github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fixed issue with serializing user authentication object, added export of SystemScopes, wrote functions for data import.

pull/650/head
arielak 2014-05-02 17:36:52 -04:00
parent 317b9e8657
commit cb9a18f262
1 changed files with 218 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

219
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/MITREidDataService_1_0.java
View File

@ -25,16 +25,25 @@ import com.google.gson.stream.JsonWriter;
import java.io.ByteArrayOutputStream; import java.io.ByteArrayOutputStream;
import java.io.IOException; import java.io.IOException;
import java.io.ObjectOutputStream; import java.io.ObjectOutputStream;
import java.io.OutputStreamWriter; import java.io.Serializable;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Map.Entry; import java.util.Map.Entry;
import java.util.Set; import java.util.Set;
import java.util.TimeZone;
import org.mitre.oauth2.model.AuthenticationHolderEntity; import org.mitre.oauth2.model.AuthenticationHolderEntity;
import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.OAuth2AccessTokenEntity; import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
import org.mitre.oauth2.model.OAuth2RefreshTokenEntity; import org.mitre.oauth2.model.OAuth2RefreshTokenEntity;
import org.mitre.oauth2.model.SystemScope;
import org.mitre.oauth2.repository.AuthenticationHolderRepository; import org.mitre.oauth2.repository.AuthenticationHolderRepository;
import org.mitre.oauth2.repository.OAuth2ClientRepository; import org.mitre.oauth2.repository.OAuth2ClientRepository;
import org.mitre.oauth2.repository.OAuth2TokenRepository; import org.mitre.oauth2.repository.OAuth2TokenRepository;
import org.mitre.oauth2.repository.SystemScopeRepository;
import org.mitre.openid.connect.model.ApprovedSite; import org.mitre.openid.connect.model.ApprovedSite;
import org.mitre.openid.connect.model.WhitelistedSite; import org.mitre.openid.connect.model.WhitelistedSite;
import org.mitre.openid.connect.repository.ApprovedSiteRepository; import org.mitre.openid.connect.repository.ApprovedSiteRepository;
@ -64,6 +73,7 @@ public class MITREidDataService_1_0 implements MITREidDataService {
private static final String AUTHENTICATIONHOLDERS = "authenticationHolders"; private static final String AUTHENTICATIONHOLDERS = "authenticationHolders";
private static final String GRANTS = "grants"; private static final String GRANTS = "grants";
private static final String CLIENTS = "clients"; private static final String CLIENTS = "clients";
private static final String SYSTEMSCOPES = "systemScopes";
@Autowired @Autowired
private OAuth2ClientRepository clientRepository; private OAuth2ClientRepository clientRepository;
@Autowired @Autowired
@ -72,6 +82,11 @@ public class MITREidDataService_1_0 implements MITREidDataService {
private AuthenticationHolderRepository authHolderRepository; private AuthenticationHolderRepository authHolderRepository;
@Autowired @Autowired
private OAuth2TokenRepository tokenRepository; private OAuth2TokenRepository tokenRepository;
@Autowired
private SystemScopeRepository sysScopeRepository;
private static final String ISO_FORMAT = "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'";
private static final SimpleDateFormat sdf = new SimpleDateFormat(ISO_FORMAT);
private static final TimeZone utc = TimeZone.getTimeZone("UTC");
/* (non-Javadoc) /* (non-Javadoc)
* @see org.mitre.openid.connect.service.MITREidDataService#export(com.google.gson.stream.JsonWriter) * @see org.mitre.openid.connect.service.MITREidDataService#export(com.google.gson.stream.JsonWriter)
@ -110,18 +125,46 @@ public class MITREidDataService_1_0 implements MITREidDataService {
writeRefreshTokens(writer); writeRefreshTokens(writer);
writer.endArray(); writer.endArray();
writer.name(SYSTEMSCOPES);
writer.beginArray();
writeSystemScopes(writer);
writer.endArray();
writer.endObject(); // end mitreid-connect-1.0 writer.endObject(); // end mitreid-connect-1.0
} }
private static String toUTCString(Date date) {
if (date == null) {
return null;
}
sdf.setTimeZone(utc);
return sdf.format(date);
}
private static Date utcToDate(String s) throws ParseException {
if (s == null) {
return null;
}
return sdf.parse(s);
}
/** /**
* @param writer * @param writer
*/ */
private void writeRefreshTokens(JsonWriter writer) { private void writeRefreshTokens(JsonWriter writer) {
for (OAuth2RefreshTokenEntity token : tokenRepository.getAllRefreshTokens()) { for (OAuth2RefreshTokenEntity token : tokenRepository.getAllRefreshTokens()) {
try { try {
writer.value(token.getJwt().serialize()); writer.beginObject();
writer.name("id").value(token.getId());
writer.name("expiration").value(toUTCString(token.getExpiration()));
writer.name("clientId")
.value((token.getClient() != null) ? token.getClient().getClientId() : null);
writer.name("authenticationHolderId")
.value((token.getAuthenticationHolder() != null) ? token.getAuthenticationHolder().getId() : null);
writer.name("value").value(token.getValue());
writer.endObject();
logger.debug("Wrote refresh token {}", token.getId()); logger.debug("Wrote refresh token {}", token.getId());
} catch (IOException ex) { } catch (IOException ex) {
logger.error("Unable to write refresh token {}", token.getId(), ex); logger.error("Unable to write refresh token {}", token.getId(), ex);
@ -136,7 +179,26 @@ public class MITREidDataService_1_0 implements MITREidDataService {
private void writeAccessTokens(JsonWriter writer) { private void writeAccessTokens(JsonWriter writer) {
for (OAuth2AccessTokenEntity token : tokenRepository.getAllAccessTokens()) { for (OAuth2AccessTokenEntity token : tokenRepository.getAllAccessTokens()) {
try { try {
writer.value(token.getJwt().serialize()); writer.beginObject();
writer.name("id").value(token.getId());
writer.name("expiration").value(toUTCString(token.getExpiration()));
writer.name("clientId")
.value((token.getClient() != null) ? token.getClient().getClientId() : null);
writer.name("authenticationHolderId")
.value((token.getAuthenticationHolder() != null) ? token.getAuthenticationHolder().getId() : null);
writer.name("refreshTokenId")
.value((token.getRefreshToken() != null) ? token.getRefreshToken().getId() : null);
writer.name("idTokenId")
.value((token.getIdToken() != null) ? token.getIdToken().getId() : null);
writer.name("scope");
writer.beginArray();
for (String s : token.getScope()) {
writer.value(s);
}
writer.endArray();
writer.name("type").value(token.getTokenType());
writer.name("value").value(token.getValue());
writer.endObject();
logger.debug("Wrote access token {}", token.getId()); logger.debug("Wrote access token {}", token.getId());
} catch (IOException ex) { } catch (IOException ex) {
logger.error("Unable to write access token {}", token.getId(), ex); logger.error("Unable to write access token {}", token.getId(), ex);
@ -219,11 +281,12 @@ public class MITREidDataService_1_0 implements MITREidDataService {
writer.endObject(); writer.endObject();
} }
private String base64UrlEncodeObject(Object obj) throws IOException { private String base64UrlEncodeObject(Serializable obj) throws IOException {
ByteArrayOutputStream baos = new ByteArrayOutputStream(); ByteArrayOutputStream baos = new ByteArrayOutputStream();
ObjectOutputStream oos = new ObjectOutputStream(BaseEncoding.base64Url().encodingStream(new OutputStreamWriter(baos))); ObjectOutputStream oos = new ObjectOutputStream(baos);
oos.writeObject(obj); oos.writeObject(obj);
return baos.toString("ascii"); oos.close();
return BaseEncoding.base64Url().encode(baos.toByteArray());
} }
/** /**
@ -234,10 +297,10 @@ public class MITREidDataService_1_0 implements MITREidDataService {
try { try {
writer.beginObject(); writer.beginObject();
writer.name("id").value(site.getId()); writer.name("id").value(site.getId());
writer.name("accessDate").value(site.getAccessDate().toString()); writer.name("accessDate").value(toUTCString(site.getAccessDate()));
writer.name("clientId").value(site.getClientId()); writer.name("clientId").value(site.getClientId());
writer.name("creationDate").value(site.getCreationDate().toString()); writer.name("creationDate").value(toUTCString(site.getCreationDate()));
writer.name("timeoutDate").value(site.getTimeoutDate().toString()); writer.name("timeoutDate").value(toUTCString(site.getTimeoutDate()));
writer.name("userId").value(site.getUserId()); writer.name("userId").value(site.getUserId());
writer.name("allowedScopes"); writer.name("allowedScopes");
writer.beginArray(); writer.beginArray();
@ -356,7 +419,8 @@ public class MITREidDataService_1_0 implements MITREidDataService {
Boolean requireAuthTime = null; Boolean requireAuthTime = null;
try { try {
requireAuthTime = client.getRequireAuthTime(); requireAuthTime = client.getRequireAuthTime();
} catch (NullPointerException e) {} } catch (NullPointerException e) {
}
if (requireAuthTime != null) { if (requireAuthTime != null) {
writer.name("requireAuthTime"); writer.name("requireAuthTime");
writer.value(requireAuthTime); writer.value(requireAuthTime);
@ -389,6 +453,28 @@ public class MITREidDataService_1_0 implements MITREidDataService {
logger.info("Done writing clients"); logger.info("Done writing clients");
} }
/**
* @param writer
*/
private void writeSystemScopes(JsonWriter writer) {
for (SystemScope sysScope : sysScopeRepository.getAll()) {
try {
writer.beginObject();
writer.name("id").value(sysScope.getId());
writer.name("description").value(sysScope.getDescription());
writer.name("icon").value(sysScope.getIcon());
writer.name("value").value(sysScope.getValue());
writer.name("allowDynReg").value(sysScope.isAllowDynReg());
writer.name("defaultScope").value(sysScope.isDefaultScope());
writer.endObject();
logger.debug("Wrote system scope {}", sysScope.getId());
} catch (IOException ex) {
logger.error("Unable to write system scope {}", sysScope.getId(), ex);
}
}
logger.info("Done writing system scopes");
}
/* (non-Javadoc) /* (non-Javadoc)
* @see org.mitre.openid.connect.service.MITREidDataService#importData(com.google.gson.stream.JsonReader) * @see org.mitre.openid.connect.service.MITREidDataService#importData(com.google.gson.stream.JsonReader)
*/ */
@ -417,6 +503,8 @@ public class MITREidDataService_1_0 implements MITREidDataService {
readAccessTokens(reader); readAccessTokens(reader);
} else if (name.equals(REFRESHTOKENS)) { } else if (name.equals(REFRESHTOKENS)) {
readRefreshTokens(reader); readRefreshTokens(reader);
} else if (name.equals(SYSTEMSCOPES)) {
readSystemScopes(reader);
} else { } else {
// unknown token, skip it // unknown token, skip it
reader.skipValue(); reader.skipValue();
@ -428,24 +516,122 @@ public class MITREidDataService_1_0 implements MITREidDataService {
} }
} }
} }
private Map<Long, String> refreshTokenToClientRefs = new HashMap<Long, String>();
private Map<Long, Long> refreshTokenToAuthHolderRefs = new HashMap<Long, Long>();
private Map<Long, Long> refreshTokenOldToNewIdMap = new HashMap<Long, Long>();
/** /**
* @param reader * @param reader
* @throws IOException * @throws IOException
*/ */
private void readRefreshTokens(JsonReader reader) throws IOException { private void readRefreshTokens(JsonReader reader) throws IOException {
// TODO Auto-generated method stub reader.beginArray();
while (reader.hasNext()) {
try {
OAuth2RefreshTokenEntity token = new OAuth2RefreshTokenEntity();
reader.beginObject();
Long currentId = null;
String clientId = null;
Long authHolderId = null;
while (reader.hasNext()) {
String name = reader.nextName();
if (name.equals("id")) {
currentId = reader.nextLong();
} else if (name.equals("expiration")) {
Date date = utcToDate(reader.nextString());
token.setExpiration(date);
} else if (name.equals("value")) {
token.setValue(reader.nextString());
} else if (name.equals("clientId")) {
clientId = reader.nextString();
} else if (name.equals("authenticationHolderId")) {
authHolderId = reader.nextLong();
} else {
logger.debug("Found unexpected entry");
reader.skipValue(); reader.skipValue();
} }
}
reader.endObject();
Long newId = tokenRepository.saveRefreshToken(token).getId();
refreshTokenToClientRefs.put(currentId, clientId);
refreshTokenToAuthHolderRefs.put(currentId, authHolderId);
refreshTokenOldToNewIdMap.put(currentId, newId);
logger.debug("Read refresh token {}", token.getId());
} catch (ParseException ex) {
logger.error("Unable to read refresh token", ex);
}
}
reader.endArray();
logger.info("Done reading refresh tokens");
}
private Map<Long, String> accessTokenToClientRefs = new HashMap<Long, String>();
private Map<Long, Long> accessTokenToAuthHolderRefs = new HashMap<Long, Long>();
private Map<Long, Long> accessTokenToRefreshTokenRefs = new HashMap<Long, Long>();
private Map<Long, Long> accessTokenToIdTokenRefs = new HashMap<Long, Long>();
private Map<Long, Long> accessTokenOldToNewIdMap = new HashMap<Long, Long>();
/** /**
* @param reader * @param reader
* @throws IOException * @throws IOException
*/ */
private void readAccessTokens(JsonReader reader) throws IOException { private void readAccessTokens(JsonReader reader) throws IOException {
// TODO Auto-generated method stub reader.beginArray();
while (reader.hasNext()) {
try {
OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();
reader.beginObject();
Long currentId = null;
String clientId = null;
Long authHolderId = null;
Long refreshTokenId = null;
Long idTokenId = null;
while (reader.hasNext()) {
String name = reader.nextName();
if (name.equals("id")) {
currentId = reader.nextLong();
} else if (name.equals("expiration")) {
Date date = utcToDate(reader.nextString());
token.setExpiration(date);
} else if (name.equals("value")) {
token.setValue(reader.nextString());
} else if (name.equals("clientId")) {
clientId = reader.nextString();
} else if (name.equals("authenticationHolderId")) {
authHolderId = reader.nextLong();
} else if (name.equals("refreshTokenId")) {
refreshTokenId = reader.nextLong();
} else if (name.equals("idTokenId")) {
idTokenId = reader.nextLong();
} else if (name.equals("scope")) {
reader.beginArray();
Set<String> scope = new HashSet<String>();
while (reader.hasNext()) {
scope.add(reader.nextString());
}
reader.endArray();
token.setScope(scope);
} else if (name.equals("type")) {
token.setTokenType(reader.nextString());
} else {
logger.debug("Found unexpected entry");
reader.skipValue(); reader.skipValue();
} }
}
reader.endObject();
Long newId = tokenRepository.saveAccessToken(token).getId();
accessTokenToClientRefs.put(currentId, clientId);
accessTokenToAuthHolderRefs.put(currentId, authHolderId);
accessTokenToRefreshTokenRefs.put(currentId, refreshTokenId);
accessTokenToIdTokenRefs.put(currentId, idTokenId);
accessTokenOldToNewIdMap.put(currentId, newId);
logger.debug("Read access token {}", token.getId());
} catch (ParseException ex) {
logger.error("Unable to read access token", ex);
}
}
reader.endArray();
logger.info("Done reading access tokens");
}
/** /**
* @param reader * @param reader
@ -473,4 +659,13 @@ public class MITREidDataService_1_0 implements MITREidDataService {
// TODO Auto-generated method stub // TODO Auto-generated method stub
reader.skipValue(); reader.skipValue();
} }
/**
* @param reader
* @throws IOException
*/
private void readSystemScopes(JsonReader reader) throws IOException {
// TODO Auto-generated method stub
reader.skipValue();
}
} }