From d89257380f765c8d5705f0b841a0161bf48ec126 Mon Sep 17 00:00:00 2001 From: Justin Richer Date: Sun, 24 Jul 2016 15:24:45 -0400 Subject: [PATCH] make client assertion auth work again --- .../main/webapp/WEB-INF/assertion-config.xml | 2 ++ ...JWTBearerAssertionAuthenticationToken.java | 21 ++++++++++++++----- 2 files changed, 18 insertions(+), 5 deletions(-) diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/assertion-config.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/assertion-config.xml index e0de60d04..a7df61579 100644 --- a/openid-connect-server-webapp/src/main/webapp/WEB-INF/assertion-config.xml +++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/assertion-config.xml @@ -32,6 +32,8 @@ + + diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JWTBearerAssertionAuthenticationToken.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JWTBearerAssertionAuthenticationToken.java index 94b1e6c19..c3060e36a 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JWTBearerAssertionAuthenticationToken.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JWTBearerAssertionAuthenticationToken.java @@ -37,6 +37,7 @@ public class JWTBearerAssertionAuthenticationToken extends AbstractAuthenticatio * */ private static final long serialVersionUID = -3138213539914074617L; + private String subject; private JWT jwt; /** @@ -46,6 +47,13 @@ public class JWTBearerAssertionAuthenticationToken extends AbstractAuthenticatio */ public JWTBearerAssertionAuthenticationToken(JWT jwt) { super(null); + try { + // save the subject of the JWT in case the credentials get erased later + this.subject = jwt.getJWTClaimsSet().getSubject(); + } catch (ParseException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } this.jwt = jwt; setAuthenticated(false); } @@ -58,6 +66,13 @@ public class JWTBearerAssertionAuthenticationToken extends AbstractAuthenticatio */ public JWTBearerAssertionAuthenticationToken(JWT jwt, Collection authorities) { super(authorities); + try { + // save the subject of the JWT in case the credentials get erased later + this.subject = jwt.getJWTClaimsSet().getSubject(); + } catch (ParseException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } this.jwt = jwt; setAuthenticated(true); } @@ -75,11 +90,7 @@ public class JWTBearerAssertionAuthenticationToken extends AbstractAuthenticatio */ @Override public Object getPrincipal() { - try { - return jwt.getJWTClaimsSet().getSubject(); - } catch (ParseException e) { - return null; - } + return subject; } /**