github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

parsing "claims" parameter directly from userinfoendpoint requests.

pull/477/head
William Kim 2013-08-19 11:21:41 -04:00
parent 1ffbb39a2b
commit 7b813c79ee
2 changed files with 24 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java
View File

@ -36,6 +36,7 @@ import org.springframework.validation.BeanPropertyBindingResult;
import org.springframework.web.servlet.view.AbstractView; import org.springframework.web.servlet.view.AbstractView;
import com.google.common.base.CaseFormat; import com.google.common.base.CaseFormat;
import com.google.common.base.Strings;
import com.google.gson.ExclusionStrategy; import com.google.gson.ExclusionStrategy;
import com.google.gson.FieldAttributes; import com.google.gson.FieldAttributes;
import com.google.gson.Gson; import com.google.gson.Gson;
@ -65,6 +66,21 @@ public class UserInfoView extends AbstractView {
Set<String> scope = (Set<String>) model.get("scope"); Set<String> scope = (Set<String>) model.get("scope");
String claimsRequestJsonString = (String) model.get("claimsRequest");
// getting the 'claims request parameter' from the model
JsonObject claimsRequest = null;
if (!Strings.isNullOrEmpty(claimsRequestJsonString)) {
JsonElement parsed = jsonParser.parse(claimsRequestJsonString);
if (parsed.isJsonObject()) {
claimsRequest = parsed.getAsJsonObject();
} else {
// claimsRequest stays null
logger.warn("Claims parameter not a valid JSON object: " + claimsRequestJsonString);
}
}
Gson gson = new GsonBuilder() Gson gson = new GsonBuilder()
.setExclusionStrategies(new ExclusionStrategy() { .setExclusionStrategies(new ExclusionStrategy() {

9
openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
View File

@ -30,6 +30,9 @@ import org.springframework.stereotype.Controller;
import org.springframework.ui.Model; import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import com.google.common.base.Strings;
/** /**
* OpenID Connect UserInfo endpoint, as specified in Standard sec 5 and Messages sec 2.4. * OpenID Connect UserInfo endpoint, as specified in Standard sec 5 and Messages sec 2.4.
@ -50,7 +53,7 @@ public class UserInfoEndpoint {
*/ */
@PreAuthorize("hasRole('ROLE_USER') and #oauth2.hasScope('openid')") @PreAuthorize("hasRole('ROLE_USER') and #oauth2.hasScope('openid')")
@RequestMapping(value="/userinfo", method= {RequestMethod.GET, RequestMethod.POST}, produces = "application/json") @RequestMapping(value="/userinfo", method= {RequestMethod.GET, RequestMethod.POST}, produces = "application/json")
public String getInfo(Principal p, Model model) { public String getInfo(@RequestParam(value="claims", required=false) String claimsRequestJsonString, Principal p, Model model) {
if (p == null) { if (p == null) {
logger.error("getInfo failed; no principal. Requester is not authorized."); logger.error("getInfo failed; no principal. Requester is not authorized.");
@ -67,6 +70,10 @@ public class UserInfoEndpoint {
return "httpCodeView"; return "httpCodeView";
} }
if (!Strings.isNullOrEmpty(claimsRequestJsonString)) {
model.addAttribute("claimsRequest", claimsRequestJsonString);
}
if (p instanceof OAuth2Authentication) { if (p instanceof OAuth2Authentication) {
OAuth2Authentication authentication = (OAuth2Authentication)p; OAuth2Authentication authentication = (OAuth2Authentication)p;