github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

added validator that knows how to deal with structured scopes

pull/516/head
Justin Richer 2013-08-30 16:00:09 -04:00
parent 59187d47e4
commit 99ad9b883e
1 changed files with 43 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
openid-connect-server/src/main/java/org/mitre/oauth2/token/StructuredScopeAwareOAuth2RequestValidator.java Normal file
View File

@ -0,0 +1,43 @@
/**
*
*/
package org.mitre.oauth2.token;
import java.util.Map;
import java.util.Set;
import org.mitre.oauth2.service.SystemScopeService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.oauth2.common.exceptions.InvalidScopeException;
import org.springframework.security.oauth2.common.util.OAuth2Utils;
import org.springframework.security.oauth2.provider.OAuth2RequestValidator;
/**
*
* Validates the scopes on a request by comparing them against a client's
* allowed scopes, but allow structured scopes to function.
*
* @author jricher
*
*/
public class StructuredScopeAwareOAuth2RequestValidator implements OAuth2RequestValidator {
@Autowired
private SystemScopeService scopeService;
/* (non-Javadoc)
* @see org.springframework.security.oauth2.provider.OAuth2RequestValidator#validateScope(java.util.Map, java.util.Set)
*/
@Override
public void validateScope(Map<String, String> parameters, Set<String> clientScopes) throws InvalidScopeException {
if (parameters.containsKey("scope")) {
if (clientScopes != null && !clientScopes.isEmpty()) {
Set<String> requestedScopes = OAuth2Utils.parseParameterList(parameters.get("scope"));
if (!scopeService.scopesMatch(clientScopes, requestedScopes)) {
throw new InvalidScopeException("Invalid scope", clientScopes);
}
}
}
}
}