added new exception for userinfo, addresses #133

12 years ago · a65504c0cb
parent c5244db1a2
commit a65504c0cb
4 changed files with 57 additions and 12 deletions
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UserNotFoundException.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/exception/UserNotFoundException.java
@ -0,0 +1,25 @@
+package org.mitre.openid.connect.exception;
+
+public class UserNotFoundException extends RuntimeException {
+
+	public UserNotFoundException() {
+	    super();
+	    // TODO Auto-generated constructor stub
+    }
+
+	public UserNotFoundException(String message, Throwable cause) {
+	    super(message, cause);
+	    // TODO Auto-generated constructor stub
+    }
+
+	public UserNotFoundException(String message) {
+	    super(message);
+	    // TODO Auto-generated constructor stub
+    }
+
+	public UserNotFoundException(Throwable cause) {
+	    super(cause);
+	    // TODO Auto-generated constructor stub
+    }
+
+}
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java
@ -16,9 +16,11 @@
 package org.mitre.openid.connect.web;

 import java.security.Principal;
+import java.util.Map;

 import org.mitre.oauth2.service.OAuth2TokenEntityService;
 import org.mitre.openid.connect.exception.UnknownUserInfoSchemaException;
+import org.mitre.openid.connect.exception.UserNotFoundException;
 import org.mitre.openid.connect.model.UserInfo;
 import org.mitre.openid.connect.service.UserInfoService;
 import org.springframework.beans.factory.annotation.Autowired;
@ -31,6 +33,8 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;

+import com.google.common.collect.ImmutableMap;
+
 /**
 * OpenID Connect UserInfo endpoint, as specified in Standard sec 5 and Messages sec 2.4.
 * 
@ -41,13 +45,18 @@ import org.springframework.web.bind.annotation.RequestParam;
 public class UserInfoEndpoint {

 	@Autowired
-	OAuth2TokenEntityService tokenService;
+	private OAuth2TokenEntityService tokenService;
 	
 	@Autowired
-	UserInfoService userInfoService;
+	private UserInfoService userInfoService;
+	
+	private Map<String, String> schemaToViewNameMap = ImmutableMap.of(
+			openIdSchema, jsonUserInfoViewName, 
+			pocoSchema, pocoUserInfoViewName
+	);
 	
 	// Valid schemas and associated views
-	private static final String openIdSchema = "openId";
+	private static final String openIdSchema = "openid";
 	private static final String pocoSchema = "poco";
 	private static final String jsonUserInfoViewName = "jsonUserInfoView";
 	private static final String pocoUserInfoViewName = "pocoUserInfoView";
@ -58,27 +67,24 @@ public class UserInfoEndpoint {
 	 * @throws UsernameNotFoundException		if the user does not exist or cannot be found
 	 * @throws UnknownUserInfoSchemaException	if an unknown schema is used
 	 */
-	@PreAuthorize("hasRole('ROLE_USER') and #oauth2.hasScope('openid')") // TODO: need to add the check for the "openid" scope, which is REQUIRED
+	@PreAuthorize("hasRole('ROLE_USER') and #oauth2.hasScope('openid')")
 	@RequestMapping(value="/userinfo", method= {RequestMethod.GET, RequestMethod.POST})
 	public String getInfo(Principal p, @RequestParam("schema") String schema, Model model) {

 		if (p == null) {
-			throw new UsernameNotFoundException("Invalid User"); 
+			throw new UserNotFoundException("Invalid User"); 
 		}

-		String viewName = null;
-		if (schema.equalsIgnoreCase( openIdSchema )){
-			viewName = jsonUserInfoViewName;
-		} else if (schema.equalsIgnoreCase( pocoSchema )) {
-			viewName = pocoUserInfoViewName;
-		} else {
+		String viewName = schemaToViewNameMap.get(schema);
+		if (viewName == null) {
 			throw new UnknownUserInfoSchemaException("Unknown User Info Schema: " + schema );
 		}
+
 		String userId = p.getName(); 
 		UserInfo userInfo = userInfoService.getByUserId(userId);
 		
 		if (userInfo == null) {
-			throw new UsernameNotFoundException("Invalid User"); 
+			throw new UserNotFoundException("User not found: " + userId); 
 		}
 		
 		if (p instanceof OAuth2Authentication) {
--- a/openid-connect-server/src/main/webapp/WEB-INF/application-context.xml
+++ b/openid-connect-server/src/main/webapp/WEB-INF/application-context.xml
@ -147,6 +147,7 @@
 				<prop key="org.mitre.openid.connect.web.InvalidJwtSignatureException">exceptionAsJSONView</prop>
 				<prop key="org.mitre.openid.connect.web.ExpiredTokenException">exceptionAsJSONView</prop>
 				<prop key="org.mitre.openid.connect.web.InvalidJwtIssuerException">exceptionAsJSONView</prop>
+				<prop key="org.mitre.openid.connect.exception.UserNotFoundException">exception/usernotfound</prop>
 			</props>
 		</property>
 	</bean>
--- a/openid-connect-server/src/main/webapp/WEB-INF/views/exception/usernotfound.jsp
+++ b/openid-connect-server/src/main/webapp/WEB-INF/views/exception/usernotfound.jsp
@ -0,0 +1,13 @@
+<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
+    pageEncoding="ISO-8859-1"%>
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+<title>User Not Found</title>
+</head>
+<body>
+<% response.setStatus(404); %>
+<h1>Error: requested user was not found</h1>
+</body>
+</html>