From ab4d1da9d4befca04429e3b0ba4c39463283201d Mon Sep 17 00:00:00 2001
From: William Kim <wkim@mitre.org>
Date: Thu, 27 Jun 2013 15:36:11 -0400
Subject: [PATCH] added logger warning if issuer url does not use http scheme.

---
 .../config/ConfigurationPropertiesBean.java     | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java
index 40ef7007f..234f97cc7 100644
--- a/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java
+++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java
@@ -16,6 +16,11 @@
  ******************************************************************************/
 package org.mitre.openid.connect.config;
 
+import javax.annotation.PostConstruct;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
 
 
 /**
@@ -28,6 +33,8 @@ package org.mitre.openid.connect.config;
  */
 public class ConfigurationPropertiesBean {
 
+	private static Logger logger = LoggerFactory.getLogger(ConfigurationPropertiesBean.class);
+	
 	private String issuer;
 
 	private String topbarTitle;
@@ -37,6 +44,16 @@ public class ConfigurationPropertiesBean {
 	public ConfigurationPropertiesBean() {
 
 	}
+	
+	/**
+	 * Endpoints protected by TLS must have https scheme in the URI.
+	 */
+	@PostConstruct
+	public void checkForHttps() {
+		if (!issuer.substring(0, 5).equalsIgnoreCase("https")) {
+			logger.warn("Configured issuer url is not using https scheme.");
+		}
+	}
 
 	/**
 	 * @return the issuer baseUrl