diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/service/DeviceCodeService.java b/openid-connect-common/src/main/java/org/mitre/oauth2/service/DeviceCodeService.java index 35968b9e0..f75a4b291 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/service/DeviceCodeService.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/service/DeviceCodeService.java @@ -66,7 +66,7 @@ public interface DeviceCodeService { * @param parameters * @return */ - public DeviceCode createNewDeviceCode(String deviceCode, String userCode, Set requestedScopes, ClientDetailsEntity client, Map parameters); + public DeviceCode createNewDeviceCode(Set requestedScopes, ClientDetailsEntity client, Map parameters); public void clearExpiredDeviceCodes(); diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultDeviceCodeService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultDeviceCodeService.java index 1d8f6282e..fcdc12527 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultDeviceCodeService.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultDeviceCodeService.java @@ -21,6 +21,7 @@ import java.util.Collection; import java.util.Date; import java.util.Map; import java.util.Set; +import java.util.UUID; import org.mitre.data.AbstractPageOperationTemplate; import org.mitre.oauth2.model.AuthenticationHolderEntity; @@ -29,6 +30,7 @@ import org.mitre.oauth2.model.DeviceCode; import org.mitre.oauth2.repository.impl.DeviceCodeRepository; import org.mitre.oauth2.service.DeviceCodeService; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.oauth2.common.util.RandomValueStringGenerator; import org.springframework.security.oauth2.provider.ClientDetails; import org.springframework.security.oauth2.provider.OAuth2Authentication; import org.springframework.stereotype.Service; @@ -44,11 +46,19 @@ public class DefaultDeviceCodeService implements DeviceCodeService { @Autowired private DeviceCodeRepository repository; + private RandomValueStringGenerator randomGenerator = new RandomValueStringGenerator(); + /* (non-Javadoc) * @see org.mitre.oauth2.service.DeviceCodeService#save(org.mitre.oauth2.model.DeviceCode) */ @Override - public DeviceCode createNewDeviceCode(String deviceCode, String userCode, Set requestedScopes, ClientDetailsEntity client, Map parameters) { + public DeviceCode createNewDeviceCode(Set requestedScopes, ClientDetailsEntity client, Map parameters) { + + // create a device code, should be big and random + String deviceCode = UUID.randomUUID().toString(); + + // create a user code, should be random but small and typable + String userCode = randomGenerator.generate(); DeviceCode dc = new DeviceCode(deviceCode, userCode, requestedScopes, client.getClientId(), parameters); diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/web/DeviceEndpoint.java b/openid-connect-server/src/main/java/org/mitre/oauth2/web/DeviceEndpoint.java index f141e8cce..f746f85f8 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/web/DeviceEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/web/DeviceEndpoint.java @@ -91,8 +91,6 @@ public class DeviceEndpoint { @Autowired private OAuth2RequestFactory oAuth2RequestFactory; - private RandomValueStringGenerator randomGenerator = new RandomValueStringGenerator(); - @RequestMapping(value = "/" + URL, method = RequestMethod.POST, consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE, produces = MediaType.APPLICATION_JSON_VALUE) public String requestDeviceCode(@RequestParam("client_id") String clientId, @RequestParam(name="scope", required=false) String scope, Map parameters, ModelMap model) { @@ -134,17 +132,11 @@ public class DeviceEndpoint { // if we got here the request is legit - // create a device code, should be big and random - String deviceCode = UUID.randomUUID().toString(); - - // create a user code, should be random but small and typable - String userCode = randomGenerator.generate(); - - deviceCodeService.createNewDeviceCode(deviceCode, userCode, requestedScopes, client, parameters); + DeviceCode dc = deviceCodeService.createNewDeviceCode(requestedScopes, client, parameters); Map response = new HashMap<>(); - response.put("device_code", deviceCode); - response.put("user_code", userCode); + response.put("device_code", dc.getDeviceCode()); + response.put("user_code", dc.getUserCode()); response.put("verification_uri", config.getIssuer() + USER_URL); if (client.getDeviceCodeValiditySeconds() != null) { response.put("expires_in", client.getDeviceCodeValiditySeconds());