removed binary objects from data API importers, removed binary object JSON utility entirely

openid-connect-common/src/main/java/org/mitre/util/JsonUtils.java

@@ -19,12 +19,7 @@
  */
 package org.mitre.util;
 
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
 import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.Date;
 import java.util.HashMap;
@@ -38,7 +33,6 @@ import org.slf4j.LoggerFactory;
 
 import com.google.common.collect.Lists;
 import com.google.common.collect.Sets;
-import com.google.common.io.BaseEncoding;
 import com.google.gson.Gson;
 import com.google.gson.JsonElement;
 import com.google.gson.JsonObject;
@@ -253,25 +247,6 @@ public class JsonUtils {
 		}
 	}
 
-	public static <T> T base64UrlDecodeObject(String encoded, Class<T> type) {
-		if (encoded == null) {
-			return null;
-		} else {
-			T deserialized = null;
-			try {
-				byte[] decoded = BaseEncoding.base64Url().decode(encoded);
-				ByteArrayInputStream bais = new ByteArrayInputStream(decoded);
-				ObjectInputStream ois = new ObjectInputStream(bais);
-				deserialized = type.cast(ois.readObject());
-				ois.close();
-				bais.close();
-			} catch (Exception ex) {
-				logger.error("Unable to decode object", ex);
-			}
-			return deserialized;
-		}
-	}
-
 	public static Map readMap(JsonReader reader) throws IOException {
 		Map map = new HashMap<String, Object>();
 		reader.beginObject();
@@ -288,6 +263,10 @@ public class JsonUtils {
 			case NUMBER:
 				value = reader.nextLong();
 				break;
+			default:
+				logger.debug("Found unexpected entry");
+				reader.skipValue();
+				continue;
 			}
 			map.put(name, value);
 		}

openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_0.java

@@ -33,6 +33,7 @@ import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
 import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
 import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
 import org.mitre.oauth2.model.OAuth2RefreshTokenEntity;
+import org.mitre.oauth2.model.SavedUserAuthentication;
 import org.mitre.oauth2.model.SystemScope;
 import org.mitre.oauth2.repository.AuthenticationHolderRepository;
 import org.mitre.oauth2.repository.OAuth2ClientRepository;
@@ -63,7 +64,6 @@ import com.nimbusds.jose.EncryptionMethod;
 import com.nimbusds.jose.JWEAlgorithm;
 import com.nimbusds.jose.JWSAlgorithm;
 
-import static org.mitre.util.JsonUtils.base64UrlDecodeObject;
 import static org.mitre.util.JsonUtils.readMap;
 import static org.mitre.util.JsonUtils.readSet;
 /**
@@ -147,7 +147,10 @@ public class MITREidDataService_1_0 extends MITREidDataServiceSupport implements
 				// the object ended, we're done here
 				reader.endObject();
 				continue;
-			}
+			default:
+                logger.debug("Found unexpected entry");
+                reader.skipValue();
+                continue;			}
 		}
 		fixObjectReferences();
 	}
@@ -335,15 +338,17 @@ public class MITREidDataService_1_0 extends MITREidDataServiceSupport implements
 								continue;
 							case NAME:
 								String subName = reader.nextName();
-								if (subName.equals("clientAuthorization")) {
+								if (reader.peek() == JsonToken.NULL) {
+									reader.skipValue();
+								} else if (subName.equals("clientAuthorization")) {
 									clientAuthorization = readAuthorizationRequest(reader);
 								} else if (subName.equals("userAuthentication")) {
-									if (reader.peek() == JsonToken.NULL) {
+									// skip binary encoded version
-										reader.skipValue();
+									reader.skipValue();
-									} else {
+									
-										String authString = reader.nextString();
+								} else if (subName.equals("savedUserAuthentication")) {
-										userAuthentication = base64UrlDecodeObject(authString, Authentication.class);
+									userAuthentication = readSavedUserAuthentication(reader);
-									}
+									
 								} else {
 									logger.debug("Found unexpected entry");
 									reader.skipValue();
@@ -437,6 +442,56 @@ public class MITREidDataService_1_0 extends MITREidDataServiceSupport implements
 		reader.endObject();
 		return new OAuth2Request(authorizationParameters, clientId, authorities, approved, scope, resourceIds, redirectUri, responseTypes, null);
 	}
+	
+	/**
+	 * @param reader
+	 * @return
+	 * @throws IOException 
+	 */
+	private SavedUserAuthentication readSavedUserAuthentication(JsonReader reader) throws IOException {
+		SavedUserAuthentication savedUserAuth = new SavedUserAuthentication();
+		reader.beginObject();
+		
+		while (reader.hasNext()) {
+			switch(reader.peek()) {
+			case END_OBJECT:
+				continue;
+			case NAME:
+				String name = reader.nextName();
+				if (reader.peek() == JsonToken.NULL) {
+					reader.skipValue();
+				} else if (name.equals("name")) {
+					savedUserAuth.setName(reader.nextString());
+				} else if (name.equals("sourceClass")) {
+					savedUserAuth.setSourceClass(reader.nextString());
+				} else if (name.equals("authenticated")) {
+					savedUserAuth.setAuthenticated(reader.nextBoolean());
+				} else if (name.equals("authorities")) {
+					Set<String> authorityStrs = readSet(reader);
+					Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
+					for (String s : authorityStrs) {
+						GrantedAuthority ga = new SimpleGrantedAuthority(s);
+						authorities.add(ga);
+					}
+					savedUserAuth.setAuthorities(authorities);
+				} else {
+					logger.debug("Found unexpected entry");
+					reader.skipValue();
+				}
+				break;
+			default:
+				logger.debug("Found unexpected entry");
+				reader.skipValue();
+				continue;
+			}
+		}
+		
+		reader.endObject();
+		return savedUserAuth;
+	}
+
+
+	
 	Map<Long, Long> grantOldToNewIdMap = new HashMap<Long, Long>();
 	Map<Long, Long> grantToWhitelistedSiteRefs = new HashMap<Long, Long>();
 	Map<Long, Set<Long>> grantToAccessTokensRefs = new HashMap<Long, Set<Long>>();

openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_1.java

@@ -35,6 +35,7 @@ import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
 import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
 import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
 import org.mitre.oauth2.model.OAuth2RefreshTokenEntity;
+import org.mitre.oauth2.model.SavedUserAuthentication;
 import org.mitre.oauth2.model.SystemScope;
 import org.mitre.oauth2.repository.AuthenticationHolderRepository;
 import org.mitre.oauth2.repository.OAuth2ClientRepository;
@@ -65,7 +66,6 @@ import com.nimbusds.jose.EncryptionMethod;
 import com.nimbusds.jose.JWEAlgorithm;
 import com.nimbusds.jose.JWSAlgorithm;
 
-import static org.mitre.util.JsonUtils.base64UrlDecodeObject;
 import static org.mitre.util.JsonUtils.readMap;
 import static org.mitre.util.JsonUtils.readSet;
 
@@ -149,6 +149,10 @@ public class MITREidDataService_1_1 extends MITREidDataServiceSupport implements
 				// the object ended, we're done here
 				reader.endObject();
 				continue;
+			default:
+				logger.debug("Found unexpected entry");
+				reader.skipValue();
+				continue;
 			}
 		}
 		fixObjectReferences();
@@ -337,15 +341,17 @@ public class MITREidDataService_1_1 extends MITREidDataServiceSupport implements
 								continue;
 							case NAME:
 								String subName = reader.nextName();
-								if (subName.equals("clientAuthorization")) {
+								if (reader.peek() == JsonToken.NULL) {
+									reader.skipValue(); // skip null values
+								} else if (subName.equals("clientAuthorization")) {
 									clientAuthorization = readAuthorizationRequest(reader);
 								} else if (subName.equals("userAuthentication")) {
-									if (reader.peek() == JsonToken.NULL) {
+									// skip binary encoded version
-										reader.skipValue();
+									reader.skipValue();
-									} else {
+									
-										String authString = reader.nextString();
+								} else if (subName.equals("savedUserAuthentication")) {
-										userAuthentication = base64UrlDecodeObject(authString, Authentication.class);
+									userAuthentication = readSavedUserAuthentication(reader);
-									}
+									
 								} else {
 									logger.debug("Found unexpected entry");
 									reader.skipValue();
@@ -426,12 +432,12 @@ public class MITREidDataService_1_1 extends MITREidDataServiceSupport implements
 				} else if (name.equals("responseTypes")) {
 					responseTypes = readSet(reader);
 				} else if (name.equals("extensions")) {
+					// skip the binary encoded version
+					reader.skipValue();
+				} else if (name.equals("extensionStrings")) {
 					Map<String, String> extEnc = readMap(reader);
 					for (Entry<String, String> entry : extEnc.entrySet()) {
-						Serializable decoded = base64UrlDecodeObject(entry.getValue(), Serializable.class);
+						extensions.put(entry.getKey(), entry.getValue());
-						if (decoded != null) {
-							extensions.put(entry.getKey(), decoded);
-						}
 					}
 				} else {
 					reader.skipValue();
@@ -446,6 +452,57 @@ public class MITREidDataService_1_1 extends MITREidDataServiceSupport implements
 		reader.endObject();
 		return new OAuth2Request(requestParameters, clientId, authorities, approved, scope, resourceIds, redirectUri, responseTypes, extensions);
 	}
+	
+	/**
+	 * @param reader
+	 * @return
+	 * @throws IOException 
+	 */
+	private SavedUserAuthentication readSavedUserAuthentication(JsonReader reader) throws IOException {
+		SavedUserAuthentication savedUserAuth = new SavedUserAuthentication();
+		reader.beginObject();
+		
+		while (reader.hasNext()) {
+			switch(reader.peek()) {
+			case END_OBJECT:
+				continue;
+			case NAME:
+				String name = reader.nextName();
+				if (reader.peek() == JsonToken.NULL) {
+					reader.skipValue();
+				} else if (name.equals("name")) {
+					savedUserAuth.setName(reader.nextString());
+				} else if (name.equals("sourceClass")) {
+					savedUserAuth.setSourceClass(reader.nextString());
+				} else if (name.equals("authenticated")) {
+					savedUserAuth.setAuthenticated(reader.nextBoolean());
+				} else if (name.equals("authorities")) {
+					Set<String> authorityStrs = readSet(reader);
+					Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
+					for (String s : authorityStrs) {
+						GrantedAuthority ga = new SimpleGrantedAuthority(s);
+						authorities.add(ga);
+					}
+					savedUserAuth.setAuthorities(authorities);
+				} else {
+					logger.debug("Found unexpected entry");
+					reader.skipValue();
+				}
+				break;
+			default:
+				logger.debug("Found unexpected entry");
+				reader.skipValue();
+				continue;
+			}
+		}
+		
+		reader.endObject();
+		return savedUserAuth;
+	}
+
+	
+	
+	
 	Map<Long, Long> grantOldToNewIdMap = new HashMap<Long, Long>();
 	Map<Long, Long> grantToWhitelistedSiteRefs = new HashMap<Long, Long>();
 	Map<Long, Set<Long>> grantToAccessTokensRefs = new HashMap<Long, Set<Long>>();

openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_2.java

@@ -19,11 +19,9 @@ package org.mitre.openid.connect.service.impl;
 import java.io.IOException;
 import java.io.Serializable;
 import java.text.ParseException;
-import java.util.Collection;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.HashSet;
-import java.util.LinkedHashSet;
 import java.util.Map;
 import java.util.Map.Entry;
 import java.util.Set;
@@ -51,11 +49,8 @@ import org.mitre.openid.connect.service.MITREidDataService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.oauth2.provider.OAuth2Authentication;
-import org.springframework.security.oauth2.provider.OAuth2Request;
 import org.springframework.stereotype.Service;
 
 import com.google.gson.stream.JsonReader;
@@ -65,7 +60,6 @@ import com.nimbusds.jose.EncryptionMethod;
 import com.nimbusds.jose.JWEAlgorithm;
 import com.nimbusds.jose.JWSAlgorithm;
 
-import static org.mitre.util.JsonUtils.base64UrlDecodeObject;
 import static org.mitre.util.JsonUtils.readMap;
 import static org.mitre.util.JsonUtils.readSet;
 import static org.mitre.util.JsonUtils.writeNullSafeArray;
@@ -508,6 +502,10 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 				// the object ended, we're done here
 				reader.endObject();
 				continue;
+			default:
+				logger.debug("Found unexpected entry");
+				reader.skipValue();
+				continue;
 			}
 		}
 		fixObjectReferences();
@@ -765,6 +763,10 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 					reader.skipValue();
 				}
 				break;
+			default:
+				logger.debug("Found unexpected entry");
+				reader.skipValue();
+				continue;
 			}
 		}