added new exception for userinfo, addresses #133
Justin Richer
parent
c5244db1a2
commit
a65504c0cb
|
|
@ -0,0 +1,25 @@
|
||||||
|
package org.mitre.openid.connect.exception;
|
||||||
|
|
||||||
|
public class UserNotFoundException extends RuntimeException {
|
||||||
|
|
||||||
|
public UserNotFoundException() {
|
||||||
|
super();
|
||||||
|
// TODO Auto-generated constructor stub
|
||||||
|
}
|
||||||
|
|
||||||
|
public UserNotFoundException(String message, Throwable cause) {
|
||||||
|
super(message, cause);
|
||||||
|
// TODO Auto-generated constructor stub
|
||||||
|
}
|
||||||
|
|
||||||
|
public UserNotFoundException(String message) {
|
||||||
|
super(message);
|
||||||
|
// TODO Auto-generated constructor stub
|
||||||
|
}
|
||||||
|
|
||||||
|
public UserNotFoundException(Throwable cause) {
|
||||||
|
super(cause);
|
||||||
|
// TODO Auto-generated constructor stub
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
@ -16,9 +16,11 @@
|
||||||
package org.mitre.openid.connect.web;
|
package org.mitre.openid.connect.web;
|
||||||
|
|
||||||
import java.security.Principal;
|
import java.security.Principal;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
import org.mitre.oauth2.service.OAuth2TokenEntityService;
|
import org.mitre.oauth2.service.OAuth2TokenEntityService;
|
||||||
import org.mitre.openid.connect.exception.UnknownUserInfoSchemaException;
|
import org.mitre.openid.connect.exception.UnknownUserInfoSchemaException;
|
||||||
|
import org.mitre.openid.connect.exception.UserNotFoundException;
|
||||||
import org.mitre.openid.connect.model.UserInfo;
|
import org.mitre.openid.connect.model.UserInfo;
|
||||||
import org.mitre.openid.connect.service.UserInfoService;
|
import org.mitre.openid.connect.service.UserInfoService;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
|
@ -31,6 +33,8 @@ import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
import org.springframework.web.bind.annotation.RequestMethod;
|
import org.springframework.web.bind.annotation.RequestMethod;
|
||||||
import org.springframework.web.bind.annotation.RequestParam;
|
import org.springframework.web.bind.annotation.RequestParam;
|
||||||
|
|
||||||
|
import com.google.common.collect.ImmutableMap;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* OpenID Connect UserInfo endpoint, as specified in Standard sec 5 and Messages sec 2.4.
|
* OpenID Connect UserInfo endpoint, as specified in Standard sec 5 and Messages sec 2.4.
|
||||||
*
|
*
|
||||||
|
|
@ -41,13 +45,18 @@ import org.springframework.web.bind.annotation.RequestParam;
|
||||||
public class UserInfoEndpoint {
|
public class UserInfoEndpoint {
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
OAuth2TokenEntityService tokenService;
|
private OAuth2TokenEntityService tokenService;
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
UserInfoService userInfoService;
|
private UserInfoService userInfoService;
|
||||||
|
|
||||||
|
private Map<String, String> schemaToViewNameMap = ImmutableMap.of(
|
||||||
|
openIdSchema, jsonUserInfoViewName,
|
||||||
|
pocoSchema, pocoUserInfoViewName
|
||||||
|
);
|
||||||
|
|
||||||
// Valid schemas and associated views
|
// Valid schemas and associated views
|
||||||
private static final String openIdSchema = "openId";
|
private static final String openIdSchema = "openid";
|
||||||
private static final String pocoSchema = "poco";
|
private static final String pocoSchema = "poco";
|
||||||
private static final String jsonUserInfoViewName = "jsonUserInfoView";
|
private static final String jsonUserInfoViewName = "jsonUserInfoView";
|
||||||
private static final String pocoUserInfoViewName = "pocoUserInfoView";
|
private static final String pocoUserInfoViewName = "pocoUserInfoView";
|
||||||
|
|
@ -58,27 +67,24 @@ public class UserInfoEndpoint {
|
||||||
* @throws UsernameNotFoundException if the user does not exist or cannot be found
|
* @throws UsernameNotFoundException if the user does not exist or cannot be found
|
||||||
* @throws UnknownUserInfoSchemaException if an unknown schema is used
|
* @throws UnknownUserInfoSchemaException if an unknown schema is used
|
||||||
*/
|
*/
|
||||||
@PreAuthorize("hasRole('ROLE_USER') and #oauth2.hasScope('openid')") // TODO: need to add the check for the "openid" scope, which is REQUIRED
|
@PreAuthorize("hasRole('ROLE_USER') and #oauth2.hasScope('openid')")
|
||||||
@RequestMapping(value="/userinfo", method= {RequestMethod.GET, RequestMethod.POST})
|
@RequestMapping(value="/userinfo", method= {RequestMethod.GET, RequestMethod.POST})
|
||||||
public String getInfo(Principal p, @RequestParam("schema") String schema, Model model) {
|
public String getInfo(Principal p, @RequestParam("schema") String schema, Model model) {
|
||||||
|
|
||||||
if (p == null) {
|
if (p == null) {
|
||||||
throw new UsernameNotFoundException("Invalid User");
|
throw new UserNotFoundException("Invalid User");
|
||||||
}
|
}
|
||||||
|
|
||||||
String viewName = null;
|
String viewName = schemaToViewNameMap.get(schema);
|
||||||
if (schema.equalsIgnoreCase( openIdSchema )){
|
if (viewName == null) {
|
||||||
viewName = jsonUserInfoViewName;
|
|
||||||
} else if (schema.equalsIgnoreCase( pocoSchema )) {
|
|
||||||
viewName = pocoUserInfoViewName;
|
|
||||||
} else {
|
|
||||||
throw new UnknownUserInfoSchemaException("Unknown User Info Schema: " + schema );
|
throw new UnknownUserInfoSchemaException("Unknown User Info Schema: " + schema );
|
||||||
}
|
}
|
||||||
|
|
||||||
String userId = p.getName();
|
String userId = p.getName();
|
||||||
UserInfo userInfo = userInfoService.getByUserId(userId);
|
UserInfo userInfo = userInfoService.getByUserId(userId);
|
||||||
|
|
||||||
if (userInfo == null) {
|
if (userInfo == null) {
|
||||||
throw new UsernameNotFoundException("Invalid User");
|
throw new UserNotFoundException("User not found: " + userId);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (p instanceof OAuth2Authentication) {
|
if (p instanceof OAuth2Authentication) {
|
||||||
|
|
|
||||||
|
|
@ -147,6 +147,7 @@
|
||||||
<prop key="org.mitre.openid.connect.web.InvalidJwtSignatureException">exceptionAsJSONView</prop>
|
<prop key="org.mitre.openid.connect.web.InvalidJwtSignatureException">exceptionAsJSONView</prop>
|
||||||
<prop key="org.mitre.openid.connect.web.ExpiredTokenException">exceptionAsJSONView</prop>
|
<prop key="org.mitre.openid.connect.web.ExpiredTokenException">exceptionAsJSONView</prop>
|
||||||
<prop key="org.mitre.openid.connect.web.InvalidJwtIssuerException">exceptionAsJSONView</prop>
|
<prop key="org.mitre.openid.connect.web.InvalidJwtIssuerException">exceptionAsJSONView</prop>
|
||||||
|
<prop key="org.mitre.openid.connect.exception.UserNotFoundException">exception/usernotfound</prop>
|
||||||
</props>
|
</props>
|
||||||
</property>
|
</property>
|
||||||
</bean>
|
</bean>
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,13 @@
|
||||||
|
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
|
||||||
|
pageEncoding="ISO-8859-1"%>
|
||||||
|
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
|
||||||
|
<title>User Not Found</title>
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<% response.setStatus(404); %>
|
||||||
|
<h1>Error: requested user was not found</h1>
|
||||||
|
</body>
|
||||||
|
</html>
|
||||||
Loading…
Reference in New Issue