github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

added parser to userinfo object, userinfo url in filter, fixed bug in user_id check

pull/210/head
Justin Richer 2012-08-17 14:38:26 -04:00
parent fbd6e67af8
commit d14f55004c
4 changed files with 62 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java
View File

@ -149,4 +149,12 @@ public class OIDCAuthenticationFilter extends AbstractOIDCAuthenticationFilter {
public void setIssuer(String issuer) {
oidcServerConfig.setIssuer(issuer);
}
/**
* @param userInfoUrl
* @see org.mitre.openid.connect.config.OIDCServerConfiguration#setUserInfoUrl(java.lang.String)
*/
public void setUserInfoUrl(String userInfoUrl) {
oidcServerConfig.setUserInfoUrl(userInfoUrl);
}
}

2
openid-connect-client/src/main/java/org/mitre/openid/connect/client/OpenIdConnectAuthenticationProvider.java
View File

@ -82,7 +82,7 @@ public class OpenIdConnectAuthenticationProvider implements
if (userInfo == null) {
// TODO: user Info not found -- error?
} else {
if (!Strings.isNullOrEmpty(userInfo.getUserId()) && userInfo.getUserId().equals(token.getUserId())) {
if (!Strings.isNullOrEmpty(userInfo.getUserId()) && !userInfo.getUserId().equals(token.getUserId())) {
// the userinfo came back and the user_id fields don't match what was in the id_token
throw new UsernameNotFoundException("user_id mismatch between id_token and user_info call: " + userInfo.getUserId() + " / " + token.getUserId());
}

6
openid-connect-client/src/main/java/org/mitre/openid/connect/client/UserInfoFetcher.java
View File

@ -28,15 +28,15 @@ public class UserInfoFetcher {
MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>();
form.add("access_token", token.getAccessTokenValue());
form.add("schema", "openid");
String userInfoString = restTemplate.postForObject(token.getServerConfiguration().getUserInfoUrl(), form, String.class);
JsonObject userInfoJson = new JsonParser().parse(userInfoString).getAsJsonObject();
Gson gson = new Gson();
DefaultUserInfo userInfo = gson.fromJson(userInfoJson, DefaultUserInfo.class);
UserInfo userInfo = DefaultUserInfo.fromJson(userInfoJson);
return new DefaultUserInfo();
return userInfo;
}

49
openid-connect-common/src/main/java/org/mitre/openid/connect/model/DefaultUserInfo.java
View File

@ -27,6 +27,8 @@ import javax.persistence.NamedQuery;
import javax.persistence.OneToOne;
import javax.persistence.Table;
import com.google.gson.JsonObject;
@Entity
@Table(name="user_info")
@NamedQueries({
@ -336,4 +338,51 @@ public class DefaultUserInfo implements UserInfo {
this.updatedTime = updatedTime;
}
/**
* Parse a JsonObject into a UserInfo.
* @param o
* @return
*/
public static UserInfo fromJson(JsonObject obj) {
DefaultUserInfo ui = new DefaultUserInfo();
ui.setUserId(obj.has("user_id") ? obj.get("user_id").getAsString() : null);
ui.setName(obj.has("name") ? obj.get("name").getAsString() : null);
ui.setPreferredUsername(obj.has("preferred_username") ? obj.get("preferred_username").getAsString() : null);
ui.setGivenName(obj.has("given_name") ? obj.get("given_name").getAsString() : null);
ui.setFamilyName(obj.has("family_name") ? obj.get("family_name").getAsString() : null);
ui.setMiddleName(obj.has("middle_name") ? obj.get("middle_name").getAsString() : null);
ui.setNickname(obj.has("nickname") ? obj.get("nickname").getAsString() : null);
ui.setProfile(obj.has("profile") ? obj.get("profile").getAsString() : null);
ui.setPicture(obj.has("picture") ? obj.get("picture").getAsString() : null);
ui.setWebsite(obj.has("website") ? obj.get("website").getAsString() : null);
ui.setGender(obj.has("gender") ? obj.get("gender").getAsString() : null);
ui.setZoneinfo(obj.has("zone_info") ? obj.get("zone_info").getAsString() : null);
ui.setLocale(obj.has("locale") ? obj.get("locale").getAsString() : null);
ui.setUpdatedTime(obj.has("updated_time") ? obj.get("updated_time").getAsString() : null);
ui.setEmail(obj.has("email") ? obj.get("email").getAsString() : null);
ui.setEmailVerified(obj.has("email") ? obj.get("email_verified").getAsBoolean() : null);
ui.setPhoneNumber(obj.has("phone_number") ? obj.get("phone_number").getAsString() : null);
if (obj.has("address") && obj.get("address").isJsonObject()) {
JsonObject addr = obj.get("address").getAsJsonObject();
ui.setAddress(new Address());
ui.getAddress().setFormatted(addr.has("formatted") ? addr.get("formatted").getAsString() : null);
ui.getAddress().setStreetAddress(addr.has("street_address") ? addr.get("street_address").getAsString() : null);
ui.getAddress().setLocality(addr.has("locality") ? addr.get("locality").getAsString() : null);
ui.getAddress().setRegion(addr.has("region") ? addr.get("region").getAsString() : null);
ui.getAddress().setPostalCode(addr.has("postal_code") ? addr.get("postal_code").getAsString() : null);
ui.getAddress().setCountry(addr.has("country") ? addr.get("country").getAsString() : null);
}
return ui;
}
}