github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

null and blank handling

pull/263/head
Justin Richer 2012-12-12 12:29:14 -05:00
parent 06fad3a41c
commit cda6163d0d
1 changed files with 74 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

103
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
View File

@ -1,6 +1,7 @@
package org.mitre.openid.connect.web; package org.mitre.openid.connect.web;
import java.beans.PropertyEditorSupport; import java.beans.PropertyEditorSupport;
import java.util.Map;
import java.util.Set; import java.util.Set;
import java.util.concurrent.TimeUnit; import java.util.concurrent.TimeUnit;
@ -15,12 +16,9 @@ import org.mitre.oauth2.service.ClientDetailsEntityService;
import org.mitre.oauth2.service.OAuth2TokenEntityService; import org.mitre.oauth2.service.OAuth2TokenEntityService;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.oauth2.common.exceptions.OAuth2Exception; import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
import org.springframework.security.oauth2.common.exceptions.UnauthorizedClientException;
import org.springframework.security.oauth2.provider.AuthorizationRequest;
import org.springframework.security.oauth2.provider.DefaultAuthorizationRequest; import org.springframework.security.oauth2.provider.DefaultAuthorizationRequest;
import org.springframework.security.oauth2.provider.OAuth2Authentication; import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails; import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
@ -32,10 +30,10 @@ import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RequestParam;
import com.google.common.base.Joiner; import com.google.common.base.Joiner;
import com.google.common.base.Objects;
import com.google.common.base.Splitter; import com.google.common.base.Splitter;
import com.google.common.base.Strings; import com.google.common.base.Strings;
import com.google.common.collect.Sets; import com.google.common.collect.Sets;
import com.google.common.primitives.Booleans;
@Controller @Controller
@RequestMapping(value = "register"/*, method = RequestMethod.POST*/) @RequestMapping(value = "register"/*, method = RequestMethod.POST*/)
@ -253,7 +251,7 @@ public class ClientDynamicRegistrationEndpoint {
client.setUserIdType(userIdType); client.setUserIdType(userIdType);
client.setRequireSignedRequestObject(requireSignedRequestObject); client.setRequireSignedRequestObject(requireSignedRequestObject);
client.setDefaultMaxAge(defaultMaxAge); client.setDefaultMaxAge(defaultMaxAge);
client.setRequireAuthTime(requireAuthTime); client.setRequireAuthTime(requireAuthTime == null ? false : requireAuthTime.booleanValue());
client.setDefaultACR(defaultAcr); client.setDefaultACR(defaultAcr);
if (scope != null) { if (scope != null) {
@ -386,6 +384,8 @@ public class ClientDynamicRegistrationEndpoint {
@RequestParam(value = "idtoken_encrypted_response_int", required = false) String idtokenEncryptedResponseInt, @RequestParam(value = "idtoken_encrypted_response_int", required = false) String idtokenEncryptedResponseInt,
*/ */
@RequestParam Map<String, String> params,
OAuth2Authentication auth, OAuth2Authentication auth,
ModelMap model ModelMap model
@ -398,37 +398,82 @@ public class ClientDynamicRegistrationEndpoint {
throw new ClientNotFoundException("Could not find client: " + clientId); throw new ClientNotFoundException("Could not find client: " + clientId);
} }
client.setContacts(contacts); /*
client.setApplicationType(applicationType); * now process each field:
client.setClientName(clientName); * 1) If input is not provided (null, not in map), keep existing value
client.setClientUrl(clientUrl); * 2) If input is provided (in map) but null or blank, remove existing value
client.setTosUrl(tosUrl); * 3) If input is not null and not blank, replace existing value
client.setLogoUrl(logoUrl); */
client.setRegisteredRedirectUri(redirectUris); if (params.containsKey("contacts")) {
client.setTokenEndpointAuthType(tokenEndpointAuthType); client.setContacts(contacts);
client.setPolicyUrl(policyUrl); }
client.setJwkUrl(jwkUrl); if (params.containsKey("application_type")) {
client.setJwkEncryptionUrl(jwkEncryptionUrl); client.setApplicationType(applicationType);
client.setX509Url(x509Url); }
client.setX509EncryptionUrl(x509EncryptionUrl); if (params.containsKey("client_name")) {
client.setSectorIdentifierUrl(sectorIdentifierUrl); client.setClientName(Strings.emptyToNull(clientName));
client.setUserIdType(userIdType); }
client.setRequireSignedRequestObject(requireSignedRequestObject); if (params.containsKey("client_url")) {
client.setDefaultMaxAge(defaultMaxAge); client.setClientUrl(Strings.emptyToNull(clientUrl));
client.setRequireAuthTime(requireAuthTime); }
client.setDefaultACR(defaultAcr); if (params.containsKey("tos_url")) {
client.setTosUrl(Strings.emptyToNull(tosUrl));
if (scope != null) { }
if (params.containsKey("logo_url")) {
client.setLogoUrl(Strings.emptyToNull(logoUrl));
}
if (params.containsKey("redirect_uris")) {
client.setRegisteredRedirectUri(redirectUris);
}
if (params.containsKey("token_endpoint_auth_type")) {
client.setTokenEndpointAuthType(tokenEndpointAuthType);
}
if (params.containsKey("policy_url")) {
client.setPolicyUrl(Strings.emptyToNull(policyUrl));
}
if (params.containsKey("jwk_url")) {
client.setJwkUrl(Strings.emptyToNull(jwkUrl));
}
if (params.containsKey("jwk_encryption_url")) {
client.setJwkEncryptionUrl(Strings.emptyToNull(jwkEncryptionUrl));
}
if (params.containsKey("x509_url")) {
client.setX509Url(Strings.emptyToNull(x509Url));
}
if (params.containsKey("x509_encryption_url")) {
client.setX509EncryptionUrl(Strings.emptyToNull(x509EncryptionUrl));
}
if (params.containsKey("default_max_age")) {
client.setDefaultMaxAge(defaultMaxAge);
}
if (params.containsKey("default_acr")) {
client.setDefaultACR(Strings.emptyToNull(defaultAcr));
}
if (params.containsKey("scope")) {
// TODO: check against some kind of scope service for scope validity // TODO: check against some kind of scope service for scope validity
client.setScope(scope); client.setScope(scope);
} else {
} }
if (grantType != null) { if (params.containsKey("grant_type")) {
// TODO: check against some kind of grant type service for validity // TODO: check against some kind of grant type service for validity
client.setAuthorizedGrantTypes(grantType); client.setAuthorizedGrantTypes(grantType);
} else {
} }
// OIDC
if (params.containsKey("sector_identifier_url")) {
client.setSectorIdentifierUrl(Strings.emptyToNull(sectorIdentifierUrl));
}
if (params.containsKey("user_id_type")) {
client.setUserIdType(userIdType);
}
if (params.containsKey("require_signed_request_object")) { // TODO: rename field
client.setRequireSignedRequestObject(requireSignedRequestObject);
}
if (params.containsKey("require_auth_time")) {
client.setRequireAuthTime(requireAuthTime == null ? false : requireAuthTime.booleanValue()); // watch out for autoboxing
}
ClientDetailsEntity saved = clientService.updateClient(client, client); ClientDetailsEntity saved = clientService.updateClient(client, client);
model.put("fullClient", Boolean.TRUE); model.put("fullClient", Boolean.TRUE);