github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

removed embedded JOSE classes in favor of converters

pull/819/merge
Justin Richer 2015-05-20 18:09:41 -04:00
parent cf1cb34a5f
commit cb8abca0f6
15 changed files with 304 additions and 823 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

110
openid-connect-common/src/main/java/org/mitre/jose/JWEAlgorithmEmbed.java
View File

@ -1,110 +0,0 @@
/*******************************************************************************
* Copyright 2015 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*******************************************************************************/
/**
*
*/
package org.mitre.jose;
import javax.persistence.Basic;
import javax.persistence.Embeddable;
import javax.persistence.Transient;
import com.google.common.base.Strings;
import com.nimbusds.jose.JWEAlgorithm;
/**
*
* Wrapper class for Nimbus JOSE objects to fit into JPA
*
* @author jricher
*
*/
@Embeddable
public class JWEAlgorithmEmbed {
public static final JWEAlgorithmEmbed NONE = getForAlgorithmName("none");
private JWEAlgorithm algorithm;
public JWEAlgorithmEmbed() {
}
public JWEAlgorithmEmbed(JWEAlgorithm algorithm) {
this.algorithm = algorithm;
}
public static JWEAlgorithmEmbed getForAlgorithmName (String algorithmName) {
JWEAlgorithmEmbed ent = new JWEAlgorithmEmbed();
ent.setAlgorithmName(algorithmName);
if (ent.getAlgorithm() == null) {
return null;
} else {
return ent;
}
}
/**
* Get the name of this algorithm, return null if no algorithm set.
* @return
*/
@Basic
public String getAlgorithmName() {
if (algorithm != null) {
return algorithm.getName();
} else {
return null;
}
}
/**
* Set the name of this algorithm.
* Calls JWEAlgorithm.parse()
* @param algorithmName
*/
public void setAlgorithmName(String algorithmName) {
if (!Strings.isNullOrEmpty(algorithmName)) {
algorithm = JWEAlgorithm.parse(algorithmName);
} else {
algorithm = null;
}
}
/* (non-Javadoc)
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
return "JWEAlgorithmEmbed [algorithm=" + algorithm + "]";
}
/**
* @return the algorithm
*/
@Transient
public JWEAlgorithm getAlgorithm() {
return algorithm;
}
/**
* @param algorithm the algorithm to set
*/
public void setAlgorithm(JWEAlgorithm algorithm) {
this.algorithm = algorithm;
}
}

108
openid-connect-common/src/main/java/org/mitre/jose/JWEEncryptionMethodEmbed.java
View File

@ -1,108 +0,0 @@
/*******************************************************************************
* Copyright 2015 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*******************************************************************************/
/**
*
*/
package org.mitre.jose;
import javax.persistence.Basic;
import javax.persistence.Embeddable;
import javax.persistence.Transient;
import com.google.common.base.Strings;
import com.nimbusds.jose.EncryptionMethod;
/**
* @author jricher
*
*/
@Embeddable
public class JWEEncryptionMethodEmbed {
public static final JWEEncryptionMethodEmbed NONE = getForAlgorithmName("none");
private EncryptionMethod algorithm;
public JWEEncryptionMethodEmbed() {
}
public JWEEncryptionMethodEmbed(EncryptionMethod algorithm) {
this.algorithm = algorithm;
}
public static JWEEncryptionMethodEmbed getForAlgorithmName (String algorithmName) {
JWEEncryptionMethodEmbed ent = new JWEEncryptionMethodEmbed();
ent.setAlgorithmName(algorithmName);
if (ent.getAlgorithm() == null) {
return null;
} else {
return ent;
}
}
/**
* Get the name of this algorithm, return null if no algorithm set.
* @return
*/
@Basic
public String getAlgorithmName() {
if (algorithm != null) {
return algorithm.getName();
} else {
return null;
}
}
/**
* Set the name of this algorithm.
* Calls EncryptionMethod.parse()
* @param algorithmName
*/
public void setAlgorithmName(String algorithmName) {
if (!Strings.isNullOrEmpty(algorithmName)) {
algorithm = EncryptionMethod.parse(algorithmName);
} else {
algorithm = null;
}
}
/* (non-Javadoc)
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
return "JWEEncryptionMethodEmbed [algorithm=" + algorithm + "]";
}
/**
* @return the algorithm
*/
@Transient
public EncryptionMethod getAlgorithm() {
return algorithm;
}
/**
* @param algorithm the algorithm to set
*/
public void setAlgorithm(EncryptionMethod algorithm) {
this.algorithm = algorithm;
}
}

117
openid-connect-common/src/main/java/org/mitre/jose/JWSAlgorithmEmbed.java
View File

@ -1,117 +0,0 @@
/*******************************************************************************
* Copyright 2015 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*******************************************************************************/
/**
*
*/
package org.mitre.jose;
import javax.persistence.Basic;
import javax.persistence.Embeddable;
import javax.persistence.Transient;
import com.google.common.base.Strings;
import com.nimbusds.jose.JWSAlgorithm;
/**
*
* Wrapper class for Nimbus JOSE objects to fit into JPA
*
* @author jricher
*
*/
@Embeddable
public class JWSAlgorithmEmbed {
public static final JWSAlgorithmEmbed NONE = getForAlgorithmName("none");
private JWSAlgorithm algorithm;
public JWSAlgorithmEmbed() {
}
public JWSAlgorithmEmbed(JWSAlgorithm algorithm) {
this.algorithm = algorithm;
}
/**
*
* @param algorithmName
* @return null if algorithmName is empty or null
*/
public static JWSAlgorithmEmbed getForAlgorithmName (String algorithmName) {
JWSAlgorithmEmbed ent = new JWSAlgorithmEmbed();
ent.setAlgorithmName(algorithmName);
if (ent.getAlgorithm() == null) {
return null;
} else {
return ent;
}
}
/**
* Get the name of this algorithm, return null if no algorithm set.
* @return
*/
@Basic
public String getAlgorithmName() {
if (algorithm != null) {
return algorithm.getName();
} else {
return null;
}
}
/**
* Set the name of this algorithm.
* Calls JWSAlgorithm.parse()
* @param algorithmName
*/
public void setAlgorithmName(String algorithmName) {
if (!Strings.isNullOrEmpty(algorithmName)) {
algorithm = JWSAlgorithm.parse(algorithmName);
} else {
algorithm = null;
}
}
/**
* @return the algorithm
*/
@Transient
public JWSAlgorithm getAlgorithm() {
return algorithm;
}
/**
* @param algorithm the algorithm to set
*/
public void setAlgorithm(JWSAlgorithm algorithm) {
this.algorithm = algorithm;
}
/* (non-Javadoc)
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
return "JWSAlgorithmEmbed [algorithm=" + algorithm + "]";
}
}

223
openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java
View File

@ -25,13 +25,11 @@ import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import javax.persistence.AttributeOverride;
import javax.persistence.AttributeOverrides;
import javax.persistence.Basic;
import javax.persistence.CollectionTable;
import javax.persistence.Column;
import javax.persistence.Convert;
import javax.persistence.ElementCollection;
import javax.persistence.Embedded;
import javax.persistence.Entity;
import javax.persistence.EnumType;
import javax.persistence.Enumerated;
@ -49,9 +47,6 @@ import javax.persistence.Temporal;
import javax.persistence.TemporalType;
import javax.persistence.Transient;
import org.mitre.jose.JWEAlgorithmEmbed;
import org.mitre.jose.JWEEncryptionMethodEmbed;
import org.mitre.jose.JWSAlgorithmEmbed;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.provider.ClientDetails;
@ -103,17 +98,17 @@ public class ClientDetailsEntity implements ClientDetails {
private String sectorIdentifierUri; // sector_identifier_uri
private SubjectType subjectType; // subject_type
private JWSAlgorithmEmbed requestObjectSigningAlg = null; // request_object_signing_alg
private JWSAlgorithm requestObjectSigningAlg = null; // request_object_signing_alg
private JWSAlgorithmEmbed userInfoSignedResponseAlg = null; // user_info_signed_response_alg
private JWEAlgorithmEmbed userInfoEncryptedResponseAlg = null; // user_info_encrypted_response_alg
private JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc = null; // user_info_encrypted_response_enc
private JWSAlgorithm userInfoSignedResponseAlg = null; // user_info_signed_response_alg
private JWEAlgorithm userInfoEncryptedResponseAlg = null; // user_info_encrypted_response_alg
private EncryptionMethod userInfoEncryptedResponseEnc = null; // user_info_encrypted_response_enc
private JWSAlgorithmEmbed idTokenSignedResponseAlg = null; // id_token_signed_response_alg
private JWEAlgorithmEmbed idTokenEncryptedResponseAlg = null; // id_token_encrypted_response_alg
private JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc = null; // id_token_encrypted_response_enc
private JWSAlgorithm idTokenSignedResponseAlg = null; // id_token_signed_response_alg
private JWEAlgorithm idTokenEncryptedResponseAlg = null; // id_token_encrypted_response_alg
private EncryptionMethod idTokenEncryptedResponseEnc = null; // id_token_encrypted_response_enc
private JWSAlgorithmEmbed tokenEndpointAuthSigningAlg = null; // token_endpoint_auth_signing_alg
private JWSAlgorithm tokenEndpointAuthSigningAlg = null; // token_endpoint_auth_signing_alg
private Integer defaultMaxAge; // default_max_age
private Boolean requireAuthTime; // require_auth_time
@ -700,212 +695,94 @@ public class ClientDetailsEntity implements ClientDetails {
this.sectorIdentifierUri = sectorIdentifierUri;
}
@Embedded
@AttributeOverrides({
@AttributeOverride(name = "algorithmName", column=@Column(name="request_object_signing_alg"))
})
public JWSAlgorithmEmbed getRequestObjectSigningAlgEmbed() {
@Basic
@Column(name = "request_object_signing_alg")
@Convert(converter = JWSAlgorithmStringConverter.class)
public JWSAlgorithm getRequestObjectSigningAlg() {
return requestObjectSigningAlg;
}
public void setRequestObjectSigningAlgEmbed(JWSAlgorithmEmbed requestObjectSigningAlg) {
public void setRequestObjectSigningAlg(JWSAlgorithm requestObjectSigningAlg) {
this.requestObjectSigningAlg = requestObjectSigningAlg;
}
@Embedded
@AttributeOverrides({
@AttributeOverride(name = "algorithmName", column=@Column(name="user_info_signed_response_alg"))
})
public JWSAlgorithmEmbed getUserInfoSignedResponseAlgEmbed() {
@Basic
@Column(name = "user_info_signed_response_alg")
@Convert(converter = JWSAlgorithmStringConverter.class)
public JWSAlgorithm getUserInfoSignedResponseAlg() {
return userInfoSignedResponseAlg;
}
public void setUserInfoSignedResponseAlgEmbed(JWSAlgorithmEmbed userInfoSignedResponseAlg) {
public void setUserInfoSignedResponseAlg(JWSAlgorithm userInfoSignedResponseAlg) {
this.userInfoSignedResponseAlg = userInfoSignedResponseAlg;
}
@Embedded
@AttributeOverrides({
@AttributeOverride(name = "algorithmName", column=@Column(name="user_info_encrypted_response_alg"))
})
public JWEAlgorithmEmbed getUserInfoEncryptedResponseAlgEmbed() {
@Basic
@Column(name = "user_info_encrypted_response_alg")
@Convert(converter = JWEAlgorithmStringConverter.class)
public JWEAlgorithm getUserInfoEncryptedResponseAlg() {
return userInfoEncryptedResponseAlg;
}
public void setUserInfoEncryptedResponseAlgEmbed(JWEAlgorithmEmbed userInfoEncryptedResponseAlg) {
public void setUserInfoEncryptedResponseAlg(JWEAlgorithm userInfoEncryptedResponseAlg) {
this.userInfoEncryptedResponseAlg = userInfoEncryptedResponseAlg;
}
@Embedded
@AttributeOverrides({
@AttributeOverride(name = "algorithmName", column=@Column(name="user_info_encrypted_response_enc"))
})
public JWEEncryptionMethodEmbed getUserInfoEncryptedResponseEncEmbed() {
@Basic
@Column(name = "user_info_encrypted_response_enc")
@Convert(converter = JWEEncryptionMethodStringConverter.class)
public EncryptionMethod getUserInfoEncryptedResponseEnc() {
return userInfoEncryptedResponseEnc;
}
public void setUserInfoEncryptedResponseEncEmbed(JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc) {
public void setUserInfoEncryptedResponseEnc(EncryptionMethod userInfoEncryptedResponseEnc) {
this.userInfoEncryptedResponseEnc = userInfoEncryptedResponseEnc;
}
@Embedded
@AttributeOverrides({
@AttributeOverride(name = "algorithmName", column=@Column(name="id_token_signed_response_alg"))
})
public JWSAlgorithmEmbed getIdTokenSignedResponseAlgEmbed() {
@Basic
@Column(name="id_token_signed_response_alg")
@Convert(converter = JWSAlgorithmStringConverter.class)
public JWSAlgorithm getIdTokenSignedResponseAlg() {
return idTokenSignedResponseAlg;
}
public void setIdTokenSignedResponseAlgEmbed(JWSAlgorithmEmbed idTokenSignedResponseAlg) {
public void setIdTokenSignedResponseAlg(JWSAlgorithm idTokenSignedResponseAlg) {
this.idTokenSignedResponseAlg = idTokenSignedResponseAlg;
}
@Embedded
@AttributeOverrides({
@AttributeOverride(name = "algorithmName", column=@Column(name="id_token_encrypted_response_alg"))
})
public JWEAlgorithmEmbed getIdTokenEncryptedResponseAlgEmbed() {
@Basic
@Column(name = "id_token_encrypted_response_alg")
@Convert(converter = JWEAlgorithmStringConverter.class)
public JWEAlgorithm getIdTokenEncryptedResponseAlg() {
return idTokenEncryptedResponseAlg;
}
public void setIdTokenEncryptedResponseAlgEmbed(JWEAlgorithmEmbed idTokenEncryptedResponseAlg) {
public void setIdTokenEncryptedResponseAlg(JWEAlgorithm idTokenEncryptedResponseAlg) {
this.idTokenEncryptedResponseAlg = idTokenEncryptedResponseAlg;
}
@Embedded
@AttributeOverrides({
@AttributeOverride(name = "algorithmName", column=@Column(name="id_token_encrypted_response_enc"))
})
public JWEEncryptionMethodEmbed getIdTokenEncryptedResponseEncEmbed() {
@Basic
@Column(name = "id_token_encrypted_response_enc")
@Convert(converter = JWEEncryptionMethodStringConverter.class)
public EncryptionMethod getIdTokenEncryptedResponseEnc() {
return idTokenEncryptedResponseEnc;
}
public void setIdTokenEncryptedResponseEncEmbed(JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc) {
public void setIdTokenEncryptedResponseEnc(EncryptionMethod idTokenEncryptedResponseEnc) {
this.idTokenEncryptedResponseEnc = idTokenEncryptedResponseEnc;
}
@Embedded
@AttributeOverrides({
@AttributeOverride(name = "algorithmName", column=@Column(name="token_endpoint_auth_signing_alg"))
})
public JWSAlgorithmEmbed getTokenEndpointAuthSigningAlgEmbed() {
@Basic
@Column(name="token_endpoint_auth_signing_alg")
@Convert(converter = JWSAlgorithmStringConverter.class)
public JWSAlgorithm getTokenEndpointAuthSigningAlg() {
return tokenEndpointAuthSigningAlg;
}
public void setTokenEndpointAuthSigningAlgEmbed(JWSAlgorithmEmbed tokenEndpointAuthSigningAlgEmbed) {
this.tokenEndpointAuthSigningAlg = tokenEndpointAuthSigningAlgEmbed;
}
//
// Transient passthrough methods for JOSE elements
//
@Transient
public JWSAlgorithm getRequestObjectSigningAlg() {
if (requestObjectSigningAlg != null) {
return requestObjectSigningAlg.getAlgorithm();
} else {
return null;
}
}
public void setRequestObjectSigningAlg(JWSAlgorithm requestObjectSigningAlg) {
this.requestObjectSigningAlg = new JWSAlgorithmEmbed(requestObjectSigningAlg);
}
@Transient
public JWSAlgorithm getUserInfoSignedResponseAlg() {
if (userInfoSignedResponseAlg != null) {
return userInfoSignedResponseAlg.getAlgorithm();
} else {
return null;
}
}
public void setUserInfoSignedResponseAlg(JWSAlgorithm userInfoSignedResponseAlg) {
this.userInfoSignedResponseAlg = new JWSAlgorithmEmbed(userInfoSignedResponseAlg);
}
@Transient
public JWEAlgorithm getUserInfoEncryptedResponseAlg() {
if (userInfoEncryptedResponseAlg != null) {
return userInfoEncryptedResponseAlg.getAlgorithm();
} else {
return null;
}
}
public void setUserInfoEncryptedResponseAlg(JWEAlgorithm userInfoEncryptedResponseAlg) {
this.userInfoEncryptedResponseAlg = new JWEAlgorithmEmbed(userInfoEncryptedResponseAlg);
}
@Transient
public EncryptionMethod getUserInfoEncryptedResponseEnc() {
if (userInfoEncryptedResponseEnc != null) {
return userInfoEncryptedResponseEnc.getAlgorithm();
} else {
return null;
}
}
public void setUserInfoEncryptedResponseEnc(EncryptionMethod userInfoEncryptedResponseEnc) {
this.userInfoEncryptedResponseEnc = new JWEEncryptionMethodEmbed(userInfoEncryptedResponseEnc);
}
@Transient
public JWSAlgorithm getIdTokenSignedResponseAlg() {
if (idTokenSignedResponseAlg != null) {
return idTokenSignedResponseAlg.getAlgorithm();
} else {
return null;
}
}
public void setIdTokenSignedResponseAlg(JWSAlgorithm idTokenSignedResponseAlg) {
this.idTokenSignedResponseAlg = new JWSAlgorithmEmbed(idTokenSignedResponseAlg);
}
@Transient
public JWEAlgorithm getIdTokenEncryptedResponseAlg() {
if (idTokenEncryptedResponseAlg != null) {
return idTokenEncryptedResponseAlg.getAlgorithm();
} else {
return null;
}
}
public void setIdTokenEncryptedResponseAlg(JWEAlgorithm idTokenEncryptedResponseAlg) {
this.idTokenEncryptedResponseAlg = new JWEAlgorithmEmbed(idTokenEncryptedResponseAlg);
}
@Transient
public EncryptionMethod getIdTokenEncryptedResponseEnc() {
if (idTokenEncryptedResponseEnc != null) {
return idTokenEncryptedResponseEnc.getAlgorithm();
} else {
return null;
}
}
public void setIdTokenEncryptedResponseEnc(EncryptionMethod idTokenEncryptedResponseEnc) {
this.idTokenEncryptedResponseEnc = new JWEEncryptionMethodEmbed(idTokenEncryptedResponseEnc);
}
@Transient
public JWSAlgorithm getTokenEndpointAuthSigningAlg() {
if (tokenEndpointAuthSigningAlg != null) {
return tokenEndpointAuthSigningAlg.getAlgorithm();
} else {
return null;
}
}
public void setTokenEndpointAuthSigningAlg(JWSAlgorithm tokenEndpointAuthSigningAlg) {
this.tokenEndpointAuthSigningAlg = new JWSAlgorithmEmbed(tokenEndpointAuthSigningAlg);
this.tokenEndpointAuthSigningAlg = tokenEndpointAuthSigningAlg;
}
// END Transient JOSE methods
@Basic
@Column(name="default_max_age")
public Integer getDefaultMaxAge() {
@ -1045,5 +922,5 @@ public class ClientDetailsEntity implements ClientDetails {
public boolean isAutoApprove(String scope) {
return false;
}
}

48
openid-connect-common/src/main/java/org/mitre/oauth2/model/JWEAlgorithmStringConverter.java Normal file
View File

@ -0,0 +1,48 @@
/*******************************************************************************
* Copyright 2015 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*******************************************************************************/
package org.mitre.oauth2.model;
import javax.persistence.AttributeConverter;
import javax.persistence.Converter;
import com.nimbusds.jose.JWEAlgorithm;
@Converter
public class JWEAlgorithmStringConverter implements AttributeConverter<JWEAlgorithm, String> {
@Override
public String convertToDatabaseColumn(JWEAlgorithm attribute) {
if (attribute != null) {
return attribute.getName();
} else {
return null;
}
}
/* (non-Javadoc)
* @see javax.persistence.AttributeConverter#convertToEntityAttribute(java.lang.Object)
*/
@Override
public JWEAlgorithm convertToEntityAttribute(String dbData) {
if (dbData != null) {
return JWEAlgorithm.parse(dbData);
} else {
return null;
}
}
}

48
openid-connect-common/src/main/java/org/mitre/oauth2/model/JWEEncryptionMethodStringConverter.java Normal file
View File

@ -0,0 +1,48 @@
/*******************************************************************************
* Copyright 2015 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*******************************************************************************/
package org.mitre.oauth2.model;
import javax.persistence.AttributeConverter;
import javax.persistence.Converter;
import com.nimbusds.jose.EncryptionMethod;
@Converter
public class JWEEncryptionMethodStringConverter implements AttributeConverter<EncryptionMethod, String> {
@Override
public String convertToDatabaseColumn(EncryptionMethod attribute) {
if (attribute != null) {
return attribute.getName();
} else {
return null;
}
}
/* (non-Javadoc)
* @see javax.persistence.AttributeConverter#convertToEntityAttribute(java.lang.Object)
*/
@Override
public EncryptionMethod convertToEntityAttribute(String dbData) {
if (dbData != null) {
return EncryptionMethod.parse(dbData);
} else {
return null;
}
}
}

48
openid-connect-common/src/main/java/org/mitre/oauth2/model/JWSAlgorithmStringConverter.java Normal file
View File

@ -0,0 +1,48 @@
/*******************************************************************************
* Copyright 2015 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*******************************************************************************/
package org.mitre.oauth2.model;
import javax.persistence.AttributeConverter;
import javax.persistence.Converter;
import com.nimbusds.jose.JWSAlgorithm;
@Converter
public class JWSAlgorithmStringConverter implements AttributeConverter<JWSAlgorithm, String> {
@Override
public String convertToDatabaseColumn(JWSAlgorithm attribute) {
if (attribute != null) {
return attribute.getName();
} else {
return null;
}
}
/* (non-Javadoc)
* @see javax.persistence.AttributeConverter#convertToEntityAttribute(java.lang.Object)
*/
@Override
public JWSAlgorithm convertToEntityAttribute(String dbData) {
if (dbData != null) {
return JWSAlgorithm.parse(dbData);
} else {
return null;
}
}
}

132
openid-connect-common/src/main/java/org/mitre/oauth2/model/RegisteredClient.java
View File

@ -23,9 +23,6 @@ import java.util.Date;
import java.util.Map;
import java.util.Set;
import org.mitre.jose.JWEAlgorithmEmbed;
import org.mitre.jose.JWEEncryptionMethodEmbed;
import org.mitre.jose.JWSAlgorithmEmbed;
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
@ -575,118 +572,7 @@ public class RegisteredClient {
public void setRequestUris(Set<String> requestUris) {
client.setRequestUris(requestUris);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getRequestObjectSigningAlgEmbed()
*/
public JWSAlgorithmEmbed getRequestObjectSigningAlgEmbed() {
return client.getRequestObjectSigningAlgEmbed();
}
/**
* @param requestObjectSigningAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setRequestObjectSigningAlgEmbed(org.mitre.jose.JWSAlgorithmEmbed)
*/
public void setRequestObjectSigningAlgEmbed(JWSAlgorithmEmbed requestObjectSigningAlg) {
client.setRequestObjectSigningAlgEmbed(requestObjectSigningAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoSignedResponseAlgEmbed()
*/
public JWSAlgorithmEmbed getUserInfoSignedResponseAlgEmbed() {
return client.getUserInfoSignedResponseAlgEmbed();
}
/**
* @param userInfoSignedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoSignedResponseAlgEmbed(org.mitre.jose.JWSAlgorithmEmbed)
*/
public void setUserInfoSignedResponseAlgEmbed(JWSAlgorithmEmbed userInfoSignedResponseAlg) {
client.setUserInfoSignedResponseAlgEmbed(userInfoSignedResponseAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseAlgEmbed()
*/
public JWEAlgorithmEmbed getUserInfoEncryptedResponseAlgEmbed() {
return client.getUserInfoEncryptedResponseAlgEmbed();
}
/**
* @param userInfoEncryptedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseAlgEmbed(org.mitre.jose.JWEAlgorithmEmbed)
*/
public void setUserInfoEncryptedResponseAlgEmbed(JWEAlgorithmEmbed userInfoEncryptedResponseAlg) {
client.setUserInfoEncryptedResponseAlgEmbed(userInfoEncryptedResponseAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseEncEmbed()
*/
public JWEEncryptionMethodEmbed getUserInfoEncryptedResponseEncEmbed() {
return client.getUserInfoEncryptedResponseEncEmbed();
}
/**
* @param userInfoEncryptedResponseEnc
* @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseEncEmbed(org.mitre.jose.JWEEncryptionMethodEmbed)
*/
public void setUserInfoEncryptedResponseEncEmbed(JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc) {
client.setUserInfoEncryptedResponseEncEmbed(userInfoEncryptedResponseEnc);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenSignedResponseAlgEmbed()
*/
public JWSAlgorithmEmbed getIdTokenSignedResponseAlgEmbed() {
return client.getIdTokenSignedResponseAlgEmbed();
}
/**
* @param idTokenSignedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenSignedResponseAlgEmbed(org.mitre.jose.JWSAlgorithmEmbed)
*/
public void setIdTokenSignedResponseAlgEmbed(JWSAlgorithmEmbed idTokenSignedResponseAlg) {
client.setIdTokenSignedResponseAlgEmbed(idTokenSignedResponseAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseAlgEmbed()
*/
public JWEAlgorithmEmbed getIdTokenEncryptedResponseAlgEmbed() {
return client.getIdTokenEncryptedResponseAlgEmbed();
}
/**
* @param idTokenEncryptedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseAlgEmbed(org.mitre.jose.JWEAlgorithmEmbed)
*/
public void setIdTokenEncryptedResponseAlgEmbed(JWEAlgorithmEmbed idTokenEncryptedResponseAlg) {
client.setIdTokenEncryptedResponseAlgEmbed(idTokenEncryptedResponseAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseEncEmbed()
*/
public JWEEncryptionMethodEmbed getIdTokenEncryptedResponseEncEmbed() {
return client.getIdTokenEncryptedResponseEncEmbed();
}
/**
* @param idTokenEncryptedResponseEnc
* @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseEncEmbed(org.mitre.jose.JWEEncryptionMethodEmbed)
*/
public void setIdTokenEncryptedResponseEncEmbed(JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc) {
client.setIdTokenEncryptedResponseEncEmbed(idTokenEncryptedResponseEnc);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getRequestObjectSigningAlg()
@ -799,22 +685,6 @@ public class RegisteredClient {
client.setIdTokenEncryptedResponseEnc(idTokenEncryptedResponseEnc);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getTokenEndpointAuthSigningAlgEmbed()
*/
public JWSAlgorithmEmbed getTokenEndpointAuthSigningAlgEmbed() {
return client.getTokenEndpointAuthSigningAlgEmbed();
}
/**
* @param tokenEndpointAuthSigningAlgEmbed
* @see org.mitre.oauth2.model.ClientDetailsEntity#setTokenEndpointAuthSigningAlgEmbed(org.mitre.jose.JWSAlgorithmEmbed)
*/
public void setTokenEndpointAuthSigningAlgEmbed(JWSAlgorithmEmbed tokenEndpointAuthSigningAlgEmbed) {
client.setTokenEndpointAuthSigningAlgEmbed(tokenEndpointAuthSigningAlgEmbed);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getTokenEndpointAuthSigningAlg()

118
openid-connect-common/src/test/java/org/mitre/jose/JOSEEmbedTest.java
View File

@ -1,118 +0,0 @@
/*******************************************************************************
* Copyright 2015 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*******************************************************************************/
/**
*
*/
package org.mitre.jose;
import org.junit.Test;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm;
import static org.junit.Assert.assertEquals;
/**
*
* These tests make sure that the algorithm name processing
* is functional on the three embedded JOSE classes.
*
* @author jricher, tsitkov
*
*/
public class JOSEEmbedTest {
@Test
public void testJWSAlgorithmEmbed() {
JWSAlgorithmEmbed a = new JWSAlgorithmEmbed(JWSAlgorithm.HS256);
assertEquals(JWSAlgorithm.HS256, a.getAlgorithm());
assertEquals("HS256", a.getAlgorithmName());
a.setAlgorithm(JWSAlgorithm.HS384);
assertEquals(JWSAlgorithm.HS384, a.getAlgorithm());
JWSAlgorithmEmbed null_a = new JWSAlgorithmEmbed(null);
assertEquals(null, null_a.getAlgorithm());
assertEquals(null, null_a.getAlgorithmName());
}
@Test
public void testJWSAlgorithmEmbedGetForAlgoirthmName() {
JWSAlgorithmEmbed a = JWSAlgorithmEmbed.getForAlgorithmName("RS256");
assertEquals(JWSAlgorithm.RS256, a.getAlgorithm());
assertEquals("RS256", a.getAlgorithmName());
JWSAlgorithmEmbed null_a = JWSAlgorithmEmbed.getForAlgorithmName("");
assertEquals(null, null_a);
}
@Test
public void testJWEAlgorithmEmbed() {
JWEAlgorithmEmbed a = new JWEAlgorithmEmbed(JWEAlgorithm.A128KW);
assertEquals(JWEAlgorithm.A128KW, a.getAlgorithm());
assertEquals("A128KW", a.getAlgorithmName());
a.setAlgorithm(JWEAlgorithm.A256KW);
assertEquals(JWEAlgorithm.A256KW, a.getAlgorithm());
JWEAlgorithmEmbed null_a = new JWEAlgorithmEmbed(null);
assertEquals(null, null_a.getAlgorithm());
assertEquals(null, null_a.getAlgorithmName());
}
@Test
public void testJWEAlgorithmEmbedGetForAlgoirthmName() {
JWEAlgorithmEmbed a = JWEAlgorithmEmbed.getForAlgorithmName("RSA1_5");
assertEquals(JWEAlgorithm.RSA1_5, a.getAlgorithm());
assertEquals("RSA1_5", a.getAlgorithmName());
JWEAlgorithmEmbed null_a = JWEAlgorithmEmbed.getForAlgorithmName("");
assertEquals(null, null_a);
}
@Test
public void testJWEEncryptionMethodEmbed() {
JWEEncryptionMethodEmbed a = new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256);
assertEquals(EncryptionMethod.A128CBC_HS256, a.getAlgorithm());
assertEquals("A128CBC-HS256", a.getAlgorithmName());
a.setAlgorithm(EncryptionMethod.A256GCM);
assertEquals(EncryptionMethod.A256GCM, a.getAlgorithm());
JWEEncryptionMethodEmbed null_a = new JWEEncryptionMethodEmbed(null);
assertEquals(null, null_a.getAlgorithm());
assertEquals(null, null_a.getAlgorithmName());
}
@Test
public void testJWEEncryptionMethodEmbedGetForAlgoirthmName() {
JWEEncryptionMethodEmbed a = JWEEncryptionMethodEmbed.getForAlgorithmName("A256GCM");
assertEquals(EncryptionMethod.A256GCM, a.getAlgorithm());
assertEquals("A256GCM", a.getAlgorithmName());
JWEEncryptionMethodEmbed null_a = JWEEncryptionMethodEmbed.getForAlgorithmName("");
assertEquals(null, null_a);
}
}

2
openid-connect-server-webapp/src/main/resources/db/tables/hsql_database_tables.sql
View File

@ -51,7 +51,7 @@ CREATE TABLE IF NOT EXISTS authentication_holder (
CREATE TABLE IF NOT EXISTS client_authority (
owner_id BIGINT,
authority LONGVARBINARY
authority VARCHAR(256)
);
CREATE TABLE IF NOT EXISTS authorization_code (

34
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_0.java
View File

@ -26,9 +26,6 @@ import java.util.LinkedHashSet;
import java.util.Map;
import java.util.Set;
import org.mitre.jose.JWEAlgorithmEmbed;
import org.mitre.jose.JWEEncryptionMethodEmbed;
import org.mitre.jose.JWSAlgorithmEmbed;
import org.mitre.oauth2.model.AuthenticationHolderEntity;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
@ -62,6 +59,9 @@ import com.google.common.collect.Sets;
import com.google.gson.stream.JsonReader;
import com.google.gson.stream.JsonToken;
import com.google.gson.stream.JsonWriter;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm;
import static org.mitre.util.JsonUtils.base64UrlDecodeObject;
import static org.mitre.util.JsonUtils.readMap;
@ -664,17 +664,29 @@ public class MITREidDataService_1_0 extends MITREidDataServiceSupport implements
SubjectType st = SubjectType.getByValue(reader.nextString());
client.setSubjectType(st);
} else if (name.equals("requestObjectSigningAlg")) {
JWSAlgorithmEmbed alg = JWSAlgorithmEmbed.getForAlgorithmName(reader.nextString());
client.setRequestObjectSigningAlgEmbed(alg);
JWSAlgorithm alg = JWSAlgorithm.parse(reader.nextString());
client.setRequestObjectSigningAlg(alg);
} else if (name.equals("userInfoEncryptedResponseAlg")) {
JWEAlgorithmEmbed alg = JWEAlgorithmEmbed.getForAlgorithmName(reader.nextString());
client.setUserInfoEncryptedResponseAlgEmbed(alg);
JWEAlgorithm alg = JWEAlgorithm.parse(reader.nextString());
client.setUserInfoEncryptedResponseAlg(alg);
} else if (name.equals("userInfoEncryptedResponseEnc")) {
JWEEncryptionMethodEmbed alg = JWEEncryptionMethodEmbed.getForAlgorithmName(reader.nextString());
client.setUserInfoEncryptedResponseEncEmbed(alg);
EncryptionMethod alg = EncryptionMethod.parse(reader.nextString());
client.setUserInfoEncryptedResponseEnc(alg);
} else if (name.equals("userInfoSignedResponseAlg")) {
JWSAlgorithmEmbed alg = JWSAlgorithmEmbed.getForAlgorithmName(reader.nextString());
client.setUserInfoSignedResponseAlgEmbed(alg);
JWSAlgorithm alg = JWSAlgorithm.parse(reader.nextString());
client.setUserInfoSignedResponseAlg(alg);
} else if (name.equals("idTokenSignedResonseAlg")) {
JWSAlgorithm alg = JWSAlgorithm.parse(reader.nextString());
client.setIdTokenSignedResponseAlg(alg);
} else if (name.equals("idTokenEncryptedResponseAlg")) {
JWEAlgorithm alg = JWEAlgorithm.parse(reader.nextString());
client.setIdTokenEncryptedResponseAlg(alg);
} else if (name.equals("idTokenEncryptedResponseEnc")) {
EncryptionMethod alg = EncryptionMethod.parse(reader.nextString());
client.setIdTokenEncryptedResponseEnc(alg);
} else if (name.equals("tokenEndpointAuthSigningAlg")) {
JWSAlgorithm alg = JWSAlgorithm.parse(reader.nextString());
client.setTokenEndpointAuthSigningAlg(alg);
} else if (name.equals("defaultMaxAge")) {
client.setDefaultMaxAge(reader.nextInt());
} else if (name.equals("requireAuthTime")) {

34
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_1.java
View File

@ -28,9 +28,6 @@ import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;
import org.mitre.jose.JWEAlgorithmEmbed;
import org.mitre.jose.JWEEncryptionMethodEmbed;
import org.mitre.jose.JWSAlgorithmEmbed;
import org.mitre.oauth2.model.AuthenticationHolderEntity;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
@ -64,6 +61,9 @@ import com.google.common.collect.Sets;
import com.google.gson.stream.JsonReader;
import com.google.gson.stream.JsonToken;
import com.google.gson.stream.JsonWriter;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm;
import static org.mitre.util.JsonUtils.base64UrlDecodeObject;
import static org.mitre.util.JsonUtils.readMap;
@ -672,17 +672,29 @@ public class MITREidDataService_1_1 extends MITREidDataServiceSupport implements
SubjectType st = SubjectType.getByValue(reader.nextString());
client.setSubjectType(st);
} else if (name.equals("requestObjectSigningAlg")) {
JWSAlgorithmEmbed alg = JWSAlgorithmEmbed.getForAlgorithmName(reader.nextString());
client.setRequestObjectSigningAlgEmbed(alg);
JWSAlgorithm alg = JWSAlgorithm.parse(reader.nextString());
client.setRequestObjectSigningAlg(alg);
} else if (name.equals("userInfoEncryptedResponseAlg")) {
JWEAlgorithmEmbed alg = JWEAlgorithmEmbed.getForAlgorithmName(reader.nextString());
client.setUserInfoEncryptedResponseAlgEmbed(alg);
JWEAlgorithm alg = JWEAlgorithm.parse(reader.nextString());
client.setUserInfoEncryptedResponseAlg(alg);
} else if (name.equals("userInfoEncryptedResponseEnc")) {
JWEEncryptionMethodEmbed alg = JWEEncryptionMethodEmbed.getForAlgorithmName(reader.nextString());
client.setUserInfoEncryptedResponseEncEmbed(alg);
EncryptionMethod alg = EncryptionMethod.parse(reader.nextString());
client.setUserInfoEncryptedResponseEnc(alg);
} else if (name.equals("userInfoSignedResponseAlg")) {
JWSAlgorithmEmbed alg = JWSAlgorithmEmbed.getForAlgorithmName(reader.nextString());
client.setUserInfoSignedResponseAlgEmbed(alg);
JWSAlgorithm alg = JWSAlgorithm.parse(reader.nextString());
client.setUserInfoSignedResponseAlg(alg);
} else if (name.equals("idTokenSignedResonseAlg")) {
JWSAlgorithm alg = JWSAlgorithm.parse(reader.nextString());
client.setIdTokenSignedResponseAlg(alg);
} else if (name.equals("idTokenEncryptedResponseAlg")) {
JWEAlgorithm alg = JWEAlgorithm.parse(reader.nextString());
client.setIdTokenEncryptedResponseAlg(alg);
} else if (name.equals("idTokenEncryptedResponseEnc")) {
EncryptionMethod alg = EncryptionMethod.parse(reader.nextString());
client.setIdTokenEncryptedResponseEnc(alg);
} else if (name.equals("tokenEndpointAuthSigningAlg")) {
JWSAlgorithm alg = JWSAlgorithm.parse(reader.nextString());
client.setTokenEndpointAuthSigningAlg(alg);
} else if (name.equals("defaultMaxAge")) {
client.setDefaultMaxAge(reader.nextInt());
} else if (name.equals("requireAuthTime")) {

55
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_2.java
View File

@ -28,9 +28,6 @@ import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;
import org.mitre.jose.JWEAlgorithmEmbed;
import org.mitre.jose.JWEEncryptionMethodEmbed;
import org.mitre.jose.JWSAlgorithmEmbed;
import org.mitre.oauth2.model.AuthenticationHolderEntity;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
@ -60,10 +57,12 @@ import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.stereotype.Service;
import com.google.common.collect.Sets;
import com.google.gson.stream.JsonReader;
import com.google.gson.stream.JsonToken;
import com.google.gson.stream.JsonWriter;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm;
import static org.mitre.util.JsonUtils.base64UrlDecodeObject;
import static org.mitre.util.JsonUtils.base64UrlEncodeObject;
@ -387,13 +386,21 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
writer.name("subjectType")
.value((client.getSubjectType() != null) ? client.getSubjectType().getValue() : null);
writer.name("requestObjectSigningAlg")
.value((client.getRequestObjectSigningAlgEmbed() != null) ? client.getRequestObjectSigningAlgEmbed().getAlgorithmName() : null);
writer.name("userInfoEncryptedResponseAlg")
.value((client.getUserInfoEncryptedResponseAlgEmbed() != null) ? client.getUserInfoEncryptedResponseAlgEmbed().getAlgorithmName() : null);
writer.name("userInfoEncryptedResponseEnc")
.value((client.getUserInfoEncryptedResponseEncEmbed() != null) ? client.getUserInfoEncryptedResponseEncEmbed().getAlgorithmName() : null);
.value((client.getRequestObjectSigningAlg() != null) ? client.getRequestObjectSigningAlg().getName() : null);
writer.name("idTokenSignedResponseAlg")
.value((client.getIdTokenSignedResponseAlg() != null) ? client.getIdTokenSignedResponseAlg().getName() : null);
writer.name("idTokenEncryptedResponseAlg")
.value((client.getIdTokenEncryptedResponseAlg() != null) ? client.getIdTokenEncryptedResponseAlg().getName() : null);
writer.name("idTokenEncryptedResponseEnc")
.value((client.getIdTokenEncryptedResponseEnc() != null) ? client.getIdTokenEncryptedResponseEnc().getName() : null);
writer.name("userInfoSignedResponseAlg")
.value((client.getUserInfoSignedResponseAlgEmbed() != null) ? client.getUserInfoSignedResponseAlgEmbed().getAlgorithmName() : null);
.value((client.getUserInfoSignedResponseAlg() != null) ? client.getUserInfoSignedResponseAlg().getName() : null);
writer.name("userInfoEncryptedResponseAlg")
.value((client.getUserInfoEncryptedResponseAlg() != null) ? client.getUserInfoEncryptedResponseAlg().getName() : null);
writer.name("userInfoEncryptedResponseEnc")
.value((client.getUserInfoEncryptedResponseEnc() != null) ? client.getUserInfoEncryptedResponseEnc().getName() : null);
writer.name("tokenEndpointAuthSigningAlg")
.value((client.getTokenEndpointAuthSigningAlg() != null) ? client.getTokenEndpointAuthSigningAlg().getName() : null);
writer.name("defaultMaxAge").value(client.getDefaultMaxAge());
Boolean requireAuthTime = null;
try {
@ -1012,17 +1019,29 @@ public class MITREidDataService_1_2 extends MITREidDataServiceSupport implements
SubjectType st = SubjectType.getByValue(reader.nextString());
client.setSubjectType(st);
} else if (name.equals("requestObjectSigningAlg")) {
JWSAlgorithmEmbed alg = JWSAlgorithmEmbed.getForAlgorithmName(reader.nextString());
client.setRequestObjectSigningAlgEmbed(alg);
JWSAlgorithm alg = JWSAlgorithm.parse(reader.nextString());
client.setRequestObjectSigningAlg(alg);
} else if (name.equals("userInfoEncryptedResponseAlg")) {
JWEAlgorithmEmbed alg = JWEAlgorithmEmbed.getForAlgorithmName(reader.nextString());
client.setUserInfoEncryptedResponseAlgEmbed(alg);
JWEAlgorithm alg = JWEAlgorithm.parse(reader.nextString());
client.setUserInfoEncryptedResponseAlg(alg);
} else if (name.equals("userInfoEncryptedResponseEnc")) {
JWEEncryptionMethodEmbed alg = JWEEncryptionMethodEmbed.getForAlgorithmName(reader.nextString());
client.setUserInfoEncryptedResponseEncEmbed(alg);
EncryptionMethod alg = EncryptionMethod.parse(reader.nextString());
client.setUserInfoEncryptedResponseEnc(alg);
} else if (name.equals("userInfoSignedResponseAlg")) {
JWSAlgorithmEmbed alg = JWSAlgorithmEmbed.getForAlgorithmName(reader.nextString());
client.setUserInfoSignedResponseAlgEmbed(alg);
JWSAlgorithm alg = JWSAlgorithm.parse(reader.nextString());
client.setUserInfoSignedResponseAlg(alg);
} else if (name.equals("idTokenSignedResonseAlg")) {
JWSAlgorithm alg = JWSAlgorithm.parse(reader.nextString());
client.setIdTokenSignedResponseAlg(alg);
} else if (name.equals("idTokenEncryptedResponseAlg")) {
JWEAlgorithm alg = JWEAlgorithm.parse(reader.nextString());
client.setIdTokenEncryptedResponseAlg(alg);
} else if (name.equals("idTokenEncryptedResponseEnc")) {
EncryptionMethod alg = EncryptionMethod.parse(reader.nextString());
client.setIdTokenEncryptedResponseEnc(alg);
} else if (name.equals("tokenEndpointAuthSigningAlg")) {
JWSAlgorithm alg = JWSAlgorithm.parse(reader.nextString());
client.setTokenEndpointAuthSigningAlg(alg);
} else if (name.equals("defaultMaxAge")) {
client.setDefaultMaxAge(reader.nextInt());
} else if (name.equals("requireAuthTime")) {

24
openid-connect-server/src/main/java/org/mitre/openid/connect/view/AbstractClientEntityView.java
View File

@ -27,9 +27,6 @@ import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.mitre.jose.JWEAlgorithmEmbed;
import org.mitre.jose.JWEEncryptionMethodEmbed;
import org.mitre.jose.JWSAlgorithmEmbed;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpStatus;
@ -43,6 +40,9 @@ import com.google.gson.JsonElement;
import com.google.gson.JsonPrimitive;
import com.google.gson.JsonSerializationContext;
import com.google.gson.JsonSerializer;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm;
/**
*
@ -62,31 +62,31 @@ public abstract class AbstractClientEntityView extends AbstractView {
private Gson gson = new GsonBuilder()
.setExclusionStrategies(getExclusionStrategy())
.registerTypeAdapter(JWSAlgorithmEmbed.class, new JsonSerializer<JWSAlgorithmEmbed>() {
.registerTypeAdapter(JWSAlgorithm.class, new JsonSerializer<JWSAlgorithm>() {
@Override
public JsonElement serialize(JWSAlgorithmEmbed src, Type typeOfSrc, JsonSerializationContext context) {
public JsonElement serialize(JWSAlgorithm src, Type typeOfSrc, JsonSerializationContext context) {
if (src != null) {
return new JsonPrimitive(src.getAlgorithmName());
return new JsonPrimitive(src.getName());
} else {
return null;
}
}
})
.registerTypeAdapter(JWEAlgorithmEmbed.class, new JsonSerializer<JWEAlgorithmEmbed>() {
.registerTypeAdapter(JWEAlgorithm.class, new JsonSerializer<JWEAlgorithm>() {
@Override
public JsonElement serialize(JWEAlgorithmEmbed src, Type typeOfSrc, JsonSerializationContext context) {
public JsonElement serialize(JWEAlgorithm src, Type typeOfSrc, JsonSerializationContext context) {
if (src != null) {
return new JsonPrimitive(src.getAlgorithmName());
return new JsonPrimitive(src.getName());
} else {
return null;
}
}
})
.registerTypeAdapter(JWEEncryptionMethodEmbed.class, new JsonSerializer<JWEEncryptionMethodEmbed>() {
.registerTypeAdapter(EncryptionMethod.class, new JsonSerializer<EncryptionMethod>() {
@Override
public JsonElement serialize(JWEEncryptionMethodEmbed src, Type typeOfSrc, JsonSerializationContext context) {
public JsonElement serialize(EncryptionMethod src, Type typeOfSrc, JsonSerializationContext context) {
if (src != null) {
return new JsonPrimitive(src.getAlgorithmName());
return new JsonPrimitive(src.getName());
} else {
return null;
}

26
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
View File

@ -19,9 +19,6 @@ package org.mitre.openid.connect.web;
import java.lang.reflect.Type;
import java.util.Collection;
import org.mitre.jose.JWEAlgorithmEmbed;
import org.mitre.jose.JWEEncryptionMethodEmbed;
import org.mitre.jose.JWSAlgorithmEmbed;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
import org.mitre.oauth2.service.ClientDetailsEntityService;
@ -40,7 +37,6 @@ import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
import org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator;
import org.springframework.stereotype.Controller;
@ -62,6 +58,10 @@ import com.google.gson.JsonObject;
import com.google.gson.JsonParseException;
import com.google.gson.JsonParser;
import com.google.gson.JsonSyntaxException;
import com.nimbusds.jose.Algorithm;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm;
/**
* @author Michael Jett <mjett@mitre.org>
@ -87,31 +87,31 @@ public class ClientAPI {
private Gson gson = new GsonBuilder()
.serializeNulls()
.registerTypeAdapter(JWSAlgorithmEmbed.class, new JsonDeserializer<JWSAlgorithmEmbed>() {
.registerTypeAdapter(JWSAlgorithm.class, new JsonDeserializer<Algorithm>() {
@Override
public JWSAlgorithmEmbed deserialize(JsonElement json, Type typeOfT, JsonDeserializationContext context) throws JsonParseException {
public JWSAlgorithm deserialize(JsonElement json, Type typeOfT, JsonDeserializationContext context) throws JsonParseException {
if (json.isJsonPrimitive()) {
return JWSAlgorithmEmbed.getForAlgorithmName(json.getAsString());
return JWSAlgorithm.parse(json.getAsString());
} else {
return null;
}
}
})
.registerTypeAdapter(JWEAlgorithmEmbed.class, new JsonDeserializer<JWEAlgorithmEmbed>() {
.registerTypeAdapter(JWEAlgorithm.class, new JsonDeserializer<Algorithm>() {
@Override
public JWEAlgorithmEmbed deserialize(JsonElement json, Type typeOfT, JsonDeserializationContext context) throws JsonParseException {
public JWEAlgorithm deserialize(JsonElement json, Type typeOfT, JsonDeserializationContext context) throws JsonParseException {
if (json.isJsonPrimitive()) {
return JWEAlgorithmEmbed.getForAlgorithmName(json.getAsString());
return JWEAlgorithm.parse(json.getAsString());
} else {
return null;
}
}
})
.registerTypeAdapter(JWEEncryptionMethodEmbed.class, new JsonDeserializer<JWEEncryptionMethodEmbed>() {
.registerTypeAdapter(EncryptionMethod.class, new JsonDeserializer<Algorithm>() {
@Override
public JWEEncryptionMethodEmbed deserialize(JsonElement json, Type typeOfT, JsonDeserializationContext context) throws JsonParseException {
public EncryptionMethod deserialize(JsonElement json, Type typeOfT, JsonDeserializationContext context) throws JsonParseException {
if (json.isJsonPrimitive()) {
return JWEEncryptionMethodEmbed.getForAlgorithmName(json.getAsString());
return EncryptionMethod.parse(json.getAsString());
} else {
return null;
}