removed structured scopes

2017-01-17 17:06:04 -05:00 · 2017-01-17 17:06:04 -05:00 · b17a7f43ae
parent 524794fe2e
commit b17a7f43ae
21 changed files with 39 additions and 278 deletions
--- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java
+++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java
@ -53,9 +53,6 @@ public class SystemScope {
 	private String icon; // class of the icon to display on the auth page
 	private boolean defaultScope = false; // is this a default scope for newly-registered clients?
 	private boolean restricted = false; // is this scope restricted to admin-only registration access?
 	private boolean structured = false; // is this a default scope for newly-registered clients?
 	private String structuredParamDescription;
 	private String structuredValue;
 	/**
 	 * Make a blank system scope with no value
@ -162,52 +159,6 @@ public class SystemScope {
 		this.restricted = restricted;
 	}
 	/**
 	 * @return the isStructured status
 	 */
 	@Basic
 	@Column(name = "structured")
 	public boolean isStructured() {
 		return structured;
 	}
 	/**
 	 * @param structured the structured to set
 	 */
 	public void setStructured(boolean structured) {
 		this.structured = structured;
 	}
 	@Basic
 	@Column(name = "structured_param_description")
 	public String getStructuredParamDescription() {
 		return structuredParamDescription;
 	}
 	/**
 	 * @param isStructured the isStructured to set
 	 */
 	public void setStructuredParamDescription(String d) {
 		this.structuredParamDescription = d;
 	}
 	/**
 	 * @return the structuredValue
 	 */
 	@Transient // we don't save the value of a system scope separately
 	public String getStructuredValue() {
 		return structuredValue;
 	}
 	/**
 	 * @param structuredValue the structuredValue to set
 	 */
 	public void setStructuredValue(String structuredValue) {
 		this.structuredValue = structuredValue;
 	}
 	/* (non-Javadoc)
 	 * @see java.lang.Object#hashCode()
 	 */
@ -221,13 +172,6 @@ public class SystemScope {
 		result = prime * result + ((icon == null) ? 0 : icon.hashCode());
 		result = prime * result + ((id == null) ? 0 : id.hashCode());
 		result = prime * result + (restricted ? 1231 : 1237);
 		result = prime * result + (structured ? 1231 : 1237);
 		result = prime
 				* result
 				+ ((structuredParamDescription == null) ? 0
 						: structuredParamDescription.hashCode());
 		result = prime * result
 				+ ((structuredValue == null) ? 0 : structuredValue.hashCode());
 		result = prime * result + ((value == null) ? 0 : value.hashCode());
 		return result;
 	}
@ -274,24 +218,6 @@ public class SystemScope {
 		if (restricted != other.restricted) {
 			return false;
 		}
 		if (structured != other.structured) {
 			return false;
 		}
 		if (structuredParamDescription == null) {
 			if (other.structuredParamDescription != null) {
 				return false;
 			}
 		} else if (!structuredParamDescription
 				.equals(other.structuredParamDescription)) {
 			return false;
 		}
 		if (structuredValue == null) {
 			if (other.structuredValue != null) {
 				return false;
 			}
 		} else if (!structuredValue.equals(other.structuredValue)) {
 			return false;
 		}
 		if (value == null) {
 			if (other.value != null) {
 				return false;
@ -309,10 +235,7 @@ public class SystemScope {
 	public String toString() {
 		return "SystemScope [id=" + id + ", value=" + value + ", description="
 				+ description + ", icon=" + icon + ", defaultScope="
-				+ defaultScope + ", restricted=" + restricted + ", structured="
+				+ defaultScope + ", restricted=" + restricted + "]";
 				+ structured + ", structuredParamDescription="
 				+ structuredParamDescription + ", structuredValue="
 				+ structuredValue + "]";
 	}
 }
--- a/openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java
+++ b/openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java
@ -96,12 +96,7 @@ public interface SystemScopeService {
 	public Set<String> toStrings(Set<SystemScope> scope);
 	/**
-	 * Test whether the scopes in both sets are compatible, with special
+	 * Test whether the scopes in both sets are compatible. All scopes in "actual" must exist in "expected".
 	 * processing for structured scopes. All scopes in "actual" must exist in
 	 * "expected". If a scope in "expected" is structured and has a value, it
 	 * must be matched exactly by its corresponding scope in "actual". If a
 	 * scope in "expected" is structured but has no value, it may be matched by
 	 * a scope with or without a value in "actual".
 	 */
 	public boolean scopesMatch(Set<String> expected, Set<String> actual);
--- a/openid-connect-server-webapp/src/main/resources/db/hsql/hsql_database_tables.sql
+++ b/openid-connect-server-webapp/src/main/resources/db/hsql/hsql_database_tables.sql
@ -10,7 +10,8 @@ CREATE TABLE IF NOT EXISTS access_token (
 	refresh_token_id BIGINT,
 	client_id BIGINT,
 	auth_holder_id BIGINT,
-	approved_site_id BIGINT
+	approved_site_id BIGINT,
 	UNIQUE(token_value)
 );
 CREATE TABLE IF NOT EXISTS access_token_permissions (
@ -235,8 +236,6 @@ CREATE TABLE IF NOT EXISTS system_scope (
 	icon VARCHAR(256),
 	restricted BOOLEAN DEFAULT false NOT NULL,
 	default_scope BOOLEAN DEFAULT false NOT NULL,
 	structured BOOLEAN DEFAULT false NOT NULL,
 	structured_param_description VARCHAR(256),
 	UNIQUE (scope)
 );
--- a/openid-connect-server-webapp/src/main/resources/db/hsql/loading_temp_tables.sql
+++ b/openid-connect-server-webapp/src/main/resources/db/hsql/loading_temp_tables.sql
@ -69,7 +69,5 @@ CREATE TEMPORARY TABLE IF NOT EXISTS system_scope_TEMP (
 	description VARCHAR(4096),
 	icon VARCHAR(256),
 	restricted BOOLEAN,
-	default_scope BOOLEAN,
+	default_scope BOOLEAN
 	structured BOOLEAN,
 	structured_param_description VARCHAR(256)
 );
--- a/openid-connect-server-webapp/src/main/resources/db/hsql/scopes.sql
+++ b/openid-connect-server-webapp/src/main/resources/db/hsql/scopes.sql
@ -10,23 +10,23 @@ START TRANSACTION;
 -- Insert scope information into the temporary tables.
 -- 
-INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope, structured, structured_param_description) VALUES
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope) VALUES
-  ('openid', 'log in using your identity', 'user', false, true, false, null),
+  ('openid', 'log in using your identity', 'user', false, true),
-  ('profile', 'basic profile information', 'list-alt', false, true, false, null),
+  ('profile', 'basic profile information', 'list-alt', false, true),
-  ('email', 'email address', 'envelope', false, true, false, null),
+  ('email', 'email address', 'envelope', false, true),
-  ('address', 'physical address', 'home', false, true, false, null),
+  ('address', 'physical address', 'home', false, true),
-  ('phone', 'telephone number', 'bell', false, true, false, null),
+  ('phone', 'telephone number', 'bell', false, true),
-  ('offline_access', 'offline access', 'time', false, false, false, null);
+  ('offline_access', 'offline access', 'time', false, false);
 --
 -- Merge the temporary scopes safely into the database. This is a two-step process to keep scopes from being created on every startup with a persistent store.
 --
 MERGE INTO system_scope
-	USING (SELECT scope, description, icon, restricted, default_scope, structured, structured_param_description FROM system_scope_TEMP) AS vals(scope, description, icon, restricted, default_scope, structured, structured_param_description)
+	USING (SELECT scope, description, icon, restricted, default_scope  FROM system_scope_TEMP) AS vals(scope, description, icon, restricted, default_scope)
 	ON vals.scope = system_scope.scope
 	WHEN NOT MATCHED THEN
-	  INSERT (scope, description, icon, restricted, default_scope, structured, structured_param_description) VALUES(vals.scope, vals.description, vals.icon, vals.restricted, vals.default_scope, vals.structured, vals.structured_param_description);
+	  INSERT (scope, description, icon, restricted, default_scope) VALUES(vals.scope, vals.description, vals.icon, vals.restricted, vals.default_scope);
 COMMIT;
--- a/openid-connect-server-webapp/src/main/webapp/WEB-INF/authz-config.xml
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/authz-config.xml
@ -52,7 +52,7 @@
 	<bean id="oauthAccessDeniedHandler" class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler" />
-	<bean id="oauthRequestValidator" class="org.mitre.oauth2.token.StructuredScopeAwareOAuth2RequestValidator" />
+	<bean id="oauthRequestValidator" class="org.mitre.oauth2.token.ScopeServiceAwareOAuth2RequestValidator" />
 	<!-- Error page handler. -->
 	<mvc:view-controller path="/error" view-name="error" />
--- a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approve.jsp
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approve.jsp
@ -218,10 +218,6 @@
 									</span>
 								</c:if>
 								<c:if test="${ scope.structured }">
 									<input name="scopeparam_${ fn:escapeXml(scope.value) }" type="text" value="${ fn:escapeXml(scope.structuredValue) }" placeholder="${ fn:escapeXml(scope.structuredParamDescription) }">
 								</c:if>
 							</label>
 						</c:forEach>
--- a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json
@ -306,9 +306,6 @@
            "icon": "Icon",
            "new": "New Scope",
            "select-icon": "Select an icon",
            "structured": "is a structured scope",
            "structured-help": "Is the scope structured with structured values like <code>base:extension</code>?",
            "structured-param-help": "Human-readable description of the structured parameter",
            "subject-type": "Subject Type",
            "value": "Scope value",
            "value-help": "Single string with no spaces",
--- a/openid-connect-server-webapp/src/main/webapp/resources/js/scope.js
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/scope.js
@ -23,10 +23,7 @@ var SystemScopeModel = Backbone.Model.extend({
 		icon:null,
 		value:null,
 		defaultScope:false,
-		restricted:false,
+		restricted:false
 		structured:false,
 		structuredParamDescription:null,
 		structuredValue:null
 	},
 	urlRoot: 'api/scopes'
@ -267,8 +264,7 @@ var SystemScopeFormView = Backbone.View.extend({
 	events:{
 		'click .btn-save':'saveScope',
 		'click .btn-cancel': function() {app.navigate('admin/scope', {trigger: true}); },
-		'click .btn-icon':'selectIcon',
+		'click .btn-icon':'selectIcon'
 		'change #isStructured input':'toggleStructuredParamDescription'
 	},
 	load:function(callback) {
@ -290,14 +286,6 @@ var SystemScopeFormView = Backbone.View.extend({
 	},
 	toggleStructuredParamDescription:function(e) {
 		if ($('#isStructured input', this.el).is(':checked')) {
 			$('#structuredParamDescription', this.el).show();
 		} else {
 			$('#structuredParamDescription', this.el).hide();
 		}
 	},
 	saveScope:function(e) {
    	e.preventDefault();
@ -313,9 +301,7 @@ var SystemScopeFormView = Backbone.View.extend({
 			description:$('#description textarea').val(),
 			icon:$('#iconDisplay input').val(),
 			defaultScope:$('#defaultScope input').is(':checked'),
-			restricted:$('#restricted input').is(':checked'),
+			restricted:$('#restricted input').is(':checked')
 			structured:$('#isStructured input').is(':checked'),
 			structuredParamDescription:$('#structuredParamDescription input').val()
 		});
 		if (valid) {
@ -356,7 +342,6 @@ var SystemScopeFormView = Backbone.View.extend({
 			$("#iconSelector .modal-body", this.el).append(this.iconTemplate({items:items}));
 		}, this);
 		this.toggleStructuredParamDescription();
        $(this.el).i18n();
 		return this;
 	}
--- a/openid-connect-server-webapp/src/main/webapp/resources/template/scope.html
+++ b/openid-connect-server-webapp/src/main/webapp/resources/template/scope.html
@ -155,19 +155,6 @@
 				</div>
 			</div>
 			<div class="control-group">
 				<div class="controls" id="isStructured">
 					<label class="checkbox">
 						<input type="checkbox" <%-structured ? 'checked' : '' %>> <span data-i18n="scope.system-scope-form.structured">is a structured scope</span>
 					</label>
 					<p class="help-block" data-i18n="[html]scope.system-scope-form.structured-help">Is the scope structured with structured values like <code>base:extension</code>?</p>
 				</div>
 				<div class="controls" id="structuredParamDescription">
 					<input type="text" value="<%-structuredParamDescription ? structuredParamDescription : '' %>">
 					<p class="help-block" data-i18n="scope.system-scope-form.structured-param-help">Human-readable description of the structured parameter</p>
 				</div>
 			</div>
            <div class="well well-small">
                <button class="btn btn-small btn-save btn-success"><i class="icon-ok-circle icon-white"></i> <span data-i18n="common.save">Save</span></button> &nbsp; 
                <button class="btn btn-small btn-cancel"><i class="icon-ban-circle"></i> <span data-i18n="common.cancel">Cancel</span></button>
--- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java
@ -76,20 +76,11 @@ public class DefaultSystemScopeService implements SystemScopeService {
 			if (Strings.isNullOrEmpty(input)) {
 				return null;
 			} else {
 				List<String> parts = parseStructuredScopeValue(input);
 				String base = parts.get(0); // the first part is the base
 				// get the real scope if it's available
-				SystemScope s = getByValue(base);
+				SystemScope s = getByValue(input);
 				if (s == null) {
 					// make a fake one otherwise
-					s = new SystemScope(base);
+					s = new SystemScope(input);
 					if (parts.size() > 1) {
 						s.setStructured(true);
 					}
 				}
 				if (s.isStructured() && parts.size() > 1) {
 					s.setStructuredValue(parts.get(1));
 				}
 				return s;
@ -102,14 +93,10 @@ public class DefaultSystemScopeService implements SystemScopeService {
 		public String apply(SystemScope input) {
 			if (input == null) {
 				return null;
 			} else {
 				if (input.isStructured() && !Strings.isNullOrEmpty(input.getStructuredValue())) {
 					return Joiner.on(":").join(input.getValue(), input.getStructuredValue());
 			} else {
 				return input.getValue();
 			}
 		}
 		}
 	};
 	/* (non-Javadoc)
@ -181,11 +168,6 @@ public class DefaultSystemScopeService implements SystemScopeService {
 		}
 	}
 	// parse a structured scope string into its components
 	private List<String> parseStructuredScopeValue(String value) {
 		return Lists.newArrayList(Splitter.on(":").split(value));
 	}
 	/* (non-Javadoc)
 	 * @see org.mitre.oauth2.service.SystemScopeService#scopesMatch(java.util.Set, java.util.Set)
 	 */
@ -198,22 +180,7 @@ public class DefaultSystemScopeService implements SystemScopeService {
 		for (SystemScope actScope : act) {
 			// first check to see if there's an exact match
 			if (!ex.contains(actScope)) {
 				// we didn't find an exact match
 				if (actScope.isStructured() && !Strings.isNullOrEmpty(actScope.getStructuredValue())) {
 					// if we didn't get an exact match but the actual scope is structured, we need to check further
 					// first, find the "base" scope for this
 					SystemScope base = getByValue(actScope.getValue());
 					if (!ex.contains(base)) {
 						// if the expected doesn't contain the base scope, fail
 				return false;
 					} else {
 						// we did find an exact match, need to check the rest
 					}
 				} else {
 					// the scope wasn't structured, fail now
 					return false;
 				}
 			} else {
 				// if we did find an exact match, we need to check the rest
 			}
--- a/openid-connect-server/src/main/java/org/mitre/oauth2/token/StructuredScopeAwareOAuth2RequestValidator.java
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/token/StructuredScopeAwareOAuth2RequestValidator.java
@ -32,12 +32,12 @@ import org.springframework.security.oauth2.provider.TokenRequest;
 /**
 * 
 * Validates the scopes on a request by comparing them against a client's
- * allowed scopes, but allow structured scopes to function.
+ * allowed scopes, but allow custom scopes to function through the system scopes
 * 
 * @author jricher
 * 
 */
-public class StructuredScopeAwareOAuth2RequestValidator implements OAuth2RequestValidator {
+public class ScopeServiceAwareOAuth2RequestValidator implements OAuth2RequestValidator {
 	@Autowired
 	private SystemScopeService scopeService;
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_1.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_1.java
@ -817,9 +817,9 @@ public class MITREidDataService_1_1 extends MITREidDataServiceSupport implements
 					} else if (name.equals("defaultScope")) {
 						scope.setDefaultScope(reader.nextBoolean());
 					} else if (name.equals("structured")) {
-						scope.setStructured(reader.nextBoolean());
+						logger.warn("Found a structured scope, ignoring structure");
 					} else if (name.equals("structuredParameter")) {
-						scope.setStructuredParamDescription(reader.nextString());
+						logger.warn("Found a structured scope, ignoring structure");
 					} else if (name.equals("icon")) {
 						scope.setIcon(reader.nextString());
 					} else {
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_2.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_2.java
@ -808,9 +808,9 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 					} else if (name.equals(ICON)) {
 						scope.setIcon(reader.nextString());
 					} else if (name.equals(STRUCTURED)) {
-						scope.setStructured(reader.nextBoolean());
+						logger.warn("Found a structured scope, ignoring structure");
 					} else if (name.equals(STRUCTURED_PARAMETER)) {
-						scope.setStructuredParamDescription(reader.nextString());
+						logger.warn("Found a structured scope, ignoring structure");
 					} else {
 						logger.debug("found unexpected entry");
 						reader.skipValue();
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_3.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_3.java
@ -80,8 +80,6 @@ import com.nimbusds.jwt.JWTParser;
 public class MITREidDataService_1_3 extends MITREidDataServiceSupport implements MITREidDataService {
 	private static final String DEFAULT_SCOPE = "defaultScope";
 	private static final String STRUCTURED_PARAMETER = "structuredParameter";
 	private static final String STRUCTURED = "structured";
 	private static final String RESTRICTED = "restricted";
 	private static final String ICON = "icon";
 	private static final String DYNAMICALLY_REGISTERED = "dynamicallyRegistered";
@ -525,8 +523,6 @@ public class MITREidDataService_1_3 extends MITREidDataServiceSupport implements
 				writer.name(ICON).value(sysScope.getIcon());
 				writer.name(VALUE).value(sysScope.getValue());
 				writer.name(RESTRICTED).value(sysScope.isRestricted());
 				writer.name(STRUCTURED).value(sysScope.isStructured());
 				writer.name(STRUCTURED_PARAMETER).value(sysScope.getStructuredParamDescription());
 				writer.name(DEFAULT_SCOPE).value(sysScope.isDefaultScope());
 				writer.endObject();
 				logger.debug("Wrote system scope {}", sysScope.getId());
@ -1180,10 +1176,6 @@ public class MITREidDataService_1_3 extends MITREidDataServiceSupport implements
 						scope.setDefaultScope(reader.nextBoolean());
 					} else if (name.equals(ICON)) {
 						scope.setIcon(reader.nextString());
 					} else if (name.equals(STRUCTURED)) {
 						scope.setStructured(reader.nextBoolean());
 					} else if (name.equals(STRUCTURED_PARAMETER)) {
 						scope.setStructuredParamDescription(reader.nextString());
 					} else {
 						logger.debug("found unexpected entry");
 						reader.skipValue();
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/token/TofuUserApprovalHandler.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/token/TofuUserApprovalHandler.java
@ -204,16 +204,8 @@ public class TofuUserApprovalHandler implements UserApprovalHandler {
 					//Make sure this scope is allowed for the given client
 					if (systemScopes.scopesMatch(client.getScope(), approveSet)) {
 						// If it's structured, assign the user-specified parameter
 						SystemScope systemScope = systemScopes.getByValue(scope);
 						if (systemScope != null && systemScope.isStructured()){
 							String paramValue = approvalParams.get("scopeparam_" + scope);
 							allowedScopes.add(scope + ":"+paramValue);
 							// .. and if it's unstructured, we're all set
 						} else {
 						allowedScopes.add(scope);
 					}
 					}
 				}
 			}
--- a/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultSystemScopeService.java
+++ b/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultSystemScopeService.java
@ -52,8 +52,6 @@ public class TestDefaultSystemScopeService {
 	private SystemScope defaultScope2;
 	private SystemScope dynScope1;
 	private SystemScope restrictedScope1;
 	private SystemScope structuredScope1;
 	private SystemScope structuredScope1Value;
 	private String defaultDynScope1String = "defaultDynScope1";
 	private String defaultDynScope2String = "defaultDynScope2";
@ -61,8 +59,6 @@ public class TestDefaultSystemScopeService {
 	private String defaultScope2String = "defaultScope2";
 	private String dynScope1String = "dynScope1";
 	private String restrictedScope1String = "restrictedScope1";
 	private String structuredScope1String = "structuredScope1";
 	private String structuredValue = "structuredValue";
 	private Set<SystemScope> allScopes;
 	private Set<String> allScopeStrings;
@ -105,20 +101,11 @@ public class TestDefaultSystemScopeService {
 		restrictedScope1.setRestricted(true);
-		// structuredScope1 : structured scope
+		allScopes = Sets.newHashSet(defaultDynScope1, defaultDynScope2, defaultScope1, defaultScope2, dynScope1, restrictedScope1);
-		structuredScope1 = new SystemScope(structuredScope1String);
+		allScopeStrings = Sets.newHashSet(defaultDynScope1String, defaultDynScope2String, defaultScope1String, defaultScope2String, dynScope1String, restrictedScope1String);
 		structuredScope1.setStructured(true);
-		// structuredScope1Value : structured scope with value
+		allScopesWithValue = Sets.newHashSet(defaultDynScope1, defaultDynScope2, defaultScope1, defaultScope2, dynScope1, restrictedScope1);
-		structuredScope1Value = new SystemScope(structuredScope1String);
+		allScopeStringsWithValue = Sets.newHashSet(defaultDynScope1String, defaultDynScope2String, defaultScope1String, defaultScope2String, dynScope1String, restrictedScope1String);
 		structuredScope1Value.setStructured(true);
 		structuredScope1Value.setStructuredValue(structuredValue);
 		allScopes = Sets.newHashSet(defaultDynScope1, defaultDynScope2, defaultScope1, defaultScope2, dynScope1, restrictedScope1, structuredScope1);
 		allScopeStrings = Sets.newHashSet(defaultDynScope1String, defaultDynScope2String, defaultScope1String, defaultScope2String, dynScope1String, restrictedScope1String, structuredScope1String);
 		allScopesWithValue = Sets.newHashSet(defaultDynScope1, defaultDynScope2, defaultScope1, defaultScope2, dynScope1, restrictedScope1, structuredScope1, structuredScope1Value);
 		allScopeStringsWithValue = Sets.newHashSet(defaultDynScope1String, defaultDynScope2String, defaultScope1String, defaultScope2String, dynScope1String, restrictedScope1String, structuredScope1String, structuredScope1String + ":" + structuredValue);
 		Mockito.when(repository.getByValue(defaultDynScope1String)).thenReturn(defaultDynScope1);
 		Mockito.when(repository.getByValue(defaultDynScope2String)).thenReturn(defaultDynScope2);
@ -126,16 +113,6 @@ public class TestDefaultSystemScopeService {
 		Mockito.when(repository.getByValue(defaultScope2String)).thenReturn(defaultScope2);
 		Mockito.when(repository.getByValue(dynScope1String)).thenReturn(dynScope1);
 		Mockito.when(repository.getByValue(restrictedScope1String)).thenReturn(restrictedScope1);
 		// we re-use this value so we've got to use thenAnswer instead
 		Mockito.when(repository.getByValue(structuredScope1String)).thenAnswer(new Answer<SystemScope>() {
 			@Override
 			public SystemScope answer(InvocationOnMock invocation) throws Throwable {
 				SystemScope s = new SystemScope(structuredScope1String);
 				s.setStructured(true);
 				return s;
 			}
 		});
 		Mockito.when(repository.getAll()).thenReturn(allScopes);
 	}
@ -157,7 +134,7 @@ public class TestDefaultSystemScopeService {
 	@Test
 	public void getUnrestricted() {
-		Set<SystemScope> unrestricted = Sets.newHashSet(defaultDynScope1, defaultDynScope2, dynScope1, structuredScope1);
+		Set<SystemScope> unrestricted = Sets.newHashSet(defaultDynScope1, defaultDynScope2, dynScope1);
 		assertThat(service.getUnrestricted(), equalTo(unrestricted));
 	}
@ -210,25 +187,4 @@ public class TestDefaultSystemScopeService {
 		assertThat(service.scopesMatch(expected, actualBad), is(false));
 	}
 	@Test
 	public void scopesMatch_structured() {
 		Set<String> expected = Sets.newHashSet("foo", "bar", "baz");
 		Set<String> actualGood = Sets.newHashSet("foo:value", "baz", "bar");
 		Set<String> actualBad = Sets.newHashSet("foo:value", "bar:value");
 		// note: we have to use "thenAnswer" here to mimic the repository not serializing the structuredValue field
 		Mockito.when(repository.getByValue("foo")).thenAnswer(new Answer<SystemScope>() {
 			@Override
 			public SystemScope answer(InvocationOnMock invocation) throws Throwable {
 				SystemScope foo = new SystemScope("foo");
 				foo.setStructured(true);
 				return foo;
 			}
 		});
 		assertThat(service.scopesMatch(expected, actualGood), is(true));
 		assertThat(service.scopesMatch(expected, actualBad), is(false));
 	}
 }
--- a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestMITREidDataService_1_1.java
+++ b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestMITREidDataService_1_1.java
@ -782,8 +782,6 @@ public class TestMITREidDataService_1_1 {
 		scope3.setRestricted(false);
 		scope3.setDefaultScope(true);
 		scope3.setIcon("road");
 		scope3.setStructured(true);
 		scope3.setStructuredParamDescription("Structured Parameter");
 		String configJson = "{" +
 				"\"" + MITREidDataService.CLIENTS + "\": [], " +
@ -797,7 +795,7 @@ public class TestMITREidDataService_1_1 {
 				"{\"id\":1,\"description\":\"Scope 1\",\"icon\":\"glass\",\"value\":\"scope1\",\"allowDynReg\":false,\"defaultScope\":false}," +
 				"{\"id\":2,\"description\":\"Scope 2\",\"icon\":\"ball\",\"value\":\"scope2\",\"allowDynReg\":true,\"defaultScope\":false}," +
-				"{\"id\":3,\"description\":\"Scope 3\",\"icon\":\"road\",\"value\":\"scope3\",\"allowDynReg\":true,\"defaultScope\":true,\"structured\":true,\"structuredParameter\":\"Structured Parameter\"}" +
+				"{\"id\":3,\"description\":\"Scope 3\",\"icon\":\"road\",\"value\":\"scope3\",\"allowDynReg\":true,\"defaultScope\":true}" +
 				"  ]" +
 				"}";
@ -817,24 +815,18 @@ public class TestMITREidDataService_1_1 {
 		assertThat(savedScopes.get(0).getIcon(), equalTo(scope1.getIcon()));
 		assertThat(savedScopes.get(0).isDefaultScope(), equalTo(scope1.isDefaultScope()));
 		assertThat(savedScopes.get(0).isRestricted(), equalTo(scope1.isRestricted()));
 		assertThat(savedScopes.get(0).isStructured(), equalTo(scope1.isStructured()));
 		assertThat(savedScopes.get(0).getStructuredParamDescription(), equalTo(scope1.getStructuredParamDescription()));
 		assertThat(savedScopes.get(1).getValue(), equalTo(scope2.getValue()));
 		assertThat(savedScopes.get(1).getDescription(), equalTo(scope2.getDescription()));
 		assertThat(savedScopes.get(1).getIcon(), equalTo(scope2.getIcon()));
 		assertThat(savedScopes.get(1).isDefaultScope(), equalTo(scope2.isDefaultScope()));
 		assertThat(savedScopes.get(1).isRestricted(), equalTo(scope2.isRestricted()));
 		assertThat(savedScopes.get(1).isStructured(), equalTo(scope2.isStructured()));
 		assertThat(savedScopes.get(1).getStructuredParamDescription(), equalTo(scope2.getStructuredParamDescription()));
 		assertThat(savedScopes.get(2).getValue(), equalTo(scope3.getValue()));
 		assertThat(savedScopes.get(2).getDescription(), equalTo(scope3.getDescription()));
 		assertThat(savedScopes.get(2).getIcon(), equalTo(scope3.getIcon()));
 		assertThat(savedScopes.get(2).isDefaultScope(), equalTo(scope3.isDefaultScope()));
 		assertThat(savedScopes.get(2).isRestricted(), equalTo(scope3.isRestricted()));
 		assertThat(savedScopes.get(2).isStructured(), equalTo(scope3.isStructured()));
 		assertThat(savedScopes.get(2).getStructuredParamDescription(), equalTo(scope3.getStructuredParamDescription()));
 	}
--- a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestMITREidDataService_1_2.java
+++ b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestMITREidDataService_1_2.java
@ -797,8 +797,6 @@ public class TestMITREidDataService_1_2 {
 		scope3.setRestricted(false);
 		scope3.setDefaultScope(true);
 		scope3.setIcon("road");
 		scope3.setStructured(true);
 		scope3.setStructuredParamDescription("Structured Parameter");
 		String configJson = "{" +
 				"\"" + MITREidDataService.CLIENTS + "\": [], " +
@ -812,7 +810,7 @@ public class TestMITREidDataService_1_2 {
 				"{\"id\":1,\"description\":\"Scope 1\",\"icon\":\"glass\",\"value\":\"scope1\",\"restricted\":true,\"defaultScope\":false}," +
 				"{\"id\":2,\"description\":\"Scope 2\",\"icon\":\"ball\",\"value\":\"scope2\",\"restricted\":false,\"defaultScope\":false}," +
-				"{\"id\":3,\"description\":\"Scope 3\",\"icon\":\"road\",\"value\":\"scope3\",\"restricted\":false,\"defaultScope\":true,\"structured\":true,\"structuredParameter\":\"Structured Parameter\"}" +
+				"{\"id\":3,\"description\":\"Scope 3\",\"icon\":\"road\",\"value\":\"scope3\",\"restricted\":false,\"defaultScope\":true}" +
 				"  ]" +
 				"}";
@ -832,24 +830,18 @@ public class TestMITREidDataService_1_2 {
 		assertThat(savedScopes.get(0).getIcon(), equalTo(scope1.getIcon()));
 		assertThat(savedScopes.get(0).isDefaultScope(), equalTo(scope1.isDefaultScope()));
 		assertThat(savedScopes.get(0).isRestricted(), equalTo(scope1.isRestricted()));
 		assertThat(savedScopes.get(0).isStructured(), equalTo(scope1.isStructured()));
 		assertThat(savedScopes.get(0).getStructuredParamDescription(), equalTo(scope1.getStructuredParamDescription()));
 		assertThat(savedScopes.get(1).getValue(), equalTo(scope2.getValue()));
 		assertThat(savedScopes.get(1).getDescription(), equalTo(scope2.getDescription()));
 		assertThat(savedScopes.get(1).getIcon(), equalTo(scope2.getIcon()));
 		assertThat(savedScopes.get(1).isDefaultScope(), equalTo(scope2.isDefaultScope()));
 		assertThat(savedScopes.get(1).isRestricted(), equalTo(scope2.isRestricted()));
 		assertThat(savedScopes.get(1).isStructured(), equalTo(scope2.isStructured()));
 		assertThat(savedScopes.get(1).getStructuredParamDescription(), equalTo(scope2.getStructuredParamDescription()));
 		assertThat(savedScopes.get(2).getValue(), equalTo(scope3.getValue()));
 		assertThat(savedScopes.get(2).getDescription(), equalTo(scope3.getDescription()));
 		assertThat(savedScopes.get(2).getIcon(), equalTo(scope3.getIcon()));
 		assertThat(savedScopes.get(2).isDefaultScope(), equalTo(scope3.isDefaultScope()));
 		assertThat(savedScopes.get(2).isRestricted(), equalTo(scope3.isRestricted()));
 		assertThat(savedScopes.get(2).isStructured(), equalTo(scope3.isStructured()));
 		assertThat(savedScopes.get(2).getStructuredParamDescription(), equalTo(scope3.getStructuredParamDescription()));
 	}
--- a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestMITREidDataService_1_3.java
+++ b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestMITREidDataService_1_3.java
@ -1669,8 +1669,6 @@ public class TestMITREidDataService_1_3 {
 		scope3.setRestricted(false);
 		scope3.setDefaultScope(true);
 		scope3.setIcon("road");
 		scope3.setStructured(true);
 		scope3.setStructuredParamDescription("Structured Parameter");
 		String configJson = "{" +
 				"\"" + MITREidDataService.CLIENTS + "\": [], " +
@ -1684,7 +1682,7 @@ public class TestMITREidDataService_1_3 {
 				"{\"id\":1,\"description\":\"Scope 1\",\"icon\":\"glass\",\"value\":\"scope1\",\"restricted\":true,\"defaultScope\":false}," +
 				"{\"id\":2,\"description\":\"Scope 2\",\"icon\":\"ball\",\"value\":\"scope2\",\"restricted\":false,\"defaultScope\":false}," +
-				"{\"id\":3,\"description\":\"Scope 3\",\"icon\":\"road\",\"value\":\"scope3\",\"restricted\":false,\"defaultScope\":true,\"structured\":true,\"structuredParameter\":\"Structured Parameter\"}" +
+				"{\"id\":3,\"description\":\"Scope 3\",\"icon\":\"road\",\"value\":\"scope3\",\"restricted\":false,\"defaultScope\":true}" +
 				"  ]" +
 				"}";
@ -1704,24 +1702,18 @@ public class TestMITREidDataService_1_3 {
 		assertThat(savedScopes.get(0).getIcon(), equalTo(scope1.getIcon()));
 		assertThat(savedScopes.get(0).isDefaultScope(), equalTo(scope1.isDefaultScope()));
 		assertThat(savedScopes.get(0).isRestricted(), equalTo(scope1.isRestricted()));
 		assertThat(savedScopes.get(0).isStructured(), equalTo(scope1.isStructured()));
 		assertThat(savedScopes.get(0).getStructuredParamDescription(), equalTo(scope1.getStructuredParamDescription()));
 		assertThat(savedScopes.get(1).getValue(), equalTo(scope2.getValue()));
 		assertThat(savedScopes.get(1).getDescription(), equalTo(scope2.getDescription()));
 		assertThat(savedScopes.get(1).getIcon(), equalTo(scope2.getIcon()));
 		assertThat(savedScopes.get(1).isDefaultScope(), equalTo(scope2.isDefaultScope()));
 		assertThat(savedScopes.get(1).isRestricted(), equalTo(scope2.isRestricted()));
 		assertThat(savedScopes.get(1).isStructured(), equalTo(scope2.isStructured()));
 		assertThat(savedScopes.get(1).getStructuredParamDescription(), equalTo(scope2.getStructuredParamDescription()));
 		assertThat(savedScopes.get(2).getValue(), equalTo(scope3.getValue()));
 		assertThat(savedScopes.get(2).getDescription(), equalTo(scope3.getDescription()));
 		assertThat(savedScopes.get(2).getIcon(), equalTo(scope3.getIcon()));
 		assertThat(savedScopes.get(2).isDefaultScope(), equalTo(scope3.isDefaultScope()));
 		assertThat(savedScopes.get(2).isRestricted(), equalTo(scope3.isRestricted()));
 		assertThat(savedScopes.get(2).isStructured(), equalTo(scope3.isStructured()));
 		assertThat(savedScopes.get(2).getStructuredParamDescription(), equalTo(scope3.getStructuredParamDescription()));
 	}
--- a/uma-server-webapp/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_2.java
+++ b/uma-server-webapp/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_2.java
@ -726,8 +726,6 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 				writer.name(ICON).value(sysScope.getIcon());
 				writer.name(VALUE).value(sysScope.getValue());
 				writer.name(RESTRICTED).value(sysScope.isRestricted());
 				writer.name(STRUCTURED).value(sysScope.isStructured());
 				writer.name(STRUCTURED_PARAMETER).value(sysScope.getStructuredParamDescription());
 				writer.name(DEFAULT_SCOPE).value(sysScope.isDefaultScope());
 				writer.endObject();
 				logger.debug("Wrote system scope {}", sysScope.getId());
@ -1710,9 +1708,9 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
 					} else if (name.equals(ICON)) {
 						scope.setIcon(reader.nextString());
 					} else if (name.equals(STRUCTURED)) {
-						scope.setStructured(reader.nextBoolean());
+						logger.debug("Found a structured scope, ignoring structure");
 					} else if (name.equals(STRUCTURED_PARAMETER)) {
-						scope.setStructuredParamDescription(reader.nextString());
+						logger.debug("Found a structured scope, ignoring structure");
 					} else {
 						logger.debug("found unexpected entry");
 						reader.skipValue();