Updated classes to track newest version of SECOAUTH. This update closes issues #3, #4, #8, and #36 (infinite redirects). This revision changes the authorization and token endpoints to be /openidconnect/auth and /openidconnect/token, respectively.
Amanda Anganes
parent
c9b5aea357
commit
e33f277bbe
|
|
@ -1,4 +1,3 @@
|
|||
#Fri Mar 23 15:19:12 EDT 2012
|
||||
activeProfiles=
|
||||
eclipse.preferences.version=1
|
||||
resolveWorkspaceProjects=true
|
||||
|
|
|
|||
|
|
@ -1,9 +1,6 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<classpath>
|
||||
<classpathentry kind="src" output="target/classes" path="src/main/java"/>
|
||||
<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources"/>
|
||||
<classpathentry kind="src" output="target/test-classes" path="src/test/java"/>
|
||||
<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources"/>
|
||||
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.6"/>
|
||||
<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
|
||||
<attributes>
|
||||
|
|
|
|||
|
|
@ -5,8 +5,6 @@
|
|||
<wb-resource deploy-path="/" source-path="/src/main/webapp" tag="defaultRootSource"/>
|
||||
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/resources"/>
|
||||
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/java"/>
|
||||
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/test/java"/>
|
||||
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/test/resources"/>
|
||||
<property name="context-root" value="account-chooser"/>
|
||||
<property name="java-output-path" value="/account-chooser/target/classes"/>
|
||||
</wb-module>
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
#Fri Mar 16 15:07:52 EDT 2012
|
||||
activeProfiles=
|
||||
eclipse.preferences.version=1
|
||||
resolveWorkspaceProjects=true
|
||||
|
|
|
|||
|
|
@ -3,7 +3,5 @@
|
|||
<wb-module deploy-name="openid-connect-client">
|
||||
<wb-resource deploy-path="/" source-path="/src/main/java"/>
|
||||
<wb-resource deploy-path="/" source-path="/src/main/resources"/>
|
||||
<wb-resource deploy-path="/" source-path="/src/test/java"/>
|
||||
<wb-resource deploy-path="/" source-path="/src/test/resources"/>
|
||||
</wb-module>
|
||||
</project-modules>
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
#Fri Mar 16 15:07:16 EDT 2012
|
||||
activeProfiles=
|
||||
eclipse.preferences.version=1
|
||||
resolveWorkspaceProjects=true
|
||||
|
|
|
|||
|
|
@ -65,8 +65,8 @@ public class ClientDetailsEntity implements ClientDetails {
|
|||
private String clientName;
|
||||
private String clientDescription;
|
||||
private boolean allowRefresh = false; // do we allow refresh tokens for this client?
|
||||
private Long accessTokenTimeout; // in seconds
|
||||
private Long refreshTokenTimeout; // in seconds
|
||||
private Integer accessTokenTimeout; // in seconds
|
||||
private Integer refreshTokenTimeout; // in seconds
|
||||
private String owner; // userid of who registered it
|
||||
private Set<String> registeredRedirectUri;
|
||||
private Set<String> resourceIds;
|
||||
|
|
@ -271,14 +271,14 @@ public class ClientDetailsEntity implements ClientDetails {
|
|||
* @param accessTokenTimeout Lifetime of access tokens, in seconds (optional - leave null for no timeout)
|
||||
*/
|
||||
@Basic
|
||||
public Long getAccessTokenTimeout() {
|
||||
public Integer getAccessTokenTimeout() {
|
||||
return accessTokenTimeout;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param accessTokenTimeout the accessTokenTimeout to set
|
||||
*/
|
||||
public void setAccessTokenTimeout(Long accessTokenTimeout) {
|
||||
public void setAccessTokenTimeout(Integer accessTokenTimeout) {
|
||||
this.accessTokenTimeout = accessTokenTimeout;
|
||||
}
|
||||
|
||||
|
|
@ -286,14 +286,14 @@ public class ClientDetailsEntity implements ClientDetails {
|
|||
* @return the refreshTokenTimeout
|
||||
*/
|
||||
@Basic
|
||||
public Long getRefreshTokenTimeout() {
|
||||
public Integer getRefreshTokenTimeout() {
|
||||
return refreshTokenTimeout;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param refreshTokenTimeout Lifetime of refresh tokens, in seconds (optional - leave null for no timeout)
|
||||
*/
|
||||
public void setRefreshTokenTimeout(Long refreshTokenTimeout) {
|
||||
public void setRefreshTokenTimeout(Integer refreshTokenTimeout) {
|
||||
this.refreshTokenTimeout = refreshTokenTimeout;
|
||||
}
|
||||
|
||||
|
|
@ -482,7 +482,7 @@ public class ClientDetailsEntity implements ClientDetails {
|
|||
* @param accessTokenTimeout
|
||||
* @see org.mitre.oauth2.model.ClientDetailsEntity#setAccessTokenTimeout(java.lang.Long)
|
||||
*/
|
||||
public ClientDetailsEntityBuilder setAccessTokenTimeout(Long accessTokenTimeout) {
|
||||
public ClientDetailsEntityBuilder setAccessTokenTimeout(int accessTokenTimeout) {
|
||||
instance.setAccessTokenTimeout(accessTokenTimeout);
|
||||
return this;
|
||||
}
|
||||
|
|
@ -491,7 +491,7 @@ public class ClientDetailsEntity implements ClientDetails {
|
|||
* @param refreshTokenTimeout
|
||||
* @see org.mitre.oauth2.model.ClientDetailsEntity#setRefreshTokenTimeout(java.lang.Long)
|
||||
*/
|
||||
public ClientDetailsEntityBuilder setRefreshTokenTimeout(Long refreshTokenTimeout) {
|
||||
public ClientDetailsEntityBuilder setRefreshTokenTimeout(int refreshTokenTimeout) {
|
||||
instance.setRefreshTokenTimeout(refreshTokenTimeout);
|
||||
return this;
|
||||
}
|
||||
|
|
@ -505,8 +505,6 @@ public class ClientDetailsEntity implements ClientDetails {
|
|||
return this;
|
||||
}
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* Complete the builder
|
||||
* @return
|
||||
|
|
@ -535,14 +533,15 @@ public class ClientDetailsEntity implements ClientDetails {
|
|||
|
||||
}
|
||||
|
||||
/**
|
||||
* TODO: Implement
|
||||
* See github issue #3
|
||||
*/
|
||||
@Override
|
||||
public int getAccessTokenValiditySeconds() {
|
||||
// TODO Auto-generated method stub
|
||||
return 0;
|
||||
return accessTokenTimeout;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public int getRefreshTokenValiditySeconds() {
|
||||
return refreshTokenTimeout;
|
||||
}
|
||||
|
||||
/* *//**
|
||||
|
|
|
|||
|
|
@ -39,13 +39,9 @@ import javax.persistence.Table;
|
|||
import javax.persistence.Temporal;
|
||||
import javax.persistence.Transient;
|
||||
|
||||
import org.codehaus.jackson.map.annotate.JsonDeserialize;
|
||||
import org.codehaus.jackson.map.annotate.JsonSerialize;
|
||||
import org.mitre.jwt.model.Jwt;
|
||||
import org.mitre.openid.connect.model.IdToken;
|
||||
import org.springframework.security.oauth2.common.OAuth2AccessToken;
|
||||
import org.springframework.security.oauth2.common.OAuth2AccessTokenDeserializer;
|
||||
import org.springframework.security.oauth2.common.OAuth2AccessTokenSerializer;
|
||||
import org.springframework.security.oauth2.common.OAuth2RefreshToken;
|
||||
import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
||||
|
||||
|
|
@ -63,7 +59,7 @@ import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
|||
})
|
||||
//@JsonSerialize(using = OAuth2AccessTokenSerializer.class)
|
||||
//@JsonDeserialize(using = OAuth2AccessTokenDeserializer.class)
|
||||
public class OAuth2AccessTokenEntity extends OAuth2AccessToken {
|
||||
public class OAuth2AccessTokenEntity implements OAuth2AccessToken {
|
||||
|
||||
public static String ID_TOKEN = "id_token";
|
||||
|
||||
|
|
@ -71,26 +67,28 @@ public class OAuth2AccessTokenEntity extends OAuth2AccessToken {
|
|||
|
||||
private OAuth2Authentication authentication; // the authentication that made this access
|
||||
|
||||
// JWT-encoded access token value
|
||||
private Jwt jwtValue;
|
||||
private Jwt jwtValue; // JWT-encoded access token value
|
||||
|
||||
// JWT-encoded OpenID Connect IdToken
|
||||
private IdToken idToken;
|
||||
private IdToken idToken; // JWT-encoded OpenID Connect IdToken
|
||||
|
||||
private Date expiration;
|
||||
|
||||
private String tokenType = OAuth2AccessToken.BEARER_TYPE;
|
||||
|
||||
private OAuth2RefreshTokenEntity refreshToken;
|
||||
|
||||
private Set<String> scope;
|
||||
|
||||
/**
|
||||
* Create a new, blank access token
|
||||
*/
|
||||
public OAuth2AccessTokenEntity() {
|
||||
// we ignore the "value" field in the superclass because we can't cleanly override it
|
||||
super(null);
|
||||
setJwt(new Jwt()); // give us a blank jwt to work with at least
|
||||
//setIdToken(new IdToken()); // ID Tokens aren't there unless we need them
|
||||
}
|
||||
|
||||
/**
|
||||
* Get all additional information to be sent to the serializer. Inserts a copy of the IdToken (in JWT String form).
|
||||
*/
|
||||
@Override
|
||||
@Transient
|
||||
public Map<String, Object> getAdditionalInformation() {
|
||||
Map<String, Object> map = new HashMap<String, Object>(); //super.getAdditionalInformation();
|
||||
|
|
@ -98,8 +96,6 @@ public class OAuth2AccessTokenEntity extends OAuth2AccessToken {
|
|||
return map;
|
||||
}
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* The authentication in place when this token was created.
|
||||
* @return the authentication
|
||||
|
|
@ -110,7 +106,6 @@ public class OAuth2AccessTokenEntity extends OAuth2AccessToken {
|
|||
return authentication;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param authentication the authentication to set
|
||||
*/
|
||||
|
|
@ -118,7 +113,6 @@ public class OAuth2AccessTokenEntity extends OAuth2AccessToken {
|
|||
this.authentication = authentication;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @return the client
|
||||
*/
|
||||
|
|
@ -128,7 +122,6 @@ public class OAuth2AccessTokenEntity extends OAuth2AccessToken {
|
|||
return client;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param client the client to set
|
||||
*/
|
||||
|
|
@ -136,13 +129,9 @@ public class OAuth2AccessTokenEntity extends OAuth2AccessToken {
|
|||
this.client = client;
|
||||
}
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see org.springframework.security.oauth2.common.OAuth2AccessToken#getValue()
|
||||
*/
|
||||
/**
|
||||
* Get the string-encoded value of this access token.
|
||||
*/
|
||||
@Override
|
||||
@Id
|
||||
@Column(name="id")
|
||||
public String getValue() {
|
||||
|
|
@ -159,68 +148,35 @@ public class OAuth2AccessTokenEntity extends OAuth2AccessToken {
|
|||
setJwt(Jwt.parse(value));
|
||||
}
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see org.springframework.security.oauth2.common.OAuth2AccessToken#getExpiration()
|
||||
*/
|
||||
@Override
|
||||
@Basic
|
||||
@Temporal(javax.persistence.TemporalType.TIMESTAMP)
|
||||
public Date getExpiration() {
|
||||
// TODO Auto-generated method stub
|
||||
return super.getExpiration();
|
||||
return expiration;
|
||||
}
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see org.springframework.security.oauth2.common.OAuth2AccessToken#setExpiration(java.util.Date)
|
||||
*/
|
||||
@Override
|
||||
public void setExpiration(Date expiration) {
|
||||
// TODO Auto-generated method stub
|
||||
super.setExpiration(expiration);
|
||||
this.expiration = expiration;
|
||||
}
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see org.springframework.security.oauth2.common.OAuth2AccessToken#getTokenType()
|
||||
*/
|
||||
@Override
|
||||
@Basic
|
||||
public String getTokenType() {
|
||||
// TODO Auto-generated method stub
|
||||
return super.getTokenType();
|
||||
return tokenType;
|
||||
}
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see org.springframework.security.oauth2.common.OAuth2AccessToken#setTokenType(java.lang.String)
|
||||
*/
|
||||
@Override
|
||||
public void setTokenType(String tokenType) {
|
||||
// TODO Auto-generated method stub
|
||||
super.setTokenType(tokenType);
|
||||
this.tokenType = tokenType;
|
||||
}
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see org.springframework.security.oauth2.common.OAuth2AccessToken#getRefreshToken()
|
||||
*/
|
||||
@Override
|
||||
@ManyToOne
|
||||
@JoinColumn(name="refresh_token_id")
|
||||
public OAuth2RefreshTokenEntity getRefreshToken() {
|
||||
// TODO Auto-generated method stub
|
||||
return (OAuth2RefreshTokenEntity) super.getRefreshToken();
|
||||
return refreshToken;
|
||||
}
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see org.springframework.security.oauth2.common.OAuth2AccessToken#setRefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken)
|
||||
*/
|
||||
public void setRefreshToken(OAuth2RefreshTokenEntity refreshToken) {
|
||||
// TODO Auto-generated method stub
|
||||
super.setRefreshToken(refreshToken);
|
||||
this.refreshToken = refreshToken;
|
||||
}
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see org.springframework.security.oauth2.common.OAuth2AccessToken#setRefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken)
|
||||
*/
|
||||
@Override
|
||||
public void setRefreshToken(OAuth2RefreshToken refreshToken) {
|
||||
if (!(refreshToken instanceof OAuth2RefreshTokenEntity)) {
|
||||
// TODO: make a copy constructor instead....
|
||||
|
|
@ -230,27 +186,17 @@ public class OAuth2AccessTokenEntity extends OAuth2AccessToken {
|
|||
setRefreshToken((OAuth2RefreshTokenEntity)refreshToken);
|
||||
}
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see org.springframework.security.oauth2.common.OAuth2AccessToken#getScope()
|
||||
*/
|
||||
@Override
|
||||
@ElementCollection(fetch=FetchType.EAGER)
|
||||
@CollectionTable(
|
||||
joinColumns=@JoinColumn(name="owner_id"),
|
||||
name="scope"
|
||||
)
|
||||
public Set<String> getScope() {
|
||||
// TODO Auto-generated method stub
|
||||
return super.getScope();
|
||||
return scope;
|
||||
}
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see org.springframework.security.oauth2.common.OAuth2AccessToken#setScope(java.util.Set)
|
||||
*/
|
||||
@Override
|
||||
public void setScope(Set<String> scope) {
|
||||
// TODO Auto-generated method stub
|
||||
super.setScope(scope);
|
||||
this.scope = scope;
|
||||
}
|
||||
|
||||
@Transient
|
||||
|
|
@ -258,7 +204,6 @@ public class OAuth2AccessTokenEntity extends OAuth2AccessToken {
|
|||
return getExpiration() == null ? false : System.currentTimeMillis() > getExpiration().getTime();
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* This is transient b/c the IdToken is not serializable. Instead,
|
||||
* the toString of the IdToken is persisted in idTokenString
|
||||
|
|
@ -269,7 +214,6 @@ public class OAuth2AccessTokenEntity extends OAuth2AccessToken {
|
|||
return idToken;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param idToken the idToken to set
|
||||
*/
|
||||
|
|
@ -305,11 +249,16 @@ public class OAuth2AccessTokenEntity extends OAuth2AccessToken {
|
|||
return jwtValue;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param jwtValue the jwtValue to set
|
||||
*/
|
||||
public void setJwt(Jwt jwt) {
|
||||
this.jwtValue = jwt;
|
||||
}
|
||||
|
||||
@Override
|
||||
public int getExpiresIn() {
|
||||
// TODO Auto-generated method stub
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -37,7 +37,6 @@ import javax.persistence.Temporal;
|
|||
import javax.persistence.Transient;
|
||||
|
||||
import org.mitre.jwt.model.Jwt;
|
||||
import org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken;
|
||||
import org.springframework.security.oauth2.common.OAuth2RefreshToken;
|
||||
|
||||
/**
|
||||
|
|
@ -50,7 +49,7 @@ import org.springframework.security.oauth2.common.OAuth2RefreshToken;
|
|||
@NamedQuery(name = "OAuth2RefreshTokenEntity.getByClient", query = "select r from OAuth2RefreshTokenEntity r where r.client = :client"),
|
||||
@NamedQuery(name = "OAuth2RefreshTokenEntity.getExpired", query = "select r from OAuth2RefreshTokenEntity r where r.expiration is not null and r.expiration < current_timestamp")
|
||||
})
|
||||
public class OAuth2RefreshTokenEntity extends OAuth2RefreshToken {
|
||||
public class OAuth2RefreshTokenEntity implements OAuth2RefreshToken {
|
||||
|
||||
private ClientDetailsEntity client;
|
||||
|
||||
|
|
@ -66,18 +65,12 @@ public class OAuth2RefreshTokenEntity extends OAuth2RefreshToken {
|
|||
*
|
||||
*/
|
||||
public OAuth2RefreshTokenEntity() {
|
||||
// we ignore the superclass's Value field
|
||||
super(null);
|
||||
setJwt(new Jwt()); // start with a blank JWT value
|
||||
}
|
||||
|
||||
/* (non-Javadoc)
|
||||
* @see org.springframework.security.oauth2.common.OAuth2RefreshToken#getValue()
|
||||
*/
|
||||
/**
|
||||
* Get the JWT-encoded value of this token
|
||||
*/
|
||||
@Override
|
||||
@Id
|
||||
@Column(name="id")
|
||||
public String getValue() {
|
||||
|
|
@ -91,7 +84,6 @@ public class OAuth2RefreshTokenEntity extends OAuth2RefreshToken {
|
|||
* @throws IllegalArgumentException if the value is not a valid JWT string
|
||||
*/
|
||||
public void setValue(String value) {
|
||||
// TODO Auto-generated method stub
|
||||
setJwt(Jwt.parse(value));
|
||||
}
|
||||
|
||||
|
|
@ -127,7 +119,6 @@ public class OAuth2RefreshTokenEntity extends OAuth2RefreshToken {
|
|||
return client;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param client the client to set
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ public interface ClientDetailsEntityService extends ClientDetailsService {
|
|||
|
||||
public ClientDetailsEntity loadClientByClientId(String clientId) throws OAuth2Exception;
|
||||
|
||||
public ClientDetailsEntity createClient(String clientId, String clientSecret, Set<String> scope, Set<String> grantTypes, String redirectUri, Set<GrantedAuthority> authorities, Set<String> resourceIds, String name, String description, boolean allowRefresh, Long accessTokenTimeout, Long refreshTokenTimeout, String owner);
|
||||
public ClientDetailsEntity createClient(String clientId, String clientSecret, Set<String> scope, Set<String> grantTypes, String redirectUri, Set<GrantedAuthority> authorities, Set<String> resourceIds, String name, String description, boolean allowRefresh, Integer accessTokenTimeout, Integer refreshTokenTimeout, String owner);
|
||||
|
||||
public void deleteClient(ClientDetailsEntity client);
|
||||
|
||||
|
|
|
|||
|
|
@ -31,14 +31,8 @@
|
|||
<arguments>
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
<buildCommand>
|
||||
<name>org.springframework.ide.eclipse.core.springbuilder</name>
|
||||
<arguments>
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
</buildSpec>
|
||||
<natures>
|
||||
<nature>org.springframework.ide.eclipse.core.springnature</nature>
|
||||
<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
|
||||
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
|
||||
<nature>org.eclipse.jdt.core.javanature</nature>
|
||||
|
|
|
|||
|
|
@ -1,3 +1,2 @@
|
|||
#Fri Mar 23 15:19:13 EDT 2012
|
||||
com.springsource.sts.maven.maven.automatically.update=true
|
||||
eclipse.preferences.version=1
|
||||
|
|
|
|||
|
|
@ -82,8 +82,8 @@ public class DefaultOAuth2ClientDetailsEntityService implements ClientDetailsEnt
|
|||
public ClientDetailsEntity createClient(String clientId, String clientSecret,
|
||||
Set<String> scope, Set<String> grantTypes, String redirectUri, Set<GrantedAuthority> authorities,
|
||||
Set<String> resourceIds,
|
||||
String name, String description, boolean allowRefresh, Long accessTokenTimeout,
|
||||
Long refreshTokenTimeout, String owner) {
|
||||
String name, String description, boolean allowRefresh, Integer accessTokenTimeout,
|
||||
Integer refreshTokenTimeout, String owner) {
|
||||
|
||||
// TODO: check "owner" locally?
|
||||
|
||||
|
|
|
|||
|
|
@ -69,8 +69,8 @@ public class OAuthClientAPI {
|
|||
@RequestParam(required=false) String name,
|
||||
@RequestParam(required=false) String description,
|
||||
@RequestParam(required=false, defaultValue="false") boolean allowRefresh,
|
||||
@RequestParam(required=false) Long accessTokenTimeout,
|
||||
@RequestParam(required=false) Long refreshTokenTimeout,
|
||||
@RequestParam(required=false) Integer accessTokenTimeout,
|
||||
@RequestParam(required=false) Integer refreshTokenTimeout,
|
||||
@RequestParam(required=false) String owner
|
||||
) {
|
||||
logger.info("apiAddClient - start");
|
||||
|
|
@ -150,8 +150,8 @@ public class OAuthClientAPI {
|
|||
@RequestParam(required=false) String name,
|
||||
@RequestParam(required=false) String description,
|
||||
@RequestParam(required=false, defaultValue="false") boolean allowRefresh,
|
||||
@RequestParam(required=false) Long accessTokenTimeout,
|
||||
@RequestParam(required=false) Long refreshTokenTimeout,
|
||||
@RequestParam(required=false) Integer accessTokenTimeout,
|
||||
@RequestParam(required=false) Integer refreshTokenTimeout,
|
||||
@RequestParam(required=false) String owner
|
||||
) {
|
||||
ClientDetailsEntity client = clientService.loadClientByClientId(clientId);
|
||||
|
|
|
|||
|
|
@ -52,7 +52,7 @@
|
|||
<!-- SECOAUTH Authorization Server, with our custom token granter plugged in -->
|
||||
<oauth:authorization-server client-details-service-ref="defaultOAuth2ClientDetailsEntityService"
|
||||
token-services-ref="defaultOAuth2ProviderTokenService" token-granter-ref="connectAuthCodeTokenGranter"
|
||||
user-approval-handler-ref="userApprovalHandler">
|
||||
user-approval-handler-ref="userApprovalHandler" authorization-endpoint-url="/openidconnect/auth" token-endpoint-url="/openidconnect/token">
|
||||
<oauth:authorization-code authorization-code-services-ref="authCodeServices" />
|
||||
</oauth:authorization-server>
|
||||
|
||||
|
|
|
|||
|
|
@ -6,6 +6,21 @@
|
|||
|
||||
|
||||
<!-- filter through Spring Security -->
|
||||
|
||||
<filter>
|
||||
<filter-name>oauth2EndpointUrlFilter</filter-name>
|
||||
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
|
||||
<init-param>
|
||||
<param-name>contextAttribute</param-name>
|
||||
<param-value>org.springframework.web.servlet.FrameworkServlet.CONTEXT.spring</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>oauth2EndpointUrlFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter>
|
||||
<filter-name>clientCredentialsTokenEndpointFilter</filter-name>
|
||||
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
|
||||
|
|
|
|||
Loading…
Reference in New Issue