github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

removed structured scopes

pull/1187/head
Justin Richer 2017-01-17 17:06:04 -05:00
parent 524794fe2e
commit b17a7f43ae
21 changed files with 39 additions and 278 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java
View File

@ -53,9 +53,6 @@ public class SystemScope {
private String icon; // class of the icon to display on the auth page
private boolean defaultScope = false; // is this a default scope for newly-registered clients?
private boolean restricted = false; // is this scope restricted to admin-only registration access?
private boolean structured = false; // is this a default scope for newly-registered clients?
private String structuredParamDescription;
private String structuredValue;
/**
* Make a blank system scope with no value
@ -162,52 +159,6 @@ public class SystemScope {
this.restricted = restricted;
}
/**
* @return the isStructured status
*/
@Basic
@Column(name = "structured")
public boolean isStructured() {
return structured;
}
/**
* @param structured the structured to set
*/
public void setStructured(boolean structured) {
this.structured = structured;
}
@Basic
@Column(name = "structured_param_description")
public String getStructuredParamDescription() {
return structuredParamDescription;
}
/**
* @param isStructured the isStructured to set
*/
public void setStructuredParamDescription(String d) {
this.structuredParamDescription = d;
}
/**
* @return the structuredValue
*/
@Transient // we don't save the value of a system scope separately
public String getStructuredValue() {
return structuredValue;
}
/**
* @param structuredValue the structuredValue to set
*/
public void setStructuredValue(String structuredValue) {
this.structuredValue = structuredValue;
}
/* (non-Javadoc)
* @see java.lang.Object#hashCode()
*/
@ -221,13 +172,6 @@ public class SystemScope {
result = prime * result + ((icon == null) ? 0 : icon.hashCode());
result = prime * result + ((id == null) ? 0 : id.hashCode());
result = prime * result + (restricted ? 1231 : 1237);
result = prime * result + (structured ? 1231 : 1237);
result = prime
* result
+ ((structuredParamDescription == null) ? 0
: structuredParamDescription.hashCode());
result = prime * result
+ ((structuredValue == null) ? 0 : structuredValue.hashCode());
result = prime * result + ((value == null) ? 0 : value.hashCode());
return result;
}
@ -274,24 +218,6 @@ public class SystemScope {
if (restricted != other.restricted) {
return false;
}
if (structured != other.structured) {
return false;
}
if (structuredParamDescription == null) {
if (other.structuredParamDescription != null) {
return false;
}
} else if (!structuredParamDescription
.equals(other.structuredParamDescription)) {
return false;
}
if (structuredValue == null) {
if (other.structuredValue != null) {
return false;
}
} else if (!structuredValue.equals(other.structuredValue)) {
return false;
}
if (value == null) {
if (other.value != null) {
return false;
@ -309,10 +235,7 @@ public class SystemScope {
public String toString() {
return "SystemScope [id=" + id + ", value=" + value + ", description="
+ description + ", icon=" + icon + ", defaultScope="
+ defaultScope + ", restricted=" + restricted + ", structured="
+ structured + ", structuredParamDescription="
+ structuredParamDescription + ", structuredValue="
+ structuredValue + "]";
+ defaultScope + ", restricted=" + restricted + "]";
}
}

7
openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java
View File

@ -96,12 +96,7 @@ public interface SystemScopeService {
public Set<String> toStrings(Set<SystemScope> scope);
/**
* Test whether the scopes in both sets are compatible, with special
* processing for structured scopes. All scopes in "actual" must exist in
* "expected". If a scope in "expected" is structured and has a value, it
* must be matched exactly by its corresponding scope in "actual". If a
* scope in "expected" is structured but has no value, it may be matched by
* a scope with or without a value in "actual".
* Test whether the scopes in both sets are compatible. All scopes in "actual" must exist in "expected".
*/
public boolean scopesMatch(Set<String> expected, Set<String> actual);

5
openid-connect-server-webapp/src/main/resources/db/hsql/hsql_database_tables.sql
View File

@ -10,7 +10,8 @@ CREATE TABLE IF NOT EXISTS access_token (
refresh_token_id BIGINT,
client_id BIGINT,
auth_holder_id BIGINT,
approved_site_id BIGINT
approved_site_id BIGINT,
UNIQUE(token_value)
);
CREATE TABLE IF NOT EXISTS access_token_permissions (
@ -235,8 +236,6 @@ CREATE TABLE IF NOT EXISTS system_scope (
icon VARCHAR(256),
restricted BOOLEAN DEFAULT false NOT NULL,
default_scope BOOLEAN DEFAULT false NOT NULL,
structured BOOLEAN DEFAULT false NOT NULL,
structured_param_description VARCHAR(256),
UNIQUE (scope)
);

4
openid-connect-server-webapp/src/main/resources/db/hsql/loading_temp_tables.sql
View File

@ -69,7 +69,5 @@ CREATE TEMPORARY TABLE IF NOT EXISTS system_scope_TEMP (
description VARCHAR(4096),
icon VARCHAR(256),
restricted BOOLEAN,
default_scope BOOLEAN,
structured BOOLEAN,
structured_param_description VARCHAR(256)
default_scope BOOLEAN
);

18
openid-connect-server-webapp/src/main/resources/db/hsql/scopes.sql
View File

@ -10,23 +10,23 @@ START TRANSACTION;
-- Insert scope information into the temporary tables.
--
INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope, structured, structured_param_description) VALUES
('openid', 'log in using your identity', 'user', false, true, false, null),
('profile', 'basic profile information', 'list-alt', false, true, false, null),
('email', 'email address', 'envelope', false, true, false, null),
('address', 'physical address', 'home', false, true, false, null),
('phone', 'telephone number', 'bell', false, true, false, null),
('offline_access', 'offline access', 'time', false, false, false, null);
INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope) VALUES
('openid', 'log in using your identity', 'user', false, true),
('profile', 'basic profile information', 'list-alt', false, true),
('email', 'email address', 'envelope', false, true),
('address', 'physical address', 'home', false, true),
('phone', 'telephone number', 'bell', false, true),
('offline_access', 'offline access', 'time', false, false);
--
-- Merge the temporary scopes safely into the database. This is a two-step process to keep scopes from being created on every startup with a persistent store.
--
MERGE INTO system_scope
USING (SELECT scope, description, icon, restricted, default_scope, structured, structured_param_description FROM system_scope_TEMP) AS vals(scope, description, icon, restricted, default_scope, structured, structured_param_description)
USING (SELECT scope, description, icon, restricted, default_scope FROM system_scope_TEMP) AS vals(scope, description, icon, restricted, default_scope)
ON vals.scope = system_scope.scope
WHEN NOT MATCHED THEN
INSERT (scope, description, icon, restricted, default_scope, structured, structured_param_description) VALUES(vals.scope, vals.description, vals.icon, vals.restricted, vals.default_scope, vals.structured, vals.structured_param_description);
INSERT (scope, description, icon, restricted, default_scope) VALUES(vals.scope, vals.description, vals.icon, vals.restricted, vals.default_scope);
COMMIT;

2
openid-connect-server-webapp/src/main/webapp/WEB-INF/authz-config.xml
View File

@ -52,7 +52,7 @@
<bean id="oauthAccessDeniedHandler" class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler" />
<bean id="oauthRequestValidator" class="org.mitre.oauth2.token.StructuredScopeAwareOAuth2RequestValidator" />
<bean id="oauthRequestValidator" class="org.mitre.oauth2.token.ScopeServiceAwareOAuth2RequestValidator" />
<!-- Error page handler. -->
<mvc:view-controller path="/error" view-name="error" />

4
openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approve.jsp
View File

@ -218,10 +218,6 @@
</span>
</c:if>
<c:if test="${ scope.structured }">
<input name="scopeparam_${ fn:escapeXml(scope.value) }" type="text" value="${ fn:escapeXml(scope.structuredValue) }" placeholder="${ fn:escapeXml(scope.structuredParamDescription) }">
</c:if>
</label>
</c:forEach>

3
openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json
View File

@ -306,9 +306,6 @@
"icon": "Icon",
"new": "New Scope",
"select-icon": "Select an icon",
"structured": "is a structured scope",
"structured-help": "Is the scope structured with structured values like <code>base:extension</code>?",
"structured-param-help": "Human-readable description of the structured parameter",
"subject-type": "Subject Type",
"value": "Scope value",
"value-help": "Single string with no spaces",

21
openid-connect-server-webapp/src/main/webapp/resources/js/scope.js
View File

@ -23,10 +23,7 @@ var SystemScopeModel = Backbone.Model.extend({
icon:null,
value:null,
defaultScope:false,
restricted:false,
structured:false,
structuredParamDescription:null,
structuredValue:null
restricted:false
},
urlRoot: 'api/scopes'
@ -267,8 +264,7 @@ var SystemScopeFormView = Backbone.View.extend({
events:{
'click .btn-save':'saveScope',
'click .btn-cancel': function() {app.navigate('admin/scope', {trigger: true}); },
'click .btn-icon':'selectIcon',
'change #isStructured input':'toggleStructuredParamDescription'
'click .btn-icon':'selectIcon'
},
load:function(callback) {
@ -290,14 +286,6 @@ var SystemScopeFormView = Backbone.View.extend({
},
toggleStructuredParamDescription:function(e) {
if ($('#isStructured input', this.el).is(':checked')) {
$('#structuredParamDescription', this.el).show();
} else {
$('#structuredParamDescription', this.el).hide();
}
},
saveScope:function(e) {
e.preventDefault();
@ -313,9 +301,7 @@ var SystemScopeFormView = Backbone.View.extend({
description:$('#description textarea').val(),
icon:$('#iconDisplay input').val(),
defaultScope:$('#defaultScope input').is(':checked'),
restricted:$('#restricted input').is(':checked'),
structured:$('#isStructured input').is(':checked'),
structuredParamDescription:$('#structuredParamDescription input').val()
restricted:$('#restricted input').is(':checked')
});
if (valid) {
@ -356,7 +342,6 @@ var SystemScopeFormView = Backbone.View.extend({
$("#iconSelector .modal-body", this.el).append(this.iconTemplate({items:items}));
}, this);
this.toggleStructuredParamDescription();
$(this.el).i18n();
return this;
}

13
openid-connect-server-webapp/src/main/webapp/resources/template/scope.html
View File

@ -155,19 +155,6 @@
</div>
</div>
<div class="control-group">
<div class="controls" id="isStructured">
<label class="checkbox">
<input type="checkbox" <%-structured ? 'checked' : '' %>> <span data-i18n="scope.system-scope-form.structured">is a structured scope</span>
</label>
<p class="help-block" data-i18n="[html]scope.system-scope-form.structured-help">Is the scope structured with structured values like <code>base:extension</code>?</p>
</div>
<div class="controls" id="structuredParamDescription">
<input type="text" value="<%-structuredParamDescription ? structuredParamDescription : '' %>">
<p class="help-block" data-i18n="scope.system-scope-form.structured-param-help">Human-readable description of the structured parameter</p>
</div>
</div>
<div class="well well-small">
<button class="btn btn-small btn-save btn-success"><i class="icon-ok-circle icon-white"></i> <span data-i18n="common.save">Save</span></button> &nbsp;
<button class="btn btn-small btn-cancel"><i class="icon-ban-circle"></i> <span data-i18n="common.cancel">Cancel</span></button>

41
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java
View File

@ -76,20 +76,11 @@ public class DefaultSystemScopeService implements SystemScopeService {
if (Strings.isNullOrEmpty(input)) {
return null;
} else {
List<String> parts = parseStructuredScopeValue(input);
String base = parts.get(0); // the first part is the base
// get the real scope if it's available
SystemScope s = getByValue(base);
SystemScope s = getByValue(input);
if (s == null) {
// make a fake one otherwise
s = new SystemScope(base);
if (parts.size() > 1) {
s.setStructured(true);
}
}
if (s.isStructured() && parts.size() > 1) {
s.setStructuredValue(parts.get(1));
s = new SystemScope(input);
}
return s;
@ -103,11 +94,7 @@ public class DefaultSystemScopeService implements SystemScopeService {
if (input == null) {
return null;
} else {
if (input.isStructured() && !Strings.isNullOrEmpty(input.getStructuredValue())) {
return Joiner.on(":").join(input.getValue(), input.getStructuredValue());
} else {
return input.getValue();
}
return input.getValue();
}
}
};
@ -181,11 +168,6 @@ public class DefaultSystemScopeService implements SystemScopeService {
}
}
// parse a structured scope string into its components
private List<String> parseStructuredScopeValue(String value) {
return Lists.newArrayList(Splitter.on(":").split(value));
}
/* (non-Javadoc)
* @see org.mitre.oauth2.service.SystemScopeService#scopesMatch(java.util.Set, java.util.Set)
*/
@ -198,22 +180,7 @@ public class DefaultSystemScopeService implements SystemScopeService {
for (SystemScope actScope : act) {
// first check to see if there's an exact match
if (!ex.contains(actScope)) {
// we didn't find an exact match
if (actScope.isStructured() && !Strings.isNullOrEmpty(actScope.getStructuredValue())) {
// if we didn't get an exact match but the actual scope is structured, we need to check further
// first, find the "base" scope for this
SystemScope base = getByValue(actScope.getValue());
if (!ex.contains(base)) {
// if the expected doesn't contain the base scope, fail
return false;
} else {
// we did find an exact match, need to check the rest
}
} else {
// the scope wasn't structured, fail now
return false;
}
return false;
} else {
// if we did find an exact match, we need to check the rest
}

4
openid-connect-server/src/main/java/org/mitre/oauth2/token/StructuredScopeAwareOAuth2RequestValidator.java → openid-connect-server/src/main/java/org/mitre/oauth2/token/ScopeServiceAwareOAuth2RequestValidator.java
View File

@ -32,12 +32,12 @@ import org.springframework.security.oauth2.provider.TokenRequest;
/**
*
* Validates the scopes on a request by comparing them against a client's
* allowed scopes, but allow structured scopes to function.
* allowed scopes, but allow custom scopes to function through the system scopes
*
* @author jricher
*
*/
public class StructuredScopeAwareOAuth2RequestValidator implements OAuth2RequestValidator {
public class ScopeServiceAwareOAuth2RequestValidator implements OAuth2RequestValidator {
@Autowired
private SystemScopeService scopeService;

4
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_1.java
View File

@ -817,9 +817,9 @@ public class MITREidDataService_1_1 extends MITREidDataServiceSupport implements
} else if (name.equals("defaultScope")) {
scope.setDefaultScope(reader.nextBoolean());
} else if (name.equals("structured")) {
scope.setStructured(reader.nextBoolean());
logger.warn("Found a structured scope, ignoring structure");
} else if (name.equals("structuredParameter")) {
scope.setStructuredParamDescription(reader.nextString());
logger.warn("Found a structured scope, ignoring structure");
} else if (name.equals("icon")) {
scope.setIcon(reader.nextString());
} else {

4
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_2.java
View File

@ -808,9 +808,9 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
} else if (name.equals(ICON)) {
scope.setIcon(reader.nextString());
} else if (name.equals(STRUCTURED)) {
scope.setStructured(reader.nextBoolean());
logger.warn("Found a structured scope, ignoring structure");
} else if (name.equals(STRUCTURED_PARAMETER)) {
scope.setStructuredParamDescription(reader.nextString());
logger.warn("Found a structured scope, ignoring structure");
} else {
logger.debug("found unexpected entry");
reader.skipValue();

8
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_3.java
View File

@ -80,8 +80,6 @@ import com.nimbusds.jwt.JWTParser;
public class MITREidDataService_1_3 extends MITREidDataServiceSupport implements MITREidDataService {
private static final String DEFAULT_SCOPE = "defaultScope";
private static final String STRUCTURED_PARAMETER = "structuredParameter";
private static final String STRUCTURED = "structured";
private static final String RESTRICTED = "restricted";
private static final String ICON = "icon";
private static final String DYNAMICALLY_REGISTERED = "dynamicallyRegistered";
@ -525,8 +523,6 @@ public class MITREidDataService_1_3 extends MITREidDataServiceSupport implements
writer.name(ICON).value(sysScope.getIcon());
writer.name(VALUE).value(sysScope.getValue());
writer.name(RESTRICTED).value(sysScope.isRestricted());
writer.name(STRUCTURED).value(sysScope.isStructured());
writer.name(STRUCTURED_PARAMETER).value(sysScope.getStructuredParamDescription());
writer.name(DEFAULT_SCOPE).value(sysScope.isDefaultScope());
writer.endObject();
logger.debug("Wrote system scope {}", sysScope.getId());
@ -1180,10 +1176,6 @@ public class MITREidDataService_1_3 extends MITREidDataServiceSupport implements
scope.setDefaultScope(reader.nextBoolean());
} else if (name.equals(ICON)) {
scope.setIcon(reader.nextString());
} else if (name.equals(STRUCTURED)) {
scope.setStructured(reader.nextBoolean());
} else if (name.equals(STRUCTURED_PARAMETER)) {
scope.setStructuredParamDescription(reader.nextString());
} else {
logger.debug("found unexpected entry");
reader.skipValue();

10
openid-connect-server/src/main/java/org/mitre/openid/connect/token/TofuUserApprovalHandler.java
View File

@ -204,15 +204,7 @@ public class TofuUserApprovalHandler implements UserApprovalHandler {
//Make sure this scope is allowed for the given client
if (systemScopes.scopesMatch(client.getScope(), approveSet)) {
// If it's structured, assign the user-specified parameter
SystemScope systemScope = systemScopes.getByValue(scope);
if (systemScope != null && systemScope.isStructured()){
String paramValue = approvalParams.get("scopeparam_" + scope);
allowedScopes.add(scope + ":"+paramValue);
// .. and if it's unstructured, we're all set
} else {
allowedScopes.add(scope);
}
allowedScopes.add(scope);
}
}

54
openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultSystemScopeService.java
View File

@ -52,8 +52,6 @@ public class TestDefaultSystemScopeService {
private SystemScope defaultScope2;
private SystemScope dynScope1;
private SystemScope restrictedScope1;
private SystemScope structuredScope1;
private SystemScope structuredScope1Value;
private String defaultDynScope1String = "defaultDynScope1";
private String defaultDynScope2String = "defaultDynScope2";
@ -61,8 +59,6 @@ public class TestDefaultSystemScopeService {
private String defaultScope2String = "defaultScope2";
private String dynScope1String = "dynScope1";
private String restrictedScope1String = "restrictedScope1";
private String structuredScope1String = "structuredScope1";
private String structuredValue = "structuredValue";
private Set<SystemScope> allScopes;
private Set<String> allScopeStrings;
@ -105,20 +101,11 @@ public class TestDefaultSystemScopeService {
restrictedScope1.setRestricted(true);
// structuredScope1 : structured scope
structuredScope1 = new SystemScope(structuredScope1String);
structuredScope1.setStructured(true);
allScopes = Sets.newHashSet(defaultDynScope1, defaultDynScope2, defaultScope1, defaultScope2, dynScope1, restrictedScope1);
allScopeStrings = Sets.newHashSet(defaultDynScope1String, defaultDynScope2String, defaultScope1String, defaultScope2String, dynScope1String, restrictedScope1String);
// structuredScope1Value : structured scope with value
structuredScope1Value = new SystemScope(structuredScope1String);
structuredScope1Value.setStructured(true);
structuredScope1Value.setStructuredValue(structuredValue);
allScopes = Sets.newHashSet(defaultDynScope1, defaultDynScope2, defaultScope1, defaultScope2, dynScope1, restrictedScope1, structuredScope1);
allScopeStrings = Sets.newHashSet(defaultDynScope1String, defaultDynScope2String, defaultScope1String, defaultScope2String, dynScope1String, restrictedScope1String, structuredScope1String);
allScopesWithValue = Sets.newHashSet(defaultDynScope1, defaultDynScope2, defaultScope1, defaultScope2, dynScope1, restrictedScope1, structuredScope1, structuredScope1Value);
allScopeStringsWithValue = Sets.newHashSet(defaultDynScope1String, defaultDynScope2String, defaultScope1String, defaultScope2String, dynScope1String, restrictedScope1String, structuredScope1String, structuredScope1String + ":" + structuredValue);
allScopesWithValue = Sets.newHashSet(defaultDynScope1, defaultDynScope2, defaultScope1, defaultScope2, dynScope1, restrictedScope1);
allScopeStringsWithValue = Sets.newHashSet(defaultDynScope1String, defaultDynScope2String, defaultScope1String, defaultScope2String, dynScope1String, restrictedScope1String);
Mockito.when(repository.getByValue(defaultDynScope1String)).thenReturn(defaultDynScope1);
Mockito.when(repository.getByValue(defaultDynScope2String)).thenReturn(defaultDynScope2);
@ -126,16 +113,6 @@ public class TestDefaultSystemScopeService {
Mockito.when(repository.getByValue(defaultScope2String)).thenReturn(defaultScope2);
Mockito.when(repository.getByValue(dynScope1String)).thenReturn(dynScope1);
Mockito.when(repository.getByValue(restrictedScope1String)).thenReturn(restrictedScope1);
// we re-use this value so we've got to use thenAnswer instead
Mockito.when(repository.getByValue(structuredScope1String)).thenAnswer(new Answer<SystemScope>() {
@Override
public SystemScope answer(InvocationOnMock invocation) throws Throwable {
SystemScope s = new SystemScope(structuredScope1String);
s.setStructured(true);
return s;
}
});
Mockito.when(repository.getAll()).thenReturn(allScopes);
}
@ -157,7 +134,7 @@ public class TestDefaultSystemScopeService {
@Test
public void getUnrestricted() {
Set<SystemScope> unrestricted = Sets.newHashSet(defaultDynScope1, defaultDynScope2, dynScope1, structuredScope1);
Set<SystemScope> unrestricted = Sets.newHashSet(defaultDynScope1, defaultDynScope2, dynScope1);
assertThat(service.getUnrestricted(), equalTo(unrestricted));
}
@ -210,25 +187,4 @@ public class TestDefaultSystemScopeService {
assertThat(service.scopesMatch(expected, actualBad), is(false));
}
@Test
public void scopesMatch_structured() {
Set<String> expected = Sets.newHashSet("foo", "bar", "baz");
Set<String> actualGood = Sets.newHashSet("foo:value", "baz", "bar");
Set<String> actualBad = Sets.newHashSet("foo:value", "bar:value");
// note: we have to use "thenAnswer" here to mimic the repository not serializing the structuredValue field
Mockito.when(repository.getByValue("foo")).thenAnswer(new Answer<SystemScope>() {
@Override
public SystemScope answer(InvocationOnMock invocation) throws Throwable {
SystemScope foo = new SystemScope("foo");
foo.setStructured(true);
return foo;
}
});
assertThat(service.scopesMatch(expected, actualGood), is(true));
assertThat(service.scopesMatch(expected, actualBad), is(false));
}
}

10
openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestMITREidDataService_1_1.java
View File

@ -782,8 +782,6 @@ public class TestMITREidDataService_1_1 {
scope3.setRestricted(false);
scope3.setDefaultScope(true);
scope3.setIcon("road");
scope3.setStructured(true);
scope3.setStructuredParamDescription("Structured Parameter");
String configJson = "{" +
"\"" + MITREidDataService.CLIENTS + "\": [], " +
@ -797,7 +795,7 @@ public class TestMITREidDataService_1_1 {
"{\"id\":1,\"description\":\"Scope 1\",\"icon\":\"glass\",\"value\":\"scope1\",\"allowDynReg\":false,\"defaultScope\":false}," +
"{\"id\":2,\"description\":\"Scope 2\",\"icon\":\"ball\",\"value\":\"scope2\",\"allowDynReg\":true,\"defaultScope\":false}," +
"{\"id\":3,\"description\":\"Scope 3\",\"icon\":\"road\",\"value\":\"scope3\",\"allowDynReg\":true,\"defaultScope\":true,\"structured\":true,\"structuredParameter\":\"Structured Parameter\"}" +
"{\"id\":3,\"description\":\"Scope 3\",\"icon\":\"road\",\"value\":\"scope3\",\"allowDynReg\":true,\"defaultScope\":true}" +
" ]" +
"}";
@ -817,24 +815,18 @@ public class TestMITREidDataService_1_1 {
assertThat(savedScopes.get(0).getIcon(), equalTo(scope1.getIcon()));
assertThat(savedScopes.get(0).isDefaultScope(), equalTo(scope1.isDefaultScope()));
assertThat(savedScopes.get(0).isRestricted(), equalTo(scope1.isRestricted()));
assertThat(savedScopes.get(0).isStructured(), equalTo(scope1.isStructured()));
assertThat(savedScopes.get(0).getStructuredParamDescription(), equalTo(scope1.getStructuredParamDescription()));
assertThat(savedScopes.get(1).getValue(), equalTo(scope2.getValue()));
assertThat(savedScopes.get(1).getDescription(), equalTo(scope2.getDescription()));
assertThat(savedScopes.get(1).getIcon(), equalTo(scope2.getIcon()));
assertThat(savedScopes.get(1).isDefaultScope(), equalTo(scope2.isDefaultScope()));
assertThat(savedScopes.get(1).isRestricted(), equalTo(scope2.isRestricted()));
assertThat(savedScopes.get(1).isStructured(), equalTo(scope2.isStructured()));
assertThat(savedScopes.get(1).getStructuredParamDescription(), equalTo(scope2.getStructuredParamDescription()));
assertThat(savedScopes.get(2).getValue(), equalTo(scope3.getValue()));
assertThat(savedScopes.get(2).getDescription(), equalTo(scope3.getDescription()));
assertThat(savedScopes.get(2).getIcon(), equalTo(scope3.getIcon()));
assertThat(savedScopes.get(2).isDefaultScope(), equalTo(scope3.isDefaultScope()));
assertThat(savedScopes.get(2).isRestricted(), equalTo(scope3.isRestricted()));
assertThat(savedScopes.get(2).isStructured(), equalTo(scope3.isStructured()));
assertThat(savedScopes.get(2).getStructuredParamDescription(), equalTo(scope3.getStructuredParamDescription()));
}

10
openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestMITREidDataService_1_2.java
View File

@ -797,8 +797,6 @@ public class TestMITREidDataService_1_2 {
scope3.setRestricted(false);
scope3.setDefaultScope(true);
scope3.setIcon("road");
scope3.setStructured(true);
scope3.setStructuredParamDescription("Structured Parameter");
String configJson = "{" +
"\"" + MITREidDataService.CLIENTS + "\": [], " +
@ -812,7 +810,7 @@ public class TestMITREidDataService_1_2 {
"{\"id\":1,\"description\":\"Scope 1\",\"icon\":\"glass\",\"value\":\"scope1\",\"restricted\":true,\"defaultScope\":false}," +
"{\"id\":2,\"description\":\"Scope 2\",\"icon\":\"ball\",\"value\":\"scope2\",\"restricted\":false,\"defaultScope\":false}," +
"{\"id\":3,\"description\":\"Scope 3\",\"icon\":\"road\",\"value\":\"scope3\",\"restricted\":false,\"defaultScope\":true,\"structured\":true,\"structuredParameter\":\"Structured Parameter\"}" +
"{\"id\":3,\"description\":\"Scope 3\",\"icon\":\"road\",\"value\":\"scope3\",\"restricted\":false,\"defaultScope\":true}" +
" ]" +
"}";
@ -832,24 +830,18 @@ public class TestMITREidDataService_1_2 {
assertThat(savedScopes.get(0).getIcon(), equalTo(scope1.getIcon()));
assertThat(savedScopes.get(0).isDefaultScope(), equalTo(scope1.isDefaultScope()));
assertThat(savedScopes.get(0).isRestricted(), equalTo(scope1.isRestricted()));
assertThat(savedScopes.get(0).isStructured(), equalTo(scope1.isStructured()));
assertThat(savedScopes.get(0).getStructuredParamDescription(), equalTo(scope1.getStructuredParamDescription()));
assertThat(savedScopes.get(1).getValue(), equalTo(scope2.getValue()));
assertThat(savedScopes.get(1).getDescription(), equalTo(scope2.getDescription()));
assertThat(savedScopes.get(1).getIcon(), equalTo(scope2.getIcon()));
assertThat(savedScopes.get(1).isDefaultScope(), equalTo(scope2.isDefaultScope()));
assertThat(savedScopes.get(1).isRestricted(), equalTo(scope2.isRestricted()));
assertThat(savedScopes.get(1).isStructured(), equalTo(scope2.isStructured()));
assertThat(savedScopes.get(1).getStructuredParamDescription(), equalTo(scope2.getStructuredParamDescription()));
assertThat(savedScopes.get(2).getValue(), equalTo(scope3.getValue()));
assertThat(savedScopes.get(2).getDescription(), equalTo(scope3.getDescription()));
assertThat(savedScopes.get(2).getIcon(), equalTo(scope3.getIcon()));
assertThat(savedScopes.get(2).isDefaultScope(), equalTo(scope3.isDefaultScope()));
assertThat(savedScopes.get(2).isRestricted(), equalTo(scope3.isRestricted()));
assertThat(savedScopes.get(2).isStructured(), equalTo(scope3.isStructured()));
assertThat(savedScopes.get(2).getStructuredParamDescription(), equalTo(scope3.getStructuredParamDescription()));
}

10
openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestMITREidDataService_1_3.java
View File

@ -1669,8 +1669,6 @@ public class TestMITREidDataService_1_3 {
scope3.setRestricted(false);
scope3.setDefaultScope(true);
scope3.setIcon("road");
scope3.setStructured(true);
scope3.setStructuredParamDescription("Structured Parameter");
String configJson = "{" +
"\"" + MITREidDataService.CLIENTS + "\": [], " +
@ -1684,7 +1682,7 @@ public class TestMITREidDataService_1_3 {
"{\"id\":1,\"description\":\"Scope 1\",\"icon\":\"glass\",\"value\":\"scope1\",\"restricted\":true,\"defaultScope\":false}," +
"{\"id\":2,\"description\":\"Scope 2\",\"icon\":\"ball\",\"value\":\"scope2\",\"restricted\":false,\"defaultScope\":false}," +
"{\"id\":3,\"description\":\"Scope 3\",\"icon\":\"road\",\"value\":\"scope3\",\"restricted\":false,\"defaultScope\":true,\"structured\":true,\"structuredParameter\":\"Structured Parameter\"}" +
"{\"id\":3,\"description\":\"Scope 3\",\"icon\":\"road\",\"value\":\"scope3\",\"restricted\":false,\"defaultScope\":true}" +
" ]" +
"}";
@ -1704,24 +1702,18 @@ public class TestMITREidDataService_1_3 {
assertThat(savedScopes.get(0).getIcon(), equalTo(scope1.getIcon()));
assertThat(savedScopes.get(0).isDefaultScope(), equalTo(scope1.isDefaultScope()));
assertThat(savedScopes.get(0).isRestricted(), equalTo(scope1.isRestricted()));
assertThat(savedScopes.get(0).isStructured(), equalTo(scope1.isStructured()));
assertThat(savedScopes.get(0).getStructuredParamDescription(), equalTo(scope1.getStructuredParamDescription()));
assertThat(savedScopes.get(1).getValue(), equalTo(scope2.getValue()));
assertThat(savedScopes.get(1).getDescription(), equalTo(scope2.getDescription()));
assertThat(savedScopes.get(1).getIcon(), equalTo(scope2.getIcon()));
assertThat(savedScopes.get(1).isDefaultScope(), equalTo(scope2.isDefaultScope()));
assertThat(savedScopes.get(1).isRestricted(), equalTo(scope2.isRestricted()));
assertThat(savedScopes.get(1).isStructured(), equalTo(scope2.isStructured()));
assertThat(savedScopes.get(1).getStructuredParamDescription(), equalTo(scope2.getStructuredParamDescription()));
assertThat(savedScopes.get(2).getValue(), equalTo(scope3.getValue()));
assertThat(savedScopes.get(2).getDescription(), equalTo(scope3.getDescription()));
assertThat(savedScopes.get(2).getIcon(), equalTo(scope3.getIcon()));
assertThat(savedScopes.get(2).isDefaultScope(), equalTo(scope3.isDefaultScope()));
assertThat(savedScopes.get(2).isRestricted(), equalTo(scope3.isRestricted()));
assertThat(savedScopes.get(2).isStructured(), equalTo(scope3.isStructured()));
assertThat(savedScopes.get(2).getStructuredParamDescription(), equalTo(scope3.getStructuredParamDescription()));
}

6
uma-server-webapp/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_2.java
View File

@ -726,8 +726,6 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
writer.name(ICON).value(sysScope.getIcon());
writer.name(VALUE).value(sysScope.getValue());
writer.name(RESTRICTED).value(sysScope.isRestricted());
writer.name(STRUCTURED).value(sysScope.isStructured());
writer.name(STRUCTURED_PARAMETER).value(sysScope.getStructuredParamDescription());
writer.name(DEFAULT_SCOPE).value(sysScope.isDefaultScope());
writer.endObject();
logger.debug("Wrote system scope {}", sysScope.getId());
@ -1710,9 +1708,9 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
} else if (name.equals(ICON)) {
scope.setIcon(reader.nextString());
} else if (name.equals(STRUCTURED)) {
scope.setStructured(reader.nextBoolean());
logger.debug("Found a structured scope, ignoring structure");
} else if (name.equals(STRUCTURED_PARAMETER)) {
scope.setStructuredParamDescription(reader.nextString());
logger.debug("Found a structured scope, ignoring structure");
} else {
logger.debug("found unexpected entry");
reader.skipValue();