added parser to userinfo object, userinfo url in filter, fixed bug in user_id check

openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java

@@ -149,4 +149,12 @@ public class OIDCAuthenticationFilter extends AbstractOIDCAuthenticationFilter {
     public void setIssuer(String issuer) {
 	    oidcServerConfig.setIssuer(issuer);
     }
+
+	/**
+     * @param userInfoUrl
+     * @see org.mitre.openid.connect.config.OIDCServerConfiguration#setUserInfoUrl(java.lang.String)
+     */
+    public void setUserInfoUrl(String userInfoUrl) {
+	    oidcServerConfig.setUserInfoUrl(userInfoUrl);
+    }
 }

openid-connect-client/src/main/java/org/mitre/openid/connect/client/OpenIdConnectAuthenticationProvider.java

@@ -82,7 +82,7 @@ public class OpenIdConnectAuthenticationProvider implements
 			if (userInfo == null) {
 				// TODO: user Info not found -- error?
 			} else {			
-				if (!Strings.isNullOrEmpty(userInfo.getUserId()) && userInfo.getUserId().equals(token.getUserId())) {
+				if (!Strings.isNullOrEmpty(userInfo.getUserId()) && !userInfo.getUserId().equals(token.getUserId())) {
 					// the userinfo came back and the user_id fields don't match what was in the id_token
 					throw new UsernameNotFoundException("user_id mismatch between id_token and user_info call: " + userInfo.getUserId() + " / " + token.getUserId());
 				}

openid-connect-client/src/main/java/org/mitre/openid/connect/client/UserInfoFetcher.java

@@ -28,15 +28,15 @@ public class UserInfoFetcher {
 
 		MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>();
 		form.add("access_token", token.getAccessTokenValue());
+		form.add("schema", "openid");
 		
 		String userInfoString = restTemplate.postForObject(token.getServerConfiguration().getUserInfoUrl(), form, String.class);
 		
 		JsonObject userInfoJson = new JsonParser().parse(userInfoString).getAsJsonObject();
 		
-		Gson gson = new Gson();
+		UserInfo userInfo = DefaultUserInfo.fromJson(userInfoJson);
-		DefaultUserInfo userInfo = gson.fromJson(userInfoJson, DefaultUserInfo.class);
 		
-		return new DefaultUserInfo();
+		return userInfo;
 		
     }
 

openid-connect-common/src/main/java/org/mitre/openid/connect/model/DefaultUserInfo.java

@@ -27,6 +27,8 @@ import javax.persistence.NamedQuery;
 import javax.persistence.OneToOne;
 import javax.persistence.Table;
 
+import com.google.gson.JsonObject;
+
 @Entity
 @Table(name="user_info")
 @NamedQueries({
@@ -335,5 +337,52 @@ public class DefaultUserInfo implements UserInfo {
 	public void setUpdatedTime(String updatedTime) {
 		this.updatedTime = updatedTime;
 	}
-	
+
+	/**
+	 * Parse a JsonObject into a UserInfo.
+	 * @param o
+	 * @return
+	 */
+	public static UserInfo fromJson(JsonObject obj) {
+		DefaultUserInfo ui = new DefaultUserInfo();
+
+		ui.setUserId(obj.has("user_id") ? obj.get("user_id").getAsString() : null);
+		
+		ui.setName(obj.has("name") ? obj.get("name").getAsString() : null);
+		ui.setPreferredUsername(obj.has("preferred_username") ? obj.get("preferred_username").getAsString() : null);
+		ui.setGivenName(obj.has("given_name") ? obj.get("given_name").getAsString() : null);
+		ui.setFamilyName(obj.has("family_name") ? obj.get("family_name").getAsString() : null);
+		ui.setMiddleName(obj.has("middle_name") ? obj.get("middle_name").getAsString() : null);
+		ui.setNickname(obj.has("nickname") ? obj.get("nickname").getAsString() : null);
+		ui.setProfile(obj.has("profile") ? obj.get("profile").getAsString() : null);
+		ui.setPicture(obj.has("picture") ? obj.get("picture").getAsString() : null);
+		ui.setWebsite(obj.has("website") ? obj.get("website").getAsString() : null);
+		ui.setGender(obj.has("gender") ? obj.get("gender").getAsString() : null);
+		ui.setZoneinfo(obj.has("zone_info") ? obj.get("zone_info").getAsString() : null);
+		ui.setLocale(obj.has("locale") ? obj.get("locale").getAsString() : null);
+		ui.setUpdatedTime(obj.has("updated_time") ? obj.get("updated_time").getAsString() : null);
+		
+		ui.setEmail(obj.has("email") ? obj.get("email").getAsString() : null);
+		ui.setEmailVerified(obj.has("email") ? obj.get("email_verified").getAsBoolean() : null);
+		
+		ui.setPhoneNumber(obj.has("phone_number") ? obj.get("phone_number").getAsString() : null);
+
+		
+		if (obj.has("address") && obj.get("address").isJsonObject()) {
+			JsonObject addr = obj.get("address").getAsJsonObject();
+			ui.setAddress(new Address());
+			
+			ui.getAddress().setFormatted(addr.has("formatted") ? addr.get("formatted").getAsString() : null);
+			ui.getAddress().setStreetAddress(addr.has("street_address") ? addr.get("street_address").getAsString() : null);
+			ui.getAddress().setLocality(addr.has("locality") ? addr.get("locality").getAsString() : null);
+			ui.getAddress().setRegion(addr.has("region") ? addr.get("region").getAsString() : null);
+			ui.getAddress().setPostalCode(addr.has("postal_code") ? addr.get("postal_code").getAsString() : null);
+			ui.getAddress().setCountry(addr.has("country") ? addr.get("country").getAsString() : null);
+			
+		}
+
+		
+		return ui;
+		
+	}
 }