From 82fca45412b1ed87306fe9e27f4b49618cf2d69b Mon Sep 17 00:00:00 2001
From: Amanda Anganes <aanganes@mitre.org>
Date: Wed, 17 Apr 2013 13:10:40 -0400
Subject: [PATCH] Removed RequestObjectAuthorizationEndpoint as it is no longer
 needed with the changes to the AuthorizationEndpoint.

---
 .../RequestObjectAuthorizationEndpoint.java   | 67 -------------------
 spring-security-oauth                         |  2 +-
 2 files changed, 1 insertion(+), 68 deletions(-)
 delete mode 100644 openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java

diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java
deleted file mode 100644
index 18b6d20a9..000000000
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java
+++ /dev/null
@@ -1,67 +0,0 @@
-package org.mitre.openid.connect.web;
-
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.text.ParseException;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.http.client.utils.URIBuilder;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.http.HttpStatus;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.servlet.ModelAndView;
-
-import com.google.common.base.Strings;
-import com.nimbusds.jwt.JWT;
-import com.nimbusds.jwt.JWTParser;
-
-
-/**
- * This @Controller is a hack to get around SECOAUTH's AuthorizationEndpoint requiring the response_type parameter to be passed in.
- * 
- * @author jricher
- *
- */
-@Controller("requestObjectAuthorzationEndpoint")
-//@Component
-public class RequestObjectAuthorizationEndpoint {
-
-	private static Logger logger = LoggerFactory.getLogger(RequestObjectAuthorizationEndpoint.class);
-
-	@RequestMapping(value = "/authorize", params = "request")
-	public String authorizeRequestObject(@RequestParam("request") String jwtString, @RequestParam(value = "response_type", required = false) String responseType, HttpServletRequest request, ModelAndView mav) {
-
-		String query = request.getQueryString();
-		
-		if (responseType == null) {
-			try {
-		        JWT requestObject = JWTParser.parse(jwtString);
-		        responseType = (String)requestObject.getJWTClaimsSet().getClaim("response_type");
-		        
-		        URI uri = new URIBuilder(Strings.nullToEmpty(request.getServletPath()) + Strings.nullToEmpty(request.getPathInfo()) + "?" + query)
-		        	.addParameter("response_type", responseType)
-		        	.build();
-		        
-		        query = uri.getRawQuery();//uri.toString();
-		        
-	        } catch (ParseException e) {
-		        logger.error("ParseException while attempting to authorize request object: " + e.getStackTrace().toString());
-		        mav.addObject("code", HttpStatus.BAD_REQUEST);
-		        return "httpCodeView";
-		        
-	        } catch (URISyntaxException e) {
-	        	logger.error("URISyntaxError while attempting to authorize request object: " + e.getStackTrace().toString());
-	        	mav.addObject("code", HttpStatus.BAD_REQUEST);
-		        return "httpCodeView";
-            }
-		}
-		
-		return "forward:/oauth/authorize?" + query;
-		
-	}
-	
-}
diff --git a/spring-security-oauth b/spring-security-oauth
index 2c0d469e5..570f83ff8 160000
--- a/spring-security-oauth
+++ b/spring-security-oauth
@@ -1 +1 @@
-Subproject commit 2c0d469e50982baf15f1202561f00d54baa36c4e
+Subproject commit 570f83ff8a9d27022cb0f2a17f72a26f019120bb