github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

make client assertion auth work again

pull/1108/head
Justin Richer 2016-07-24 15:24:45 -04:00
parent f9e4d75a4a
commit d89257380f
2 changed files with 18 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
openid-connect-server-webapp/src/main/webapp/WEB-INF/assertion-config.xml
View File

@ -32,6 +32,8 @@
<!-- validate incoming tokens for JWT assertions --> <!-- validate incoming tokens for JWT assertions -->
<bean id="jwtAssertionValidator" class="org.mitre.jwt.assertion.impl.NullAssertionValidator" /> <bean id="jwtAssertionValidator" class="org.mitre.jwt.assertion.impl.NullAssertionValidator" />
<bean id="jwtAssertionTokenFactory" class="org.mitre.oauth2.assertion.impl.DirectCopyRequestFactory" />
<!-- validate client software statements for dynamic registration --> <!-- validate client software statements for dynamic registration -->
<bean id="clientAssertionValidator" class="org.mitre.jwt.assertion.impl.NullAssertionValidator" /> <bean id="clientAssertionValidator" class="org.mitre.jwt.assertion.impl.NullAssertionValidator" />

21
openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JWTBearerAssertionAuthenticationToken.java
View File

@ -37,6 +37,7 @@ public class JWTBearerAssertionAuthenticationToken extends AbstractAuthenticatio
* *
*/ */
private static final long serialVersionUID = -3138213539914074617L; private static final long serialVersionUID = -3138213539914074617L;
private String subject;
private JWT jwt; private JWT jwt;
/** /**
@ -46,6 +47,13 @@ public class JWTBearerAssertionAuthenticationToken extends AbstractAuthenticatio
*/ */
public JWTBearerAssertionAuthenticationToken(JWT jwt) { public JWTBearerAssertionAuthenticationToken(JWT jwt) {
super(null); super(null);
try {
// save the subject of the JWT in case the credentials get erased later
this.subject = jwt.getJWTClaimsSet().getSubject();
} catch (ParseException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
this.jwt = jwt; this.jwt = jwt;
setAuthenticated(false); setAuthenticated(false);
} }
@ -58,6 +66,13 @@ public class JWTBearerAssertionAuthenticationToken extends AbstractAuthenticatio
*/ */
public JWTBearerAssertionAuthenticationToken(JWT jwt, Collection<? extends GrantedAuthority> authorities) { public JWTBearerAssertionAuthenticationToken(JWT jwt, Collection<? extends GrantedAuthority> authorities) {
super(authorities); super(authorities);
try {
// save the subject of the JWT in case the credentials get erased later
this.subject = jwt.getJWTClaimsSet().getSubject();
} catch (ParseException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
this.jwt = jwt; this.jwt = jwt;
setAuthenticated(true); setAuthenticated(true);
} }
@ -75,11 +90,7 @@ public class JWTBearerAssertionAuthenticationToken extends AbstractAuthenticatio
*/ */
@Override @Override
public Object getPrincipal() { public Object getPrincipal() {
try { return subject;
return jwt.getJWTClaimsSet().getSubject();
} catch (ParseException e) {
return null;
}
} }
/** /**