added new call to get the UserInfo in context with the requesting client to allow for pairwise identifiers.

temporary implementation of pairwise identifiers in place
pull/516/head
Justin Richer 2013-09-10 16:01:17 -04:00
parent 596b385d2a
commit 914f2e4d93
4 changed files with 39 additions and 6 deletions

View File

@ -53,9 +53,21 @@ public interface UserInfoService {
/**
* Get the UserInfo for the given preferredUsername field
* Get the UserInfo for the given username (usually maps to the
* preferredUsername field).
* @param username
* @return
*/
public UserInfo getByUsername(String username);
/**
* Get the UserInfo for the given username (usually maps to the
* preferredUsername field) and clientId. This allows pairwise
* client identifiers where appropriate.
* @param username
* @param clientId
* @return
*/
public UserInfo getByUsernameAndClientId(String username, String clientId);
}

View File

@ -16,6 +16,8 @@
******************************************************************************/
package org.mitre.openid.connect.service.impl;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.service.ClientDetailsEntityService;
import org.mitre.openid.connect.model.UserInfo;
import org.mitre.openid.connect.repository.UserInfoRepository;
import org.mitre.openid.connect.service.UserInfoService;
@ -35,7 +37,9 @@ public class DefaultUserInfoService implements UserInfoService {
@Autowired
private UserInfoRepository userInfoRepository;
@Autowired
private ClientDetailsEntityService clientService;
@Override
public void save(UserInfo userInfo) {
userInfoRepository.save(userInfo);
@ -56,4 +60,23 @@ public class DefaultUserInfoService implements UserInfoService {
return userInfoRepository.getByUsername(username);
}
@Override
public UserInfo getByUsernameAndClientId(String username, String clientId) {
ClientDetailsEntity client = clientService.loadClientByClientId(clientId);
UserInfo userInfo = getByUsername(username);
if (client == null || userInfo == null) {
return null;
}
if (client.getSubjectType().equals(ClientDetailsEntity.SubjectType.PAIRWISE)) {
userInfo.setSub(userInfo.getSub() + "@" + clientId);
}
return userInfo;
}
}

View File

@ -112,7 +112,7 @@ public class ConnectTokenEnhancer implements TokenEnhancer {
// TODO: maybe id tokens need a service layer
String username = authentication.getName();
UserInfo userInfo = userInfoService.getByUsername(username);
UserInfo userInfo = userInfoService.getByUsernameAndClientId(username, clientId);
OAuth2AccessTokenEntity idTokenEntity = new OAuth2AccessTokenEntity();

View File

@ -16,8 +16,6 @@
******************************************************************************/
package org.mitre.openid.connect.web;
import java.security.Principal;
import org.mitre.openid.connect.model.UserInfo;
import org.mitre.openid.connect.service.UserInfoService;
import org.slf4j.Logger;
@ -62,7 +60,7 @@ public class UserInfoEndpoint {
}
String username = auth.getName();
UserInfo userInfo = userInfoService.getByUsername(username);
UserInfo userInfo = userInfoService.getByUsernameAndClientId(username, auth.getOAuth2Request().getClientId());
if (userInfo == null) {
logger.error("getInfo failed; user not found: " + username);