github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

parsing "claims" parameter directly from userinfoendpoint requests.

pull/477/head
William Kim 2013-08-19 11:21:41 -04:00
parent 1ffbb39a2b
commit 7b813c79ee
2 changed files with 24 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java
View File

@ -36,6 +36,7 @@ import org.springframework.validation.BeanPropertyBindingResult;
import org.springframework.web.servlet.view.AbstractView;
import com.google.common.base.CaseFormat;
import com.google.common.base.Strings;
import com.google.gson.ExclusionStrategy;
import com.google.gson.FieldAttributes;
import com.google.gson.Gson;
@ -64,6 +65,21 @@ public class UserInfoView extends AbstractView {
UserInfo userInfo = (UserInfo) model.get("userInfo");
Set<String> scope = (Set<String>) model.get("scope");
String claimsRequestJsonString = (String) model.get("claimsRequest");
// getting the 'claims request parameter' from the model
JsonObject claimsRequest = null;
if (!Strings.isNullOrEmpty(claimsRequestJsonString)) {
JsonElement parsed = jsonParser.parse(claimsRequestJsonString);
if (parsed.isJsonObject()) {
claimsRequest = parsed.getAsJsonObject();
} else {
// claimsRequest stays null
logger.warn("Claims parameter not a valid JSON object: " + claimsRequestJsonString);
}
}
Gson gson = new GsonBuilder()
.setExclusionStrategies(new ExclusionStrategy() {

9
openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
View File

@ -30,6 +30,9 @@ import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import com.google.common.base.Strings;
/**
* OpenID Connect UserInfo endpoint, as specified in Standard sec 5 and Messages sec 2.4.
@ -50,7 +53,7 @@ public class UserInfoEndpoint {
*/
@PreAuthorize("hasRole('ROLE_USER') and #oauth2.hasScope('openid')")
@RequestMapping(value="/userinfo", method= {RequestMethod.GET, RequestMethod.POST}, produces = "application/json")
public String getInfo(Principal p, Model model) {
public String getInfo(@RequestParam(value="claims", required=false) String claimsRequestJsonString, Principal p, Model model) {
if (p == null) {
logger.error("getInfo failed; no principal. Requester is not authorized.");
@ -66,6 +69,10 @@ public class UserInfoEndpoint {
model.addAttribute("code", HttpStatus.NOT_FOUND);
return "httpCodeView";
}
if (!Strings.isNullOrEmpty(claimsRequestJsonString)) {
model.addAttribute("claimsRequest", claimsRequestJsonString);
}
if (p instanceof OAuth2Authentication) {
OAuth2Authentication authentication = (OAuth2Authentication)p;