github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Got read/ingest mostly working. clientId and authenticationHolderId still not being set properly on tokens.

pull/650/head
arielak 2014-07-29 13:43:08 -04:00
parent 6da73b0f39
commit 99c8e1c285
1 changed files with 272 additions and 205 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

477
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_0.java
View File

@ -534,6 +534,7 @@ public class MITREidDataService_1_0 implements MITREidDataService {
readRefreshTokens(reader); readRefreshTokens(reader);
} else if (name.equals(SYSTEMSCOPES)) { } else if (name.equals(SYSTEMSCOPES)) {
readSystemScopes(reader); readSystemScopes(reader);
//reader.skipValue();
} else { } else {
// unknown token, skip it // unknown token, skip it
reader.skipValue(); reader.skipValue();
@ -566,7 +567,9 @@ public class MITREidDataService_1_0 implements MITREidDataService {
Long authHolderId = null; Long authHolderId = null;
while (reader.hasNext()) { while (reader.hasNext()) {
String name = reader.nextName(); String name = reader.nextName();
if (name.equals("id")) { if (reader.peek() == JsonToken.NULL) {
reader.skipValue();
} else if (name.equals("id")) {
currentId = reader.nextLong(); currentId = reader.nextLong();
} else if (name.equals("expiration")) { } else if (name.equals("expiration")) {
if (reader.peek() == JsonToken.NULL) { if (reader.peek() == JsonToken.NULL) {
@ -623,12 +626,14 @@ public class MITREidDataService_1_0 implements MITREidDataService {
Long idTokenId = null; Long idTokenId = null;
while (reader.hasNext()) { while (reader.hasNext()) {
String name = reader.nextName(); String name = reader.nextName();
if (name.equals("id")) { if (reader.peek() == JsonToken.NULL) {
reader.skipValue();
} else if (name.equals("id")) {
currentId = reader.nextLong(); currentId = reader.nextLong();
} else if (name.equals("expiration")) { } else if (name.equals("expiration")) {
if (reader.peek() == JsonToken.NULL) { if (reader.peek() == JsonToken.NULL) {
reader.nextNull(); reader.nextNull();
} else { } else {
Date date = utcToDate(reader.nextString()); Date date = utcToDate(reader.nextString());
token.setExpiration(date); token.setExpiration(date);
} }
@ -689,32 +694,56 @@ public class MITREidDataService_1_0 implements MITREidDataService {
reader.beginObject(); reader.beginObject();
Long currentId = null; Long currentId = null;
while (reader.hasNext()) { while (reader.hasNext()) {
String name = reader.nextName(); switch (reader.peek()) {
if(name.equals("id")) { case END_OBJECT:
currentId = reader.nextLong(); continue;
} else if (name.equals("ownerId")) { case NAME:
//not needed String name = reader.nextName();
reader.skipValue(); if (reader.peek() == JsonToken.NULL) {
} else if (name.equals("authentication")) { reader.skipValue();
AuthorizationRequest clientAuthorization = null; } else if (name.equals("id")) {
Authentication userAuthentication = null; currentId = reader.nextLong();
reader.beginObject(); } else if (name.equals("ownerId")) {
while(reader.hasNext()) { //not needed
if (name.equals("clientAuthorization")) { reader.skipValue();
clientAuthorization = readAuthorizationRequest(reader); } else if (name.equals("authentication")) {
} else if (name.equals("userAuthentication")) { AuthorizationRequest clientAuthorization = null;
userAuthentication = base64UrlDecodeObject(reader.nextString(), Authentication.class); Authentication userAuthentication = null;
reader.beginObject();
while (reader.hasNext()) {
switch (reader.peek()) {
case END_OBJECT:
continue;
case NAME:
String subName = reader.nextName();
if (subName.equals("clientAuthorization")) {
clientAuthorization = readAuthorizationRequest(reader);
} else if (subName.equals("userAuthentication")) {
String authString = reader.nextString();
userAuthentication = base64UrlDecodeObject(authString, Authentication.class);
} else {
logger.debug("Found unexpected entry");
reader.skipValue();
}
break;
default:
logger.debug("Found unexpected entry");
reader.skipValue();
continue;
}
}
reader.endObject();
OAuth2Authentication auth = new OAuth2Authentication(clientAuthorization, userAuthentication);
ahe.setAuthentication(auth);
} else { } else {
logger.debug("Found unexpected entry"); logger.debug("Found unexpected entry");
reader.skipValue(); reader.skipValue();
} }
} break;
reader.endObject(); default:
OAuth2Authentication auth = new OAuth2Authentication(clientAuthorization, userAuthentication); logger.debug("Found unexpected entry");
ahe.setAuthentication(auth); reader.skipValue();
} else { continue;
logger.debug("Found unexpected entry");
reader.skipValue();
} }
} }
reader.endObject(); reader.endObject();
@ -738,34 +767,46 @@ public class MITREidDataService_1_0 implements MITREidDataService {
String clientId = null; String clientId = null;
reader.beginObject(); reader.beginObject();
while (reader.hasNext()) { while (reader.hasNext()) {
String name = reader.nextName(); switch (reader.peek()) {
if (name.equals("authorizationParameters")) { case END_OBJECT:
authorizationParameters = readMap(reader); continue;
} else if (name.equals("approvalParameters")) { case NAME:
approvalParameters = readMap(reader); String name = reader.nextName();
} else if (name.equals("clientId")) { if (reader.peek() == JsonToken.NULL) {
clientId = reader.nextString(); reader.skipValue();
} else if (name.equals("scope")) { } else if (name.equals("authorizationParameters")) {
scope = readSet(reader); authorizationParameters = readMap(reader);
} else if (name.equals("resourceIds")) { } else if (name.equals("approvalParameters")) {
resourceIds = readSet(reader); approvalParameters = readMap(reader);
} else if (name.equals("authorities")) { } else if (name.equals("clientId")) {
Set<String> authorityStrs = readSet(reader); clientId = reader.nextString();
authorities = new HashSet<GrantedAuthority>(); } else if (name.equals("scope")) {
for (String s : authorityStrs) { scope = readSet(reader);
GrantedAuthority ga = new GrantedAuthorityImpl(s); } else if (name.equals("resourceIds")) {
authorities.add(ga); resourceIds = readSet(reader);
} } else if (name.equals("authorities")) {
} else if (name.equals("approved")) { Set<String> authorityStrs = readSet(reader);
approved = reader.nextBoolean(); authorities = new HashSet<GrantedAuthority>();
} else if (name.equals("denied")) { for (String s : authorityStrs) {
if(approved == false) { GrantedAuthority ga = new GrantedAuthorityImpl(s);
approved = !reader.nextBoolean(); authorities.add(ga);
} }
} else if (name.equals("redirectUri")) { } else if (name.equals("approved")) {
redirectUri = reader.nextString(); approved = reader.nextBoolean();
} else { } else if (name.equals("denied")) {
reader.skipValue(); if (approved == false) {
approved = !reader.nextBoolean();
}
} else if (name.equals("redirectUri")) {
redirectUri = reader.nextString();
} else {
reader.skipValue();
}
break;
default:
logger.debug("Found unexpected entry");
reader.skipValue();
continue;
} }
} }
reader.endObject(); reader.endObject();
@ -792,63 +833,75 @@ public class MITREidDataService_1_0 implements MITREidDataService {
Long currentId = null; Long currentId = null;
reader.beginObject(); reader.beginObject();
while (reader.hasNext()) { while (reader.hasNext()) {
String name = reader.nextName(); switch (reader.peek()) {
if (name.equals("id")) { case END_OBJECT:
currentId = reader.nextLong(); continue;
} else if (name.equals("accessDate")) { case NAME:
if (reader.peek() == JsonToken.NULL) { String name = reader.nextName();
reader.nextNull(); if (reader.peek() == JsonToken.NULL) {
} else {
Date date = utcToDate(reader.nextString());
site.setAccessDate(date);
}
} else if (name.equals("clientId")) {
site.setClientId(reader.nextString());
} else if (name.equals("creationDate")) {
if (reader.peek() == JsonToken.NULL) {
reader.nextNull();
} else {
Date date = utcToDate(reader.nextString());
site.setCreationDate(date);
}
} else if (name.equals("timeoutDate")) {
if (reader.peek() == JsonToken.NULL) {
reader.nextNull();
} else {
Date date = utcToDate(reader.nextString());
site.setTimeoutDate(date);
}
} else if (name.equals("userId")) {
site.setUserId(reader.nextString());
} else if (name.equals("allowedScopes")) {
Set<String> allowedScopes = readSet(reader);
site.setAllowedScopes(allowedScopes);
} else if (name.equals("whitelistedSite")) {
WhitelistedSite wlSite = new WhitelistedSite();
reader.beginObject();
while(reader.hasNext()) {
String wlName = reader.nextName();
if (wlName.equals("id")) {
//not needed
reader.skipValue(); reader.skipValue();
} else if (name.equals("id")) {
currentId = reader.nextLong();
} else if (name.equals("accessDate")) {
if (reader.peek() == JsonToken.NULL) {
reader.nextNull();
} else {
Date date = utcToDate(reader.nextString());
site.setAccessDate(date);
}
} else if (name.equals("clientId")) { } else if (name.equals("clientId")) {
wlSite.setClientId(reader.nextString()); site.setClientId(reader.nextString());
} else if (name.equals("creatorUserId")) { } else if (name.equals("creationDate")) {
wlSite.setCreatorUserId(reader.nextString()); if (reader.peek() == JsonToken.NULL) {
reader.nextNull();
} else {
Date date = utcToDate(reader.nextString());
site.setCreationDate(date);
}
} else if (name.equals("timeoutDate")) {
if (reader.peek() == JsonToken.NULL) {
reader.nextNull();
} else {
Date date = utcToDate(reader.nextString());
site.setTimeoutDate(date);
}
} else if (name.equals("userId")) {
site.setUserId(reader.nextString());
} else if (name.equals("allowedScopes")) { } else if (name.equals("allowedScopes")) {
Set<String> allowedScopes = readSet(reader); Set<String> allowedScopes = readSet(reader);
wlSite.setAllowedScopes(allowedScopes); site.setAllowedScopes(allowedScopes);
} else if (name.equals("whitelistedSite")) {
WhitelistedSite wlSite = new WhitelistedSite();
reader.beginObject();
while (reader.hasNext()) {
String wlName = reader.nextName();
if (wlName.equals("id")) {
//not needed
reader.skipValue();
} else if (name.equals("clientId")) {
wlSite.setClientId(reader.nextString());
} else if (name.equals("creatorUserId")) {
wlSite.setCreatorUserId(reader.nextString());
} else if (name.equals("allowedScopes")) {
Set<String> allowedScopes = readSet(reader);
wlSite.setAllowedScopes(allowedScopes);
} else {
logger.debug("Found unexpected entry");
reader.skipValue();
}
}
reader.endObject();
wlSite = wlSiteRepository.save(wlSite);
site.setWhitelistedSite(wlSite);
} else { } else {
logger.debug("Found unexpected entry"); logger.debug("Found unexpected entry");
reader.skipValue(); reader.skipValue();
} }
} break;
reader.endObject(); default:
wlSite = wlSiteRepository.save(wlSite); logger.debug("Found unexpected entry");
site.setWhitelistedSite(wlSite); reader.skipValue();
} else { continue;
logger.debug("Found unexpected entry");
reader.skipValue();
} }
} }
reader.endObject(); reader.endObject();
@ -872,99 +925,111 @@ public class MITREidDataService_1_0 implements MITREidDataService {
ClientDetailsEntity client = new ClientDetailsEntity(); ClientDetailsEntity client = new ClientDetailsEntity();
reader.beginObject(); reader.beginObject();
while (reader.hasNext()) { while (reader.hasNext()) {
String name = reader.nextName(); switch (reader.peek()) {
if (name.equals("clientId")) { case END_OBJECT:
client.setClientId(reader.nextString()); continue;
} else if (name.equals("resourceIds")) { case NAME:
Set<String> resourceIds = readSet(reader); String name = reader.nextName();
client.setResourceIds(resourceIds); if (reader.peek() == JsonToken.NULL) {
} else if (name.equals("secret")) { reader.skipValue();
client.setClientSecret(reader.nextString()); } else if (name.equals("clientId")) {
} else if (name.equals("scope")) { client.setClientId(reader.nextString());
Set<String> scope = readSet(reader); } else if (name.equals("resourceIds")) {
client.setScope(scope); Set<String> resourceIds = readSet(reader);
} else if (name.equals("authorities")) { client.setResourceIds(resourceIds);
Set<String> authorityStrs = readSet(reader); } else if (name.equals("secret")) {
Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>(); client.setClientSecret(reader.nextString());
for (String s : authorityStrs) { } else if (name.equals("scope")) {
GrantedAuthority ga = new GrantedAuthorityImpl(s); Set<String> scope = readSet(reader);
authorities.add(ga); client.setScope(scope);
} } else if (name.equals("authorities")) {
client.setAuthorities(authorities); Set<String> authorityStrs = readSet(reader);
} else if (name.equals("accessTokenValiditySeconds")) { Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
client.setAccessTokenValiditySeconds(reader.nextInt()); for (String s : authorityStrs) {
} else if (name.equals("refreshTokenValiditySeconds")) { GrantedAuthority ga = new GrantedAuthorityImpl(s);
client.setRefreshTokenValiditySeconds(reader.nextInt()); authorities.add(ga);
} else if (name.equals("redirectUris")) { }
Set<String> redirectUris = readSet(reader); client.setAuthorities(authorities);
client.setRedirectUris(redirectUris); } else if (name.equals("accessTokenValiditySeconds")) {
} else if (name.equals("name")) { client.setAccessTokenValiditySeconds(reader.nextInt());
client.setClientName(reader.nextString()); } else if (name.equals("refreshTokenValiditySeconds")) {
} else if (name.equals("uri")) { client.setRefreshTokenValiditySeconds(reader.nextInt());
client.setClientUri(reader.nextString()); } else if (name.equals("redirectUris")) {
} else if (name.equals("logoUri")) { Set<String> redirectUris = readSet(reader);
client.setLogoUri(reader.nextString()); client.setRedirectUris(redirectUris);
} else if (name.equals("contacts")) { } else if (name.equals("name")) {
Set<String> contacts = readSet(reader); client.setClientName(reader.nextString());
client.setContacts(contacts); } else if (name.equals("uri")) {
} else if (name.equals("tosUri")) { client.setClientUri(reader.nextString());
client.setTosUri(reader.nextString()); } else if (name.equals("logoUri")) {
} else if (name.equals("tokenEndpointAuthMethod")) { client.setLogoUri(reader.nextString());
AuthMethod am = AuthMethod.getByValue(reader.nextString()); } else if (name.equals("contacts")) {
client.setTokenEndpointAuthMethod(am); Set<String> contacts = readSet(reader);
} else if (name.equals("grantTypes")) { client.setContacts(contacts);
Set<String> grantTypes = readSet(reader); } else if (name.equals("tosUri")) {
client.setGrantTypes(grantTypes); client.setTosUri(reader.nextString());
} else if (name.equals("responseTypes")) { } else if (name.equals("tokenEndpointAuthMethod")) {
Set<String> responseTypes = readSet(reader); AuthMethod am = AuthMethod.getByValue(reader.nextString());
client.setGrantTypes(responseTypes); client.setTokenEndpointAuthMethod(am);
} else if (name.equals("policyUri")) { } else if (name.equals("grantTypes")) {
client.setPolicyUri(reader.nextString()); Set<String> grantTypes = readSet(reader);
} else if (name.equals("applicationType")) { client.setGrantTypes(grantTypes);
AppType appType = AppType.getByValue(reader.nextString()); } else if (name.equals("responseTypes")) {
client.setApplicationType(appType); Set<String> responseTypes = readSet(reader);
} else if (name.equals("sectorIdentifierUri")) { client.setResponseTypes(responseTypes);
client.setSectorIdentifierUri(reader.nextString()); } else if (name.equals("policyUri")) {
} else if (name.equals("subjectType")) { client.setPolicyUri(reader.nextString());
SubjectType st = SubjectType.getByValue(reader.nextString()); } else if (name.equals("applicationType")) {
client.setSubjectType(st); AppType appType = AppType.getByValue(reader.nextString());
} else if (name.equals("requestObjectSigningAlg")) { client.setApplicationType(appType);
JWSAlgorithmEmbed alg = JWSAlgorithmEmbed.getForAlgorithmName(reader.nextString()); } else if (name.equals("sectorIdentifierUri")) {
client.setRequestObjectSigningAlgEmbed(alg); client.setSectorIdentifierUri(reader.nextString());
} else if (name.equals("userInfoEncryptedResponseAlg")) { } else if (name.equals("subjectType")) {
JWEAlgorithmEmbed alg = JWEAlgorithmEmbed.getForAlgorithmName(reader.nextString()); SubjectType st = SubjectType.getByValue(reader.nextString());
client.setUserInfoEncryptedResponseAlgEmbed(alg); client.setSubjectType(st);
} else if (name.equals("userInfoEncryptedResponseEnc")) { } else if (name.equals("requestObjectSigningAlg")) {
JWEEncryptionMethodEmbed alg = JWEEncryptionMethodEmbed.getForAlgorithmName(reader.nextString()); JWSAlgorithmEmbed alg = JWSAlgorithmEmbed.getForAlgorithmName(reader.nextString());
client.setUserInfoEncryptedResponseEncEmbed(alg); client.setRequestObjectSigningAlgEmbed(alg);
} else if (name.equals("userInfoSignedResponseAlg")) { } else if (name.equals("userInfoEncryptedResponseAlg")) {
JWSAlgorithmEmbed alg = JWSAlgorithmEmbed.getForAlgorithmName(reader.nextString()); JWEAlgorithmEmbed alg = JWEAlgorithmEmbed.getForAlgorithmName(reader.nextString());
client.setUserInfoSignedResponseAlgEmbed(alg); client.setUserInfoEncryptedResponseAlgEmbed(alg);
} else if (name.equals("defaultMaxAge")) { } else if (name.equals("userInfoEncryptedResponseEnc")) {
client.setDefaultMaxAge(reader.nextInt()); JWEEncryptionMethodEmbed alg = JWEEncryptionMethodEmbed.getForAlgorithmName(reader.nextString());
} else if (name.equals("requireAuthTime")) { client.setUserInfoEncryptedResponseEncEmbed(alg);
client.setRequireAuthTime(reader.nextBoolean()); } else if (name.equals("userInfoSignedResponseAlg")) {
} else if (name.equals("defaultACRValues")) { JWSAlgorithmEmbed alg = JWSAlgorithmEmbed.getForAlgorithmName(reader.nextString());
Set<String> defaultACRvalues = readSet(reader); client.setUserInfoSignedResponseAlgEmbed(alg);
client.setDefaultACRvalues(defaultACRvalues); } else if (name.equals("defaultMaxAge")) {
} else if (name.equals("initiateLoginUri")) { client.setDefaultMaxAge(reader.nextInt());
client.setInitiateLoginUri(reader.nextString()); } else if (name.equals("requireAuthTime")) {
} else if (name.equals("postLogoutRedirectUri")) { client.setRequireAuthTime(reader.nextBoolean());
client.setPostLogoutRedirectUri(reader.nextString()); } else if (name.equals("defaultACRValues")) {
} else if (name.equals("requestUris")) { Set<String> defaultACRvalues = readSet(reader);
Set<String> requestUris = readSet(reader); client.setDefaultACRvalues(defaultACRvalues);
client.setRequestUris(requestUris); } else if (name.equals("initiateLoginUri")) {
} else if (name.equals("description")) { client.setInitiateLoginUri(reader.nextString());
client.setClientDescription(reader.nextString()); } else if (name.equals("postLogoutRedirectUri")) {
} else if (name.equals("allowIntrospection")) { client.setPostLogoutRedirectUri(reader.nextString());
client.setAllowIntrospection(reader.nextBoolean()); } else if (name.equals("requestUris")) {
} else if(name.equals("reuseRefreshToken")) { Set<String> requestUris = readSet(reader);
client.setReuseRefreshToken(reader.nextBoolean()); client.setRequestUris(requestUris);
} else if(name.equals("dynamicallyRegistered")) { } else if (name.equals("description")) {
client.setDynamicallyRegistered(reader.nextBoolean()); client.setClientDescription(reader.nextString());
} else { } else if (name.equals("allowIntrospection")) {
logger.debug("Found unexpected entry"); client.setAllowIntrospection(reader.nextBoolean());
reader.skipValue(); } else if (name.equals("reuseRefreshToken")) {
client.setReuseRefreshToken(reader.nextBoolean());
} else if (name.equals("dynamicallyRegistered")) {
client.setDynamicallyRegistered(reader.nextBoolean());
} else {
logger.debug("Found unexpected entry");
reader.skipValue();
}
break;
default:
logger.debug("Found unexpected entry");
reader.skipValue();
continue;
} }
} }
reader.endObject(); reader.endObject();
@ -990,14 +1055,16 @@ public class MITREidDataService_1_0 implements MITREidDataService {
case END_OBJECT: case END_OBJECT:
continue; continue;
case NAME: case NAME:
String name = reader.nextName(); String name = reader.nextName();
if (name.equals("value")) { if (reader.peek() == JsonToken.NULL) {
scope.setValue(reader.nextString()); reader.skipValue();
} else if (name.equals("description")) { } else if (name.equals("value")) {
scope.setDescription(reader.nextString()); scope.setValue(reader.nextString());
} else if (name.equals("allowDynReg")) { } else if (name.equals("description")) {
scope.setAllowDynReg(reader.nextBoolean()); scope.setDescription(reader.nextString());
} else if (name.equals("defaultScope")) { } else if (name.equals("allowDynReg")) {
scope.setAllowDynReg(reader.nextBoolean());
} else if (name.equals("defaultScope")) {
scope.setDefaultScope(reader.nextBoolean()); scope.setDefaultScope(reader.nextBoolean());
} else if (name.equals("icon")) { } else if (name.equals("icon")) {
scope.setIcon(reader.nextString()); scope.setIcon(reader.nextString());