github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

format/cleanup and copyright

pull/477/head
Justin Richer 2013-07-29 11:28:51 -04:00
parent d4b544d519
commit e658ffd7fc
173 changed files with 1701 additions and 1468 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/AuthorizationRequestImpl.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.oauth2.introspectingfilter;
import java.util.Collection;

11
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.oauth2.introspectingfilter;
import java.util.Date;
@ -38,7 +39,7 @@ import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
/**
* This ResourceServerTokenServices implementation introspects incoming tokens at a
* This ResourceServerTokenServices implementation introspects incoming tokens at a
* server's introspection endpoint URL and passes an Authentication object along
* based on the response from the introspection endpoint.
* @author jricher
@ -50,7 +51,7 @@ public class IntrospectingTokenService implements ResourceServerTokenServices {
private String clientSecret;
private IntrospectionUrlProvider introspectionUrlProvider;
private IntrospectionAuthorityGranter introspectionAuthorityGranter = new SimpleIntrospectionAuthorityGranter();
// Inner class to store in the hash map
private class TokenCacheObject {
OAuth2AccessToken token;
@ -132,7 +133,7 @@ public class IntrospectingTokenService implements ResourceServerTokenServices {
// find out which URL to ask
String introspectionUrl = introspectionUrlProvider.getIntrospectionUrl(accessToken);
// Use the SpringFramework RestTemplate to send the request to the
// endpoint
String validatedToken = null;

19
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionAuthorityGranter.java
View File

@ -1,3 +1,20 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
@ -16,5 +33,5 @@ import com.google.gson.JsonObject;
public interface IntrospectionAuthorityGranter {
public List<GrantedAuthority> getAuthorities(JsonObject introspectionResponse);
}

19
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionUrlProvider.java
View File

@ -1,3 +1,20 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
@ -15,5 +32,5 @@ public interface IntrospectionUrlProvider {
* @return
*/
public String getIntrospectionUrl(String accessToken);
}

73
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/JWTParsingIntrospectionUrlProvider.java
View File

@ -1,11 +1,26 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
package org.mitre.oauth2.introspectingfilter;
import java.text.ParseException;
import java.util.HashSet;
import java.util.Set;
import org.mitre.openid.connect.client.service.ServerConfigurationService;
import org.mitre.openid.connect.config.ServerConfiguration;
@ -26,7 +41,7 @@ import com.nimbusds.jwt.JWTParser;
public class JWTParsingIntrospectionUrlProvider implements IntrospectionUrlProvider {
private ServerConfigurationService serverConfigurationService;
/**
* @return the serverConfigurationService
*/
@ -46,33 +61,33 @@ public class JWTParsingIntrospectionUrlProvider implements IntrospectionUrlProvi
*/
@Override
public String getIntrospectionUrl(String accessToken) {
try {
JWT jwt = JWTParser.parse(accessToken);
String issuer = jwt.getJWTClaimsSet().getIssuer();
if (!Strings.isNullOrEmpty(issuer)) {
ServerConfiguration server = serverConfigurationService.getServerConfiguration(issuer);
if (server != null) {
if (!Strings.isNullOrEmpty(server.getIntrospectionEndpointUri())) {
return server.getIntrospectionEndpointUri();
} else {
throw new IllegalArgumentException("Server does not have Introspection Endpoint defined");
}
} else {
throw new IllegalArgumentException("Could not find server configuration for issuer " + issuer);
}
} else {
throw new IllegalArgumentException("No issuer claim found in JWT");
}
} catch (ParseException e) {
throw new IllegalArgumentException("Unable to parse JWT", e);
}
JWT jwt = JWTParser.parse(accessToken);
String issuer = jwt.getJWTClaimsSet().getIssuer();
if (!Strings.isNullOrEmpty(issuer)) {
ServerConfiguration server = serverConfigurationService.getServerConfiguration(issuer);
if (server != null) {
if (!Strings.isNullOrEmpty(server.getIntrospectionEndpointUri())) {
return server.getIntrospectionEndpointUri();
} else {
throw new IllegalArgumentException("Server does not have Introspection Endpoint defined");
}
} else {
throw new IllegalArgumentException("Could not find server configuration for issuer " + issuer);
}
} else {
throw new IllegalArgumentException("No issuer claim found in JWT");
}
} catch (ParseException e) {
throw new IllegalArgumentException("Unable to parse JWT", e);
}
}
}

5
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/OAuth2AccessTokenImpl.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.oauth2.introspectingfilter;
import java.text.DateFormat;

19
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/SimpleIntrospectionAuthorityGranter.java
View File

@ -1,3 +1,20 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
@ -20,7 +37,7 @@ import com.google.gson.JsonObject;
public class SimpleIntrospectionAuthorityGranter implements IntrospectionAuthorityGranter {
private List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_API");
/* (non-Javadoc)
* @see org.mitre.oauth2.introspectingfilter.IntrospectionAuthorityGranter#getAuthorities(net.minidev.json.JSONObject)
*/

21
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/StaticIntrospectionUrlProvider.java
View File

@ -1,3 +1,20 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
@ -13,8 +30,8 @@ package org.mitre.oauth2.introspectingfilter;
*/
public class StaticIntrospectionUrlProvider implements IntrospectionUrlProvider {
private String introspectionUrl;
private String introspectionUrl;
/**
* @return the introspectionUrl
*/

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/NamedAdminAuthoritiesMapper.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/

7
openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.openid.connect.client;
import java.io.IOException;
@ -185,7 +186,7 @@ public class OIDCAuthenticationFilter extends AbstractAuthenticationProcessingFi
throw new AuthenticationServiceException("No client configuration found for issuer: " + issuer);
}
String redirectUri = null;
String redirectUri = null;
if (clientConfig.getRegisteredRedirectUri() != null && clientConfig.getRegisteredRedirectUri().size() == 1) {
// if there's a redirect uri configured (and only one), use that
redirectUri = clientConfig.getRegisteredRedirectUri().toArray(new String[] {})[0];

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationProvider.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.openid.connect.client;
import java.util.Collection;

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/SubjectIssuerGrantedAuthority.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/UserInfoFetcher.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.openid.connect.client;
import org.apache.http.client.HttpClient;

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisher.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.openid.connect.client.keypublisher;
import java.util.Map;

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisherMapping.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/JwkViewResolver.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/model/IssuerServiceResponse.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/

6
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/AuthRequestUrlBuilder.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
@ -21,7 +22,6 @@ package org.mitre.openid.connect.client.service;
import org.mitre.oauth2.model.RegisteredClient;
import org.mitre.openid.connect.config.ServerConfiguration;
import org.springframework.security.oauth2.provider.ClientDetails;
/**
* @author jricher

7
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/ClientConfigurationService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,15 +13,15 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
package org.mitre.openid.connect.client.service;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.RegisteredClient;
import org.mitre.openid.connect.config.ServerConfiguration;
import org.springframework.security.oauth2.provider.ClientDetails;
/**
* @author jricher

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/IssuerService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/

25
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/RegisteredClientService.java
View File

@ -1,3 +1,20 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
@ -12,13 +29,13 @@ import org.mitre.oauth2.model.RegisteredClient;
public interface RegisteredClientService {
/**
* Get a remembered client (if one exists) to talk to the given issuer. This
* client likely doesn't have its full configuration information but contains
* Get a remembered client (if one exists) to talk to the given issuer. This
* client likely doesn't have its full configuration information but contains
* the information needed to fetch it.
* @param issuer
* @return
*/
RegisteredClient getByIssuer(String issuer);
RegisteredClient getByIssuer(String issuer);
/**
* Save this client's information for talking to the given issuer. This will
@ -26,6 +43,6 @@ public interface RegisteredClientService {
* the server.
* @param client
*/
void save(String issuer, RegisteredClient client);
void save(String issuer, RegisteredClient client);
}

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/ServerConfigurationService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/

41
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/DynamicRegistrationClientConfigurationService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
@ -56,15 +57,15 @@ public class DynamicRegistrationClientConfigurationService implements ClientConf
private static Logger logger = LoggerFactory.getLogger(DynamicServerConfigurationService.class);
private LoadingCache<ServerConfiguration, RegisteredClient> clients;
private RegisteredClientService registeredClientService = new InMemoryRegisteredClientService();
// TODO: make sure the template doesn't have "client_id", "client_secret", or "registration_access_token" set on it already
private RegisteredClient template;
private Set<String> whitelist = new HashSet<String>();
private Set<String> blacklist = new HashSet<String>();
public DynamicRegistrationClientConfigurationService() {
clients = CacheBuilder.newBuilder().build(new DynamicClientRegistrationLoader());
}
@ -75,11 +76,11 @@ public class DynamicRegistrationClientConfigurationService implements ClientConf
if (!whitelist.isEmpty() && !whitelist.contains(issuer)) {
throw new AuthenticationServiceException("Whitelist was nonempty, issuer was not in whitelist: " + issuer);
}
if (blacklist.contains(issuer)) {
throw new AuthenticationServiceException("Issuer was in blacklist: " + issuer);
}
return clients.get(issuer);
} catch (ExecutionException e) {
logger.warn("Unable to get client configuration", e);
@ -162,42 +163,42 @@ public class DynamicRegistrationClientConfigurationService implements ClientConf
public RegisteredClient load(ServerConfiguration serverConfig) throws Exception {
RestTemplate restTemplate = new RestTemplate(httpFactory);
RegisteredClient knownClient = registeredClientService.getByIssuer(serverConfig.getIssuer());
if (knownClient == null) {
// dynamically register this client
JsonObject jsonRequest = ClientDetailsEntityJsonProcessor.serialize(template);
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON);
headers.setAccept(Lists.newArrayList(MediaType.APPLICATION_JSON));
HttpEntity<String> entity = new HttpEntity<String>(jsonRequest.toString(), headers);
String registered = restTemplate.postForObject(serverConfig.getRegistrationEndpointUri(), entity, String.class);
// TODO: handle HTTP errors
RegisteredClient client = ClientDetailsEntityJsonProcessor.parseRegistered(registered);
// save this client for later
// save this client for later
registeredClientService.save(serverConfig.getIssuer(), client);
return client;
} else {
// load this client's information from the server
HttpHeaders headers = new HttpHeaders();
headers.set("Authorization", String.format("%s %s", OAuth2AccessToken.BEARER_TYPE, knownClient.getRegistrationAccessToken()));
headers.setAccept(Lists.newArrayList(MediaType.APPLICATION_JSON));
HttpEntity<String> entity = new HttpEntity<String>(headers);
String registered = restTemplate.exchange(knownClient.getRegistrationClientUri(), HttpMethod.GET, entity, String.class).getBody();
// TODO: handle HTTP errors
RegisteredClient client = ClientDetailsEntityJsonProcessor.parseRegistered(registered);
return client;
}
}

19
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/DynamicServerConfigurationService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
@ -56,7 +57,7 @@ public class DynamicServerConfigurationService implements ServerConfigurationSer
private Set<String> whitelist = new HashSet<String>();
private Set<String> blacklist = new HashSet<String>();
public DynamicServerConfigurationService() {
// initialize the cache
servers = CacheBuilder.newBuilder().build(new OpenIDConnectServiceConfigurationFetcher());
@ -93,15 +94,15 @@ public class DynamicServerConfigurationService implements ServerConfigurationSer
@Override
public ServerConfiguration getServerConfiguration(String issuer) {
try {
if (!whitelist.isEmpty() && !whitelist.contains(issuer)) {
throw new AuthenticationServiceException("Whitelist was nonempty, issuer was not in whitelist: " + issuer);
}
if (blacklist.contains(issuer)) {
throw new AuthenticationServiceException("Issuer was in blacklist: " + issuer);
}
return servers.get(issuer);
} catch (ExecutionException e) {
logger.warn("Couldn't load configuration for " + issuer, e);
@ -141,13 +142,13 @@ public class DynamicServerConfigurationService implements ServerConfigurationSer
if (!o.has("issuer")) {
throw new IllegalStateException("Returned object did not have an 'issuer' field");
}
if (!issuer.equals(o.get("issuer").getAsString())) {
throw new IllegalStateException("Discovered issuers didn't match, expected " + issuer + " got " + o.get("issuer").getAsString());
}
conf.setIssuer(o.get("issuer").getAsString());
if (o.has("authorization_endpoint")) {
conf.setAuthorizationEndpointUri(o.get("authorization_endpoint").getAsString());
}
@ -166,7 +167,7 @@ public class DynamicServerConfigurationService implements ServerConfigurationSer
if (o.has("introspection_endpoint")) {
conf.setIntrospectionEndpointUri(o.get("introspection_endpoint").getAsString());
}
return conf;
} else {
throw new IllegalStateException("Couldn't parse server discovery results for " + url);

85
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/HybridClientConfigurationService.java
View File

@ -1,3 +1,20 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
@ -25,102 +42,102 @@ import org.mitre.openid.connect.config.ServerConfiguration;
public class HybridClientConfigurationService implements ClientConfigurationService {
private StaticClientConfigurationService staticClientService = new StaticClientConfigurationService();
private DynamicRegistrationClientConfigurationService dynamicClientService = new DynamicRegistrationClientConfigurationService();
/* (non-Javadoc)
* @see org.mitre.openid.connect.client.service.ClientConfigurationService#getClientConfiguration(org.mitre.openid.connect.config.ServerConfiguration)
*/
@Override
public RegisteredClient getClientConfiguration(ServerConfiguration issuer) {
RegisteredClient client = staticClientService.getClientConfiguration(issuer);
if (client != null) {
return client;
} else {
return dynamicClientService.getClientConfiguration(issuer);
}
}
/**
* @return
* @see org.mitre.openid.connect.client.service.impl.StaticClientConfigurationService#getClients()
*/
public Map<String, RegisteredClient> getClients() {
return staticClientService.getClients();
}
public Map<String, RegisteredClient> getClients() {
return staticClientService.getClients();
}
/**
* @param clients
* @see org.mitre.openid.connect.client.service.impl.StaticClientConfigurationService#setClients(java.util.Map)
*/
public void setClients(Map<String, RegisteredClient> clients) {
staticClientService.setClients(clients);
}
public void setClients(Map<String, RegisteredClient> clients) {
staticClientService.setClients(clients);
}
/**
* @return
* @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#getTemplate()
*/
public RegisteredClient getTemplate() {
return dynamicClientService.getTemplate();
}
public RegisteredClient getTemplate() {
return dynamicClientService.getTemplate();
}
/**
* @param template
* @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#setTemplate(org.mitre.oauth2.model.RegisteredClient)
*/
public void setTemplate(RegisteredClient template) {
dynamicClientService.setTemplate(template);
}
public void setTemplate(RegisteredClient template) {
dynamicClientService.setTemplate(template);
}
/**
* @return
* @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#getRegisteredClientService()
*/
public RegisteredClientService getRegisteredClientService() {
return dynamicClientService.getRegisteredClientService();
}
public RegisteredClientService getRegisteredClientService() {
return dynamicClientService.getRegisteredClientService();
}
/**
* @param registeredClientService
* @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#setRegisteredClientService(org.mitre.openid.connect.client.service.RegisteredClientService)
*/
public void setRegisteredClientService(RegisteredClientService registeredClientService) {
dynamicClientService.setRegisteredClientService(registeredClientService);
}
public void setRegisteredClientService(RegisteredClientService registeredClientService) {
dynamicClientService.setRegisteredClientService(registeredClientService);
}
/**
* @return
* @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#getWhitelist()
*/
public Set<String> getWhitelist() {
return dynamicClientService.getWhitelist();
}
public Set<String> getWhitelist() {
return dynamicClientService.getWhitelist();
}
/**
* @param whitelist
* @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#setWhitelist(java.util.Set)
*/
public void setWhitelist(Set<String> whitelist) {
dynamicClientService.setWhitelist(whitelist);
}
public void setWhitelist(Set<String> whitelist) {
dynamicClientService.setWhitelist(whitelist);
}
/**
* @return
* @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#getBlacklist()
*/
public Set<String> getBlacklist() {
return dynamicClientService.getBlacklist();
}
public Set<String> getBlacklist() {
return dynamicClientService.getBlacklist();
}
/**
* @param blacklist
* @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#setBlacklist(java.util.Set)
*/
public void setBlacklist(Set<String> blacklist) {
dynamicClientService.setBlacklist(blacklist);
}
public void setBlacklist(Set<String> blacklist) {
dynamicClientService.setBlacklist(blacklist);
}
}

61
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/HybridServerConfigurationService.java
View File

@ -1,3 +1,20 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
@ -14,7 +31,7 @@ import org.mitre.openid.connect.config.ServerConfiguration;
* service in one object. Checks the static service first, then falls through to
* the dynamic service.
*
* Provides configuration passthrough to the dynamic service's whitelist and blacklist,
* Provides configuration passthrough to the dynamic service's whitelist and blacklist,
* and to the static service's server map.
*
*
@ -22,11 +39,11 @@ import org.mitre.openid.connect.config.ServerConfiguration;
*
*/
public class HybridServerConfigurationService implements ServerConfigurationService {
private StaticServerConfigurationService staticServerService;
private DynamicServerConfigurationService dynamicServerService;
/* (non-Javadoc)
* @see org.mitre.openid.connect.client.service.ServerConfigurationService#getServerConfiguration(java.lang.String)
@ -46,53 +63,53 @@ public class HybridServerConfigurationService implements ServerConfigurationServ
* @return
* @see org.mitre.openid.connect.client.service.impl.StaticServerConfigurationService#getServers()
*/
public Map<String, ServerConfiguration> getServers() {
return staticServerService.getServers();
}
public Map<String, ServerConfiguration> getServers() {
return staticServerService.getServers();
}
/**
* @param servers
* @see org.mitre.openid.connect.client.service.impl.StaticServerConfigurationService#setServers(java.util.Map)
*/
public void setServers(Map<String, ServerConfiguration> servers) {
staticServerService.setServers(servers);
}
public void setServers(Map<String, ServerConfiguration> servers) {
staticServerService.setServers(servers);
}
/**
* @return
* @see org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService#getWhitelist()
*/
public Set<String> getWhitelist() {
return dynamicServerService.getWhitelist();
}
public Set<String> getWhitelist() {
return dynamicServerService.getWhitelist();
}
/**
* @param whitelist
* @see org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService#setWhitelist(java.util.Set)
*/
public void setWhitelist(Set<String> whitelist) {
dynamicServerService.setWhitelist(whitelist);
}
public void setWhitelist(Set<String> whitelist) {
dynamicServerService.setWhitelist(whitelist);
}
/**
* @return
* @see org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService#getBlacklist()
*/
public Set<String> getBlacklist() {
return dynamicServerService.getBlacklist();
}
public Set<String> getBlacklist() {
return dynamicServerService.getBlacklist();
}
/**
* @param blacklist
* @see org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService#setBlacklist(java.util.Set)
*/
public void setBlacklist(Set<String> blacklist) {
dynamicServerService.setBlacklist(blacklist);
}
public void setBlacklist(Set<String> blacklist) {
dynamicServerService.setBlacklist(blacklist);
}
}

19
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/InMemoryRegisteredClientService.java
View File

@ -1,3 +1,20 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
@ -16,7 +33,7 @@ import org.mitre.openid.connect.client.service.RegisteredClientService;
public class InMemoryRegisteredClientService implements RegisteredClientService {
private Map<String, RegisteredClient> clients = new HashMap<String, RegisteredClient>();
/* (non-Javadoc)
* @see org.mitre.openid.connect.client.service.RegisteredClientService#getByIssuer(java.lang.String)
*/

79
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/JsonFileRegisteredClientService.java
View File

@ -1,12 +1,27 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
package org.mitre.openid.connect.client.service.impl;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
@ -38,11 +53,11 @@ import com.google.gson.JsonSerializer;
public class JsonFileRegisteredClientService implements RegisteredClientService {
private static Logger logger = LoggerFactory.getLogger(JsonFileRegisteredClientService.class);
private Gson gson = new GsonBuilder()
.registerTypeAdapter(RegisteredClient.class, new JsonSerializer<RegisteredClient>() {
@Override
public JsonElement serialize(RegisteredClient src, Type typeOfSrc, JsonSerializationContext context) {
public JsonElement serialize(RegisteredClient src, Type typeOfSrc, JsonSerializationContext context) {
JsonObject obj = new JsonObject();
obj.addProperty("token", src.getRegistrationAccessToken());
obj.addProperty("uri", src.getRegistrationClientUri());
@ -52,12 +67,12 @@ public class JsonFileRegisteredClientService implements RegisteredClientService
if (src.getClientSecretExpiresAt() != null) {
obj.addProperty("expires", src.getClientSecretExpiresAt().getTime());
}
return obj;
}
return obj;
}
})
.registerTypeAdapter(RegisteredClient.class, new JsonDeserializer<RegisteredClient>() {
@Override
public RegisteredClient deserialize(JsonElement json, Type typeOfT, JsonDeserializationContext context) throws JsonParseException {
public RegisteredClient deserialize(JsonElement json, Type typeOfT, JsonDeserializationContext context) throws JsonParseException {
if (json.isJsonObject()) {
JsonObject src = json.getAsJsonObject();
RegisteredClient rc = new RegisteredClient();
@ -73,19 +88,19 @@ public class JsonFileRegisteredClientService implements RegisteredClientService
} else {
return null;
}
}
}
})
.create();
private File file;
private Map<String, RegisteredClient> clients = new HashMap<String, RegisteredClient>();
public JsonFileRegisteredClientService(String filename) {
this.file = new File(filename);
load();
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.client.service.RegisteredClientService#getByIssuer(java.lang.String)
*/
@ -102,7 +117,7 @@ public class JsonFileRegisteredClientService implements RegisteredClientService
clients.put(issuer, client);
write();
}
/**
* Sync the map of clients out to disk.
*/
@ -114,18 +129,18 @@ public class JsonFileRegisteredClientService implements RegisteredClientService
file.createNewFile();
}
FileWriter out = new FileWriter(file);
gson.toJson(clients, new TypeToken<Map<String, RegisteredClient>>(){}.getType(), out);
out.close();
} catch (FileNotFoundException e) {
logger.error("Could not write to output file", e);
} catch (IOException e) {
logger.error("Could not write to output file", e);
}
gson.toJson(clients, new TypeToken<Map<String, RegisteredClient>>(){}.getType(), out);
out.close();
} catch (FileNotFoundException e) {
logger.error("Could not write to output file", e);
} catch (IOException e) {
logger.error("Could not write to output file", e);
}
}
/**
* Load the map in from disk.
*/
@ -136,16 +151,16 @@ public class JsonFileRegisteredClientService implements RegisteredClientService
return;
}
FileReader in = new FileReader(file);
clients = gson.fromJson(in, new TypeToken<Map<String, RegisteredClient>>(){}.getType());
in.close();
} catch (FileNotFoundException e) {
logger.error("Could not read from input file", e);
} catch (IOException e) {
logger.error("Could not read from input file", e);
}
} catch (FileNotFoundException e) {
logger.error("Could not read from input file", e);
} catch (IOException e) {
logger.error("Could not read from input file", e);
}
}
}

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/PlainAuthRequestUrlBuilder.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/SignedAuthRequestUrlBuilder.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticClientConfigurationService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticServerConfigurationService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticSingleIssuerService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/

11
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/ThirdPartyIssuerService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
@ -43,7 +44,7 @@ import com.google.common.base.Strings;
public class ThirdPartyIssuerService implements IssuerService {
private String accountChooserUrl;
private Set<String> whitelist = new HashSet<String>();
private Set<String> blacklist = new HashSet<String>();
@ -59,11 +60,11 @@ public class ThirdPartyIssuerService implements IssuerService {
if (!whitelist.isEmpty() && !whitelist.contains(iss)) {
throw new AuthenticationServiceException("Whitelist was nonempty, issuer was not in whitelist: " + iss);
}
if (blacklist.contains(iss)) {
throw new AuthenticationServiceException("Issuer was in blacklist: " + iss);
}
return new IssuerServiceResponse(iss, request.getParameter("login_hint"), request.getParameter("target_link_uri"));
} else {

29
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/WebfingerIssuerService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
@ -89,11 +90,11 @@ public class WebfingerIssuerService implements IssuerService {
if (!whitelist.isEmpty() && !whitelist.contains(issuer)) {
throw new AuthenticationServiceException("Whitelist was nonempty, issuer was not in whitelist: " + issuer);
}
if (blacklist.contains(issuer)) {
throw new AuthenticationServiceException("Issuer was in blacklist: " + issuer);
}
return new IssuerServiceResponse(issuer, null, null);
} catch (ExecutionException e) {
logger.warn("Issue fetching issuer for user input: " + identifier, e);
@ -177,7 +178,7 @@ public class WebfingerIssuerService implements IssuerService {
RestTemplate restTemplate = new RestTemplate(httpFactory);
// construct the URL to go to
// preserving http scheme is strictly for demo system use only.
String scheme = key.getScheme();
if (!Strings.isNullOrEmpty(scheme) && scheme.equals("http")) {
@ -188,13 +189,13 @@ public class WebfingerIssuerService implements IssuerService {
}
// do a webfinger lookup
URIBuilder builder = new URIBuilder(scheme
+ key.getHost()
+ (key.getPort() >= 0 ? ":" + key.getPort() : "")
+ Strings.nullToEmpty(key.getPath())
+ "/.well-known/webfinger"
+ (Strings.isNullOrEmpty(key.getQuery()) ? "" : "?" + key.getQuery())
);
URIBuilder builder = new URIBuilder(scheme
+ key.getHost()
+ (key.getPort() >= 0 ? ":" + key.getPort() : "")
+ Strings.nullToEmpty(key.getPath())
+ "/.well-known/webfinger"
+ (Strings.isNullOrEmpty(key.getQuery()) ? "" : "?" + key.getQuery())
);
builder.addParameter("resource", key.toString());
builder.addParameter("rel", "http://openid.net/specs/connect/1.0/issuer");
@ -226,7 +227,7 @@ public class WebfingerIssuerService implements IssuerService {
}
// we couldn't find it
if (key.getScheme().equals("http") || key.getScheme().equals("https")) {
// if it looks like HTTP then punt and return the input
logger.warn("Returning normalized input string as issuer, hoping for the best: " + key.toString());
@ -236,7 +237,7 @@ public class WebfingerIssuerService implements IssuerService {
logger.warn("Couldn't find issuer: " + key.toString());
return null;
}
}
}

64
openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestHybridClientConfigurationService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,12 +13,9 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.openid.connect.client.service.impl;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
package org.mitre.openid.connect.client.service.impl;
import org.junit.Before;
import org.junit.Test;
@ -27,65 +23,71 @@ import org.junit.runner.RunWith;
import org.mitre.oauth2.model.RegisteredClient;
import org.mitre.openid.connect.config.ServerConfiguration;
import org.mockito.InjectMocks;
import org.mockito.Matchers;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.runners.MockitoJUnitRunner;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
/**
* @author wkim
*
*/
@RunWith(MockitoJUnitRunner.class)
public class TestHybridClientConfigurationService {
@Mock
private StaticClientConfigurationService mockStaticService;
@Mock
private DynamicRegistrationClientConfigurationService mockDynamicService;
@InjectMocks
private HybridClientConfigurationService hybridService;
// test fixture
@Mock
private RegisteredClient mockClient;
@Mock
private ServerConfiguration mockServerConfig;
private String issuer = "https://www.example.com/";
@Before
public void prepare() {
Mockito.reset(mockDynamicService, mockStaticService);
Mockito.when(mockServerConfig.getIssuer()).thenReturn(issuer);
}
@Test
public void getClientConfiguration_useStatic() {
Mockito.when(mockStaticService.getClientConfiguration(mockServerConfig)).thenReturn(mockClient);
RegisteredClient result = hybridService.getClientConfiguration(mockServerConfig);
Mockito.verify(mockStaticService).getClientConfiguration(mockServerConfig);
Mockito.verify(mockDynamicService, Mockito.never()).getClientConfiguration(Mockito.any(ServerConfiguration.class));
Mockito.verify(mockDynamicService, Mockito.never()).getClientConfiguration(Matchers.any(ServerConfiguration.class));
assertEquals(mockClient, result);
}
@Test
public void getClientConfiguration_useDynamic() {
Mockito.when(mockStaticService.getClientConfiguration(mockServerConfig)).thenReturn(null);
Mockito.when(mockDynamicService.getClientConfiguration(mockServerConfig)).thenReturn(mockClient);
RegisteredClient result = hybridService.getClientConfiguration(mockServerConfig);
Mockito.verify(mockStaticService).getClientConfiguration(mockServerConfig);
Mockito.verify(mockDynamicService).getClientConfiguration(mockServerConfig);
assertEquals(mockClient, result);
@ -96,17 +98,17 @@ public class TestHybridClientConfigurationService {
*/
@Test
public void getClientConfiguration_noIssuer() {
// The mockServerConfig is known to both services
Mockito.when(mockStaticService.getClientConfiguration(mockServerConfig)).thenReturn(mockClient);
Mockito.when(mockDynamicService.getClientConfiguration(mockServerConfig)).thenReturn(mockClient);
// But oh noes! We're going to ask it to find us some other issuer
ServerConfiguration badIssuer = Mockito.mock(ServerConfiguration.class);
Mockito.when(badIssuer.getIssuer()).thenReturn("www.badexample.com");
RegisteredClient result = hybridService.getClientConfiguration(badIssuer);
Mockito.verify(mockStaticService).getClientConfiguration(badIssuer);
Mockito.verify(mockDynamicService).getClientConfiguration(badIssuer);
assertThat(result, is(nullValue()));

56
openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestHybridServerConfigurationService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,23 +13,26 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.openid.connect.client.service.impl;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mitre.openid.connect.config.ServerConfiguration;
import org.mockito.InjectMocks;
import org.mockito.Matchers;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.runners.MockitoJUnitRunner;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
/**
* @author wkim
*
@ -40,44 +42,44 @@ public class TestHybridServerConfigurationService {
@Mock
private StaticServerConfigurationService mockStaticService;
@Mock
private DynamicServerConfigurationService mockDynamicService;
@InjectMocks
private HybridServerConfigurationService hybridService;
@Mock
private ServerConfiguration mockServerConfig;
private String issuer = "https://www.example.com/";
@Before
public void prepare() {
Mockito.reset(mockDynamicService, mockStaticService);
}
@Test
public void getServerConfiguration_useStatic() {
Mockito.when(mockStaticService.getServerConfiguration(issuer)).thenReturn(mockServerConfig);
ServerConfiguration result = hybridService.getServerConfiguration(issuer);
Mockito.verify(mockStaticService).getServerConfiguration(issuer);
Mockito.verify(mockDynamicService, Mockito.never()).getServerConfiguration(Mockito.anyString());
Mockito.verify(mockDynamicService, Mockito.never()).getServerConfiguration(Matchers.anyString());
assertEquals(mockServerConfig, result);
}
@Test
public void getServerConfiguration_useDynamic() {
Mockito.when(mockStaticService.getServerConfiguration(issuer)).thenReturn(null);
Mockito.when(mockDynamicService.getServerConfiguration(issuer)).thenReturn(mockServerConfig);
ServerConfiguration result = hybridService.getServerConfiguration(issuer);
Mockito.verify(mockStaticService).getServerConfiguration(issuer);
@ -90,14 +92,14 @@ public class TestHybridServerConfigurationService {
*/
@Test
public void getServerConfiguration_noIssuer() {
Mockito.when(mockStaticService.getServerConfiguration(issuer)).thenReturn(mockServerConfig);
Mockito.when(mockDynamicService.getServerConfiguration(issuer)).thenReturn(mockServerConfig);
String badIssuer = "www.badexample.com";
ServerConfiguration result = hybridService.getServerConfiguration(badIssuer);
Mockito.verify(mockStaticService).getServerConfiguration(badIssuer);
Mockito.verify(mockDynamicService).getServerConfiguration(badIssuer);
assertThat(result, is(nullValue()));

37
openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestPlainAuthRequestUrlBuilder.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,10 +13,9 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.openid.connect.client.service.impl;
import static org.hamcrest.CoreMatchers.equalTo;
import static org.junit.Assert.*;
package org.mitre.openid.connect.client.service.impl;
import org.junit.Before;
import org.junit.Test;
@ -28,6 +26,9 @@ import org.springframework.security.authentication.AuthenticationServiceExceptio
import com.google.common.collect.Sets;
import static org.hamcrest.CoreMatchers.equalTo;
import static org.junit.Assert.assertThat;
/**
* @author wkim
*
@ -37,41 +38,41 @@ public class TestPlainAuthRequestUrlBuilder {
// Test fixture:
ServerConfiguration serverConfig;
RegisteredClient clientConfig;
private PlainAuthRequestUrlBuilder urlBuilder = new PlainAuthRequestUrlBuilder();
@Before
public void prepare() {
serverConfig = Mockito.mock(ServerConfiguration.class);
Mockito.when(serverConfig.getAuthorizationEndpointUri()).thenReturn("https://server.example.com/authorize");
clientConfig = Mockito.mock(RegisteredClient.class);
Mockito.when(clientConfig.getClientId()).thenReturn("s6BhdRkqt3");
Mockito.when(clientConfig.getScope()).thenReturn(Sets.newHashSet("openid", "profile"));
}
@Test
public void buildAuthRequestUrl() {
String expectedUrl = "https://server.example.com/authorize?" +
"response_type=code" +
"&client_id=s6BhdRkqt3" +
String expectedUrl = "https://server.example.com/authorize?" +
"response_type=code" +
"&client_id=s6BhdRkqt3" +
"&scope=openid+profile" + // plus sign used for space per application/x-www-form-encoded standard
"&redirect_uri=https%3A%2F%2Fclient.example.org%2F" +
"&redirect_uri=https%3A%2F%2Fclient.example.org%2F" +
"&nonce=34fasf3ds" +
"&state=af0ifjsldkj";
String actualUrl = urlBuilder.buildAuthRequestUrl(serverConfig, clientConfig, "https://client.example.org/", "34fasf3ds", "af0ifjsldkj");
assertThat(actualUrl, equalTo(expectedUrl));
}
@Test(expected = AuthenticationServiceException.class)
public void buildAuthRequestUrl_badUri() {
Mockito.when(serverConfig.getAuthorizationEndpointUri()).thenReturn("e=mc^2");
urlBuilder.buildAuthRequestUrl(serverConfig, clientConfig, "example.com", "", "");
}

53
openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestSignedAuthRequestUrlBuilder.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,11 +13,9 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.openid.connect.client.service.impl;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
package org.mitre.openid.connect.client.service.impl;
import java.net.URI;
import java.net.URISyntaxException;
@ -29,8 +26,6 @@ import java.util.Arrays;
import java.util.List;
import java.util.Map;
import net.minidev.json.JSONObject;
import org.junit.Before;
import org.junit.Test;
import org.mitre.jwt.signer.service.impl.DefaultJwtSigningAndValidationService;
@ -41,20 +36,20 @@ import org.springframework.security.authentication.AuthenticationServiceExceptio
import org.springframework.web.util.UriComponents;
import org.springframework.web.util.UriComponentsBuilder;
import com.google.common.base.Joiner;
import com.google.common.collect.Maps;
import com.google.common.collect.Sets;
import com.nimbusds.jose.Algorithm;
import com.nimbusds.jose.JWSObject;
import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jose.jwk.RSAKey;
import com.nimbusds.jose.jwk.Use;
import com.nimbusds.jose.util.Base64URL;
import com.nimbusds.jose.util.JSONObjectUtils;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.ReadOnlyJWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
/**
* @author wkim
*
@ -72,17 +67,17 @@ public class TestSignedAuthRequestUrlBuilder {
// RSA key properties:
// {@link package com.nimbusds.jose.jwk#RSAKey}
private String n = "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86zw" +
"u1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ_2W-5JsGY4Hc" +
"5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2QvzqY368QQMicAtaSqzs8K" +
"JZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt-bFTWhAI4vMQFh" +
"6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw";
private String n = "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86zw" +
"u1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ_2W-5JsGY4Hc" +
"5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2QvzqY368QQMicAtaSqzs8K" +
"JZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt-bFTWhAI4vMQFh" +
"6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw";
private String e = "AQAB";
private String d = "X4cTteJY_gn4FYPsXB8rdXix5vwsg1FLN5E3EaG6RJoVH-HLLKD9M7dx5oo7GURknc" +
"hnrRweUkC7hT5fJLM0WbFAKNLWY2vv7B6NqXSzUvxT0_YSfqijwp3RTzlBaCxWp4doFk5" +
"N2o8Gy_nHNKroADIkJ46pRUohsXywbReAdYaMwFs9tv8d_cPVY3i07a3t8MN6TNwm0dSa" +
"wm9v47UiCl3Sk5ZiG7xojPLu4sbg1U2jx4IBTNBznbJSzFHK66jT8bgkuqsk0GjskDJk1" +
"9Z4qwjwbsnn4j2WBii3RL-Us2lGVkY8fkFzme1z0HbIkfz0Y6mqnOYtqc0X4jfcKoAC8Q";
"hnrRweUkC7hT5fJLM0WbFAKNLWY2vv7B6NqXSzUvxT0_YSfqijwp3RTzlBaCxWp4doFk5" +
"N2o8Gy_nHNKroADIkJ46pRUohsXywbReAdYaMwFs9tv8d_cPVY3i07a3t8MN6TNwm0dSa" +
"wm9v47UiCl3Sk5ZiG7xojPLu4sbg1U2jx4IBTNBznbJSzFHK66jT8bgkuqsk0GjskDJk1" +
"9Z4qwjwbsnn4j2WBii3RL-Us2lGVkY8fkFzme1z0HbIkfz0Y6mqnOYtqc0X4jfcKoAC8Q";
private String alg = "RS256";
private String kid = "2011-04-29";
@ -112,8 +107,8 @@ public class TestSignedAuthRequestUrlBuilder {
}
/**
* This test takes the URI from the result of building a signed request
* and checks that the JWS object parsed from the request URI matches up
* This test takes the URI from the result of building a signed request
* and checks that the JWS object parsed from the request URI matches up
* with the expected claim values.
*/
@Test
@ -123,30 +118,30 @@ public class TestSignedAuthRequestUrlBuilder {
// parsing the result
UriComponentsBuilder builder = null;
try {
builder = UriComponentsBuilder.fromUri(new URI(requestUri));
} catch (URISyntaxException e1) {
fail("URISyntaxException was thrown.");
}
UriComponents components = builder.build();
String jwtString = components.getQueryParams().get("request").get(0);
ReadOnlyJWTClaimsSet claims = null;
try {
SignedJWT jwt = SignedJWT.parse(jwtString);
claims = jwt.getJWTClaimsSet();
} catch (ParseException e) {
fail("ParseException was thrown.");
}
assertEquals(responseType, claims.getClaim("response_type"));
assertEquals(clientConfig.getClientId(), claims.getClaim("client_id"));
List<String> scopeList = Arrays.asList(((String) claims.getClaim("scope")).split(" "));
assertTrue(scopeList.containsAll(clientConfig.getScope()));
assertEquals(redirectUri, claims.getClaim("redirect_uri"));
assertEquals(nonce, claims.getClaim("nonce"));
assertEquals(state, claims.getClaim("state"));

47
openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestStaticClientConfigurationService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,13 +13,9 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.openid.connect.client.service.impl;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.notNullValue;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
package org.mitre.openid.connect.client.service.impl;
import java.util.HashMap;
import java.util.Map;
@ -34,54 +29,60 @@ import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.runners.MockitoJUnitRunner;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.notNullValue;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
/**
* @author wkim
*
*/
@RunWith(MockitoJUnitRunner.class)
public class TestStaticClientConfigurationService {
private StaticClientConfigurationService service;
private String issuer = "https://www.example.com/";
@Mock
private RegisteredClient mockClient;
@Mock
private ServerConfiguration mockServerConfig;
@Before
public void prepare() {
service = new StaticClientConfigurationService();
Map<String, RegisteredClient> clients = new HashMap<String, RegisteredClient>();
clients.put(issuer, mockClient);
service.setClients(clients);
Mockito.when(mockServerConfig.getIssuer()).thenReturn(issuer);
}
@Test
public void getClientConfiguration_success() {
RegisteredClient result = service.getClientConfiguration(mockServerConfig);
assertThat(mockClient, is(notNullValue()));
assertEquals(mockClient, result);
}
/**
* Checks the behavior when the issuer is not known.
*/
@Test
public void getClientConfiguration_noIssuer() {
Mockito.when(mockServerConfig.getIssuer()).thenReturn("www.badexample.net");
RegisteredClient actualClient = service.getClientConfiguration(mockServerConfig);
assertThat(actualClient, is(nullValue()));
}

43
openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestStaticServerConfigurationService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,13 +13,9 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.openid.connect.client.service.impl;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.notNullValue;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
package org.mitre.openid.connect.client.service.impl;
import java.util.HashMap;
import java.util.Map;
@ -32,6 +27,12 @@ import org.mitre.openid.connect.config.ServerConfiguration;
import org.mockito.Mock;
import org.mockito.runners.MockitoJUnitRunner;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.notNullValue;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
/**
* @author wkim
*
@ -39,42 +40,42 @@ import org.mockito.runners.MockitoJUnitRunner;
@RunWith(MockitoJUnitRunner.class)
public class TestStaticServerConfigurationService {
private StaticServerConfigurationService service;
private String issuer = "https://www.example.com/";
@Mock
private ServerConfiguration mockServerConfig;
@Before
public void prepare() {
service = new StaticServerConfigurationService();
Map<String, ServerConfiguration> servers = new HashMap<String, ServerConfiguration>();
servers.put(issuer, mockServerConfig);
service.setServers(servers);
}
@Test
public void getServerConfiguration_success() {
ServerConfiguration result = service.getServerConfiguration(issuer);
assertThat(mockServerConfig, is(notNullValue()));
assertEquals(mockServerConfig, result);
}
/**
* Checks the behavior when the issuer is not known.
*/
@Test
public void getClientConfiguration_noIssuer() {
ServerConfiguration result = service.getServerConfiguration("www.badexample.net");
assertThat(result, is(nullValue()));
}

13
openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestThirdPartyIssuerService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -14,11 +13,9 @@
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
package org.mitre.openid.connect.client.service.impl;
import static org.hamcrest.CoreMatchers.equalTo;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.junit.Assert.*;
package org.mitre.openid.connect.client.service.impl;
import javax.servlet.http.HttpServletRequest;
@ -30,6 +27,10 @@ import org.springframework.security.authentication.AuthenticationServiceExceptio
import com.google.common.collect.Sets;
import static org.hamcrest.CoreMatchers.equalTo;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.junit.Assert.assertThat;
/**
* @author wkim
*

38
openid-connect-common/src/main/java/org/mitre/discovery/util/WebfingerURLNormalizer.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -18,6 +17,7 @@ package org.mitre.discovery.util;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.StringUtils;
@ -28,14 +28,14 @@ import com.google.common.base.Strings;
/**
* Provides utility methods for normalizing and parsing URIs for use with Webfinger Discovery.
*
*
* @author wkim
*
*/
public class WebfingerURLNormalizer {
private static Logger logger = LoggerFactory.getLogger(WebfingerURLNormalizer.class);
// pattern used to parse user input; we can't use the built-in java URI parser
private static final Pattern pattern = Pattern.compile("^" +
"((https|acct|http|mailto|tel|device):(//)?)?" + // scheme
@ -50,15 +50,15 @@ public class WebfingerURLNormalizer {
"$"
);
/**
* Private constructor to prevent instantiation.
*/
private WebfingerURLNormalizer() {
// intentionally blank
}
/**
* Normalize the resource string as per OIDC Discovery.
* @param identifier
@ -93,36 +93,36 @@ public class WebfingerURLNormalizer {
logger.warn("Parser couldn't match input: " + identifier);
return null;
}
UriComponents n = builder.build();
if (Strings.isNullOrEmpty(n.getScheme())) {
if (!Strings.isNullOrEmpty(n.getUserInfo())
&& Strings.isNullOrEmpty(n.getPath())
&& Strings.isNullOrEmpty(n.getQuery())
&& n.getPort() < 0) {
// scheme empty, userinfo is not empty, path/query/port are empty
// set to "acct" (rule 2)
builder.scheme("acct");
} else {
// scheme is empty, but rule 2 doesn't apply
// set scheme to "https" (rule 3)
builder.scheme("https");
}
}
// fragment must be stripped (rule 4)
builder.fragment(null);
return builder.build();
}
}
public static String serializeURL(UriComponents uri) {
if (uri.getScheme() != null &&
(uri.getScheme().equals("acct") ||
@ -130,9 +130,9 @@ public class WebfingerURLNormalizer {
uri.getScheme().equals("tel") ||
uri.getScheme().equals("device")
)) {
// serializer copied from HierarchicalUriComponents but with "//" removed
StringBuilder uriBuilder = new StringBuilder();
if (uri.getScheme() != null) {
@ -177,8 +177,8 @@ public class WebfingerURLNormalizer {
} else {
return uri.toUriString();
}
}
}

3
openid-connect-common/src/main/java/org/mitre/jose/JWEAlgorithmEmbed.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/jose/JWEEncryptionMethodEmbed.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/jose/JWSAlgorithmEmbed.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/jose/keystore/JWKSetKeyStore.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/JwtSigningAndValidationService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

9
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/DefaultJwtSigningAndValidationService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -115,7 +114,7 @@ public class DefaultJwtSigningAndValidationService implements JwtSigningAndValid
logger.info("DefaultJwtSigningAndValidationService is ready: " + this.toString());
}
/**
* @return the defaultSignerKeyId
*/
@ -209,7 +208,7 @@ public class DefaultJwtSigningAndValidationService implements JwtSigningAndValid
try {
jwt.sign(signer);
} catch (JOSEException e) {
logger.error("Failed to sign JWT, error was: ", e);
}
@ -224,7 +223,7 @@ public class DefaultJwtSigningAndValidationService implements JwtSigningAndValid
return true;
}
} catch (JOSEException e) {
logger.error("Failed to validate signature, error was: ", e);
}
}

3
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetSigningAndValidationServiceCacheService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthenticationHolderEntity.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

7
openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -290,7 +289,7 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken {
@Override
@Transient
public int getExpiresIn() {
if (getExpiration() == null) {
return -1; // no expiration time
} else {
@ -302,5 +301,5 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken {
}
}
}
}

3
openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

563
openid-connect-common/src/main/java/org/mitre/oauth2/model/RegisteredClient.java
View File

@ -1,3 +1,18 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
@ -27,31 +42,31 @@ public class RegisteredClient {
private Date clientSecretExpiresAt;
private Date clientIdIssuedAt;
private ClientDetailsEntity client;
/**
*
*/
public RegisteredClient() {
this.client = new ClientDetailsEntity();
}
public RegisteredClient() {
this.client = new ClientDetailsEntity();
}
/**
/**
* @param client
*/
public RegisteredClient(ClientDetailsEntity client) {
this.client = client;
}
public RegisteredClient(ClientDetailsEntity client) {
this.client = client;
}
/**
* @param client
* @param registrationAccessToken
* @param registrationClientUri
*/
public RegisteredClient(ClientDetailsEntity client, String registrationAccessToken, String registrationClientUri) {
this.client = client;
this.registrationAccessToken = registrationAccessToken;
this.registrationClientUri = registrationClientUri;
}
public RegisteredClient(ClientDetailsEntity client, String registrationAccessToken, String registrationClientUri) {
this.client = client;
this.registrationAccessToken = registrationAccessToken;
this.registrationClientUri = registrationClientUri;
}
/**
* @return the client
@ -69,604 +84,604 @@ public class RegisteredClient {
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getClientDescription()
*/
public String getClientDescription() {
return client.getClientDescription();
}
public String getClientDescription() {
return client.getClientDescription();
}
/**
* @param clientDescription
* @see org.mitre.oauth2.model.ClientDetailsEntity#setClientDescription(java.lang.String)
*/
public void setClientDescription(String clientDescription) {
client.setClientDescription(clientDescription);
}
public void setClientDescription(String clientDescription) {
client.setClientDescription(clientDescription);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#isAllowRefresh()
*/
public boolean isAllowRefresh() {
return client.isAllowRefresh();
}
public boolean isAllowRefresh() {
return client.isAllowRefresh();
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#isReuseRefreshToken()
*/
public boolean isReuseRefreshToken() {
return client.isReuseRefreshToken();
}
public boolean isReuseRefreshToken() {
return client.isReuseRefreshToken();
}
/**
* @param reuseRefreshToken
* @see org.mitre.oauth2.model.ClientDetailsEntity#setReuseRefreshToken(boolean)
*/
public void setReuseRefreshToken(boolean reuseRefreshToken) {
client.setReuseRefreshToken(reuseRefreshToken);
}
public void setReuseRefreshToken(boolean reuseRefreshToken) {
client.setReuseRefreshToken(reuseRefreshToken);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenValiditySeconds()
*/
public Integer getIdTokenValiditySeconds() {
return client.getIdTokenValiditySeconds();
}
public Integer getIdTokenValiditySeconds() {
return client.getIdTokenValiditySeconds();
}
/**
* @param idTokenValiditySeconds
* @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenValiditySeconds(java.lang.Integer)
*/
public void setIdTokenValiditySeconds(Integer idTokenValiditySeconds) {
client.setIdTokenValiditySeconds(idTokenValiditySeconds);
}
public void setIdTokenValiditySeconds(Integer idTokenValiditySeconds) {
client.setIdTokenValiditySeconds(idTokenValiditySeconds);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#isDynamicallyRegistered()
*/
public boolean isDynamicallyRegistered() {
return client.isDynamicallyRegistered();
}
public boolean isDynamicallyRegistered() {
return client.isDynamicallyRegistered();
}
/**
* @param dynamicallyRegistered
* @see org.mitre.oauth2.model.ClientDetailsEntity#setDynamicallyRegistered(boolean)
*/
public void setDynamicallyRegistered(boolean dynamicallyRegistered) {
client.setDynamicallyRegistered(dynamicallyRegistered);
}
public void setDynamicallyRegistered(boolean dynamicallyRegistered) {
client.setDynamicallyRegistered(dynamicallyRegistered);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#isAllowIntrospection()
*/
public boolean isAllowIntrospection() {
return client.isAllowIntrospection();
}
public boolean isAllowIntrospection() {
return client.isAllowIntrospection();
}
/**
* @param allowIntrospection
* @see org.mitre.oauth2.model.ClientDetailsEntity#setAllowIntrospection(boolean)
*/
public void setAllowIntrospection(boolean allowIntrospection) {
client.setAllowIntrospection(allowIntrospection);
}
public void setAllowIntrospection(boolean allowIntrospection) {
client.setAllowIntrospection(allowIntrospection);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#isSecretRequired()
*/
public boolean isSecretRequired() {
return client.isSecretRequired();
}
public boolean isSecretRequired() {
return client.isSecretRequired();
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#isScoped()
*/
public boolean isScoped() {
return client.isScoped();
}
public boolean isScoped() {
return client.isScoped();
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getClientId()
*/
public String getClientId() {
return client.getClientId();
}
public String getClientId() {
return client.getClientId();
}
/**
* @param clientId
* @see org.mitre.oauth2.model.ClientDetailsEntity#setClientId(java.lang.String)
*/
public void setClientId(String clientId) {
client.setClientId(clientId);
}
public void setClientId(String clientId) {
client.setClientId(clientId);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getClientSecret()
*/
public String getClientSecret() {
return client.getClientSecret();
}
public String getClientSecret() {
return client.getClientSecret();
}
/**
* @param clientSecret
* @see org.mitre.oauth2.model.ClientDetailsEntity#setClientSecret(java.lang.String)
*/
public void setClientSecret(String clientSecret) {
client.setClientSecret(clientSecret);
}
public void setClientSecret(String clientSecret) {
client.setClientSecret(clientSecret);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getScope()
*/
public Set<String> getScope() {
return client.getScope();
}
public Set<String> getScope() {
return client.getScope();
}
/**
* @param scope
* @see org.mitre.oauth2.model.ClientDetailsEntity#setScope(java.util.Set)
*/
public void setScope(Set<String> scope) {
client.setScope(scope);
}
public void setScope(Set<String> scope) {
client.setScope(scope);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getGrantTypes()
*/
public Set<String> getGrantTypes() {
return client.getGrantTypes();
}
public Set<String> getGrantTypes() {
return client.getGrantTypes();
}
/**
* @param grantTypes
* @see org.mitre.oauth2.model.ClientDetailsEntity#setGrantTypes(java.util.Set)
*/
public void setGrantTypes(Set<String> grantTypes) {
client.setGrantTypes(grantTypes);
}
public void setGrantTypes(Set<String> grantTypes) {
client.setGrantTypes(grantTypes);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getAuthorizedGrantTypes()
*/
public Set<String> getAuthorizedGrantTypes() {
return client.getAuthorizedGrantTypes();
}
public Set<String> getAuthorizedGrantTypes() {
return client.getAuthorizedGrantTypes();
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getAuthorities()
*/
public Set<GrantedAuthority> getAuthorities() {
return client.getAuthorities();
}
public Set<GrantedAuthority> getAuthorities() {
return client.getAuthorities();
}
/**
* @param authorities
* @see org.mitre.oauth2.model.ClientDetailsEntity#setAuthorities(java.util.Set)
*/
public void setAuthorities(Set<GrantedAuthority> authorities) {
client.setAuthorities(authorities);
}
public void setAuthorities(Set<GrantedAuthority> authorities) {
client.setAuthorities(authorities);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getAccessTokenValiditySeconds()
*/
public Integer getAccessTokenValiditySeconds() {
return client.getAccessTokenValiditySeconds();
}
public Integer getAccessTokenValiditySeconds() {
return client.getAccessTokenValiditySeconds();
}
/**
* @param accessTokenValiditySeconds
* @see org.mitre.oauth2.model.ClientDetailsEntity#setAccessTokenValiditySeconds(java.lang.Integer)
*/
public void setAccessTokenValiditySeconds(Integer accessTokenValiditySeconds) {
client.setAccessTokenValiditySeconds(accessTokenValiditySeconds);
}
public void setAccessTokenValiditySeconds(Integer accessTokenValiditySeconds) {
client.setAccessTokenValiditySeconds(accessTokenValiditySeconds);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getRefreshTokenValiditySeconds()
*/
public Integer getRefreshTokenValiditySeconds() {
return client.getRefreshTokenValiditySeconds();
}
public Integer getRefreshTokenValiditySeconds() {
return client.getRefreshTokenValiditySeconds();
}
/**
* @param refreshTokenValiditySeconds
* @see org.mitre.oauth2.model.ClientDetailsEntity#setRefreshTokenValiditySeconds(java.lang.Integer)
*/
public void setRefreshTokenValiditySeconds(Integer refreshTokenValiditySeconds) {
client.setRefreshTokenValiditySeconds(refreshTokenValiditySeconds);
}
public void setRefreshTokenValiditySeconds(Integer refreshTokenValiditySeconds) {
client.setRefreshTokenValiditySeconds(refreshTokenValiditySeconds);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getRedirectUris()
*/
public Set<String> getRedirectUris() {
return client.getRedirectUris();
}
public Set<String> getRedirectUris() {
return client.getRedirectUris();
}
/**
* @param redirectUris
* @see org.mitre.oauth2.model.ClientDetailsEntity#setRedirectUris(java.util.Set)
*/
public void setRedirectUris(Set<String> redirectUris) {
client.setRedirectUris(redirectUris);
}
public void setRedirectUris(Set<String> redirectUris) {
client.setRedirectUris(redirectUris);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getRegisteredRedirectUri()
*/
public Set<String> getRegisteredRedirectUri() {
return client.getRegisteredRedirectUri();
}
public Set<String> getRegisteredRedirectUri() {
return client.getRegisteredRedirectUri();
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getResourceIds()
*/
public Set<String> getResourceIds() {
return client.getResourceIds();
}
public Set<String> getResourceIds() {
return client.getResourceIds();
}
/**
* @param resourceIds
* @see org.mitre.oauth2.model.ClientDetailsEntity#setResourceIds(java.util.Set)
*/
public void setResourceIds(Set<String> resourceIds) {
client.setResourceIds(resourceIds);
}
public void setResourceIds(Set<String> resourceIds) {
client.setResourceIds(resourceIds);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getAdditionalInformation()
*/
public Map<String, Object> getAdditionalInformation() {
return client.getAdditionalInformation();
}
public Map<String, Object> getAdditionalInformation() {
return client.getAdditionalInformation();
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getApplicationType()
*/
public AppType getApplicationType() {
return client.getApplicationType();
}
public AppType getApplicationType() {
return client.getApplicationType();
}
/**
* @param applicationType
* @see org.mitre.oauth2.model.ClientDetailsEntity#setApplicationType(org.mitre.oauth2.model.ClientDetailsEntity.AppType)
*/
public void setApplicationType(AppType applicationType) {
client.setApplicationType(applicationType);
}
public void setApplicationType(AppType applicationType) {
client.setApplicationType(applicationType);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getClientName()
*/
public String getClientName() {
return client.getClientName();
}
public String getClientName() {
return client.getClientName();
}
/**
* @param clientName
* @see org.mitre.oauth2.model.ClientDetailsEntity#setClientName(java.lang.String)
*/
public void setClientName(String clientName) {
client.setClientName(clientName);
}
public void setClientName(String clientName) {
client.setClientName(clientName);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getTokenEndpointAuthMethod()
*/
public AuthMethod getTokenEndpointAuthMethod() {
return client.getTokenEndpointAuthMethod();
}
public AuthMethod getTokenEndpointAuthMethod() {
return client.getTokenEndpointAuthMethod();
}
/**
* @param tokenEndpointAuthMethod
* @see org.mitre.oauth2.model.ClientDetailsEntity#setTokenEndpointAuthMethod(org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod)
*/
public void setTokenEndpointAuthMethod(AuthMethod tokenEndpointAuthMethod) {
client.setTokenEndpointAuthMethod(tokenEndpointAuthMethod);
}
public void setTokenEndpointAuthMethod(AuthMethod tokenEndpointAuthMethod) {
client.setTokenEndpointAuthMethod(tokenEndpointAuthMethod);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getSubjectType()
*/
public SubjectType getSubjectType() {
return client.getSubjectType();
}
public SubjectType getSubjectType() {
return client.getSubjectType();
}
/**
* @param subjectType
* @see org.mitre.oauth2.model.ClientDetailsEntity#setSubjectType(org.mitre.oauth2.model.ClientDetailsEntity.SubjectType)
*/
public void setSubjectType(SubjectType subjectType) {
client.setSubjectType(subjectType);
}
public void setSubjectType(SubjectType subjectType) {
client.setSubjectType(subjectType);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getContacts()
*/
public Set<String> getContacts() {
return client.getContacts();
}
public Set<String> getContacts() {
return client.getContacts();
}
/**
* @param contacts
* @see org.mitre.oauth2.model.ClientDetailsEntity#setContacts(java.util.Set)
*/
public void setContacts(Set<String> contacts) {
client.setContacts(contacts);
}
public void setContacts(Set<String> contacts) {
client.setContacts(contacts);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getLogoUri()
*/
public String getLogoUri() {
return client.getLogoUri();
}
public String getLogoUri() {
return client.getLogoUri();
}
/**
* @param logoUri
* @see org.mitre.oauth2.model.ClientDetailsEntity#setLogoUri(java.lang.String)
*/
public void setLogoUri(String logoUri) {
client.setLogoUri(logoUri);
}
public void setLogoUri(String logoUri) {
client.setLogoUri(logoUri);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getPolicyUri()
*/
public String getPolicyUri() {
return client.getPolicyUri();
}
public String getPolicyUri() {
return client.getPolicyUri();
}
/**
* @param policyUri
* @see org.mitre.oauth2.model.ClientDetailsEntity#setPolicyUri(java.lang.String)
*/
public void setPolicyUri(String policyUri) {
client.setPolicyUri(policyUri);
}
public void setPolicyUri(String policyUri) {
client.setPolicyUri(policyUri);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getClientUri()
*/
public String getClientUri() {
return client.getClientUri();
}
public String getClientUri() {
return client.getClientUri();
}
/**
* @param clientUri
* @see org.mitre.oauth2.model.ClientDetailsEntity#setClientUri(java.lang.String)
*/
public void setClientUri(String clientUri) {
client.setClientUri(clientUri);
}
public void setClientUri(String clientUri) {
client.setClientUri(clientUri);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getTosUri()
*/
public String getTosUri() {
return client.getTosUri();
}
public String getTosUri() {
return client.getTosUri();
}
/**
* @param tosUri
* @see org.mitre.oauth2.model.ClientDetailsEntity#setTosUri(java.lang.String)
*/
public void setTosUri(String tosUri) {
client.setTosUri(tosUri);
}
public void setTosUri(String tosUri) {
client.setTosUri(tosUri);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getJwksUri()
*/
public String getJwksUri() {
return client.getJwksUri();
}
public String getJwksUri() {
return client.getJwksUri();
}
/**
* @param jwksUri
* @see org.mitre.oauth2.model.ClientDetailsEntity#setJwksUri(java.lang.String)
*/
public void setJwksUri(String jwksUri) {
client.setJwksUri(jwksUri);
}
public void setJwksUri(String jwksUri) {
client.setJwksUri(jwksUri);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getSectorIdentifierUri()
*/
public String getSectorIdentifierUri() {
return client.getSectorIdentifierUri();
}
public String getSectorIdentifierUri() {
return client.getSectorIdentifierUri();
}
/**
* @param sectorIdentifierUri
* @see org.mitre.oauth2.model.ClientDetailsEntity#setSectorIdentifierUri(java.lang.String)
*/
public void setSectorIdentifierUri(String sectorIdentifierUri) {
client.setSectorIdentifierUri(sectorIdentifierUri);
}
public void setSectorIdentifierUri(String sectorIdentifierUri) {
client.setSectorIdentifierUri(sectorIdentifierUri);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getRequestObjectSigningAlg()
*/
public JWSAlgorithmEmbed getRequestObjectSigningAlg() {
return client.getRequestObjectSigningAlg();
}
public JWSAlgorithmEmbed getRequestObjectSigningAlg() {
return client.getRequestObjectSigningAlg();
}
/**
* @param requestObjectSigningAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setRequestObjectSigningAlg(org.mitre.jose.JWSAlgorithmEmbed)
*/
public void setRequestObjectSigningAlg(JWSAlgorithmEmbed requestObjectSigningAlg) {
client.setRequestObjectSigningAlg(requestObjectSigningAlg);
}
public void setRequestObjectSigningAlg(JWSAlgorithmEmbed requestObjectSigningAlg) {
client.setRequestObjectSigningAlg(requestObjectSigningAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoSignedResponseAlg()
*/
public JWSAlgorithmEmbed getUserInfoSignedResponseAlg() {
return client.getUserInfoSignedResponseAlg();
}
public JWSAlgorithmEmbed getUserInfoSignedResponseAlg() {
return client.getUserInfoSignedResponseAlg();
}
/**
* @param userInfoSignedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoSignedResponseAlg(org.mitre.jose.JWSAlgorithmEmbed)
*/
public void setUserInfoSignedResponseAlg(JWSAlgorithmEmbed userInfoSignedResponseAlg) {
client.setUserInfoSignedResponseAlg(userInfoSignedResponseAlg);
}
public void setUserInfoSignedResponseAlg(JWSAlgorithmEmbed userInfoSignedResponseAlg) {
client.setUserInfoSignedResponseAlg(userInfoSignedResponseAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseAlg()
*/
public JWEAlgorithmEmbed getUserInfoEncryptedResponseAlg() {
return client.getUserInfoEncryptedResponseAlg();
}
public JWEAlgorithmEmbed getUserInfoEncryptedResponseAlg() {
return client.getUserInfoEncryptedResponseAlg();
}
/**
* @param userInfoEncryptedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseAlg(org.mitre.jose.JWEAlgorithmEmbed)
*/
public void setUserInfoEncryptedResponseAlg(JWEAlgorithmEmbed userInfoEncryptedResponseAlg) {
client.setUserInfoEncryptedResponseAlg(userInfoEncryptedResponseAlg);
}
public void setUserInfoEncryptedResponseAlg(JWEAlgorithmEmbed userInfoEncryptedResponseAlg) {
client.setUserInfoEncryptedResponseAlg(userInfoEncryptedResponseAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseEnc()
*/
public JWEEncryptionMethodEmbed getUserInfoEncryptedResponseEnc() {
return client.getUserInfoEncryptedResponseEnc();
}
public JWEEncryptionMethodEmbed getUserInfoEncryptedResponseEnc() {
return client.getUserInfoEncryptedResponseEnc();
}
/**
* @param userInfoEncryptedResponseEnc
* @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseEnc(org.mitre.jose.JWEEncryptionMethodEmbed)
*/
public void setUserInfoEncryptedResponseEnc(JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc) {
client.setUserInfoEncryptedResponseEnc(userInfoEncryptedResponseEnc);
}
public void setUserInfoEncryptedResponseEnc(JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc) {
client.setUserInfoEncryptedResponseEnc(userInfoEncryptedResponseEnc);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenSignedResponseAlg()
*/
public JWSAlgorithmEmbed getIdTokenSignedResponseAlg() {
return client.getIdTokenSignedResponseAlg();
}
public JWSAlgorithmEmbed getIdTokenSignedResponseAlg() {
return client.getIdTokenSignedResponseAlg();
}
/**
* @param idTokenSignedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenSignedResponseAlg(org.mitre.jose.JWSAlgorithmEmbed)
*/
public void setIdTokenSignedResponseAlg(JWSAlgorithmEmbed idTokenSignedResponseAlg) {
client.setIdTokenSignedResponseAlg(idTokenSignedResponseAlg);
}
public void setIdTokenSignedResponseAlg(JWSAlgorithmEmbed idTokenSignedResponseAlg) {
client.setIdTokenSignedResponseAlg(idTokenSignedResponseAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseAlg()
*/
public JWEAlgorithmEmbed getIdTokenEncryptedResponseAlg() {
return client.getIdTokenEncryptedResponseAlg();
}
public JWEAlgorithmEmbed getIdTokenEncryptedResponseAlg() {
return client.getIdTokenEncryptedResponseAlg();
}
/**
* @param idTokenEncryptedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseAlg(org.mitre.jose.JWEAlgorithmEmbed)
*/
public void setIdTokenEncryptedResponseAlg(JWEAlgorithmEmbed idTokenEncryptedResponseAlg) {
client.setIdTokenEncryptedResponseAlg(idTokenEncryptedResponseAlg);
}
public void setIdTokenEncryptedResponseAlg(JWEAlgorithmEmbed idTokenEncryptedResponseAlg) {
client.setIdTokenEncryptedResponseAlg(idTokenEncryptedResponseAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseEnc()
*/
public JWEEncryptionMethodEmbed getIdTokenEncryptedResponseEnc() {
return client.getIdTokenEncryptedResponseEnc();
}
public JWEEncryptionMethodEmbed getIdTokenEncryptedResponseEnc() {
return client.getIdTokenEncryptedResponseEnc();
}
/**
* @param idTokenEncryptedResponseEnc
* @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseEnc(org.mitre.jose.JWEEncryptionMethodEmbed)
*/
public void setIdTokenEncryptedResponseEnc(JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc) {
client.setIdTokenEncryptedResponseEnc(idTokenEncryptedResponseEnc);
}
public void setIdTokenEncryptedResponseEnc(JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc) {
client.setIdTokenEncryptedResponseEnc(idTokenEncryptedResponseEnc);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getDefaultMaxAge()
*/
public Integer getDefaultMaxAge() {
return client.getDefaultMaxAge();
}
public Integer getDefaultMaxAge() {
return client.getDefaultMaxAge();
}
/**
* @param defaultMaxAge
* @see org.mitre.oauth2.model.ClientDetailsEntity#setDefaultMaxAge(java.lang.Integer)
*/
public void setDefaultMaxAge(Integer defaultMaxAge) {
client.setDefaultMaxAge(defaultMaxAge);
}
public void setDefaultMaxAge(Integer defaultMaxAge) {
client.setDefaultMaxAge(defaultMaxAge);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getRequireAuthTime()
*/
public Boolean getRequireAuthTime() {
return client.getRequireAuthTime();
}
public Boolean getRequireAuthTime() {
return client.getRequireAuthTime();
}
/**
* @param requireAuthTime
* @see org.mitre.oauth2.model.ClientDetailsEntity#setRequireAuthTime(java.lang.Boolean)
*/
public void setRequireAuthTime(Boolean requireAuthTime) {
client.setRequireAuthTime(requireAuthTime);
}
public void setRequireAuthTime(Boolean requireAuthTime) {
client.setRequireAuthTime(requireAuthTime);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getResponseTypes()
*/
public Set<String> getResponseTypes() {
return client.getResponseTypes();
}
public Set<String> getResponseTypes() {
return client.getResponseTypes();
}
/**
* @param responseTypes
* @see org.mitre.oauth2.model.ClientDetailsEntity#setResponseTypes(java.util.Set)
*/
public void setResponseTypes(Set<String> responseTypes) {
client.setResponseTypes(responseTypes);
}
public void setResponseTypes(Set<String> responseTypes) {
client.setResponseTypes(responseTypes);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getDefaultACRvalues()
*/
public Set<String> getDefaultACRvalues() {
return client.getDefaultACRvalues();
}
public Set<String> getDefaultACRvalues() {
return client.getDefaultACRvalues();
}
/**
* @param defaultACRvalues
* @see org.mitre.oauth2.model.ClientDetailsEntity#setDefaultACRvalues(java.util.Set)
*/
public void setDefaultACRvalues(Set<String> defaultACRvalues) {
client.setDefaultACRvalues(defaultACRvalues);
}
public void setDefaultACRvalues(Set<String> defaultACRvalues) {
client.setDefaultACRvalues(defaultACRvalues);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getInitiateLoginUri()
*/
public String getInitiateLoginUri() {
return client.getInitiateLoginUri();
}
public String getInitiateLoginUri() {
return client.getInitiateLoginUri();
}
/**
* @param initiateLoginUri
* @see org.mitre.oauth2.model.ClientDetailsEntity#setInitiateLoginUri(java.lang.String)
*/
public void setInitiateLoginUri(String initiateLoginUri) {
client.setInitiateLoginUri(initiateLoginUri);
}
public void setInitiateLoginUri(String initiateLoginUri) {
client.setInitiateLoginUri(initiateLoginUri);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getPostLogoutRedirectUri()
*/
public String getPostLogoutRedirectUri() {
return client.getPostLogoutRedirectUri();
}
public String getPostLogoutRedirectUri() {
return client.getPostLogoutRedirectUri();
}
/**
* @param postLogoutRedirectUri
* @see org.mitre.oauth2.model.ClientDetailsEntity#setPostLogoutRedirectUri(java.lang.String)
*/
public void setPostLogoutRedirectUri(String postLogoutRedirectUri) {
client.setPostLogoutRedirectUri(postLogoutRedirectUri);
}
public void setPostLogoutRedirectUri(String postLogoutRedirectUri) {
client.setPostLogoutRedirectUri(postLogoutRedirectUri);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getRequestUris()
*/
public Set<String> getRequestUris() {
return client.getRequestUris();
}
public Set<String> getRequestUris() {
return client.getRequestUris();
}
/**
* @param requestUris
* @see org.mitre.oauth2.model.ClientDetailsEntity#setRequestUris(java.util.Set)
*/
public void setRequestUris(Set<String> requestUris) {
client.setRequestUris(requestUris);
}
public void setRequestUris(Set<String> requestUris) {
client.setRequestUris(requestUris);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getCreatedAt()
*/
public Date getCreatedAt() {
return client.getCreatedAt();
}
public Date getCreatedAt() {
return client.getCreatedAt();
}
/**
* @param createdAt
* @see org.mitre.oauth2.model.ClientDetailsEntity#setCreatedAt(java.util.Date)
*/
public void setCreatedAt(Date createdAt) {
client.setCreatedAt(createdAt);
}
public void setCreatedAt(Date createdAt) {
client.setCreatedAt(createdAt);
}
/**
* @return the registrationAccessToken
*/
@ -715,7 +730,7 @@ public class RegisteredClient {
public void setClientIdIssuedAt(Date issuedAt) {
this.clientIdIssuedAt = issuedAt;
}
}

3
openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthenticationHolderRepository.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2ClientRepository.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2TokenRepository.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/oauth2/repository/SystemScopeRepository.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/oauth2/service/ClientDetailsEntityService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

7
openid-connect-common/src/main/java/org/mitre/oauth2/service/OAuth2TokenEntityService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -27,7 +26,7 @@ import org.springframework.security.oauth2.provider.token.AuthorizationServerTok
import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
public interface OAuth2TokenEntityService extends AuthorizationServerTokenServices, ResourceServerTokenServices {
@Override
public OAuth2AccessTokenEntity readAccessToken(String accessTokenValue);
@ -57,7 +56,7 @@ public interface OAuth2TokenEntityService extends AuthorizationServerTokenServic
public OAuth2AccessTokenEntity getAccessTokenForIdToken(OAuth2AccessTokenEntity idToken);
public OAuth2AccessTokenEntity getAccessTokenById(Long id);
public OAuth2RefreshTokenEntity getRefreshTokenById(Long id);
public Set<OAuth2AccessTokenEntity> getAllAccessTokensForUser(String name);

3
openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/oauth2/service/impl/DefaultClientUserDetailsService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

18
openid-connect-common/src/main/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessor.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -29,7 +28,6 @@ import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
import org.mitre.oauth2.model.RegisteredClient;
import com.google.common.base.Joiner;
@ -146,8 +144,8 @@ public class ClientDetailsEntityJsonProcessor {
* Parse the JSON as a RegisteredClient (useful in the dynamic client filter)
*/
public static RegisteredClient parseRegistered(String jsonString) {
JsonElement jsonEl = parser.parse(jsonString);
if (jsonEl.isJsonObject()) {
@ -166,7 +164,7 @@ public class ClientDetailsEntityJsonProcessor {
return null;
}
}
/**
* @param c
* @param token
@ -179,7 +177,7 @@ public class ClientDetailsEntityJsonProcessor {
o.addProperty("client_id", c.getClientId());
if (c.getClientSecret() != null) {
o.addProperty("client_secret", c.getClientSecret());
if (c.getClientSecretExpiresAt() == null) {
o.addProperty("client_secret_expires_at", 0); // TODO: do we want to let secrets expire?
} else {
@ -304,7 +302,7 @@ public class ClientDetailsEntityJsonProcessor {
return null;
}
}
/**
* Gets the value of the given given member as a set of strings, null if it doesn't exist
*/
@ -315,8 +313,8 @@ public class ClientDetailsEntityJsonProcessor {
return null;
}
}
/**
* Translate a set of strings to a JSON array
* @param value

7
openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -35,7 +34,7 @@ import org.springframework.util.StringUtils;
public class ConfigurationPropertiesBean {
private static Logger logger = LoggerFactory.getLogger(ConfigurationPropertiesBean.class);
private String issuer;
private String topbarTitle;
@ -45,7 +44,7 @@ public class ConfigurationPropertiesBean {
public ConfigurationPropertiesBean() {
}
/**
* Endpoints protected by TLS must have https scheme in the URI.
*/

157
openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -40,7 +39,7 @@ public class ServerConfiguration {
private String userInfoUri;
private String introspectionEndpointUri;
/**
* @return the authorizationEndpointUri
*/
@ -142,86 +141,86 @@ public class ServerConfiguration {
/* (non-Javadoc)
* @see java.lang.Object#hashCode()
*/
@Override
public int hashCode() {
final int prime = 31;
int result = 1;
result = prime * result + ((authorizationEndpointUri == null) ? 0 : authorizationEndpointUri.hashCode());
result = prime * result + ((introspectionEndpointUri == null) ? 0 : introspectionEndpointUri.hashCode());
result = prime * result + ((issuer == null) ? 0 : issuer.hashCode());
result = prime * result + ((jwksUri == null) ? 0 : jwksUri.hashCode());
result = prime * result + ((registrationEndpointUri == null) ? 0 : registrationEndpointUri.hashCode());
result = prime * result + ((tokenEndpointUri == null) ? 0 : tokenEndpointUri.hashCode());
result = prime * result + ((userInfoUri == null) ? 0 : userInfoUri.hashCode());
return result;
}
@Override
public int hashCode() {
final int prime = 31;
int result = 1;
result = prime * result + ((authorizationEndpointUri == null) ? 0 : authorizationEndpointUri.hashCode());
result = prime * result + ((introspectionEndpointUri == null) ? 0 : introspectionEndpointUri.hashCode());
result = prime * result + ((issuer == null) ? 0 : issuer.hashCode());
result = prime * result + ((jwksUri == null) ? 0 : jwksUri.hashCode());
result = prime * result + ((registrationEndpointUri == null) ? 0 : registrationEndpointUri.hashCode());
result = prime * result + ((tokenEndpointUri == null) ? 0 : tokenEndpointUri.hashCode());
result = prime * result + ((userInfoUri == null) ? 0 : userInfoUri.hashCode());
return result;
}
/* (non-Javadoc)
* @see java.lang.Object#equals(java.lang.Object)
*/
@Override
public boolean equals(Object obj) {
if (this == obj) {
return true;
}
if (obj == null) {
return false;
}
if (!(obj instanceof ServerConfiguration)) {
return false;
}
ServerConfiguration other = (ServerConfiguration) obj;
if (authorizationEndpointUri == null) {
if (other.authorizationEndpointUri != null) {
return false;
}
} else if (!authorizationEndpointUri.equals(other.authorizationEndpointUri)) {
return false;
}
if (introspectionEndpointUri == null) {
if (other.introspectionEndpointUri != null) {
return false;
}
} else if (!introspectionEndpointUri.equals(other.introspectionEndpointUri)) {
return false;
}
if (issuer == null) {
if (other.issuer != null) {
return false;
}
} else if (!issuer.equals(other.issuer)) {
return false;
}
if (jwksUri == null) {
if (other.jwksUri != null) {
return false;
}
} else if (!jwksUri.equals(other.jwksUri)) {
return false;
}
if (registrationEndpointUri == null) {
if (other.registrationEndpointUri != null) {
return false;
}
} else if (!registrationEndpointUri.equals(other.registrationEndpointUri)) {
return false;
}
if (tokenEndpointUri == null) {
if (other.tokenEndpointUri != null) {
return false;
}
} else if (!tokenEndpointUri.equals(other.tokenEndpointUri)) {
return false;
}
if (userInfoUri == null) {
if (other.userInfoUri != null) {
return false;
}
} else if (!userInfoUri.equals(other.userInfoUri)) {
return false;
}
return true;
}
@Override
public boolean equals(Object obj) {
if (this == obj) {
return true;
}
if (obj == null) {
return false;
}
if (!(obj instanceof ServerConfiguration)) {
return false;
}
ServerConfiguration other = (ServerConfiguration) obj;
if (authorizationEndpointUri == null) {
if (other.authorizationEndpointUri != null) {
return false;
}
} else if (!authorizationEndpointUri.equals(other.authorizationEndpointUri)) {
return false;
}
if (introspectionEndpointUri == null) {
if (other.introspectionEndpointUri != null) {
return false;
}
} else if (!introspectionEndpointUri.equals(other.introspectionEndpointUri)) {
return false;
}
if (issuer == null) {
if (other.issuer != null) {
return false;
}
} else if (!issuer.equals(other.issuer)) {
return false;
}
if (jwksUri == null) {
if (other.jwksUri != null) {
return false;
}
} else if (!jwksUri.equals(other.jwksUri)) {
return false;
}
if (registrationEndpointUri == null) {
if (other.registrationEndpointUri != null) {
return false;
}
} else if (!registrationEndpointUri.equals(other.registrationEndpointUri)) {
return false;
}
if (tokenEndpointUri == null) {
if (other.tokenEndpointUri != null) {
return false;
}
} else if (!tokenEndpointUri.equals(other.tokenEndpointUri)) {
return false;
}
if (userInfoUri == null) {
if (other.userInfoUri != null) {
return false;
}
} else if (!userInfoUri.equals(other.userInfoUri)) {
return false;
}
return true;
}
}

3
openid-connect-common/src/main/java/org/mitre/openid/connect/model/Address.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/model/BlacklistedSite.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/model/DefaultUserInfo.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/model/Event.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/model/Nonce.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/model/OIDCAuthenticationToken.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/model/UserInfo.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/model/WhitelistedSite.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/repository/AddressRepository.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

5
openid-connect-common/src/main/java/org/mitre/openid/connect/repository/ApprovedSiteRepository.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -84,7 +83,7 @@ public interface ApprovedSiteRepository {
* @return
*/
public Collection<ApprovedSite> getByClientId(String clientId);
/**
* Get all expired sites
* @return

3
openid-connect-common/src/main/java/org/mitre/openid/connect/repository/BlacklistedSiteRepository.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/repository/EventRepository.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/repository/NonceRepository.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/repository/UserInfoRepository.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/repository/WhitelistedSiteRepository.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

5
openid-connect-common/src/main/java/org/mitre/openid/connect/service/ApprovedSiteService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -96,7 +95,7 @@ public interface ApprovedSiteService {
* @param client
*/
public void clearApprovedSitesForClient(ClientDetails client);
/**
* Remove all expired approved sites fromt he data store.
* @return

3
openid-connect-common/src/main/java/org/mitre/openid/connect/service/BlacklistedSiteService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/service/NonceService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

9
openid-connect-common/src/main/java/org/mitre/openid/connect/service/StatsService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -42,14 +41,14 @@ public interface StatsService {
*
* @return a map of id of client object to number of approvals
*/
public Map<Long, Integer> calculateByClientId();
public Map<Long, Integer> calculateByClientId();
/**
* Calculate the usage count for a single client
*
* @param id the id of the client to search on
* @param id the id of the client to search on
* @return
*/
public Integer countForClientId(Long id);
public Integer countForClientId(Long id);
}

3
openid-connect-common/src/main/java/org/mitre/openid/connect/service/UserInfoService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/service/WhitelistedSiteService.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/view/JwkKeyListView.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

11
openid-connect-common/src/main/java/org/mitre/openid/connect/web/UserInfoInterceptor.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -55,16 +54,16 @@ public class UserInfoInterceptor extends HandlerInterceptorAdapter {
modelAndView.addObject("userInfo", oidc.getUserInfo());
} else {
if (p != null && p.getName() != null) { // don't bother checking if we don't have a principal
// try to look up a user based on the principal's name
UserInfo user = userInfoService.getBySubject(p.getName());
// if we have one, inject it so views can use it
if (user != null) {
modelAndView.addObject("userInfo", user);
}
}
}
}
}
}
}

3
openid-connect-common/src/main/java/org/mitre/util/jpa/JpaUtil.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.

36
openid-connect-common/src/test/java/org/mitre/discovery/util/TestWebfingerURLNormalizer.java
View File

@ -1,6 +1,5 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation
* and the MIT Kerberos and Internet Trust Consortium
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -16,15 +15,12 @@
******************************************************************************/
package org.mitre.discovery.util;
import static org.junit.Assert.*;
import java.util.List;
import org.junit.Test;
import org.springframework.web.util.UriComponents;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Lists;
import static org.junit.Assert.assertEquals;
/**
* @author wkim
@ -96,7 +92,7 @@ public class TestWebfingerURLNormalizer {
/*
Adapted from Nov Matake's Ruby normalizer implementation.
## INPUT => NORMALIZED
# example.com => https://example.com
# example.com:8080 => https://example.com:8080
@ -104,35 +100,35 @@ public class TestWebfingerURLNormalizer {
# example.com?query => https://example.com?query
# example.com#fragment => https://example.com
# example.com:8080/path?query#fragment => https://example.com:8080/path?query
# http://example.com => http://example.com
# http://example.com:8080 => http://example.com:8080
# http://example.com/path => http://example.com/path
# http://example.com?query => http://example.com?query
# http://example.com#fragment => http://example.com
# http://example.com:8080/path?query#fragment => http://example.com:8080/path?query
# nov@example.com => acct:nov@example.com
# nov@example.com:8080 => https://nov@example.com:8080
# nov@example.com/path => https://nov@example.com/path
# nov@example.com?query => https://nov@example.com?query
# nov@example.com#fragment => acct:nov@example.com
# nov@example.com:8080/path?query#fragment => https://nov@example.com:8080/path?query
# acct:nov@matake.jp => acct:nov@matake.jp
# acct:nov@example.com:8080 => acct:nov@example.com:8080
# acct:nov@example.com/path => acct:nov@example.com/path
# acct:nov@example.com?query => acct:nov@example.com?query
# acct:nov@example.com#fragment => acct:nov@example.com
# acct:nov@example.com:8080/path?query#fragment => acct:nov@example.com:8080/path?query
# mailto:nov@matake.jp => mailto:nov@matake.jp
# mailto:nov@example.com:8080 => mailto:nov@example.com:8080
# mailto:nov@example.com/path => mailto:nov@example.com/path
# mailto:nov@example.com?query => mailto:nov@example.com?query
# mailto:nov@example.com#fragment => mailto:nov@example.com
# mailto:nov@example.com:8080/path?query#fragment => mailto:nov@example.com:8080/path?query
# localhost => https://localhost
# localhost:8080 => https://localhost:8080
# localhost/path => https://localhost/path
@ -145,7 +141,7 @@ public class TestWebfingerURLNormalizer {
# nov@localhost?query => https://nov@localhost?query
# nov@localhost#fragment => acct:nov@localhost
# nov@localhost/path?query#fragment => https://nov@localhost/path?query
# tel:+810312345678 => tel:+810312345678
# device:192.168.2.1 => device:192.168.2.1
# device:192.168.2.1:8080 => device:192.168.2.1:8080
@ -155,18 +151,18 @@ public class TestWebfingerURLNormalizer {
# device:192.168.2.1/path?query#fragment => device:192.168.2.1/path?query
*
*/
@Test
public void normalizeResource_novTest() {
for (String input : inputToNormalized.keySet()) {
UriComponents actualNormalized = WebfingerURLNormalizer.normalizeResource(input);
String expectedNormalized = inputToNormalized.get(input);
assertEquals("Identifer/Normalized failed.", expectedNormalized, WebfingerURLNormalizer.serializeURL(actualNormalized));
}
}

37
openid-connect-common/src/test/java/org/mitre/jose/JOSEEmbedTest.java
View File

@ -1,3 +1,18 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
@ -9,11 +24,11 @@ import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm;
import static org.junit.Assert.*;
import static org.junit.Assert.assertEquals;
/**
*
* These tests make sure that the algorithm name processing
* These tests make sure that the algorithm name processing
* is functional on the three embedded JOSE classes.
*
* @author jricher
@ -24,15 +39,15 @@ public class JOSEEmbedTest {
@Test
public void testJWSAlgorithmEmbed() {
JWSAlgorithmEmbed a = new JWSAlgorithmEmbed(JWSAlgorithm.HS256);
assertEquals(JWSAlgorithm.HS256, a.getAlgorithm());
assertEquals("HS256", a.getAlgorithmName());
}
@Test
public void testJWSAlgorithmEmbedGetForAlgoirthmName() {
JWSAlgorithmEmbed a = JWSAlgorithmEmbed.getForAlgorithmName("RS256");
assertEquals(JWSAlgorithm.RS256, a.getAlgorithm());
assertEquals("RS256", a.getAlgorithmName());
}
@ -40,15 +55,15 @@ public class JOSEEmbedTest {
@Test
public void testJWEAlgorithmEmbed() {
JWEAlgorithmEmbed a = new JWEAlgorithmEmbed(JWEAlgorithm.A128KW);
assertEquals(JWEAlgorithm.A128KW, a.getAlgorithm());
assertEquals("A128KW", a.getAlgorithmName());
}
@Test
public void testJWEAlgorithmEmbedGetForAlgoirthmName() {
JWEAlgorithmEmbed a = JWEAlgorithmEmbed.getForAlgorithmName("RSA1_5");
assertEquals(JWEAlgorithm.RSA1_5, a.getAlgorithm());
assertEquals("RSA1_5", a.getAlgorithmName());
}
@ -56,15 +71,15 @@ public class JOSEEmbedTest {
@Test
public void testJWEEncryptionMethodEmbed() {
JWEEncryptionMethodEmbed a = new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256);
assertEquals(EncryptionMethod.A128CBC_HS256, a.getAlgorithm());
assertEquals("A128CBC-HS256", a.getAlgorithmName());
}
@Test
public void testJWEEncryptionMethodEmbedGetForAlgoirthmName() {
JWEEncryptionMethodEmbed a = JWEEncryptionMethodEmbed.getForAlgorithmName("A256GCM");
assertEquals(EncryptionMethod.A256GCM, a.getAlgorithm());
assertEquals("A256GCM", a.getAlgorithmName());
}

23
openid-connect-common/src/test/java/org/mitre/oauth2/model/ClientDetailsEntityTest.java
View File

@ -1,3 +1,18 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
@ -13,7 +28,7 @@ import com.google.common.collect.ImmutableSet;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import static org.junit.Assert.*;
import static org.junit.Assert.assertEquals;
/**
* @author jricher
@ -26,10 +41,10 @@ public class ClientDetailsEntityTest {
*/
@Test
public void testClientDetailsEntity() {
Date now = new Date();
Date now = new Date();
ClientDetailsEntity c = new ClientDetailsEntity();
c.setClientId("s6BhdRkqt3");
c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk");
c.setApplicationType(ClientDetailsEntity.AppType.WEB);

41
openid-connect-common/src/test/java/org/mitre/oauth2/model/RegisteredClientTest.java
View File

@ -1,3 +1,18 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
@ -13,7 +28,7 @@ import com.google.common.collect.ImmutableSet;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import static org.junit.Assert.*;
import static org.junit.Assert.assertEquals;
/**
* @author jricher
@ -26,11 +41,11 @@ public class RegisteredClientTest {
*/
@Test
public void testRegisteredClient() {
// make sure all the pass-through getters and setters work
RegisteredClient c = new RegisteredClient();
c.setClientId("s6BhdRkqt3");
c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk");
c.setClientSecretExpiresAt(new Date(1577858400L * 1000L));
@ -48,7 +63,7 @@ public class RegisteredClientTest {
c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256));
c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"));
c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"));
assertEquals("s6BhdRkqt3", c.getClientId());
assertEquals("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk", c.getClientSecret());
assertEquals(new Date(1577858400L * 1000L), c.getClientSecretExpiresAt());
@ -73,8 +88,8 @@ public class RegisteredClientTest {
*/
@Test
public void testRegisteredClientClientDetailsEntity() {
ClientDetailsEntity c = new ClientDetailsEntity();
ClientDetailsEntity c = new ClientDetailsEntity();
c.setClientId("s6BhdRkqt3");
c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk");
c.setApplicationType(ClientDetailsEntity.AppType.WEB);
@ -89,13 +104,13 @@ public class RegisteredClientTest {
c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256));
c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"));
c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"));
// Create a RegisteredClient based on a ClientDetailsEntity object and set several properties
RegisteredClient rc = new RegisteredClient(c);
rc.setClientSecretExpiresAt(new Date(1577858400L * 1000L));
rc.setRegistrationAccessToken("this.is.an.access.token.value.ffx83");
rc.setRegistrationClientUri("https://server.example.com/connect/register?client_id=s6BhdRkqt3");
// make sure all the pass-throughs work
assertEquals("s6BhdRkqt3", rc.getClientId());
assertEquals("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk", rc.getClientSecret());
@ -121,8 +136,8 @@ public class RegisteredClientTest {
*/
@Test
public void testRegisteredClientClientDetailsEntityStringString() {
ClientDetailsEntity c = new ClientDetailsEntity();
ClientDetailsEntity c = new ClientDetailsEntity();
c.setClientId("s6BhdRkqt3");
c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk");
c.setApplicationType(ClientDetailsEntity.AppType.WEB);
@ -137,10 +152,10 @@ public class RegisteredClientTest {
c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256));
c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"));
c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"));
// Create a RegisteredClient based on a ClientDetails, a token, and a server URI
RegisteredClient rc = new RegisteredClient(c, "this.is.an.access.token.value.ffx83", "https://server.example.com/connect/register?client_id=s6BhdRkqt3");
// make sure all the pass-throughs work
assertEquals("s6BhdRkqt3", rc.getClientId());
assertEquals("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk", rc.getClientSecret());

130
openid-connect-common/src/test/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessorTest.java
View File

@ -1,3 +1,18 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
@ -17,7 +32,8 @@ import com.google.gson.JsonObject;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import static org.junit.Assert.*;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
/**
* @author jricher
@ -30,30 +46,30 @@ public class ClientDetailsEntityJsonProcessorTest {
*/
@Test
public void testParse() {
String json = " {\n" +
" \"application_type\": \"web\",\n" +
" \"redirect_uris\":\n" +
" [\"https://client.example.org/callback\",\n" +
" \"https://client.example.org/callback2\"],\n" +
" \"client_name\": \"My Example\",\n" +
" \"client_name#ja-Jpan-JP\":\n" +
" \"クライアント名\",\n" +
String json = " {\n" +
" \"application_type\": \"web\",\n" +
" \"redirect_uris\":\n" +
" [\"https://client.example.org/callback\",\n" +
" \"https://client.example.org/callback2\"],\n" +
" \"client_name\": \"My Example\",\n" +
" \"client_name#ja-Jpan-JP\":\n" +
" \"クライアント名\",\n" +
" \"response_types\": [\"code\", \"token\"],\n" +
" \"grant_types\": [\"authorization_code\", \"implicit\"],\n" +
" \"logo_uri\": \"https://client.example.org/logo.png\",\n" +
" \"subject_type\": \"pairwise\",\n" +
" \"sector_identifier_uri\":\n" +
" \"https://other.example.net/file_of_redirect_uris.json\",\n" +
" \"token_endpoint_auth_method\": \"client_secret_basic\",\n" +
" \"jwks_uri\": \"https://client.example.org/my_public_keys.jwks\",\n" +
" \"userinfo_encrypted_response_alg\": \"RSA1_5\",\n" +
" \"userinfo_encrypted_response_enc\": \"A128CBC-HS256\",\n" +
" \"contacts\": [\"ve7jtb@example.org\", \"mary@example.org\"],\n" +
" \"request_uris\":\n" +
" [\"https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA\"]\n" +
" \"logo_uri\": \"https://client.example.org/logo.png\",\n" +
" \"subject_type\": \"pairwise\",\n" +
" \"sector_identifier_uri\":\n" +
" \"https://other.example.net/file_of_redirect_uris.json\",\n" +
" \"token_endpoint_auth_method\": \"client_secret_basic\",\n" +
" \"jwks_uri\": \"https://client.example.org/my_public_keys.jwks\",\n" +
" \"userinfo_encrypted_response_alg\": \"RSA1_5\",\n" +
" \"userinfo_encrypted_response_enc\": \"A128CBC-HS256\",\n" +
" \"contacts\": [\"ve7jtb@example.org\", \"mary@example.org\"],\n" +
" \"request_uris\":\n" +
" [\"https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA\"]\n" +
" }";
ClientDetailsEntity c = ClientDetailsEntityJsonProcessor.parse(json);
assertEquals(ClientDetailsEntity.AppType.WEB, c.getApplicationType());
assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), c.getRedirectUris());
assertEquals("My Example", c.getClientName());
@ -68,7 +84,7 @@ public class ClientDetailsEntityJsonProcessorTest {
assertEquals(EncryptionMethod.A128CBC_HS256, c.getUserInfoEncryptedResponseEnc().getAlgorithm());
assertEquals(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"), c.getContacts());
assertEquals(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"), c.getRequestUris());
}
/**
@ -76,41 +92,41 @@ public class ClientDetailsEntityJsonProcessorTest {
*/
@Test
public void testParseRegistered() {
String json = " {\n" +
" \"client_id\": \"s6BhdRkqt3\",\n" +
" \"client_secret\":\n" +
" \"ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk\",\n" +
" \"client_secret_expires_at\": 1577858400,\n" +
" \"registration_access_token\":\n" +
" \"this.is.an.access.token.value.ffx83\",\n" +
" \"registration_client_uri\":\n" +
" \"https://server.example.com/connect/register?client_id=s6BhdRkqt3\",\n" +
" \"token_endpoint_auth_method\":\n" +
" \"client_secret_basic\",\n" +
" \"application_type\": \"web\",\n" +
" \"redirect_uris\":\n" +
" [\"https://client.example.org/callback\",\n" +
" \"https://client.example.org/callback2\"],\n" +
" \"client_name\": \"My Example\",\n" +
" \"client_name#ja-Jpan-JP\":\n" +
" \"クライアント名\",\n" +
String json = " {\n" +
" \"client_id\": \"s6BhdRkqt3\",\n" +
" \"client_secret\":\n" +
" \"ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk\",\n" +
" \"client_secret_expires_at\": 1577858400,\n" +
" \"registration_access_token\":\n" +
" \"this.is.an.access.token.value.ffx83\",\n" +
" \"registration_client_uri\":\n" +
" \"https://server.example.com/connect/register?client_id=s6BhdRkqt3\",\n" +
" \"token_endpoint_auth_method\":\n" +
" \"client_secret_basic\",\n" +
" \"application_type\": \"web\",\n" +
" \"redirect_uris\":\n" +
" [\"https://client.example.org/callback\",\n" +
" \"https://client.example.org/callback2\"],\n" +
" \"client_name\": \"My Example\",\n" +
" \"client_name#ja-Jpan-JP\":\n" +
" \"クライアント名\",\n" +
" \"response_types\": [\"code\", \"token\"],\n" +
" \"grant_types\": [\"authorization_code\", \"implicit\"],\n" +
" \"logo_uri\": \"https://client.example.org/logo.png\",\n" +
" \"subject_type\": \"pairwise\",\n" +
" \"sector_identifier_uri\":\n" +
" \"https://other.example.net/file_of_redirect_uris.json\",\n" +
" \"jwks_uri\": \"https://client.example.org/my_public_keys.jwks\",\n" +
" \"userinfo_encrypted_response_alg\": \"RSA1_5\",\n" +
" \"userinfo_encrypted_response_enc\": \"A128CBC-HS256\",\n" +
" \"contacts\": [\"ve7jtb@example.org\", \"mary@example.org\"],\n" +
" \"request_uris\":\n" +
" [\"https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA\"]\n" +
" \"logo_uri\": \"https://client.example.org/logo.png\",\n" +
" \"subject_type\": \"pairwise\",\n" +
" \"sector_identifier_uri\":\n" +
" \"https://other.example.net/file_of_redirect_uris.json\",\n" +
" \"jwks_uri\": \"https://client.example.org/my_public_keys.jwks\",\n" +
" \"userinfo_encrypted_response_alg\": \"RSA1_5\",\n" +
" \"userinfo_encrypted_response_enc\": \"A128CBC-HS256\",\n" +
" \"contacts\": [\"ve7jtb@example.org\", \"mary@example.org\"],\n" +
" \"request_uris\":\n" +
" [\"https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA\"]\n" +
" }";
RegisteredClient c = ClientDetailsEntityJsonProcessor.parseRegistered(json);
assertEquals("s6BhdRkqt3", c.getClientId());
assertEquals("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk", c.getClientSecret());
assertEquals(new Date(1577858400L * 1000L), c.getClientSecretExpiresAt());
@ -139,7 +155,7 @@ public class ClientDetailsEntityJsonProcessorTest {
@Test
public void testSerialize() {
RegisteredClient c = new RegisteredClient();
c.setClientId("s6BhdRkqt3");
c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk");
c.setClientSecretExpiresAt(new Date(1577858400L * 1000L));
@ -159,7 +175,7 @@ public class ClientDetailsEntityJsonProcessorTest {
c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256));
c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"));
c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"));
JsonObject j = ClientDetailsEntityJsonProcessor.serialize(c);
assertEquals("s6BhdRkqt3", j.get("client_id").getAsString());
@ -168,9 +184,9 @@ public class ClientDetailsEntityJsonProcessorTest {
assertEquals("this.is.an.access.token.value.ffx83", j.get("registration_access_token").getAsString());
assertEquals("https://server.example.com/connect/register?client_id=s6BhdRkqt3", j.get("registration_client_uri").getAsString());
assertEquals(ClientDetailsEntity.AppType.WEB.getValue(), j.get("application_type").getAsString());
for (JsonElement e : j.get("redirect_uris").getAsJsonArray()) {
for (JsonElement e : j.get("redirect_uris").getAsJsonArray()) {
assertTrue(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2").contains(e.getAsString()));
}
}
assertEquals("My Example", j.get("client_name").getAsString());
for (JsonElement e : j.get("response_types").getAsJsonArray()) {
assertTrue(ImmutableSet.of("code", "token").contains(e.getAsString()));
@ -191,7 +207,7 @@ public class ClientDetailsEntityJsonProcessorTest {
for (JsonElement e : j.get("request_uris").getAsJsonArray()) {
assertTrue(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA").contains(e.getAsString()));
}
}
}

27
openid-connect-common/src/test/java/org/mitre/openid/connect/config/ConfigurationPropertiesBeanTest.java
View File

@ -1,3 +1,18 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/**
*
*/
@ -5,7 +20,7 @@ package org.mitre.openid.connect.config;
import org.junit.Test;
import static org.junit.Assert.*;
import static org.junit.Assert.assertEquals;
/**
* @author jricher
@ -18,22 +33,22 @@ public class ConfigurationPropertiesBeanTest {
*/
@Test
public void testConfigurationPropertiesBean() {
// make sure the values that go in come back out unchanged
ConfigurationPropertiesBean bean = new ConfigurationPropertiesBean();
String iss = "http://localhost:8080/openid-connect-server/";
String title = "OpenID Connect Server";
String logoUrl = "/images/logo.png";
bean.setIssuer(iss);
bean.setTopbarTitle(title);
bean.setLogoImageUrl(logoUrl);
assertEquals(iss, bean.getIssuer());
assertEquals(title, bean.getTopbarTitle());
assertEquals(logoUrl, bean.getLogoImageUrl());
}
}

Some files were not shown because too many files have changed in this diff Show More