Made nonce storage duration configurable in application-context.xml;

openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectAuthorizationRequestManager.java

@@ -11,6 +11,9 @@ import org.joda.time.Period;
 import org.mitre.oauth2.exception.NonceReuseException;
 import org.mitre.openid.connect.model.Nonce;
 import org.mitre.openid.connect.service.NonceService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.InitializingBean;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.oauth2.common.exceptions.InvalidClientException;
 import org.springframework.security.oauth2.common.exceptions.InvalidScopeException;
@@ -23,16 +26,17 @@ import org.springframework.security.oauth2.provider.DefaultAuthorizationRequest;
 import org.springframework.stereotype.Component;
 
 @Component
-public class ConnectAuthorizationRequestManager implements AuthorizationRequestManager {
+public class ConnectAuthorizationRequestManager implements AuthorizationRequestManager, InitializingBean {
 
+	private static Logger logger = LoggerFactory.getLogger(ConnectAuthorizationRequestManager.class);
+	
 	@Autowired
 	private NonceService nonceService;
 	
 	@Autowired
 	private ClientDetailsService clientDetailsService;
 	
-	//TODO how to specify this? Should use int "nonceValiditySeconds" instead?
+	private Period nonceStorageDuration;
-	private Period nonceStorageDuration = new Period(1, 0, 0, 0, 0, 0, 0, 0);
 
 	/**
 	 * Constructor with arguments
@@ -51,6 +55,15 @@ public class ConnectAuthorizationRequestManager implements AuthorizationRequestM
 	public ConnectAuthorizationRequestManager() {
 		
 	}
+	
+	/**
+	 * Make sure that the nonce storage duration was set
+	 */
+	public void afterPropertiesSet() throws Exception {
+		if (nonceStorageDuration == null) {
+			logger.error("Nonce storage duration must be set!");
+		}
+	}
 
 	@Override
 	public AuthorizationRequest createAuthorizationRequest(Map<String, String> parameters) {

openid-connect-server/src/main/webapp/WEB-INF/application-context.xml

@@ -140,6 +140,14 @@
 		<authentication-provider user-service-ref="clientUserDetailsService" />
 	</authentication-manager>
 	
+	<!-- A JodaTime Period for the nonce storage duration. Constructor takes (hours, minutes, seconds, milliseconds). -->
+	<bean id="nonceStorageDurationPeriod"  class="org.joda.time.Period">
+		<constructor-arg type="int" index="0" value="24"/>
+		<constructor-arg type="int" index="1" value="0"/>
+		<constructor-arg type="int" index="2" value="0"/>
+		<constructor-arg type="int" index="3" value="0"/>
+	</bean>
+	
 	<bean id="authorizationRequestManager" class="org.mitre.openid.connect.ConnectAuthorizationRequestManager">
 		<constructor-arg>
 			<bean class="org.mitre.oauth2.service.impl.DefaultOAuth2ClientDetailsEntityService" />
@@ -147,6 +155,7 @@
 		<constructor-arg>
 			<bean class="org.mitre.openid.connect.service.impl.DefaultNonceService" />
 		</constructor-arg>
+		<property name="nonceStorageDuration" ref="nonceStorageDurationPeriod"/>
 	</bean>
 
 	<bean class="org.mitre.openid.connect.token.TofuUserApprovalHandler" id="jdbcUserApprovalHandler">