diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java
index 2747b6f3a..363f2f4ab 100644
--- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java
+++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java
@@ -16,6 +16,7 @@ import org.springframework.security.oauth2.provider.code.AuthorizationRequestHol
/**
* Entity class for authorization codes
+ *
* @author aanganes
*
*/
@@ -40,9 +41,10 @@ public class AuthorizationCodeEntity {
}
/**
- * Create a new AuthorizationCodeEntity with the given code.
+ * Create a new AuthorizationCodeEntity with the given code and AuthorizationRequestHolder.
*
- * @param code the authorization code
+ * @param code the authorization code
+ * @param authRequest the AuthoriztionRequestHolder associated with the original code request
*/
public AuthorizationCodeEntity(String code, AuthorizationRequestHolder authRequest) {
this.code = code;
diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java
index 6510f8852..bdd2e295d 100644
--- a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java
+++ b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java
@@ -5,12 +5,28 @@ import org.springframework.security.oauth2.common.exceptions.InvalidGrantExcepti
import org.springframework.security.oauth2.provider.code.AuthorizationRequestHolder;
/**
- * @author amanda
+ * Interface for saving and consuming OAuth2 authorization codes as AuthorizationCodeEntitys.
+ *
+ * @author aanganes
*
*/
public interface AuthorizationCodeRepository {
+ /**
+ * Save an AuthorizationCodeEntity to the repository
+ *
+ * @param authorizationCode the AuthorizationCodeEntity to save
+ * @return the saved AuthorizationCodeEntity
+ */
public AuthorizationCodeEntity save(AuthorizationCodeEntity authorizationCode);
+ /**
+ * Consume an authorization code.
+ *
+ * @param code the authorization code value
+ * @return the authentication associated with the code
+ * @throws InvalidGrantException if no AuthorizationCodeEntity is found with the given value
+ */
public AuthorizationRequestHolder consume(String code) throws InvalidGrantException;
+
}
diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java
index e549735fb..13e1a4350 100644
--- a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java
@@ -16,6 +16,8 @@ import org.springframework.stereotype.Repository;
import org.springframework.transaction.annotation.Transactional;
/**
+ * JPA AuthorizationCodeRepository implementation.
+ *
* @author aanganes
*
*/
@@ -54,7 +56,8 @@ public class JpaAuthorizationCodeRepository implements AuthorizationCodeReposito
}
AuthorizationRequestHolder authRequest = result.getAuthorizationRequestHolder();
- //authRequest.getAuthenticationRequest();
+
+ manager.remove(result);
return authRequest;
diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java
index fff72ce5b..7c2c0fbc6 100644
--- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java
@@ -13,6 +13,8 @@ import org.springframework.security.oauth2.provider.code.AuthorizationRequestHol
import org.springframework.stereotype.Service;
/**
+ * Database-backed, random-value authorization code service implementation.
+ *
* @author aanganes
*
*/
@@ -24,8 +26,13 @@ public class DefaultOAuth2AuthorizationCodeService implements AuthorizationCodeS
private RandomValueStringGenerator generator = new RandomValueStringGenerator();
- /* (non-Javadoc)
- * @see org.springframework.security.oauth2.provider.code.AuthorizationCodeServices#createAuthorizationCode(org.springframework.security.oauth2.provider.code.AuthorizationRequestHolder)
+ /**
+ * Generate a random authorization code and create an AuthorizationCodeEntity,
+ * which will be stored in the repository.
+ *
+ * @param authentication the authentication of the current user, to be retrieved when the
+ * code is consumed
+ * @return the authorization code
*/
@Override
public String createAuthorizationCode(AuthorizationRequestHolder authentication) {
@@ -37,8 +44,15 @@ public class DefaultOAuth2AuthorizationCodeService implements AuthorizationCodeS
return code;
}
- /* (non-Javadoc)
- * @see org.springframework.security.oauth2.provider.code.AuthorizationCodeServices#consumeAuthorizationCode(java.lang.String)
+ /**
+ * Consume a given authorization code.
+ * Match the provided string to an AuthorizationCodeEntity. If one is found, return
+ * the authentication associated with the code. If one is not found, throw an
+ * InvalidGrantException.
+ *
+ * @param code the authorization code
+ * @return the authentication that made the original request
+ * @throws InvalidGrantException, if an AuthorizationCodeEntity is not found with the given value
*/
@Override
public AuthorizationRequestHolder consumeAuthorizationCode(String code) throws InvalidGrantException {
@@ -47,10 +61,16 @@ public class DefaultOAuth2AuthorizationCodeService implements AuthorizationCodeS
return auth;
}
+ /**
+ * @return the repository
+ */
public AuthorizationCodeRepository getRepository() {
return repository;
}
+ /**
+ * @param repository the repository to set
+ */
public void setRepository(AuthorizationCodeRepository repository) {
this.repository = repository;
}