github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Removed references to DefaultAuthorizationRequest in connect code

pull/340/head
Amanda Anganes 2013-04-08 10:37:13 -04:00
parent e17eaa499e
commit a723c9d921
4 changed files with 13 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
openid-connect-server/src/main/java/org/mitre/oauth2/token/ChainedTokenGranter.java
View File

@ -16,7 +16,6 @@ import org.springframework.security.oauth2.common.exceptions.InvalidScopeExcepti
import org.springframework.security.oauth2.common.exceptions.InvalidTokenException; import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
import org.springframework.security.oauth2.provider.AuthorizationRequest; import org.springframework.security.oauth2.provider.AuthorizationRequest;
import org.springframework.security.oauth2.provider.AuthorizationRequestManager; import org.springframework.security.oauth2.provider.AuthorizationRequestManager;
import org.springframework.security.oauth2.provider.DefaultAuthorizationRequest;
import org.springframework.security.oauth2.provider.OAuth2Authentication; import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.token.AbstractTokenGranter; import org.springframework.security.oauth2.provider.token.AbstractTokenGranter;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
@ -77,7 +76,7 @@ public class ChainedTokenGranter extends AbstractTokenGranter {
if (approvedScopes.containsAll(requestedScopes)) { if (approvedScopes.containsAll(requestedScopes)) {
// build an appropriate auth request to hand to the token services layer // build an appropriate auth request to hand to the token services layer
DefaultAuthorizationRequest outgoingAuthRequest = new DefaultAuthorizationRequest(authorizationRequest); AuthorizationRequest outgoingAuthRequest = authorizationRequestManager.createFromExisting(authorizationRequest);
outgoingAuthRequest.setApproved(true); outgoingAuthRequest.setApproved(true);
if (requestedScopes.isEmpty()) { if (requestedScopes.isEmpty()) {
// if there are no scopes, inherit the original scopes from the token // if there are no scopes, inherit the original scopes from the token

8
openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectAuthorizationRequestManager.java
View File

@ -103,10 +103,10 @@ public class ConnectAuthorizationRequestManager implements AuthorizationRequestM
scopes = clientScopes; scopes = clientScopes;
} }
ConnectAuthorizationRequest request = new ConnectAuthorizationRequest();
// note that we have to inject the processed parameters in at this point so that SECOAUTH can find them later (and this object will get copy-constructored away anyway) request.setApprovalParameters(parameters);
DefaultAuthorizationRequest request = new DefaultAuthorizationRequest(parameters, Collections.<String, String> emptyMap(), clientId, scopes); request.setClientId(clientId);
request.addClientDetails(client); request.setScope(scopes);
return request; return request;
} }

1
openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java
View File

@ -15,7 +15,6 @@
******************************************************************************/ ******************************************************************************/
package org.mitre.openid.connect.token; package org.mitre.openid.connect.token;
import java.security.NoSuchAlgorithmException;
import java.util.Date; import java.util.Date;
import java.util.Set; import java.util.Set;
import java.util.UUID; import java.util.UUID;

24
openid-connect-server/src/main/java/org/mitre/openid/connect/token/TofuUserApprovalHandler.java
View File

@ -30,7 +30,6 @@ import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.provider.AuthorizationRequest; import org.springframework.security.oauth2.provider.AuthorizationRequest;
import org.springframework.security.oauth2.provider.ClientDetails; import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientDetailsService; import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.DefaultAuthorizationRequest;
import org.springframework.security.oauth2.provider.approval.UserApprovalHandler; import org.springframework.security.oauth2.provider.approval.UserApprovalHandler;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
@ -138,11 +137,9 @@ public class TofuUserApprovalHandler implements UserApprovalHandler {
ap.setAccessDate(new Date()); ap.setAccessDate(new Date());
approvedSiteService.save(ap); approvedSiteService.save(ap);
// TODO: WHY DAVE WHY authorizationRequest.setApproved(true);
DefaultAuthorizationRequest ar = new DefaultAuthorizationRequest(authorizationRequest);
ar.setApproved(true);
return ar; return authorizationRequest;
} }
} }
} }
@ -153,24 +150,19 @@ public class TofuUserApprovalHandler implements UserApprovalHandler {
//Create an approved site //Create an approved site
approvedSiteService.createApprovedSite(clientId, userId, null, ws.getAllowedScopes(), ws); approvedSiteService.createApprovedSite(clientId, userId, null, ws.getAllowedScopes(), ws);
// TODO: WHY DAVE WHY authorizationRequest.setApproved(true);
DefaultAuthorizationRequest ar = new DefaultAuthorizationRequest(authorizationRequest);
ar.setApproved(true);
return ar; return authorizationRequest;
} }
// This must be re-parsed here because SECOAUTH forces us to call things in a strange order // This must be re-parsed here because SECOAUTH forces us to call things in a strange order
boolean approved = Boolean.parseBoolean(authorizationRequest.getApprovalParameters().get("user_oauth_approval")); boolean approved = Boolean.parseBoolean(authorizationRequest.getApprovalParameters().get("user_oauth_approval"));
if (approved && !authorizationRequest.getApprovalParameters().isEmpty()) { if (approved && !authorizationRequest.getApprovalParameters().isEmpty()) {
// TODO: Get SECOAUTH to stop breaking polymorphism and start using real objects, SRSLY
DefaultAuthorizationRequest ar = new DefaultAuthorizationRequest(authorizationRequest);
// process scopes from user input // process scopes from user input
Set<String> allowedScopes = Sets.newHashSet(); Set<String> allowedScopes = Sets.newHashSet();
Map<String,String> approvalParams = ar.getApprovalParameters(); Map<String,String> approvalParams = authorizationRequest.getApprovalParameters();
Set<String> keys = approvalParams.keySet(); Set<String> keys = approvalParams.keySet();
@ -191,10 +183,10 @@ public class TofuUserApprovalHandler implements UserApprovalHandler {
// inject the user-allowed scopes into the auth request // inject the user-allowed scopes into the auth request
// TODO: for the moment this allows both upscoping and downscoping. // TODO: for the moment this allows both upscoping and downscoping.
ar.setScope(allowedScopes); authorizationRequest.setScope(allowedScopes);
//Only store an ApprovedSite if the user has checked "remember this decision": //Only store an ApprovedSite if the user has checked "remember this decision":
String remember = ar.getApprovalParameters().get("remember"); String remember = authorizationRequest.getApprovalParameters().get("remember");
if (!Strings.isNullOrEmpty(remember) && !remember.equals("none")) { if (!Strings.isNullOrEmpty(remember) && !remember.equals("none")) {
Date timeout = null; Date timeout = null;
@ -210,7 +202,7 @@ public class TofuUserApprovalHandler implements UserApprovalHandler {
// TODO: should we set approved here? It gets called later via the isApproved method in this class... // TODO: should we set approved here? It gets called later via the isApproved method in this class...
return ar; return authorizationRequest;
} }
return authorizationRequest; return authorizationRequest;