:
|
||||
newClient.setLogoUri(claimSet.getStringClaim(claim));
|
||||
break;
|
||||
case CLIENT_URI:
|
||||
newClient.setClientUri(claimSet.getStringClaim(claim));
|
||||
break;
|
||||
|
|
|
|||
|
|
@ -17,13 +17,15 @@
|
|||
*******************************************************************************/
|
||||
package org.mitre.openid.connect.web;
|
||||
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.text.ParseException;
|
||||
import java.util.Date;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
import com.google.common.base.Strings;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import com.google.common.collect.Sets;
|
||||
import com.google.gson.JsonSyntaxException;
|
||||
import com.nimbusds.jose.EncryptionMethod;
|
||||
import com.nimbusds.jose.JWEAlgorithm;
|
||||
import com.nimbusds.jose.JWSAlgorithm;
|
||||
import com.nimbusds.jose.jwk.JWKSet;
|
||||
import com.nimbusds.jwt.JWTClaimsSet;
|
||||
import org.mitre.jwt.assertion.AssertionValidator;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
|
||||
|
|
@ -61,15 +63,12 @@ import org.springframework.web.bind.annotation.RequestMapping;
|
|||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.util.UriUtils;
|
||||
|
||||
import com.google.common.base.Strings;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import com.google.common.collect.Sets;
|
||||
import com.google.gson.JsonSyntaxException;
|
||||
import com.nimbusds.jose.EncryptionMethod;
|
||||
import com.nimbusds.jose.JWEAlgorithm;
|
||||
import com.nimbusds.jose.JWSAlgorithm;
|
||||
import com.nimbusds.jose.jwk.JWKSet;
|
||||
import com.nimbusds.jwt.JWTClaimsSet;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.text.ParseException;
|
||||
import java.util.Date;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.APPLICATION_TYPE;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.CLAIMS_REDIRECT_URIS;
|
||||
|
|
@ -89,7 +88,6 @@ import static org.mitre.oauth2.model.RegisteredClientFields.ID_TOKEN_SIGNED_RESP
|
|||
import static org.mitre.oauth2.model.RegisteredClientFields.INITIATE_LOGIN_URI;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.JWKS;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.JWKS_URI;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.LOGO_URI;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.POLICY_URI;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.POST_LOGOUT_REDIRECT_URIS;
|
||||
import static org.mitre.oauth2.model.RegisteredClientFields.REDIRECT_URIS;
|
||||
|
|
@ -712,9 +710,6 @@ public class DynamicClientRegistrationEndpoint {
|
|||
case CONTACTS:
|
||||
newClient.setContacts(Sets.newHashSet(claimSet.getStringListClaim(claim)));
|
||||
break;
|
||||
case LOGO_URI:
|
||||
newClient.setLogoUri(claimSet.getStringClaim(claim));
|
||||
break;
|
||||
case CLIENT_URI:
|
||||
newClient.setClientUri(claimSet.getStringClaim(claim));
|
||||
break;
|
||||
|
|
|
|||
|
|
@ -20,13 +20,12 @@
|
|||
*/
|
||||
package org.mitre.oauth2.model;
|
||||
|
||||
import java.util.Date;
|
||||
|
||||
import org.junit.Test;
|
||||
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import com.nimbusds.jose.EncryptionMethod;
|
||||
import com.nimbusds.jose.JWEAlgorithm;
|
||||
import org.junit.Test;
|
||||
|
||||
import java.util.Date;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
|
|
@ -50,7 +49,6 @@ public class ClientDetailsEntityTest {
|
|||
c.setApplicationType(ClientDetailsEntity.AppType.WEB);
|
||||
c.setRedirectUris(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"));
|
||||
c.setClientName("My Example");
|
||||
c.setLogoUri("https://client.example.org/logo.png");
|
||||
c.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE);
|
||||
c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json");
|
||||
c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC);
|
||||
|
|
@ -67,7 +65,6 @@ public class ClientDetailsEntityTest {
|
|||
assertEquals(ClientDetailsEntity.AppType.WEB, c.getApplicationType());
|
||||
assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), c.getRedirectUris());
|
||||
assertEquals("My Example", c.getClientName());
|
||||
assertEquals("https://client.example.org/logo.png", c.getLogoUri());
|
||||
assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, c.getSubjectType());
|
||||
assertEquals("https://other.example.net/file_of_redirect_uris.json", c.getSectorIdentifierUri());
|
||||
assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod());
|
||||
|
|
|
|||
|
|
@ -20,13 +20,12 @@
|
|||
*/
|
||||
package org.mitre.oauth2.model;
|
||||
|
||||
import java.sql.Date;
|
||||
|
||||
import org.junit.Test;
|
||||
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import com.nimbusds.jose.EncryptionMethod;
|
||||
import com.nimbusds.jose.JWEAlgorithm;
|
||||
import org.junit.Test;
|
||||
|
||||
import java.sql.Date;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
|
|
@ -54,7 +53,6 @@ public class RegisteredClientTest {
|
|||
c.setApplicationType(ClientDetailsEntity.AppType.WEB);
|
||||
c.setRedirectUris(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"));
|
||||
c.setClientName("My Example");
|
||||
c.setLogoUri("https://client.example.org/logo.png");
|
||||
c.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE);
|
||||
c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json");
|
||||
c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC);
|
||||
|
|
@ -72,7 +70,6 @@ public class RegisteredClientTest {
|
|||
assertEquals(ClientDetailsEntity.AppType.WEB, c.getApplicationType());
|
||||
assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), c.getRedirectUris());
|
||||
assertEquals("My Example", c.getClientName());
|
||||
assertEquals("https://client.example.org/logo.png", c.getLogoUri());
|
||||
assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, c.getSubjectType());
|
||||
assertEquals("https://other.example.net/file_of_redirect_uris.json", c.getSectorIdentifierUri());
|
||||
assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod());
|
||||
|
|
@ -95,7 +92,7 @@ public class RegisteredClientTest {
|
|||
c.setApplicationType(ClientDetailsEntity.AppType.WEB);
|
||||
c.setRedirectUris(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"));
|
||||
c.setClientName("My Example");
|
||||
c.setLogoUri("https://client.example.org/logo.png");
|
||||
|
||||
c.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE);
|
||||
c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json");
|
||||
c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC);
|
||||
|
|
@ -120,7 +117,6 @@ public class RegisteredClientTest {
|
|||
assertEquals(ClientDetailsEntity.AppType.WEB, rc.getApplicationType());
|
||||
assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), rc.getRedirectUris());
|
||||
assertEquals("My Example", rc.getClientName());
|
||||
assertEquals("https://client.example.org/logo.png", rc.getLogoUri());
|
||||
assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, rc.getSubjectType());
|
||||
assertEquals("https://other.example.net/file_of_redirect_uris.json", rc.getSectorIdentifierUri());
|
||||
assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, rc.getTokenEndpointAuthMethod());
|
||||
|
|
@ -143,7 +139,7 @@ public class RegisteredClientTest {
|
|||
c.setApplicationType(ClientDetailsEntity.AppType.WEB);
|
||||
c.setRedirectUris(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"));
|
||||
c.setClientName("My Example");
|
||||
c.setLogoUri("https://client.example.org/logo.png");
|
||||
|
||||
c.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE);
|
||||
c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json");
|
||||
c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC);
|
||||
|
|
@ -164,7 +160,6 @@ public class RegisteredClientTest {
|
|||
assertEquals(ClientDetailsEntity.AppType.WEB, rc.getApplicationType());
|
||||
assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), rc.getRedirectUris());
|
||||
assertEquals("My Example", rc.getClientName());
|
||||
assertEquals("https://client.example.org/logo.png", rc.getLogoUri());
|
||||
assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, rc.getSubjectType());
|
||||
assertEquals("https://other.example.net/file_of_redirect_uris.json", rc.getSectorIdentifierUri());
|
||||
assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, rc.getTokenEndpointAuthMethod());
|
||||
|
|
|
|||
|
|
@ -20,17 +20,16 @@
|
|||
*/
|
||||
package org.mitre.openid.connect;
|
||||
|
||||
import java.sql.Date;
|
||||
|
||||
import org.junit.Test;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity;
|
||||
import org.mitre.oauth2.model.RegisteredClient;
|
||||
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
import com.google.gson.JsonElement;
|
||||
import com.google.gson.JsonObject;
|
||||
import com.nimbusds.jose.EncryptionMethod;
|
||||
import com.nimbusds.jose.JWEAlgorithm;
|
||||
import org.junit.Test;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity;
|
||||
import org.mitre.oauth2.model.RegisteredClient;
|
||||
|
||||
import java.sql.Date;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
|
|
@ -75,7 +74,6 @@ public class ClientDetailsEntityJsonProcessorTest {
|
|||
assertEquals("My Example", c.getClientName());
|
||||
assertEquals(ImmutableSet.of("code", "token"), c.getResponseTypes());
|
||||
assertEquals(ImmutableSet.of("authorization_code", "implicit"), c.getGrantTypes());
|
||||
assertEquals("https://client.example.org/logo.png", c.getLogoUri());
|
||||
assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, c.getSubjectType());
|
||||
assertEquals("https://other.example.net/file_of_redirect_uris.json", c.getSectorIdentifierUri());
|
||||
assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod());
|
||||
|
|
@ -137,7 +135,6 @@ public class ClientDetailsEntityJsonProcessorTest {
|
|||
assertEquals("My Example", c.getClientName());
|
||||
assertEquals(ImmutableSet.of("code", "token"), c.getResponseTypes());
|
||||
assertEquals(ImmutableSet.of("authorization_code", "implicit"), c.getGrantTypes());
|
||||
assertEquals("https://client.example.org/logo.png", c.getLogoUri());
|
||||
assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, c.getSubjectType());
|
||||
assertEquals("https://other.example.net/file_of_redirect_uris.json", c.getSectorIdentifierUri());
|
||||
assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod());
|
||||
|
|
@ -166,7 +163,6 @@ public class ClientDetailsEntityJsonProcessorTest {
|
|||
c.setClientName("My Example");
|
||||
c.setResponseTypes(ImmutableSet.of("code", "token"));
|
||||
c.setGrantTypes(ImmutableSet.of("authorization_code", "implicit"));
|
||||
c.setLogoUri("https://client.example.org/logo.png");
|
||||
c.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE);
|
||||
c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json");
|
||||
c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC);
|
||||
|
|
@ -194,7 +190,6 @@ public class ClientDetailsEntityJsonProcessorTest {
|
|||
for (JsonElement e : j.get("grant_types").getAsJsonArray()) {
|
||||
assertTrue(ImmutableSet.of("authorization_code", "implicit").contains(e.getAsString()));
|
||||
}
|
||||
assertEquals("https://client.example.org/logo.png", j.get("logo_uri").getAsString());
|
||||
assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE.getValue(), j.get("subject_type").getAsString());
|
||||
assertEquals("https://other.example.net/file_of_redirect_uris.json", j.get("sector_identifier_uri").getAsString());
|
||||
assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC.getValue(), j.get("token_endpoint_auth_method").getAsString());
|
||||
|
|
|
|||
Loading…
Reference in New Issue