github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

scope comparison for TofuUserApprovalHandler

pull/516/head
Justin Richer 2013-08-30 15:19:00 -04:00
parent 1c4c53f252
commit 85533d50cf
1 changed files with 8 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
openid-connect-server/src/main/java/org/mitre/openid/connect/token/TofuUserApprovalHandler.java
View File

@ -22,10 +22,10 @@ import java.util.Date;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
import org.mitre.oauth2.model.SystemScope;
import org.mitre.oauth2.service.SystemScopeService;
import javax.servlet.http.HttpSession; import javax.servlet.http.HttpSession;
import org.mitre.oauth2.model.SystemScope;
import org.mitre.oauth2.service.SystemScopeService;
import org.mitre.openid.connect.model.ApprovedSite; import org.mitre.openid.connect.model.ApprovedSite;
import org.mitre.openid.connect.model.WhitelistedSite; import org.mitre.openid.connect.model.WhitelistedSite;
import org.mitre.openid.connect.service.ApprovedSiteService; import org.mitre.openid.connect.service.ApprovedSiteService;
@ -41,9 +41,7 @@ import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes; import org.springframework.web.context.request.ServletRequestAttributes;
import com.google.common.base.Splitter;
import com.google.common.base.Strings; import com.google.common.base.Strings;
import com.google.common.collect.Iterables;
import com.google.common.collect.Sets; import com.google.common.collect.Sets;
/** /**
@ -201,13 +199,14 @@ public class TofuUserApprovalHandler implements UserApprovalHandler {
//registered allowed scopes. //registered allowed scopes.
String scope = approvalParams.get(key); String scope = approvalParams.get(key);
String baseScope = systemScopes.baseScopeString(scope); Set<String> approveSet = Sets.newHashSet(scope);
SystemScope structured = systemScopes.toStructuredScope(scope);
//Make sure this scope is allowed for the given client //Make sure this scope is allowed for the given client
if (client.getScope().contains(baseScope)) { if (systemScopes.scopesMatch(client.getScope(), approveSet)) {
// If it's structured, assign the user-specified parameter // If it's structured, assign the user-specified parameter
if (structured != null){ SystemScope systemScope = systemScopes.getByValue(scope);
if (systemScope.isStructured()){
String paramValue = approvalParams.get("scopeparam_" + scope); String paramValue = approvalParams.get("scopeparam_" + scope);
allowedScopes.add(scope + ":"+paramValue); allowedScopes.add(scope + ":"+paramValue);
// .. and if it's unstructured, we're all set // .. and if it's unstructured, we're all set