From e658ffd7fcba1f6c55bf6bc5c0e4fbe705ed5e79 Mon Sep 17 00:00:00 2001 From: Justin Richer Date: Mon, 29 Jul 2013 11:28:51 -0400 Subject: [PATCH] format/cleanup and copyright --- .../AuthorizationRequestImpl.java | 5 +- .../IntrospectingTokenService.java | 11 +- .../IntrospectionAuthorityGranter.java | 19 +- .../IntrospectionUrlProvider.java | 19 +- .../JWTParsingIntrospectionUrlProvider.java | 73 ++- .../OAuth2AccessTokenImpl.java | 5 +- .../SimpleIntrospectionAuthorityGranter.java | 19 +- .../StaticIntrospectionUrlProvider.java | 21 +- .../client/NamedAdminAuthoritiesMapper.java | 5 +- .../client/OIDCAuthenticationFilter.java | 7 +- .../client/OIDCAuthenticationProvider.java | 5 +- .../client/SubjectIssuerGrantedAuthority.java | 5 +- .../connect/client/UserInfoFetcher.java | 5 +- .../keypublisher/ClientKeyPublisher.java | 5 +- .../ClientKeyPublisherMapping.java | 5 +- .../client/keypublisher/JwkViewResolver.java | 5 +- .../client/model/IssuerServiceResponse.java | 5 +- .../client/service/AuthRequestUrlBuilder.java | 6 +- .../service/ClientConfigurationService.java | 7 +- .../connect/client/service/IssuerService.java | 5 +- .../service/RegisteredClientService.java | 25 +- .../service/ServerConfigurationService.java | 5 +- ...egistrationClientConfigurationService.java | 41 +- .../DynamicServerConfigurationService.java | 19 +- .../HybridClientConfigurationService.java | 85 +-- .../HybridServerConfigurationService.java | 61 +- .../impl/InMemoryRegisteredClientService.java | 19 +- .../impl/JsonFileRegisteredClientService.java | 79 ++- .../impl/PlainAuthRequestUrlBuilder.java | 5 +- .../impl/SignedAuthRequestUrlBuilder.java | 5 +- .../StaticClientConfigurationService.java | 5 +- .../StaticServerConfigurationService.java | 5 +- .../impl/StaticSingleIssuerService.java | 5 +- .../service/impl/ThirdPartyIssuerService.java | 11 +- .../service/impl/WebfingerIssuerService.java | 29 +- .../TestHybridClientConfigurationService.java | 64 +- .../TestHybridServerConfigurationService.java | 56 +- .../impl/TestPlainAuthRequestUrlBuilder.java | 37 +- .../impl/TestSignedAuthRequestUrlBuilder.java | 53 +- .../TestStaticClientConfigurationService.java | 47 +- .../TestStaticServerConfigurationService.java | 43 +- .../impl/TestThirdPartyIssuerService.java | 13 +- .../util/WebfingerURLNormalizer.java | 38 +- .../org/mitre/jose/JWEAlgorithmEmbed.java | 3 +- .../mitre/jose/JWEEncryptionMethodEmbed.java | 3 +- .../org/mitre/jose/JWSAlgorithmEmbed.java | 3 +- .../mitre/jose/keystore/JWKSetKeyStore.java | 3 +- .../JwtSigningAndValidationService.java | 3 +- ...DefaultJwtSigningAndValidationService.java | 9 +- ...gningAndValidationServiceCacheService.java | 3 +- .../model/AuthenticationHolderEntity.java | 3 +- .../oauth2/model/AuthorizationCodeEntity.java | 3 +- .../oauth2/model/ClientDetailsEntity.java | 3 +- .../oauth2/model/OAuth2AccessTokenEntity.java | 7 +- .../model/OAuth2RefreshTokenEntity.java | 3 +- .../mitre/oauth2/model/RegisteredClient.java | 563 +++++++++--------- .../org/mitre/oauth2/model/SystemScope.java | 3 +- .../AuthenticationHolderRepository.java | 3 +- .../AuthorizationCodeRepository.java | 3 +- .../repository/OAuth2ClientRepository.java | 3 +- .../repository/OAuth2TokenRepository.java | 3 +- .../repository/SystemScopeRepository.java | 3 +- .../service/ClientDetailsEntityService.java | 3 +- .../service/OAuth2TokenEntityService.java | 7 +- .../oauth2/service/SystemScopeService.java | 3 +- .../impl/DefaultClientUserDetailsService.java | 3 +- .../ClientDetailsEntityJsonProcessor.java | 18 +- .../config/ConfigurationPropertiesBean.java | 7 +- .../connect/config/ServerConfiguration.java | 157 +++-- .../mitre/openid/connect/model/Address.java | 3 +- .../openid/connect/model/ApprovedSite.java | 3 +- .../openid/connect/model/BlacklistedSite.java | 3 +- .../openid/connect/model/DefaultUserInfo.java | 3 +- .../org/mitre/openid/connect/model/Event.java | 3 +- .../org/mitre/openid/connect/model/Nonce.java | 3 +- .../model/OIDCAuthenticationToken.java | 3 +- .../mitre/openid/connect/model/UserInfo.java | 3 +- .../openid/connect/model/WhitelistedSite.java | 3 +- .../connect/repository/AddressRepository.java | 3 +- .../repository/ApprovedSiteRepository.java | 5 +- .../repository/BlacklistedSiteRepository.java | 3 +- .../connect/repository/EventRepository.java | 3 +- .../connect/repository/NonceRepository.java | 3 +- .../repository/UserInfoRepository.java | 3 +- .../repository/WhitelistedSiteRepository.java | 3 +- .../connect/service/ApprovedSiteService.java | 5 +- .../service/BlacklistedSiteService.java | 3 +- .../openid/connect/service/NonceService.java | 3 +- .../openid/connect/service/StatsService.java | 9 +- .../connect/service/UserInfoService.java | 3 +- .../service/WhitelistedSiteService.java | 3 +- .../openid/connect/view/JwkKeyListView.java | 3 +- .../connect/web/UserInfoInterceptor.java | 11 +- .../main/java/org/mitre/util/jpa/JpaUtil.java | 3 +- .../util/TestWebfingerURLNormalizer.java | 36 +- .../java/org/mitre/jose/JOSEEmbedTest.java | 37 +- .../oauth2/model/ClientDetailsEntityTest.java | 23 +- .../oauth2/model/RegisteredClientTest.java | 41 +- .../ClientDetailsEntityJsonProcessorTest.java | 130 ++-- .../ConfigurationPropertiesBeanTest.java | 27 +- .../config/ServerConfigurationTest.java | 34 +- .../mitre/discovery/view/WebfingerView.java | 3 +- .../discovery/web/DiscoveryEndpoint.java | 97 ++- .../exception/DuplicateClientIdException.java | 3 +- .../oauth2/exception/NonceReuseException.java | 3 +- .../JpaAuthenticationHolderRepository.java | 3 +- .../impl/JpaAuthorizationCodeRepository.java | 3 +- .../impl/JpaOAuth2ClientRepository.java | 3 +- .../impl/JpaOAuth2TokenRepository.java | 7 +- .../impl/JpaSystemScopeRepository.java | 3 +- ...DefaultOAuth2AuthorizationCodeService.java | 3 +- ...faultOAuth2ClientDetailsEntityService.java | 5 +- .../DefaultOAuth2ProviderTokenService.java | 27 +- .../impl/DefaultSystemScopeService.java | 3 +- .../oauth2/token/ChainedTokenGranter.java | 3 +- .../token/JwtAssertionTokenGranter.java | 3 +- .../oauth2/view/TokenIntrospectionView.java | 11 +- .../org/mitre/oauth2/web/AccessTokenAPI.java | 33 +- .../oauth2/web/IntrospectionEndpoint.java | 32 +- .../web/OAuthConfirmationController.java | 3 +- .../org/mitre/oauth2/web/RefreshTokenAPI.java | 33 +- .../mitre/oauth2/web/RevocationEndpoint.java | 3 +- .../java/org/mitre/oauth2/web/ScopeAPI.java | 3 +- .../ConnectAuthorizationRequestManager.java | 5 +- ...JwtBearerAssertionAuthenticationToken.java | 3 +- .../JwtBearerAuthenticationProvider.java | 7 +- ...rerClientAssertionTokenEndpointFilter.java | 3 +- .../openid/connect/filter/PromptFilter.java | 3 +- .../repository/impl/JpaAddressRepository.java | 3 +- .../impl/JpaApprovedSiteRepository.java | 9 +- .../impl/JpaBlacklistedSiteRepository.java | 3 +- .../repository/impl/JpaEventRepository.java | 3 +- .../repository/impl/JpaNonceRepository.java | 3 +- .../impl/JpaUserInfoRepository.java | 3 +- .../impl/JpaWhitelistedSiteRepository.java | 3 +- .../impl/DefaultApprovedSiteService.java | 11 +- .../impl/DefaultBlacklistedSiteService.java | 3 +- .../service/impl/DefaultNonceService.java | 5 +- .../service/impl/DefaultStatsService.java | 64 +- .../service/impl/DefaultUserInfoService.java | 3 +- .../DefaultUserInfoUserDetailsService.java | 5 +- .../impl/DefaultWhitelistedSiteService.java | 3 +- .../connect/token/ConnectTokenEnhancer.java | 9 +- .../token/TofuUserApprovalHandler.java | 3 +- .../view/AbstractClientEntityView.java | 37 +- .../view/ClientEntityViewForAdmins.java | 3 +- .../view/ClientEntityViewForUsers.java | 3 +- .../view/ClientInformationResponseView.java | 15 +- .../openid/connect/view/HttpCodeView.java | 3 +- .../openid/connect/view/JsonEntityView.java | 3 +- .../openid/connect/view/JsonErrorView.java | 3 +- .../openid/connect/view/UserInfoView.java | 5 +- .../openid/connect/web/ApprovedSiteAPI.java | 3 +- .../web/AuthenticationTimeStamper.java | 3 +- .../openid/connect/web/BlacklistAPI.java | 3 +- .../mitre/openid/connect/web/ClientAPI.java | 3 +- .../ClientDynamicRegistrationEndpoint.java | 14 +- .../connect/web/JsonWebKeyEndpoint.java | 3 +- .../openid/connect/web/ManagerController.java | 3 +- .../RequestObjectAuthorizationEndpoint.java | 3 +- .../connect/web/ServerConfigInterceptor.java | 3 +- .../mitre/openid/connect/web/StatsAPI.java | 15 +- .../openid/connect/web/UserInfoEndpoint.java | 3 +- .../openid/connect/web/WhitelistAPI.java | 3 +- ...faultOAuth2ClientDetailsEntityService.java | 33 +- ...TestDefaultOAuth2ProviderTokenService.java | 38 +- .../impl/TestDefaultSystemScopeService.java | 49 +- .../impl/TestDefaultApprovedSiteService.java | 55 +- .../TestDefaultBlacklistedSiteService.java | 41 +- .../service/impl/TestDefaultNonceService.java | 51 +- .../service/impl/TestDefaultStatsService.java | 23 +- ...TestDefaultUserInfoUserDetailsService.java | 63 +- .../TestDefaultWhitelistedSiteService.java | 11 +- 173 files changed, 1701 insertions(+), 1468 deletions(-) diff --git a/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/AuthorizationRequestImpl.java b/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/AuthorizationRequestImpl.java index 915082205..69a858b3a 100644 --- a/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/AuthorizationRequestImpl.java +++ b/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/AuthorizationRequestImpl.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + package org.mitre.oauth2.introspectingfilter; import java.util.Collection; diff --git a/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java b/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java index 8d8b49307..31ba256c2 100644 --- a/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java +++ b/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + package org.mitre.oauth2.introspectingfilter; import java.util.Date; @@ -38,7 +39,7 @@ import com.google.gson.JsonObject; import com.google.gson.JsonParser; /** - * This ResourceServerTokenServices implementation introspects incoming tokens at a + * This ResourceServerTokenServices implementation introspects incoming tokens at a * server's introspection endpoint URL and passes an Authentication object along * based on the response from the introspection endpoint. * @author jricher @@ -50,7 +51,7 @@ public class IntrospectingTokenService implements ResourceServerTokenServices { private String clientSecret; private IntrospectionUrlProvider introspectionUrlProvider; private IntrospectionAuthorityGranter introspectionAuthorityGranter = new SimpleIntrospectionAuthorityGranter(); - + // Inner class to store in the hash map private class TokenCacheObject { OAuth2AccessToken token; @@ -132,7 +133,7 @@ public class IntrospectingTokenService implements ResourceServerTokenServices { // find out which URL to ask String introspectionUrl = introspectionUrlProvider.getIntrospectionUrl(accessToken); - + // Use the SpringFramework RestTemplate to send the request to the // endpoint String validatedToken = null; diff --git a/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionAuthorityGranter.java b/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionAuthorityGranter.java index 286846ca0..29688091b 100644 --- a/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionAuthorityGranter.java +++ b/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionAuthorityGranter.java @@ -1,3 +1,20 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + + /** * */ @@ -16,5 +33,5 @@ import com.google.gson.JsonObject; public interface IntrospectionAuthorityGranter { public List getAuthorities(JsonObject introspectionResponse); - + } diff --git a/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionUrlProvider.java b/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionUrlProvider.java index 78c39ba67..5bfbd8f59 100644 --- a/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionUrlProvider.java +++ b/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionUrlProvider.java @@ -1,3 +1,20 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + + /** * */ @@ -15,5 +32,5 @@ public interface IntrospectionUrlProvider { * @return */ public String getIntrospectionUrl(String accessToken); - + } diff --git a/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/JWTParsingIntrospectionUrlProvider.java b/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/JWTParsingIntrospectionUrlProvider.java index 187c26447..6a06d502f 100644 --- a/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/JWTParsingIntrospectionUrlProvider.java +++ b/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/JWTParsingIntrospectionUrlProvider.java @@ -1,11 +1,26 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + + /** * */ package org.mitre.oauth2.introspectingfilter; import java.text.ParseException; -import java.util.HashSet; -import java.util.Set; import org.mitre.openid.connect.client.service.ServerConfigurationService; import org.mitre.openid.connect.config.ServerConfiguration; @@ -26,7 +41,7 @@ import com.nimbusds.jwt.JWTParser; public class JWTParsingIntrospectionUrlProvider implements IntrospectionUrlProvider { private ServerConfigurationService serverConfigurationService; - + /** * @return the serverConfigurationService */ @@ -46,33 +61,33 @@ public class JWTParsingIntrospectionUrlProvider implements IntrospectionUrlProvi */ @Override public String getIntrospectionUrl(String accessToken) { - + try { - JWT jwt = JWTParser.parse(accessToken); - - String issuer = jwt.getJWTClaimsSet().getIssuer(); - if (!Strings.isNullOrEmpty(issuer)) { - - - - ServerConfiguration server = serverConfigurationService.getServerConfiguration(issuer); - if (server != null) { - if (!Strings.isNullOrEmpty(server.getIntrospectionEndpointUri())) { - return server.getIntrospectionEndpointUri(); - } else { - throw new IllegalArgumentException("Server does not have Introspection Endpoint defined"); - } - } else { - throw new IllegalArgumentException("Could not find server configuration for issuer " + issuer); - } - } else { - throw new IllegalArgumentException("No issuer claim found in JWT"); - } - - } catch (ParseException e) { - throw new IllegalArgumentException("Unable to parse JWT", e); - } - + JWT jwt = JWTParser.parse(accessToken); + + String issuer = jwt.getJWTClaimsSet().getIssuer(); + if (!Strings.isNullOrEmpty(issuer)) { + + + + ServerConfiguration server = serverConfigurationService.getServerConfiguration(issuer); + if (server != null) { + if (!Strings.isNullOrEmpty(server.getIntrospectionEndpointUri())) { + return server.getIntrospectionEndpointUri(); + } else { + throw new IllegalArgumentException("Server does not have Introspection Endpoint defined"); + } + } else { + throw new IllegalArgumentException("Could not find server configuration for issuer " + issuer); + } + } else { + throw new IllegalArgumentException("No issuer claim found in JWT"); + } + + } catch (ParseException e) { + throw new IllegalArgumentException("Unable to parse JWT", e); + } + } } diff --git a/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/OAuth2AccessTokenImpl.java b/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/OAuth2AccessTokenImpl.java index a2b9765f8..ce3bd644d 100644 --- a/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/OAuth2AccessTokenImpl.java +++ b/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/OAuth2AccessTokenImpl.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + package org.mitre.oauth2.introspectingfilter; import java.text.DateFormat; diff --git a/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/SimpleIntrospectionAuthorityGranter.java b/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/SimpleIntrospectionAuthorityGranter.java index da9da9472..5d9d145b1 100644 --- a/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/SimpleIntrospectionAuthorityGranter.java +++ b/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/SimpleIntrospectionAuthorityGranter.java @@ -1,3 +1,20 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + + /** * */ @@ -20,7 +37,7 @@ import com.google.gson.JsonObject; public class SimpleIntrospectionAuthorityGranter implements IntrospectionAuthorityGranter { private List authorities = AuthorityUtils.createAuthorityList("ROLE_API"); - + /* (non-Javadoc) * @see org.mitre.oauth2.introspectingfilter.IntrospectionAuthorityGranter#getAuthorities(net.minidev.json.JSONObject) */ diff --git a/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/StaticIntrospectionUrlProvider.java b/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/StaticIntrospectionUrlProvider.java index a8e1aeaf9..d0e2a27f7 100644 --- a/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/StaticIntrospectionUrlProvider.java +++ b/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/StaticIntrospectionUrlProvider.java @@ -1,3 +1,20 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + + /** * */ @@ -13,8 +30,8 @@ package org.mitre.oauth2.introspectingfilter; */ public class StaticIntrospectionUrlProvider implements IntrospectionUrlProvider { - private String introspectionUrl; - + private String introspectionUrl; + /** * @return the introspectionUrl */ diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/NamedAdminAuthoritiesMapper.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/NamedAdminAuthoritiesMapper.java index 33b961fef..52616ce50 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/NamedAdminAuthoritiesMapper.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/NamedAdminAuthoritiesMapper.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + /** * */ diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java index 1fac5d77e..3508d3736 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + package org.mitre.openid.connect.client; import java.io.IOException; @@ -185,7 +186,7 @@ public class OIDCAuthenticationFilter extends AbstractAuthenticationProcessingFi throw new AuthenticationServiceException("No client configuration found for issuer: " + issuer); } - String redirectUri = null; + String redirectUri = null; if (clientConfig.getRegisteredRedirectUri() != null && clientConfig.getRegisteredRedirectUri().size() == 1) { // if there's a redirect uri configured (and only one), use that redirectUri = clientConfig.getRegisteredRedirectUri().toArray(new String[] {})[0]; diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationProvider.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationProvider.java index 16551f3ba..5b45fd0a8 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationProvider.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationProvider.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + package org.mitre.openid.connect.client; import java.util.Collection; diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/SubjectIssuerGrantedAuthority.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/SubjectIssuerGrantedAuthority.java index d3d3fae5e..915b2939d 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/SubjectIssuerGrantedAuthority.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/SubjectIssuerGrantedAuthority.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + /** * */ diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/UserInfoFetcher.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/UserInfoFetcher.java index 2cdbd9db7..68c8cf209 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/UserInfoFetcher.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/UserInfoFetcher.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + package org.mitre.openid.connect.client; import org.apache.http.client.HttpClient; diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisher.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisher.java index f4d6d3b9d..5e267a3de 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisher.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisher.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + package org.mitre.openid.connect.client.keypublisher; import java.util.Map; diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisherMapping.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisherMapping.java index 2e07b3225..f830b5428 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisherMapping.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisherMapping.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + /** * */ diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/JwkViewResolver.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/JwkViewResolver.java index 005bdcfc8..6b5b3677d 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/JwkViewResolver.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/JwkViewResolver.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + /** * */ diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/model/IssuerServiceResponse.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/model/IssuerServiceResponse.java index ef8347f7f..5e7ce5186 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/model/IssuerServiceResponse.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/model/IssuerServiceResponse.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + /** * */ diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/AuthRequestUrlBuilder.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/AuthRequestUrlBuilder.java index 0e681d8e9..1073f7942 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/AuthRequestUrlBuilder.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/AuthRequestUrlBuilder.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + /** * */ @@ -21,7 +22,6 @@ package org.mitre.openid.connect.client.service; import org.mitre.oauth2.model.RegisteredClient; import org.mitre.openid.connect.config.ServerConfiguration; -import org.springframework.security.oauth2.provider.ClientDetails; /** * @author jricher diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/ClientConfigurationService.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/ClientConfigurationService.java index 63ccec169..2f05d72e0 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/ClientConfigurationService.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/ClientConfigurationService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,15 +13,15 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + /** * */ package org.mitre.openid.connect.client.service; -import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.RegisteredClient; import org.mitre.openid.connect.config.ServerConfiguration; -import org.springframework.security.oauth2.provider.ClientDetails; /** * @author jricher diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/IssuerService.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/IssuerService.java index 865fab9f7..f15157e16 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/IssuerService.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/IssuerService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + /** * */ diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/RegisteredClientService.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/RegisteredClientService.java index d558cd05d..9fdb2a620 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/RegisteredClientService.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/RegisteredClientService.java @@ -1,3 +1,20 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + + /** * */ @@ -12,13 +29,13 @@ import org.mitre.oauth2.model.RegisteredClient; public interface RegisteredClientService { /** - * Get a remembered client (if one exists) to talk to the given issuer. This - * client likely doesn't have its full configuration information but contains + * Get a remembered client (if one exists) to talk to the given issuer. This + * client likely doesn't have its full configuration information but contains * the information needed to fetch it. * @param issuer * @return */ - RegisteredClient getByIssuer(String issuer); + RegisteredClient getByIssuer(String issuer); /** * Save this client's information for talking to the given issuer. This will @@ -26,6 +43,6 @@ public interface RegisteredClientService { * the server. * @param client */ - void save(String issuer, RegisteredClient client); + void save(String issuer, RegisteredClient client); } diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/ServerConfigurationService.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/ServerConfigurationService.java index e7af3dee4..67295bde1 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/ServerConfigurationService.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/ServerConfigurationService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + /** * */ diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/DynamicRegistrationClientConfigurationService.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/DynamicRegistrationClientConfigurationService.java index c5693d10b..ac7dc8b4f 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/DynamicRegistrationClientConfigurationService.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/DynamicRegistrationClientConfigurationService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + /** * */ @@ -56,15 +57,15 @@ public class DynamicRegistrationClientConfigurationService implements ClientConf private static Logger logger = LoggerFactory.getLogger(DynamicServerConfigurationService.class); private LoadingCache clients; - + private RegisteredClientService registeredClientService = new InMemoryRegisteredClientService(); // TODO: make sure the template doesn't have "client_id", "client_secret", or "registration_access_token" set on it already private RegisteredClient template; - + private Set whitelist = new HashSet(); private Set blacklist = new HashSet(); - + public DynamicRegistrationClientConfigurationService() { clients = CacheBuilder.newBuilder().build(new DynamicClientRegistrationLoader()); } @@ -75,11 +76,11 @@ public class DynamicRegistrationClientConfigurationService implements ClientConf if (!whitelist.isEmpty() && !whitelist.contains(issuer)) { throw new AuthenticationServiceException("Whitelist was nonempty, issuer was not in whitelist: " + issuer); } - + if (blacklist.contains(issuer)) { throw new AuthenticationServiceException("Issuer was in blacklist: " + issuer); } - + return clients.get(issuer); } catch (ExecutionException e) { logger.warn("Unable to get client configuration", e); @@ -162,42 +163,42 @@ public class DynamicRegistrationClientConfigurationService implements ClientConf public RegisteredClient load(ServerConfiguration serverConfig) throws Exception { RestTemplate restTemplate = new RestTemplate(httpFactory); - + RegisteredClient knownClient = registeredClientService.getByIssuer(serverConfig.getIssuer()); if (knownClient == null) { - + // dynamically register this client JsonObject jsonRequest = ClientDetailsEntityJsonProcessor.serialize(template); - + HttpHeaders headers = new HttpHeaders(); headers.setContentType(MediaType.APPLICATION_JSON); headers.setAccept(Lists.newArrayList(MediaType.APPLICATION_JSON)); - + HttpEntity entity = new HttpEntity(jsonRequest.toString(), headers); - + String registered = restTemplate.postForObject(serverConfig.getRegistrationEndpointUri(), entity, String.class); // TODO: handle HTTP errors - + RegisteredClient client = ClientDetailsEntityJsonProcessor.parseRegistered(registered); - - // save this client for later + + // save this client for later registeredClientService.save(serverConfig.getIssuer(), client); - + return client; } else { - + // load this client's information from the server HttpHeaders headers = new HttpHeaders(); headers.set("Authorization", String.format("%s %s", OAuth2AccessToken.BEARER_TYPE, knownClient.getRegistrationAccessToken())); headers.setAccept(Lists.newArrayList(MediaType.APPLICATION_JSON)); HttpEntity entity = new HttpEntity(headers); - + String registered = restTemplate.exchange(knownClient.getRegistrationClientUri(), HttpMethod.GET, entity, String.class).getBody(); // TODO: handle HTTP errors - + RegisteredClient client = ClientDetailsEntityJsonProcessor.parseRegistered(registered); - + return client; } } diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/DynamicServerConfigurationService.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/DynamicServerConfigurationService.java index d0b61a38f..c7c367e75 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/DynamicServerConfigurationService.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/DynamicServerConfigurationService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + /** * */ @@ -56,7 +57,7 @@ public class DynamicServerConfigurationService implements ServerConfigurationSer private Set whitelist = new HashSet(); private Set blacklist = new HashSet(); - + public DynamicServerConfigurationService() { // initialize the cache servers = CacheBuilder.newBuilder().build(new OpenIDConnectServiceConfigurationFetcher()); @@ -93,15 +94,15 @@ public class DynamicServerConfigurationService implements ServerConfigurationSer @Override public ServerConfiguration getServerConfiguration(String issuer) { try { - + if (!whitelist.isEmpty() && !whitelist.contains(issuer)) { throw new AuthenticationServiceException("Whitelist was nonempty, issuer was not in whitelist: " + issuer); } - + if (blacklist.contains(issuer)) { throw new AuthenticationServiceException("Issuer was in blacklist: " + issuer); } - + return servers.get(issuer); } catch (ExecutionException e) { logger.warn("Couldn't load configuration for " + issuer, e); @@ -141,13 +142,13 @@ public class DynamicServerConfigurationService implements ServerConfigurationSer if (!o.has("issuer")) { throw new IllegalStateException("Returned object did not have an 'issuer' field"); } - + if (!issuer.equals(o.get("issuer").getAsString())) { throw new IllegalStateException("Discovered issuers didn't match, expected " + issuer + " got " + o.get("issuer").getAsString()); } conf.setIssuer(o.get("issuer").getAsString()); - + if (o.has("authorization_endpoint")) { conf.setAuthorizationEndpointUri(o.get("authorization_endpoint").getAsString()); } @@ -166,7 +167,7 @@ public class DynamicServerConfigurationService implements ServerConfigurationSer if (o.has("introspection_endpoint")) { conf.setIntrospectionEndpointUri(o.get("introspection_endpoint").getAsString()); } - + return conf; } else { throw new IllegalStateException("Couldn't parse server discovery results for " + url); diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/HybridClientConfigurationService.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/HybridClientConfigurationService.java index cd08b8a11..5e38e5825 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/HybridClientConfigurationService.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/HybridClientConfigurationService.java @@ -1,3 +1,20 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + + /** * */ @@ -25,102 +42,102 @@ import org.mitre.openid.connect.config.ServerConfiguration; public class HybridClientConfigurationService implements ClientConfigurationService { private StaticClientConfigurationService staticClientService = new StaticClientConfigurationService(); - + private DynamicRegistrationClientConfigurationService dynamicClientService = new DynamicRegistrationClientConfigurationService(); - + /* (non-Javadoc) * @see org.mitre.openid.connect.client.service.ClientConfigurationService#getClientConfiguration(org.mitre.openid.connect.config.ServerConfiguration) */ @Override public RegisteredClient getClientConfiguration(ServerConfiguration issuer) { - + RegisteredClient client = staticClientService.getClientConfiguration(issuer); if (client != null) { return client; } else { return dynamicClientService.getClientConfiguration(issuer); } - + } /** * @return * @see org.mitre.openid.connect.client.service.impl.StaticClientConfigurationService#getClients() */ - public Map getClients() { - return staticClientService.getClients(); - } + public Map getClients() { + return staticClientService.getClients(); + } /** * @param clients * @see org.mitre.openid.connect.client.service.impl.StaticClientConfigurationService#setClients(java.util.Map) */ - public void setClients(Map clients) { - staticClientService.setClients(clients); - } + public void setClients(Map clients) { + staticClientService.setClients(clients); + } /** * @return * @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#getTemplate() */ - public RegisteredClient getTemplate() { - return dynamicClientService.getTemplate(); - } + public RegisteredClient getTemplate() { + return dynamicClientService.getTemplate(); + } /** * @param template * @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#setTemplate(org.mitre.oauth2.model.RegisteredClient) */ - public void setTemplate(RegisteredClient template) { - dynamicClientService.setTemplate(template); - } + public void setTemplate(RegisteredClient template) { + dynamicClientService.setTemplate(template); + } /** * @return * @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#getRegisteredClientService() */ - public RegisteredClientService getRegisteredClientService() { - return dynamicClientService.getRegisteredClientService(); - } + public RegisteredClientService getRegisteredClientService() { + return dynamicClientService.getRegisteredClientService(); + } /** * @param registeredClientService * @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#setRegisteredClientService(org.mitre.openid.connect.client.service.RegisteredClientService) */ - public void setRegisteredClientService(RegisteredClientService registeredClientService) { - dynamicClientService.setRegisteredClientService(registeredClientService); - } + public void setRegisteredClientService(RegisteredClientService registeredClientService) { + dynamicClientService.setRegisteredClientService(registeredClientService); + } /** * @return * @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#getWhitelist() */ - public Set getWhitelist() { - return dynamicClientService.getWhitelist(); - } + public Set getWhitelist() { + return dynamicClientService.getWhitelist(); + } /** * @param whitelist * @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#setWhitelist(java.util.Set) */ - public void setWhitelist(Set whitelist) { - dynamicClientService.setWhitelist(whitelist); - } + public void setWhitelist(Set whitelist) { + dynamicClientService.setWhitelist(whitelist); + } /** * @return * @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#getBlacklist() */ - public Set getBlacklist() { - return dynamicClientService.getBlacklist(); - } + public Set getBlacklist() { + return dynamicClientService.getBlacklist(); + } /** * @param blacklist * @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#setBlacklist(java.util.Set) */ - public void setBlacklist(Set blacklist) { - dynamicClientService.setBlacklist(blacklist); - } + public void setBlacklist(Set blacklist) { + dynamicClientService.setBlacklist(blacklist); + } } diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/HybridServerConfigurationService.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/HybridServerConfigurationService.java index 272efb13a..5561de2fa 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/HybridServerConfigurationService.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/HybridServerConfigurationService.java @@ -1,3 +1,20 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + + /** * */ @@ -14,7 +31,7 @@ import org.mitre.openid.connect.config.ServerConfiguration; * service in one object. Checks the static service first, then falls through to * the dynamic service. * - * Provides configuration passthrough to the dynamic service's whitelist and blacklist, + * Provides configuration passthrough to the dynamic service's whitelist and blacklist, * and to the static service's server map. * * @@ -22,11 +39,11 @@ import org.mitre.openid.connect.config.ServerConfiguration; * */ public class HybridServerConfigurationService implements ServerConfigurationService { - + private StaticServerConfigurationService staticServerService; - + private DynamicServerConfigurationService dynamicServerService; - + /* (non-Javadoc) * @see org.mitre.openid.connect.client.service.ServerConfigurationService#getServerConfiguration(java.lang.String) @@ -46,53 +63,53 @@ public class HybridServerConfigurationService implements ServerConfigurationServ * @return * @see org.mitre.openid.connect.client.service.impl.StaticServerConfigurationService#getServers() */ - public Map getServers() { - return staticServerService.getServers(); - } + public Map getServers() { + return staticServerService.getServers(); + } /** * @param servers * @see org.mitre.openid.connect.client.service.impl.StaticServerConfigurationService#setServers(java.util.Map) */ - public void setServers(Map servers) { - staticServerService.setServers(servers); - } + public void setServers(Map servers) { + staticServerService.setServers(servers); + } /** * @return * @see org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService#getWhitelist() */ - public Set getWhitelist() { - return dynamicServerService.getWhitelist(); - } + public Set getWhitelist() { + return dynamicServerService.getWhitelist(); + } /** * @param whitelist * @see org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService#setWhitelist(java.util.Set) */ - public void setWhitelist(Set whitelist) { - dynamicServerService.setWhitelist(whitelist); - } + public void setWhitelist(Set whitelist) { + dynamicServerService.setWhitelist(whitelist); + } /** * @return * @see org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService#getBlacklist() */ - public Set getBlacklist() { - return dynamicServerService.getBlacklist(); - } + public Set getBlacklist() { + return dynamicServerService.getBlacklist(); + } /** * @param blacklist * @see org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService#setBlacklist(java.util.Set) */ - public void setBlacklist(Set blacklist) { - dynamicServerService.setBlacklist(blacklist); - } + public void setBlacklist(Set blacklist) { + dynamicServerService.setBlacklist(blacklist); + } } diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/InMemoryRegisteredClientService.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/InMemoryRegisteredClientService.java index aeb4dbde6..ecc01965a 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/InMemoryRegisteredClientService.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/InMemoryRegisteredClientService.java @@ -1,3 +1,20 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + + /** * */ @@ -16,7 +33,7 @@ import org.mitre.openid.connect.client.service.RegisteredClientService; public class InMemoryRegisteredClientService implements RegisteredClientService { private Map clients = new HashMap(); - + /* (non-Javadoc) * @see org.mitre.openid.connect.client.service.RegisteredClientService#getByIssuer(java.lang.String) */ diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/JsonFileRegisteredClientService.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/JsonFileRegisteredClientService.java index 324679336..353c08176 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/JsonFileRegisteredClientService.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/JsonFileRegisteredClientService.java @@ -1,12 +1,27 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + + /** * */ package org.mitre.openid.connect.client.service.impl; import java.io.File; -import java.io.FileInputStream; import java.io.FileNotFoundException; -import java.io.FileOutputStream; import java.io.FileReader; import java.io.FileWriter; import java.io.IOException; @@ -38,11 +53,11 @@ import com.google.gson.JsonSerializer; public class JsonFileRegisteredClientService implements RegisteredClientService { private static Logger logger = LoggerFactory.getLogger(JsonFileRegisteredClientService.class); - + private Gson gson = new GsonBuilder() .registerTypeAdapter(RegisteredClient.class, new JsonSerializer() { @Override - public JsonElement serialize(RegisteredClient src, Type typeOfSrc, JsonSerializationContext context) { + public JsonElement serialize(RegisteredClient src, Type typeOfSrc, JsonSerializationContext context) { JsonObject obj = new JsonObject(); obj.addProperty("token", src.getRegistrationAccessToken()); obj.addProperty("uri", src.getRegistrationClientUri()); @@ -52,12 +67,12 @@ public class JsonFileRegisteredClientService implements RegisteredClientService if (src.getClientSecretExpiresAt() != null) { obj.addProperty("expires", src.getClientSecretExpiresAt().getTime()); } - return obj; - } + return obj; + } }) .registerTypeAdapter(RegisteredClient.class, new JsonDeserializer() { @Override - public RegisteredClient deserialize(JsonElement json, Type typeOfT, JsonDeserializationContext context) throws JsonParseException { + public RegisteredClient deserialize(JsonElement json, Type typeOfT, JsonDeserializationContext context) throws JsonParseException { if (json.isJsonObject()) { JsonObject src = json.getAsJsonObject(); RegisteredClient rc = new RegisteredClient(); @@ -73,19 +88,19 @@ public class JsonFileRegisteredClientService implements RegisteredClientService } else { return null; } - } + } }) .create(); - + private File file; - + private Map clients = new HashMap(); - + public JsonFileRegisteredClientService(String filename) { this.file = new File(filename); load(); } - + /* (non-Javadoc) * @see org.mitre.openid.connect.client.service.RegisteredClientService#getByIssuer(java.lang.String) */ @@ -102,7 +117,7 @@ public class JsonFileRegisteredClientService implements RegisteredClientService clients.put(issuer, client); write(); } - + /** * Sync the map of clients out to disk. */ @@ -114,18 +129,18 @@ public class JsonFileRegisteredClientService implements RegisteredClientService file.createNewFile(); } FileWriter out = new FileWriter(file); - - gson.toJson(clients, new TypeToken>(){}.getType(), out); - - out.close(); - - } catch (FileNotFoundException e) { - logger.error("Could not write to output file", e); - } catch (IOException e) { - logger.error("Could not write to output file", e); - } + + gson.toJson(clients, new TypeToken>(){}.getType(), out); + + out.close(); + + } catch (FileNotFoundException e) { + logger.error("Could not write to output file", e); + } catch (IOException e) { + logger.error("Could not write to output file", e); + } } - + /** * Load the map in from disk. */ @@ -136,16 +151,16 @@ public class JsonFileRegisteredClientService implements RegisteredClientService return; } FileReader in = new FileReader(file); - + clients = gson.fromJson(in, new TypeToken>(){}.getType()); - + in.close(); - - } catch (FileNotFoundException e) { - logger.error("Could not read from input file", e); - } catch (IOException e) { - logger.error("Could not read from input file", e); - } + + } catch (FileNotFoundException e) { + logger.error("Could not read from input file", e); + } catch (IOException e) { + logger.error("Could not read from input file", e); + } } } diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/PlainAuthRequestUrlBuilder.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/PlainAuthRequestUrlBuilder.java index dfa30b493..627fa5d03 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/PlainAuthRequestUrlBuilder.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/PlainAuthRequestUrlBuilder.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + /** * */ diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/SignedAuthRequestUrlBuilder.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/SignedAuthRequestUrlBuilder.java index 21909dcbc..ae1356e4b 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/SignedAuthRequestUrlBuilder.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/SignedAuthRequestUrlBuilder.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + /** * */ diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticClientConfigurationService.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticClientConfigurationService.java index 4baf6b729..2608834ee 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticClientConfigurationService.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticClientConfigurationService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + /** * */ diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticServerConfigurationService.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticServerConfigurationService.java index d06a2fd2b..2a2746e08 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticServerConfigurationService.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticServerConfigurationService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + /** * */ diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticSingleIssuerService.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticSingleIssuerService.java index 89bb2880a..cd32105f9 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticSingleIssuerService.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticSingleIssuerService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + /** * */ diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/ThirdPartyIssuerService.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/ThirdPartyIssuerService.java index f008b7b41..cae1af26a 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/ThirdPartyIssuerService.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/ThirdPartyIssuerService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + /** * */ @@ -43,7 +44,7 @@ import com.google.common.base.Strings; public class ThirdPartyIssuerService implements IssuerService { private String accountChooserUrl; - + private Set whitelist = new HashSet(); private Set blacklist = new HashSet(); @@ -59,11 +60,11 @@ public class ThirdPartyIssuerService implements IssuerService { if (!whitelist.isEmpty() && !whitelist.contains(iss)) { throw new AuthenticationServiceException("Whitelist was nonempty, issuer was not in whitelist: " + iss); } - + if (blacklist.contains(iss)) { throw new AuthenticationServiceException("Issuer was in blacklist: " + iss); } - + return new IssuerServiceResponse(iss, request.getParameter("login_hint"), request.getParameter("target_link_uri")); } else { diff --git a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/WebfingerIssuerService.java b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/WebfingerIssuerService.java index 8c6a18205..8e9f04595 100644 --- a/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/WebfingerIssuerService.java +++ b/openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/WebfingerIssuerService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +13,8 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + /** * */ @@ -89,11 +90,11 @@ public class WebfingerIssuerService implements IssuerService { if (!whitelist.isEmpty() && !whitelist.contains(issuer)) { throw new AuthenticationServiceException("Whitelist was nonempty, issuer was not in whitelist: " + issuer); } - + if (blacklist.contains(issuer)) { throw new AuthenticationServiceException("Issuer was in blacklist: " + issuer); } - + return new IssuerServiceResponse(issuer, null, null); } catch (ExecutionException e) { logger.warn("Issue fetching issuer for user input: " + identifier, e); @@ -177,7 +178,7 @@ public class WebfingerIssuerService implements IssuerService { RestTemplate restTemplate = new RestTemplate(httpFactory); // construct the URL to go to - + // preserving http scheme is strictly for demo system use only. String scheme = key.getScheme(); if (!Strings.isNullOrEmpty(scheme) && scheme.equals("http")) { @@ -188,13 +189,13 @@ public class WebfingerIssuerService implements IssuerService { } // do a webfinger lookup - URIBuilder builder = new URIBuilder(scheme - + key.getHost() - + (key.getPort() >= 0 ? ":" + key.getPort() : "") - + Strings.nullToEmpty(key.getPath()) - + "/.well-known/webfinger" - + (Strings.isNullOrEmpty(key.getQuery()) ? "" : "?" + key.getQuery()) - ); + URIBuilder builder = new URIBuilder(scheme + + key.getHost() + + (key.getPort() >= 0 ? ":" + key.getPort() : "") + + Strings.nullToEmpty(key.getPath()) + + "/.well-known/webfinger" + + (Strings.isNullOrEmpty(key.getQuery()) ? "" : "?" + key.getQuery()) + ); builder.addParameter("resource", key.toString()); builder.addParameter("rel", "http://openid.net/specs/connect/1.0/issuer"); @@ -226,7 +227,7 @@ public class WebfingerIssuerService implements IssuerService { } // we couldn't find it - + if (key.getScheme().equals("http") || key.getScheme().equals("https")) { // if it looks like HTTP then punt and return the input logger.warn("Returning normalized input string as issuer, hoping for the best: " + key.toString()); @@ -236,7 +237,7 @@ public class WebfingerIssuerService implements IssuerService { logger.warn("Couldn't find issuer: " + key.toString()); return null; } - + } } diff --git a/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestHybridClientConfigurationService.java b/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestHybridClientConfigurationService.java index 3beaac872..21c22c808 100644 --- a/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestHybridClientConfigurationService.java +++ b/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestHybridClientConfigurationService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,12 +13,9 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ -package org.mitre.openid.connect.client.service.impl; -import static org.hamcrest.CoreMatchers.is; -import static org.hamcrest.CoreMatchers.nullValue; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertThat; + +package org.mitre.openid.connect.client.service.impl; import org.junit.Before; import org.junit.Test; @@ -27,65 +23,71 @@ import org.junit.runner.RunWith; import org.mitre.oauth2.model.RegisteredClient; import org.mitre.openid.connect.config.ServerConfiguration; import org.mockito.InjectMocks; +import org.mockito.Matchers; import org.mockito.Mock; import org.mockito.Mockito; import org.mockito.runners.MockitoJUnitRunner; +import static org.hamcrest.CoreMatchers.is; +import static org.hamcrest.CoreMatchers.nullValue; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertThat; + /** * @author wkim * */ @RunWith(MockitoJUnitRunner.class) public class TestHybridClientConfigurationService { - + @Mock private StaticClientConfigurationService mockStaticService; - + @Mock private DynamicRegistrationClientConfigurationService mockDynamicService; - + @InjectMocks private HybridClientConfigurationService hybridService; - + // test fixture - + @Mock private RegisteredClient mockClient; - + @Mock private ServerConfiguration mockServerConfig; - + private String issuer = "https://www.example.com/"; - + @Before public void prepare() { - + Mockito.reset(mockDynamicService, mockStaticService); - + Mockito.when(mockServerConfig.getIssuer()).thenReturn(issuer); - + } - + @Test public void getClientConfiguration_useStatic() { - + Mockito.when(mockStaticService.getClientConfiguration(mockServerConfig)).thenReturn(mockClient); - + RegisteredClient result = hybridService.getClientConfiguration(mockServerConfig); - + Mockito.verify(mockStaticService).getClientConfiguration(mockServerConfig); - Mockito.verify(mockDynamicService, Mockito.never()).getClientConfiguration(Mockito.any(ServerConfiguration.class)); + Mockito.verify(mockDynamicService, Mockito.never()).getClientConfiguration(Matchers.any(ServerConfiguration.class)); assertEquals(mockClient, result); } - + @Test public void getClientConfiguration_useDynamic() { - + Mockito.when(mockStaticService.getClientConfiguration(mockServerConfig)).thenReturn(null); Mockito.when(mockDynamicService.getClientConfiguration(mockServerConfig)).thenReturn(mockClient); - + RegisteredClient result = hybridService.getClientConfiguration(mockServerConfig); - + Mockito.verify(mockStaticService).getClientConfiguration(mockServerConfig); Mockito.verify(mockDynamicService).getClientConfiguration(mockServerConfig); assertEquals(mockClient, result); @@ -96,17 +98,17 @@ public class TestHybridClientConfigurationService { */ @Test public void getClientConfiguration_noIssuer() { - + // The mockServerConfig is known to both services Mockito.when(mockStaticService.getClientConfiguration(mockServerConfig)).thenReturn(mockClient); Mockito.when(mockDynamicService.getClientConfiguration(mockServerConfig)).thenReturn(mockClient); - + // But oh noes! We're going to ask it to find us some other issuer ServerConfiguration badIssuer = Mockito.mock(ServerConfiguration.class); Mockito.when(badIssuer.getIssuer()).thenReturn("www.badexample.com"); - + RegisteredClient result = hybridService.getClientConfiguration(badIssuer); - + Mockito.verify(mockStaticService).getClientConfiguration(badIssuer); Mockito.verify(mockDynamicService).getClientConfiguration(badIssuer); assertThat(result, is(nullValue())); diff --git a/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestHybridServerConfigurationService.java b/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestHybridServerConfigurationService.java index ceda6e1c2..53bb068b3 100644 --- a/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestHybridServerConfigurationService.java +++ b/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestHybridServerConfigurationService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,23 +13,26 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ + + package org.mitre.openid.connect.client.service.impl; -import static org.hamcrest.CoreMatchers.is; -import static org.hamcrest.CoreMatchers.nullValue; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertThat; - import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; import org.mitre.openid.connect.config.ServerConfiguration; import org.mockito.InjectMocks; +import org.mockito.Matchers; import org.mockito.Mock; import org.mockito.Mockito; import org.mockito.runners.MockitoJUnitRunner; +import static org.hamcrest.CoreMatchers.is; +import static org.hamcrest.CoreMatchers.nullValue; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertThat; + /** * @author wkim * @@ -40,44 +42,44 @@ public class TestHybridServerConfigurationService { @Mock private StaticServerConfigurationService mockStaticService; - + @Mock private DynamicServerConfigurationService mockDynamicService; - + @InjectMocks private HybridServerConfigurationService hybridService; - + @Mock private ServerConfiguration mockServerConfig; - + private String issuer = "https://www.example.com/"; - + @Before public void prepare() { - + Mockito.reset(mockDynamicService, mockStaticService); - + } - - + + @Test public void getServerConfiguration_useStatic() { - + Mockito.when(mockStaticService.getServerConfiguration(issuer)).thenReturn(mockServerConfig); - + ServerConfiguration result = hybridService.getServerConfiguration(issuer); - + Mockito.verify(mockStaticService).getServerConfiguration(issuer); - Mockito.verify(mockDynamicService, Mockito.never()).getServerConfiguration(Mockito.anyString()); + Mockito.verify(mockDynamicService, Mockito.never()).getServerConfiguration(Matchers.anyString()); assertEquals(mockServerConfig, result); } - + @Test public void getServerConfiguration_useDynamic() { - + Mockito.when(mockStaticService.getServerConfiguration(issuer)).thenReturn(null); Mockito.when(mockDynamicService.getServerConfiguration(issuer)).thenReturn(mockServerConfig); - + ServerConfiguration result = hybridService.getServerConfiguration(issuer); Mockito.verify(mockStaticService).getServerConfiguration(issuer); @@ -90,14 +92,14 @@ public class TestHybridServerConfigurationService { */ @Test public void getServerConfiguration_noIssuer() { - + Mockito.when(mockStaticService.getServerConfiguration(issuer)).thenReturn(mockServerConfig); Mockito.when(mockDynamicService.getServerConfiguration(issuer)).thenReturn(mockServerConfig); - + String badIssuer = "www.badexample.com"; - + ServerConfiguration result = hybridService.getServerConfiguration(badIssuer); - + Mockito.verify(mockStaticService).getServerConfiguration(badIssuer); Mockito.verify(mockDynamicService).getServerConfiguration(badIssuer); assertThat(result, is(nullValue())); diff --git a/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestPlainAuthRequestUrlBuilder.java b/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestPlainAuthRequestUrlBuilder.java index 1857dc0eb..f55211be7 100644 --- a/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestPlainAuthRequestUrlBuilder.java +++ b/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestPlainAuthRequestUrlBuilder.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,10 +13,9 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ -package org.mitre.openid.connect.client.service.impl; -import static org.hamcrest.CoreMatchers.equalTo; -import static org.junit.Assert.*; + +package org.mitre.openid.connect.client.service.impl; import org.junit.Before; import org.junit.Test; @@ -28,6 +26,9 @@ import org.springframework.security.authentication.AuthenticationServiceExceptio import com.google.common.collect.Sets; +import static org.hamcrest.CoreMatchers.equalTo; +import static org.junit.Assert.assertThat; + /** * @author wkim * @@ -37,41 +38,41 @@ public class TestPlainAuthRequestUrlBuilder { // Test fixture: ServerConfiguration serverConfig; RegisteredClient clientConfig; - + private PlainAuthRequestUrlBuilder urlBuilder = new PlainAuthRequestUrlBuilder(); @Before public void prepare() { - + serverConfig = Mockito.mock(ServerConfiguration.class); Mockito.when(serverConfig.getAuthorizationEndpointUri()).thenReturn("https://server.example.com/authorize"); - + clientConfig = Mockito.mock(RegisteredClient.class); Mockito.when(clientConfig.getClientId()).thenReturn("s6BhdRkqt3"); Mockito.when(clientConfig.getScope()).thenReturn(Sets.newHashSet("openid", "profile")); } - + @Test public void buildAuthRequestUrl() { - - String expectedUrl = "https://server.example.com/authorize?" + - "response_type=code" + - "&client_id=s6BhdRkqt3" + + + String expectedUrl = "https://server.example.com/authorize?" + + "response_type=code" + + "&client_id=s6BhdRkqt3" + "&scope=openid+profile" + // plus sign used for space per application/x-www-form-encoded standard - "&redirect_uri=https%3A%2F%2Fclient.example.org%2F" + + "&redirect_uri=https%3A%2F%2Fclient.example.org%2F" + "&nonce=34fasf3ds" + "&state=af0ifjsldkj"; String actualUrl = urlBuilder.buildAuthRequestUrl(serverConfig, clientConfig, "https://client.example.org/", "34fasf3ds", "af0ifjsldkj"); - + assertThat(actualUrl, equalTo(expectedUrl)); } - + @Test(expected = AuthenticationServiceException.class) public void buildAuthRequestUrl_badUri() { - + Mockito.when(serverConfig.getAuthorizationEndpointUri()).thenReturn("e=mc^2"); - + urlBuilder.buildAuthRequestUrl(serverConfig, clientConfig, "example.com", "", ""); } diff --git a/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestSignedAuthRequestUrlBuilder.java b/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestSignedAuthRequestUrlBuilder.java index 5b518a1d4..502e34ac7 100644 --- a/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestSignedAuthRequestUrlBuilder.java +++ b/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestSignedAuthRequestUrlBuilder.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,11 +13,9 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ -package org.mitre.openid.connect.client.service.impl; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertTrue; -import static org.junit.Assert.fail; + +package org.mitre.openid.connect.client.service.impl; import java.net.URI; import java.net.URISyntaxException; @@ -29,8 +26,6 @@ import java.util.Arrays; import java.util.List; import java.util.Map; -import net.minidev.json.JSONObject; - import org.junit.Before; import org.junit.Test; import org.mitre.jwt.signer.service.impl.DefaultJwtSigningAndValidationService; @@ -41,20 +36,20 @@ import org.springframework.security.authentication.AuthenticationServiceExceptio import org.springframework.web.util.UriComponents; import org.springframework.web.util.UriComponentsBuilder; -import com.google.common.base.Joiner; import com.google.common.collect.Maps; import com.google.common.collect.Sets; import com.nimbusds.jose.Algorithm; -import com.nimbusds.jose.JWSObject; import com.nimbusds.jose.jwk.JWK; import com.nimbusds.jose.jwk.RSAKey; import com.nimbusds.jose.jwk.Use; import com.nimbusds.jose.util.Base64URL; -import com.nimbusds.jose.util.JSONObjectUtils; -import com.nimbusds.jwt.JWTClaimsSet; import com.nimbusds.jwt.ReadOnlyJWTClaimsSet; import com.nimbusds.jwt.SignedJWT; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + /** * @author wkim * @@ -72,17 +67,17 @@ public class TestSignedAuthRequestUrlBuilder { // RSA key properties: // {@link package com.nimbusds.jose.jwk#RSAKey} - private String n = "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86zw" + - "u1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ_2W-5JsGY4Hc" + - "5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2QvzqY368QQMicAtaSqzs8K" + - "JZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt-bFTWhAI4vMQFh" + - "6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw"; + private String n = "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86zw" + + "u1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ_2W-5JsGY4Hc" + + "5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2QvzqY368QQMicAtaSqzs8K" + + "JZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt-bFTWhAI4vMQFh" + + "6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw"; private String e = "AQAB"; private String d = "X4cTteJY_gn4FYPsXB8rdXix5vwsg1FLN5E3EaG6RJoVH-HLLKD9M7dx5oo7GURknc" + - "hnrRweUkC7hT5fJLM0WbFAKNLWY2vv7B6NqXSzUvxT0_YSfqijwp3RTzlBaCxWp4doFk5" + - "N2o8Gy_nHNKroADIkJ46pRUohsXywbReAdYaMwFs9tv8d_cPVY3i07a3t8MN6TNwm0dSa" + - "wm9v47UiCl3Sk5ZiG7xojPLu4sbg1U2jx4IBTNBznbJSzFHK66jT8bgkuqsk0GjskDJk1" + - "9Z4qwjwbsnn4j2WBii3RL-Us2lGVkY8fkFzme1z0HbIkfz0Y6mqnOYtqc0X4jfcKoAC8Q"; + "hnrRweUkC7hT5fJLM0WbFAKNLWY2vv7B6NqXSzUvxT0_YSfqijwp3RTzlBaCxWp4doFk5" + + "N2o8Gy_nHNKroADIkJ46pRUohsXywbReAdYaMwFs9tv8d_cPVY3i07a3t8MN6TNwm0dSa" + + "wm9v47UiCl3Sk5ZiG7xojPLu4sbg1U2jx4IBTNBznbJSzFHK66jT8bgkuqsk0GjskDJk1" + + "9Z4qwjwbsnn4j2WBii3RL-Us2lGVkY8fkFzme1z0HbIkfz0Y6mqnOYtqc0X4jfcKoAC8Q"; private String alg = "RS256"; private String kid = "2011-04-29"; @@ -112,8 +107,8 @@ public class TestSignedAuthRequestUrlBuilder { } /** - * This test takes the URI from the result of building a signed request - * and checks that the JWS object parsed from the request URI matches up + * This test takes the URI from the result of building a signed request + * and checks that the JWS object parsed from the request URI matches up * with the expected claim values. */ @Test @@ -123,30 +118,30 @@ public class TestSignedAuthRequestUrlBuilder { // parsing the result UriComponentsBuilder builder = null; - + try { builder = UriComponentsBuilder.fromUri(new URI(requestUri)); } catch (URISyntaxException e1) { fail("URISyntaxException was thrown."); } - + UriComponents components = builder.build(); String jwtString = components.getQueryParams().get("request").get(0); ReadOnlyJWTClaimsSet claims = null; - + try { SignedJWT jwt = SignedJWT.parse(jwtString); claims = jwt.getJWTClaimsSet(); } catch (ParseException e) { fail("ParseException was thrown."); } - + assertEquals(responseType, claims.getClaim("response_type")); assertEquals(clientConfig.getClientId(), claims.getClaim("client_id")); - + List scopeList = Arrays.asList(((String) claims.getClaim("scope")).split(" ")); assertTrue(scopeList.containsAll(clientConfig.getScope())); - + assertEquals(redirectUri, claims.getClaim("redirect_uri")); assertEquals(nonce, claims.getClaim("nonce")); assertEquals(state, claims.getClaim("state")); diff --git a/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestStaticClientConfigurationService.java b/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestStaticClientConfigurationService.java index 27a9a0768..beebfc598 100644 --- a/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestStaticClientConfigurationService.java +++ b/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestStaticClientConfigurationService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,13 +13,9 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ -package org.mitre.openid.connect.client.service.impl; -import static org.hamcrest.CoreMatchers.is; -import static org.hamcrest.CoreMatchers.notNullValue; -import static org.hamcrest.CoreMatchers.nullValue; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertThat; + +package org.mitre.openid.connect.client.service.impl; import java.util.HashMap; import java.util.Map; @@ -34,54 +29,60 @@ import org.mockito.Mock; import org.mockito.Mockito; import org.mockito.runners.MockitoJUnitRunner; +import static org.hamcrest.CoreMatchers.is; +import static org.hamcrest.CoreMatchers.notNullValue; +import static org.hamcrest.CoreMatchers.nullValue; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertThat; + /** * @author wkim * */ @RunWith(MockitoJUnitRunner.class) public class TestStaticClientConfigurationService { - + private StaticClientConfigurationService service; - + private String issuer = "https://www.example.com/"; - + @Mock private RegisteredClient mockClient; - + @Mock private ServerConfiguration mockServerConfig; - + @Before public void prepare() { - + service = new StaticClientConfigurationService(); - + Map clients = new HashMap(); clients.put(issuer, mockClient); - + service.setClients(clients); - + Mockito.when(mockServerConfig.getIssuer()).thenReturn(issuer); } - + @Test public void getClientConfiguration_success() { - + RegisteredClient result = service.getClientConfiguration(mockServerConfig); - + assertThat(mockClient, is(notNullValue())); assertEquals(mockClient, result); } - + /** * Checks the behavior when the issuer is not known. */ @Test public void getClientConfiguration_noIssuer() { Mockito.when(mockServerConfig.getIssuer()).thenReturn("www.badexample.net"); - + RegisteredClient actualClient = service.getClientConfiguration(mockServerConfig); - + assertThat(actualClient, is(nullValue())); } diff --git a/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestStaticServerConfigurationService.java b/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestStaticServerConfigurationService.java index 54e121a17..056aa6019 100644 --- a/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestStaticServerConfigurationService.java +++ b/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestStaticServerConfigurationService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,13 +13,9 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ -package org.mitre.openid.connect.client.service.impl; -import static org.hamcrest.CoreMatchers.is; -import static org.hamcrest.CoreMatchers.notNullValue; -import static org.hamcrest.CoreMatchers.nullValue; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertThat; + +package org.mitre.openid.connect.client.service.impl; import java.util.HashMap; import java.util.Map; @@ -32,6 +27,12 @@ import org.mitre.openid.connect.config.ServerConfiguration; import org.mockito.Mock; import org.mockito.runners.MockitoJUnitRunner; +import static org.hamcrest.CoreMatchers.is; +import static org.hamcrest.CoreMatchers.notNullValue; +import static org.hamcrest.CoreMatchers.nullValue; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertThat; + /** * @author wkim * @@ -39,42 +40,42 @@ import org.mockito.runners.MockitoJUnitRunner; @RunWith(MockitoJUnitRunner.class) public class TestStaticServerConfigurationService { - + private StaticServerConfigurationService service; - + private String issuer = "https://www.example.com/"; - + @Mock private ServerConfiguration mockServerConfig; - + @Before public void prepare() { - + service = new StaticServerConfigurationService(); - + Map servers = new HashMap(); servers.put(issuer, mockServerConfig); - + service.setServers(servers); } - + @Test public void getServerConfiguration_success() { - + ServerConfiguration result = service.getServerConfiguration(issuer); - + assertThat(mockServerConfig, is(notNullValue())); assertEquals(mockServerConfig, result); } - + /** * Checks the behavior when the issuer is not known. */ @Test public void getClientConfiguration_noIssuer() { - + ServerConfiguration result = service.getServerConfiguration("www.badexample.net"); - + assertThat(result, is(nullValue())); } diff --git a/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestThirdPartyIssuerService.java b/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestThirdPartyIssuerService.java index 5412ceaa9..8d7a10d38 100644 --- a/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestThirdPartyIssuerService.java +++ b/openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestThirdPartyIssuerService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,11 +13,9 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ -package org.mitre.openid.connect.client.service.impl; -import static org.hamcrest.CoreMatchers.equalTo; -import static org.hamcrest.CoreMatchers.nullValue; -import static org.junit.Assert.*; + +package org.mitre.openid.connect.client.service.impl; import javax.servlet.http.HttpServletRequest; @@ -30,6 +27,10 @@ import org.springframework.security.authentication.AuthenticationServiceExceptio import com.google.common.collect.Sets; +import static org.hamcrest.CoreMatchers.equalTo; +import static org.hamcrest.CoreMatchers.nullValue; +import static org.junit.Assert.assertThat; + /** * @author wkim * diff --git a/openid-connect-common/src/main/java/org/mitre/discovery/util/WebfingerURLNormalizer.java b/openid-connect-common/src/main/java/org/mitre/discovery/util/WebfingerURLNormalizer.java index 3d0626cd3..01b8f936a 100644 --- a/openid-connect-common/src/main/java/org/mitre/discovery/util/WebfingerURLNormalizer.java +++ b/openid-connect-common/src/main/java/org/mitre/discovery/util/WebfingerURLNormalizer.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,6 +17,7 @@ package org.mitre.discovery.util; import java.util.regex.Matcher; import java.util.regex.Pattern; + import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.util.StringUtils; @@ -28,14 +28,14 @@ import com.google.common.base.Strings; /** * Provides utility methods for normalizing and parsing URIs for use with Webfinger Discovery. - * + * * @author wkim * */ public class WebfingerURLNormalizer { - + private static Logger logger = LoggerFactory.getLogger(WebfingerURLNormalizer.class); - + // pattern used to parse user input; we can't use the built-in java URI parser private static final Pattern pattern = Pattern.compile("^" + "((https|acct|http|mailto|tel|device):(//)?)?" + // scheme @@ -50,15 +50,15 @@ public class WebfingerURLNormalizer { "$" ); - - + + /** * Private constructor to prevent instantiation. */ private WebfingerURLNormalizer() { // intentionally blank } - + /** * Normalize the resource string as per OIDC Discovery. * @param identifier @@ -93,36 +93,36 @@ public class WebfingerURLNormalizer { logger.warn("Parser couldn't match input: " + identifier); return null; } - + UriComponents n = builder.build(); - + if (Strings.isNullOrEmpty(n.getScheme())) { if (!Strings.isNullOrEmpty(n.getUserInfo()) && Strings.isNullOrEmpty(n.getPath()) && Strings.isNullOrEmpty(n.getQuery()) && n.getPort() < 0) { - + // scheme empty, userinfo is not empty, path/query/port are empty // set to "acct" (rule 2) builder.scheme("acct"); - + } else { // scheme is empty, but rule 2 doesn't apply // set scheme to "https" (rule 3) builder.scheme("https"); } } - + // fragment must be stripped (rule 4) builder.fragment(null); - + return builder.build(); } } - + public static String serializeURL(UriComponents uri) { if (uri.getScheme() != null && (uri.getScheme().equals("acct") || @@ -130,9 +130,9 @@ public class WebfingerURLNormalizer { uri.getScheme().equals("tel") || uri.getScheme().equals("device") )) { - + // serializer copied from HierarchicalUriComponents but with "//" removed - + StringBuilder uriBuilder = new StringBuilder(); if (uri.getScheme() != null) { @@ -177,8 +177,8 @@ public class WebfingerURLNormalizer { } else { return uri.toUriString(); } - + } - + } diff --git a/openid-connect-common/src/main/java/org/mitre/jose/JWEAlgorithmEmbed.java b/openid-connect-common/src/main/java/org/mitre/jose/JWEAlgorithmEmbed.java index 696f451f0..61f228e72 100644 --- a/openid-connect-common/src/main/java/org/mitre/jose/JWEAlgorithmEmbed.java +++ b/openid-connect-common/src/main/java/org/mitre/jose/JWEAlgorithmEmbed.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/jose/JWEEncryptionMethodEmbed.java b/openid-connect-common/src/main/java/org/mitre/jose/JWEEncryptionMethodEmbed.java index 83a29cef9..9bd8b3c70 100644 --- a/openid-connect-common/src/main/java/org/mitre/jose/JWEEncryptionMethodEmbed.java +++ b/openid-connect-common/src/main/java/org/mitre/jose/JWEEncryptionMethodEmbed.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/jose/JWSAlgorithmEmbed.java b/openid-connect-common/src/main/java/org/mitre/jose/JWSAlgorithmEmbed.java index 2057d2993..803d75c09 100644 --- a/openid-connect-common/src/main/java/org/mitre/jose/JWSAlgorithmEmbed.java +++ b/openid-connect-common/src/main/java/org/mitre/jose/JWSAlgorithmEmbed.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/jose/keystore/JWKSetKeyStore.java b/openid-connect-common/src/main/java/org/mitre/jose/keystore/JWKSetKeyStore.java index 71ffefe85..2168de3b5 100644 --- a/openid-connect-common/src/main/java/org/mitre/jose/keystore/JWKSetKeyStore.java +++ b/openid-connect-common/src/main/java/org/mitre/jose/keystore/JWKSetKeyStore.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/JwtSigningAndValidationService.java b/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/JwtSigningAndValidationService.java index 0cd2f12f7..36eeb4e9b 100644 --- a/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/JwtSigningAndValidationService.java +++ b/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/JwtSigningAndValidationService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/DefaultJwtSigningAndValidationService.java b/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/DefaultJwtSigningAndValidationService.java index 82498ea4d..497524db4 100644 --- a/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/DefaultJwtSigningAndValidationService.java +++ b/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/DefaultJwtSigningAndValidationService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -115,7 +114,7 @@ public class DefaultJwtSigningAndValidationService implements JwtSigningAndValid logger.info("DefaultJwtSigningAndValidationService is ready: " + this.toString()); } - + /** * @return the defaultSignerKeyId */ @@ -209,7 +208,7 @@ public class DefaultJwtSigningAndValidationService implements JwtSigningAndValid try { jwt.sign(signer); } catch (JOSEException e) { - + logger.error("Failed to sign JWT, error was: ", e); } @@ -224,7 +223,7 @@ public class DefaultJwtSigningAndValidationService implements JwtSigningAndValid return true; } } catch (JOSEException e) { - + logger.error("Failed to validate signature, error was: ", e); } } diff --git a/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetSigningAndValidationServiceCacheService.java b/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetSigningAndValidationServiceCacheService.java index e2638e387..4c0a0206c 100644 --- a/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetSigningAndValidationServiceCacheService.java +++ b/openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetSigningAndValidationServiceCacheService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthenticationHolderEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthenticationHolderEntity.java index 1f55b5acb..fd77d8e6b 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthenticationHolderEntity.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthenticationHolderEntity.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java index de68c26ae..a95822651 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java index ebcfb2cc1..3999873a3 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java index 182555169..3c5cb003b 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -290,7 +289,7 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken { @Override @Transient public int getExpiresIn() { - + if (getExpiration() == null) { return -1; // no expiration time } else { @@ -302,5 +301,5 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken { } } } - + } diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java index c55ac33ab..c6b4b5864 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/RegisteredClient.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/RegisteredClient.java index 0b8b9de0e..7c81130ec 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/RegisteredClient.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/RegisteredClient.java @@ -1,3 +1,18 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ /** * */ @@ -27,31 +42,31 @@ public class RegisteredClient { private Date clientSecretExpiresAt; private Date clientIdIssuedAt; private ClientDetailsEntity client; - + /** * */ - public RegisteredClient() { - this.client = new ClientDetailsEntity(); - } + public RegisteredClient() { + this.client = new ClientDetailsEntity(); + } - /** + /** * @param client */ - public RegisteredClient(ClientDetailsEntity client) { - this.client = client; - } + public RegisteredClient(ClientDetailsEntity client) { + this.client = client; + } /** * @param client * @param registrationAccessToken * @param registrationClientUri */ - public RegisteredClient(ClientDetailsEntity client, String registrationAccessToken, String registrationClientUri) { - this.client = client; - this.registrationAccessToken = registrationAccessToken; - this.registrationClientUri = registrationClientUri; - } + public RegisteredClient(ClientDetailsEntity client, String registrationAccessToken, String registrationClientUri) { + this.client = client; + this.registrationAccessToken = registrationAccessToken; + this.registrationClientUri = registrationClientUri; + } /** * @return the client @@ -69,604 +84,604 @@ public class RegisteredClient { * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getClientDescription() */ - public String getClientDescription() { - return client.getClientDescription(); - } + public String getClientDescription() { + return client.getClientDescription(); + } /** * @param clientDescription * @see org.mitre.oauth2.model.ClientDetailsEntity#setClientDescription(java.lang.String) */ - public void setClientDescription(String clientDescription) { - client.setClientDescription(clientDescription); - } + public void setClientDescription(String clientDescription) { + client.setClientDescription(clientDescription); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#isAllowRefresh() */ - public boolean isAllowRefresh() { - return client.isAllowRefresh(); - } + public boolean isAllowRefresh() { + return client.isAllowRefresh(); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#isReuseRefreshToken() */ - public boolean isReuseRefreshToken() { - return client.isReuseRefreshToken(); - } + public boolean isReuseRefreshToken() { + return client.isReuseRefreshToken(); + } /** * @param reuseRefreshToken * @see org.mitre.oauth2.model.ClientDetailsEntity#setReuseRefreshToken(boolean) */ - public void setReuseRefreshToken(boolean reuseRefreshToken) { - client.setReuseRefreshToken(reuseRefreshToken); - } + public void setReuseRefreshToken(boolean reuseRefreshToken) { + client.setReuseRefreshToken(reuseRefreshToken); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenValiditySeconds() */ - public Integer getIdTokenValiditySeconds() { - return client.getIdTokenValiditySeconds(); - } + public Integer getIdTokenValiditySeconds() { + return client.getIdTokenValiditySeconds(); + } /** * @param idTokenValiditySeconds * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenValiditySeconds(java.lang.Integer) */ - public void setIdTokenValiditySeconds(Integer idTokenValiditySeconds) { - client.setIdTokenValiditySeconds(idTokenValiditySeconds); - } + public void setIdTokenValiditySeconds(Integer idTokenValiditySeconds) { + client.setIdTokenValiditySeconds(idTokenValiditySeconds); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#isDynamicallyRegistered() */ - public boolean isDynamicallyRegistered() { - return client.isDynamicallyRegistered(); - } + public boolean isDynamicallyRegistered() { + return client.isDynamicallyRegistered(); + } /** * @param dynamicallyRegistered * @see org.mitre.oauth2.model.ClientDetailsEntity#setDynamicallyRegistered(boolean) */ - public void setDynamicallyRegistered(boolean dynamicallyRegistered) { - client.setDynamicallyRegistered(dynamicallyRegistered); - } + public void setDynamicallyRegistered(boolean dynamicallyRegistered) { + client.setDynamicallyRegistered(dynamicallyRegistered); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#isAllowIntrospection() */ - public boolean isAllowIntrospection() { - return client.isAllowIntrospection(); - } + public boolean isAllowIntrospection() { + return client.isAllowIntrospection(); + } /** * @param allowIntrospection * @see org.mitre.oauth2.model.ClientDetailsEntity#setAllowIntrospection(boolean) */ - public void setAllowIntrospection(boolean allowIntrospection) { - client.setAllowIntrospection(allowIntrospection); - } + public void setAllowIntrospection(boolean allowIntrospection) { + client.setAllowIntrospection(allowIntrospection); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#isSecretRequired() */ - public boolean isSecretRequired() { - return client.isSecretRequired(); - } + public boolean isSecretRequired() { + return client.isSecretRequired(); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#isScoped() */ - public boolean isScoped() { - return client.isScoped(); - } + public boolean isScoped() { + return client.isScoped(); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getClientId() */ - public String getClientId() { - return client.getClientId(); - } + public String getClientId() { + return client.getClientId(); + } /** * @param clientId * @see org.mitre.oauth2.model.ClientDetailsEntity#setClientId(java.lang.String) */ - public void setClientId(String clientId) { - client.setClientId(clientId); - } + public void setClientId(String clientId) { + client.setClientId(clientId); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getClientSecret() */ - public String getClientSecret() { - return client.getClientSecret(); - } + public String getClientSecret() { + return client.getClientSecret(); + } /** * @param clientSecret * @see org.mitre.oauth2.model.ClientDetailsEntity#setClientSecret(java.lang.String) */ - public void setClientSecret(String clientSecret) { - client.setClientSecret(clientSecret); - } + public void setClientSecret(String clientSecret) { + client.setClientSecret(clientSecret); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getScope() */ - public Set getScope() { - return client.getScope(); - } + public Set getScope() { + return client.getScope(); + } /** * @param scope * @see org.mitre.oauth2.model.ClientDetailsEntity#setScope(java.util.Set) */ - public void setScope(Set scope) { - client.setScope(scope); - } + public void setScope(Set scope) { + client.setScope(scope); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getGrantTypes() */ - public Set getGrantTypes() { - return client.getGrantTypes(); - } + public Set getGrantTypes() { + return client.getGrantTypes(); + } /** * @param grantTypes * @see org.mitre.oauth2.model.ClientDetailsEntity#setGrantTypes(java.util.Set) */ - public void setGrantTypes(Set grantTypes) { - client.setGrantTypes(grantTypes); - } + public void setGrantTypes(Set grantTypes) { + client.setGrantTypes(grantTypes); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getAuthorizedGrantTypes() */ - public Set getAuthorizedGrantTypes() { - return client.getAuthorizedGrantTypes(); - } + public Set getAuthorizedGrantTypes() { + return client.getAuthorizedGrantTypes(); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getAuthorities() */ - public Set getAuthorities() { - return client.getAuthorities(); - } + public Set getAuthorities() { + return client.getAuthorities(); + } /** * @param authorities * @see org.mitre.oauth2.model.ClientDetailsEntity#setAuthorities(java.util.Set) */ - public void setAuthorities(Set authorities) { - client.setAuthorities(authorities); - } + public void setAuthorities(Set authorities) { + client.setAuthorities(authorities); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getAccessTokenValiditySeconds() */ - public Integer getAccessTokenValiditySeconds() { - return client.getAccessTokenValiditySeconds(); - } + public Integer getAccessTokenValiditySeconds() { + return client.getAccessTokenValiditySeconds(); + } /** * @param accessTokenValiditySeconds * @see org.mitre.oauth2.model.ClientDetailsEntity#setAccessTokenValiditySeconds(java.lang.Integer) */ - public void setAccessTokenValiditySeconds(Integer accessTokenValiditySeconds) { - client.setAccessTokenValiditySeconds(accessTokenValiditySeconds); - } + public void setAccessTokenValiditySeconds(Integer accessTokenValiditySeconds) { + client.setAccessTokenValiditySeconds(accessTokenValiditySeconds); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getRefreshTokenValiditySeconds() */ - public Integer getRefreshTokenValiditySeconds() { - return client.getRefreshTokenValiditySeconds(); - } + public Integer getRefreshTokenValiditySeconds() { + return client.getRefreshTokenValiditySeconds(); + } /** * @param refreshTokenValiditySeconds * @see org.mitre.oauth2.model.ClientDetailsEntity#setRefreshTokenValiditySeconds(java.lang.Integer) */ - public void setRefreshTokenValiditySeconds(Integer refreshTokenValiditySeconds) { - client.setRefreshTokenValiditySeconds(refreshTokenValiditySeconds); - } + public void setRefreshTokenValiditySeconds(Integer refreshTokenValiditySeconds) { + client.setRefreshTokenValiditySeconds(refreshTokenValiditySeconds); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getRedirectUris() */ - public Set getRedirectUris() { - return client.getRedirectUris(); - } + public Set getRedirectUris() { + return client.getRedirectUris(); + } /** * @param redirectUris * @see org.mitre.oauth2.model.ClientDetailsEntity#setRedirectUris(java.util.Set) */ - public void setRedirectUris(Set redirectUris) { - client.setRedirectUris(redirectUris); - } + public void setRedirectUris(Set redirectUris) { + client.setRedirectUris(redirectUris); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getRegisteredRedirectUri() */ - public Set getRegisteredRedirectUri() { - return client.getRegisteredRedirectUri(); - } + public Set getRegisteredRedirectUri() { + return client.getRegisteredRedirectUri(); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getResourceIds() */ - public Set getResourceIds() { - return client.getResourceIds(); - } + public Set getResourceIds() { + return client.getResourceIds(); + } /** * @param resourceIds * @see org.mitre.oauth2.model.ClientDetailsEntity#setResourceIds(java.util.Set) */ - public void setResourceIds(Set resourceIds) { - client.setResourceIds(resourceIds); - } + public void setResourceIds(Set resourceIds) { + client.setResourceIds(resourceIds); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getAdditionalInformation() */ - public Map getAdditionalInformation() { - return client.getAdditionalInformation(); - } + public Map getAdditionalInformation() { + return client.getAdditionalInformation(); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getApplicationType() */ - public AppType getApplicationType() { - return client.getApplicationType(); - } + public AppType getApplicationType() { + return client.getApplicationType(); + } /** * @param applicationType * @see org.mitre.oauth2.model.ClientDetailsEntity#setApplicationType(org.mitre.oauth2.model.ClientDetailsEntity.AppType) */ - public void setApplicationType(AppType applicationType) { - client.setApplicationType(applicationType); - } + public void setApplicationType(AppType applicationType) { + client.setApplicationType(applicationType); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getClientName() */ - public String getClientName() { - return client.getClientName(); - } + public String getClientName() { + return client.getClientName(); + } /** * @param clientName * @see org.mitre.oauth2.model.ClientDetailsEntity#setClientName(java.lang.String) */ - public void setClientName(String clientName) { - client.setClientName(clientName); - } + public void setClientName(String clientName) { + client.setClientName(clientName); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getTokenEndpointAuthMethod() */ - public AuthMethod getTokenEndpointAuthMethod() { - return client.getTokenEndpointAuthMethod(); - } + public AuthMethod getTokenEndpointAuthMethod() { + return client.getTokenEndpointAuthMethod(); + } /** * @param tokenEndpointAuthMethod * @see org.mitre.oauth2.model.ClientDetailsEntity#setTokenEndpointAuthMethod(org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod) */ - public void setTokenEndpointAuthMethod(AuthMethod tokenEndpointAuthMethod) { - client.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); - } + public void setTokenEndpointAuthMethod(AuthMethod tokenEndpointAuthMethod) { + client.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getSubjectType() */ - public SubjectType getSubjectType() { - return client.getSubjectType(); - } + public SubjectType getSubjectType() { + return client.getSubjectType(); + } /** * @param subjectType * @see org.mitre.oauth2.model.ClientDetailsEntity#setSubjectType(org.mitre.oauth2.model.ClientDetailsEntity.SubjectType) */ - public void setSubjectType(SubjectType subjectType) { - client.setSubjectType(subjectType); - } + public void setSubjectType(SubjectType subjectType) { + client.setSubjectType(subjectType); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getContacts() */ - public Set getContacts() { - return client.getContacts(); - } + public Set getContacts() { + return client.getContacts(); + } /** * @param contacts * @see org.mitre.oauth2.model.ClientDetailsEntity#setContacts(java.util.Set) */ - public void setContacts(Set contacts) { - client.setContacts(contacts); - } + public void setContacts(Set contacts) { + client.setContacts(contacts); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getLogoUri() */ - public String getLogoUri() { - return client.getLogoUri(); - } + public String getLogoUri() { + return client.getLogoUri(); + } /** * @param logoUri * @see org.mitre.oauth2.model.ClientDetailsEntity#setLogoUri(java.lang.String) */ - public void setLogoUri(String logoUri) { - client.setLogoUri(logoUri); - } + public void setLogoUri(String logoUri) { + client.setLogoUri(logoUri); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getPolicyUri() */ - public String getPolicyUri() { - return client.getPolicyUri(); - } + public String getPolicyUri() { + return client.getPolicyUri(); + } /** * @param policyUri * @see org.mitre.oauth2.model.ClientDetailsEntity#setPolicyUri(java.lang.String) */ - public void setPolicyUri(String policyUri) { - client.setPolicyUri(policyUri); - } + public void setPolicyUri(String policyUri) { + client.setPolicyUri(policyUri); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getClientUri() */ - public String getClientUri() { - return client.getClientUri(); - } + public String getClientUri() { + return client.getClientUri(); + } /** * @param clientUri * @see org.mitre.oauth2.model.ClientDetailsEntity#setClientUri(java.lang.String) */ - public void setClientUri(String clientUri) { - client.setClientUri(clientUri); - } + public void setClientUri(String clientUri) { + client.setClientUri(clientUri); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getTosUri() */ - public String getTosUri() { - return client.getTosUri(); - } + public String getTosUri() { + return client.getTosUri(); + } /** * @param tosUri * @see org.mitre.oauth2.model.ClientDetailsEntity#setTosUri(java.lang.String) */ - public void setTosUri(String tosUri) { - client.setTosUri(tosUri); - } + public void setTosUri(String tosUri) { + client.setTosUri(tosUri); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getJwksUri() */ - public String getJwksUri() { - return client.getJwksUri(); - } + public String getJwksUri() { + return client.getJwksUri(); + } /** * @param jwksUri * @see org.mitre.oauth2.model.ClientDetailsEntity#setJwksUri(java.lang.String) */ - public void setJwksUri(String jwksUri) { - client.setJwksUri(jwksUri); - } + public void setJwksUri(String jwksUri) { + client.setJwksUri(jwksUri); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getSectorIdentifierUri() */ - public String getSectorIdentifierUri() { - return client.getSectorIdentifierUri(); - } + public String getSectorIdentifierUri() { + return client.getSectorIdentifierUri(); + } /** * @param sectorIdentifierUri * @see org.mitre.oauth2.model.ClientDetailsEntity#setSectorIdentifierUri(java.lang.String) */ - public void setSectorIdentifierUri(String sectorIdentifierUri) { - client.setSectorIdentifierUri(sectorIdentifierUri); - } + public void setSectorIdentifierUri(String sectorIdentifierUri) { + client.setSectorIdentifierUri(sectorIdentifierUri); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getRequestObjectSigningAlg() */ - public JWSAlgorithmEmbed getRequestObjectSigningAlg() { - return client.getRequestObjectSigningAlg(); - } + public JWSAlgorithmEmbed getRequestObjectSigningAlg() { + return client.getRequestObjectSigningAlg(); + } /** * @param requestObjectSigningAlg * @see org.mitre.oauth2.model.ClientDetailsEntity#setRequestObjectSigningAlg(org.mitre.jose.JWSAlgorithmEmbed) */ - public void setRequestObjectSigningAlg(JWSAlgorithmEmbed requestObjectSigningAlg) { - client.setRequestObjectSigningAlg(requestObjectSigningAlg); - } + public void setRequestObjectSigningAlg(JWSAlgorithmEmbed requestObjectSigningAlg) { + client.setRequestObjectSigningAlg(requestObjectSigningAlg); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoSignedResponseAlg() */ - public JWSAlgorithmEmbed getUserInfoSignedResponseAlg() { - return client.getUserInfoSignedResponseAlg(); - } + public JWSAlgorithmEmbed getUserInfoSignedResponseAlg() { + return client.getUserInfoSignedResponseAlg(); + } /** * @param userInfoSignedResponseAlg * @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoSignedResponseAlg(org.mitre.jose.JWSAlgorithmEmbed) */ - public void setUserInfoSignedResponseAlg(JWSAlgorithmEmbed userInfoSignedResponseAlg) { - client.setUserInfoSignedResponseAlg(userInfoSignedResponseAlg); - } + public void setUserInfoSignedResponseAlg(JWSAlgorithmEmbed userInfoSignedResponseAlg) { + client.setUserInfoSignedResponseAlg(userInfoSignedResponseAlg); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseAlg() */ - public JWEAlgorithmEmbed getUserInfoEncryptedResponseAlg() { - return client.getUserInfoEncryptedResponseAlg(); - } + public JWEAlgorithmEmbed getUserInfoEncryptedResponseAlg() { + return client.getUserInfoEncryptedResponseAlg(); + } /** * @param userInfoEncryptedResponseAlg * @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseAlg(org.mitre.jose.JWEAlgorithmEmbed) */ - public void setUserInfoEncryptedResponseAlg(JWEAlgorithmEmbed userInfoEncryptedResponseAlg) { - client.setUserInfoEncryptedResponseAlg(userInfoEncryptedResponseAlg); - } + public void setUserInfoEncryptedResponseAlg(JWEAlgorithmEmbed userInfoEncryptedResponseAlg) { + client.setUserInfoEncryptedResponseAlg(userInfoEncryptedResponseAlg); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseEnc() */ - public JWEEncryptionMethodEmbed getUserInfoEncryptedResponseEnc() { - return client.getUserInfoEncryptedResponseEnc(); - } + public JWEEncryptionMethodEmbed getUserInfoEncryptedResponseEnc() { + return client.getUserInfoEncryptedResponseEnc(); + } /** * @param userInfoEncryptedResponseEnc * @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseEnc(org.mitre.jose.JWEEncryptionMethodEmbed) */ - public void setUserInfoEncryptedResponseEnc(JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc) { - client.setUserInfoEncryptedResponseEnc(userInfoEncryptedResponseEnc); - } + public void setUserInfoEncryptedResponseEnc(JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc) { + client.setUserInfoEncryptedResponseEnc(userInfoEncryptedResponseEnc); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenSignedResponseAlg() */ - public JWSAlgorithmEmbed getIdTokenSignedResponseAlg() { - return client.getIdTokenSignedResponseAlg(); - } + public JWSAlgorithmEmbed getIdTokenSignedResponseAlg() { + return client.getIdTokenSignedResponseAlg(); + } /** * @param idTokenSignedResponseAlg * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenSignedResponseAlg(org.mitre.jose.JWSAlgorithmEmbed) */ - public void setIdTokenSignedResponseAlg(JWSAlgorithmEmbed idTokenSignedResponseAlg) { - client.setIdTokenSignedResponseAlg(idTokenSignedResponseAlg); - } + public void setIdTokenSignedResponseAlg(JWSAlgorithmEmbed idTokenSignedResponseAlg) { + client.setIdTokenSignedResponseAlg(idTokenSignedResponseAlg); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseAlg() */ - public JWEAlgorithmEmbed getIdTokenEncryptedResponseAlg() { - return client.getIdTokenEncryptedResponseAlg(); - } + public JWEAlgorithmEmbed getIdTokenEncryptedResponseAlg() { + return client.getIdTokenEncryptedResponseAlg(); + } /** * @param idTokenEncryptedResponseAlg * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseAlg(org.mitre.jose.JWEAlgorithmEmbed) */ - public void setIdTokenEncryptedResponseAlg(JWEAlgorithmEmbed idTokenEncryptedResponseAlg) { - client.setIdTokenEncryptedResponseAlg(idTokenEncryptedResponseAlg); - } + public void setIdTokenEncryptedResponseAlg(JWEAlgorithmEmbed idTokenEncryptedResponseAlg) { + client.setIdTokenEncryptedResponseAlg(idTokenEncryptedResponseAlg); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseEnc() */ - public JWEEncryptionMethodEmbed getIdTokenEncryptedResponseEnc() { - return client.getIdTokenEncryptedResponseEnc(); - } + public JWEEncryptionMethodEmbed getIdTokenEncryptedResponseEnc() { + return client.getIdTokenEncryptedResponseEnc(); + } /** * @param idTokenEncryptedResponseEnc * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseEnc(org.mitre.jose.JWEEncryptionMethodEmbed) */ - public void setIdTokenEncryptedResponseEnc(JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc) { - client.setIdTokenEncryptedResponseEnc(idTokenEncryptedResponseEnc); - } + public void setIdTokenEncryptedResponseEnc(JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc) { + client.setIdTokenEncryptedResponseEnc(idTokenEncryptedResponseEnc); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getDefaultMaxAge() */ - public Integer getDefaultMaxAge() { - return client.getDefaultMaxAge(); - } + public Integer getDefaultMaxAge() { + return client.getDefaultMaxAge(); + } /** * @param defaultMaxAge * @see org.mitre.oauth2.model.ClientDetailsEntity#setDefaultMaxAge(java.lang.Integer) */ - public void setDefaultMaxAge(Integer defaultMaxAge) { - client.setDefaultMaxAge(defaultMaxAge); - } + public void setDefaultMaxAge(Integer defaultMaxAge) { + client.setDefaultMaxAge(defaultMaxAge); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getRequireAuthTime() */ - public Boolean getRequireAuthTime() { - return client.getRequireAuthTime(); - } + public Boolean getRequireAuthTime() { + return client.getRequireAuthTime(); + } /** * @param requireAuthTime * @see org.mitre.oauth2.model.ClientDetailsEntity#setRequireAuthTime(java.lang.Boolean) */ - public void setRequireAuthTime(Boolean requireAuthTime) { - client.setRequireAuthTime(requireAuthTime); - } + public void setRequireAuthTime(Boolean requireAuthTime) { + client.setRequireAuthTime(requireAuthTime); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getResponseTypes() */ - public Set getResponseTypes() { - return client.getResponseTypes(); - } + public Set getResponseTypes() { + return client.getResponseTypes(); + } /** * @param responseTypes * @see org.mitre.oauth2.model.ClientDetailsEntity#setResponseTypes(java.util.Set) */ - public void setResponseTypes(Set responseTypes) { - client.setResponseTypes(responseTypes); - } + public void setResponseTypes(Set responseTypes) { + client.setResponseTypes(responseTypes); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getDefaultACRvalues() */ - public Set getDefaultACRvalues() { - return client.getDefaultACRvalues(); - } + public Set getDefaultACRvalues() { + return client.getDefaultACRvalues(); + } /** * @param defaultACRvalues * @see org.mitre.oauth2.model.ClientDetailsEntity#setDefaultACRvalues(java.util.Set) */ - public void setDefaultACRvalues(Set defaultACRvalues) { - client.setDefaultACRvalues(defaultACRvalues); - } + public void setDefaultACRvalues(Set defaultACRvalues) { + client.setDefaultACRvalues(defaultACRvalues); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getInitiateLoginUri() */ - public String getInitiateLoginUri() { - return client.getInitiateLoginUri(); - } + public String getInitiateLoginUri() { + return client.getInitiateLoginUri(); + } /** * @param initiateLoginUri * @see org.mitre.oauth2.model.ClientDetailsEntity#setInitiateLoginUri(java.lang.String) */ - public void setInitiateLoginUri(String initiateLoginUri) { - client.setInitiateLoginUri(initiateLoginUri); - } + public void setInitiateLoginUri(String initiateLoginUri) { + client.setInitiateLoginUri(initiateLoginUri); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getPostLogoutRedirectUri() */ - public String getPostLogoutRedirectUri() { - return client.getPostLogoutRedirectUri(); - } + public String getPostLogoutRedirectUri() { + return client.getPostLogoutRedirectUri(); + } /** * @param postLogoutRedirectUri * @see org.mitre.oauth2.model.ClientDetailsEntity#setPostLogoutRedirectUri(java.lang.String) */ - public void setPostLogoutRedirectUri(String postLogoutRedirectUri) { - client.setPostLogoutRedirectUri(postLogoutRedirectUri); - } + public void setPostLogoutRedirectUri(String postLogoutRedirectUri) { + client.setPostLogoutRedirectUri(postLogoutRedirectUri); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getRequestUris() */ - public Set getRequestUris() { - return client.getRequestUris(); - } + public Set getRequestUris() { + return client.getRequestUris(); + } /** * @param requestUris * @see org.mitre.oauth2.model.ClientDetailsEntity#setRequestUris(java.util.Set) */ - public void setRequestUris(Set requestUris) { - client.setRequestUris(requestUris); - } + public void setRequestUris(Set requestUris) { + client.setRequestUris(requestUris); + } /** * @return * @see org.mitre.oauth2.model.ClientDetailsEntity#getCreatedAt() */ - public Date getCreatedAt() { - return client.getCreatedAt(); - } + public Date getCreatedAt() { + return client.getCreatedAt(); + } /** * @param createdAt * @see org.mitre.oauth2.model.ClientDetailsEntity#setCreatedAt(java.util.Date) */ - public void setCreatedAt(Date createdAt) { - client.setCreatedAt(createdAt); - } + public void setCreatedAt(Date createdAt) { + client.setCreatedAt(createdAt); + } /** * @return the registrationAccessToken */ @@ -715,7 +730,7 @@ public class RegisteredClient { public void setClientIdIssuedAt(Date issuedAt) { this.clientIdIssuedAt = issuedAt; } - - - + + + } diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java index e0313772c..15676e214 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthenticationHolderRepository.java b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthenticationHolderRepository.java index 8c7592ff7..f8eda56a7 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthenticationHolderRepository.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthenticationHolderRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java index 3d262bd04..5f1bdebcd 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2ClientRepository.java b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2ClientRepository.java index 5c21a9ad9..7f87a0236 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2ClientRepository.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2ClientRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2TokenRepository.java b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2TokenRepository.java index b5a5a945d..496c4935f 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2TokenRepository.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2TokenRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/SystemScopeRepository.java b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/SystemScopeRepository.java index d2ff90d49..8f0c5befb 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/SystemScopeRepository.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/SystemScopeRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/service/ClientDetailsEntityService.java b/openid-connect-common/src/main/java/org/mitre/oauth2/service/ClientDetailsEntityService.java index 695e6dfb6..cdddffac7 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/service/ClientDetailsEntityService.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/service/ClientDetailsEntityService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/service/OAuth2TokenEntityService.java b/openid-connect-common/src/main/java/org/mitre/oauth2/service/OAuth2TokenEntityService.java index bc43ed08a..ab855da0b 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/service/OAuth2TokenEntityService.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/service/OAuth2TokenEntityService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -27,7 +26,7 @@ import org.springframework.security.oauth2.provider.token.AuthorizationServerTok import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices; public interface OAuth2TokenEntityService extends AuthorizationServerTokenServices, ResourceServerTokenServices { - + @Override public OAuth2AccessTokenEntity readAccessToken(String accessTokenValue); @@ -57,7 +56,7 @@ public interface OAuth2TokenEntityService extends AuthorizationServerTokenServic public OAuth2AccessTokenEntity getAccessTokenForIdToken(OAuth2AccessTokenEntity idToken); public OAuth2AccessTokenEntity getAccessTokenById(Long id); - + public OAuth2RefreshTokenEntity getRefreshTokenById(Long id); public Set getAllAccessTokensForUser(String name); diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java b/openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java index 2f663c02b..40c47d901 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/service/impl/DefaultClientUserDetailsService.java b/openid-connect-common/src/main/java/org/mitre/oauth2/service/impl/DefaultClientUserDetailsService.java index 175e7e422..623a31896 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/service/impl/DefaultClientUserDetailsService.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/service/impl/DefaultClientUserDetailsService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessor.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessor.java index 9a439bf72..783ad7d1d 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessor.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessor.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -29,7 +28,6 @@ import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.ClientDetailsEntity.AppType; import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod; import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType; -import org.mitre.oauth2.model.OAuth2AccessTokenEntity; import org.mitre.oauth2.model.RegisteredClient; import com.google.common.base.Joiner; @@ -146,8 +144,8 @@ public class ClientDetailsEntityJsonProcessor { * Parse the JSON as a RegisteredClient (useful in the dynamic client filter) */ public static RegisteredClient parseRegistered(String jsonString) { - - + + JsonElement jsonEl = parser.parse(jsonString); if (jsonEl.isJsonObject()) { @@ -166,7 +164,7 @@ public class ClientDetailsEntityJsonProcessor { return null; } } - + /** * @param c * @param token @@ -179,7 +177,7 @@ public class ClientDetailsEntityJsonProcessor { o.addProperty("client_id", c.getClientId()); if (c.getClientSecret() != null) { o.addProperty("client_secret", c.getClientSecret()); - + if (c.getClientSecretExpiresAt() == null) { o.addProperty("client_secret_expires_at", 0); // TODO: do we want to let secrets expire? } else { @@ -304,7 +302,7 @@ public class ClientDetailsEntityJsonProcessor { return null; } } - + /** * Gets the value of the given given member as a set of strings, null if it doesn't exist */ @@ -315,8 +313,8 @@ public class ClientDetailsEntityJsonProcessor { return null; } } - - + + /** * Translate a set of strings to a JSON array * @param value diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java index 3ea1586c0..d59884e1f 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -35,7 +34,7 @@ import org.springframework.util.StringUtils; public class ConfigurationPropertiesBean { private static Logger logger = LoggerFactory.getLogger(ConfigurationPropertiesBean.class); - + private String issuer; private String topbarTitle; @@ -45,7 +44,7 @@ public class ConfigurationPropertiesBean { public ConfigurationPropertiesBean() { } - + /** * Endpoints protected by TLS must have https scheme in the URI. */ diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java index 0b0809e59..1257b6b33 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -40,7 +39,7 @@ public class ServerConfiguration { private String userInfoUri; private String introspectionEndpointUri; - + /** * @return the authorizationEndpointUri */ @@ -142,86 +141,86 @@ public class ServerConfiguration { /* (non-Javadoc) * @see java.lang.Object#hashCode() */ - @Override - public int hashCode() { - final int prime = 31; - int result = 1; - result = prime * result + ((authorizationEndpointUri == null) ? 0 : authorizationEndpointUri.hashCode()); - result = prime * result + ((introspectionEndpointUri == null) ? 0 : introspectionEndpointUri.hashCode()); - result = prime * result + ((issuer == null) ? 0 : issuer.hashCode()); - result = prime * result + ((jwksUri == null) ? 0 : jwksUri.hashCode()); - result = prime * result + ((registrationEndpointUri == null) ? 0 : registrationEndpointUri.hashCode()); - result = prime * result + ((tokenEndpointUri == null) ? 0 : tokenEndpointUri.hashCode()); - result = prime * result + ((userInfoUri == null) ? 0 : userInfoUri.hashCode()); - return result; - } + @Override + public int hashCode() { + final int prime = 31; + int result = 1; + result = prime * result + ((authorizationEndpointUri == null) ? 0 : authorizationEndpointUri.hashCode()); + result = prime * result + ((introspectionEndpointUri == null) ? 0 : introspectionEndpointUri.hashCode()); + result = prime * result + ((issuer == null) ? 0 : issuer.hashCode()); + result = prime * result + ((jwksUri == null) ? 0 : jwksUri.hashCode()); + result = prime * result + ((registrationEndpointUri == null) ? 0 : registrationEndpointUri.hashCode()); + result = prime * result + ((tokenEndpointUri == null) ? 0 : tokenEndpointUri.hashCode()); + result = prime * result + ((userInfoUri == null) ? 0 : userInfoUri.hashCode()); + return result; + } /* (non-Javadoc) * @see java.lang.Object#equals(java.lang.Object) */ - @Override - public boolean equals(Object obj) { - if (this == obj) { - return true; - } - if (obj == null) { - return false; - } - if (!(obj instanceof ServerConfiguration)) { - return false; - } - ServerConfiguration other = (ServerConfiguration) obj; - if (authorizationEndpointUri == null) { - if (other.authorizationEndpointUri != null) { - return false; - } - } else if (!authorizationEndpointUri.equals(other.authorizationEndpointUri)) { - return false; - } - if (introspectionEndpointUri == null) { - if (other.introspectionEndpointUri != null) { - return false; - } - } else if (!introspectionEndpointUri.equals(other.introspectionEndpointUri)) { - return false; - } - if (issuer == null) { - if (other.issuer != null) { - return false; - } - } else if (!issuer.equals(other.issuer)) { - return false; - } - if (jwksUri == null) { - if (other.jwksUri != null) { - return false; - } - } else if (!jwksUri.equals(other.jwksUri)) { - return false; - } - if (registrationEndpointUri == null) { - if (other.registrationEndpointUri != null) { - return false; - } - } else if (!registrationEndpointUri.equals(other.registrationEndpointUri)) { - return false; - } - if (tokenEndpointUri == null) { - if (other.tokenEndpointUri != null) { - return false; - } - } else if (!tokenEndpointUri.equals(other.tokenEndpointUri)) { - return false; - } - if (userInfoUri == null) { - if (other.userInfoUri != null) { - return false; - } - } else if (!userInfoUri.equals(other.userInfoUri)) { - return false; - } - return true; - } + @Override + public boolean equals(Object obj) { + if (this == obj) { + return true; + } + if (obj == null) { + return false; + } + if (!(obj instanceof ServerConfiguration)) { + return false; + } + ServerConfiguration other = (ServerConfiguration) obj; + if (authorizationEndpointUri == null) { + if (other.authorizationEndpointUri != null) { + return false; + } + } else if (!authorizationEndpointUri.equals(other.authorizationEndpointUri)) { + return false; + } + if (introspectionEndpointUri == null) { + if (other.introspectionEndpointUri != null) { + return false; + } + } else if (!introspectionEndpointUri.equals(other.introspectionEndpointUri)) { + return false; + } + if (issuer == null) { + if (other.issuer != null) { + return false; + } + } else if (!issuer.equals(other.issuer)) { + return false; + } + if (jwksUri == null) { + if (other.jwksUri != null) { + return false; + } + } else if (!jwksUri.equals(other.jwksUri)) { + return false; + } + if (registrationEndpointUri == null) { + if (other.registrationEndpointUri != null) { + return false; + } + } else if (!registrationEndpointUri.equals(other.registrationEndpointUri)) { + return false; + } + if (tokenEndpointUri == null) { + if (other.tokenEndpointUri != null) { + return false; + } + } else if (!tokenEndpointUri.equals(other.tokenEndpointUri)) { + return false; + } + if (userInfoUri == null) { + if (other.userInfoUri != null) { + return false; + } + } else if (!userInfoUri.equals(other.userInfoUri)) { + return false; + } + return true; + } } diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/Address.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/Address.java index 747bb002e..7c9595a43 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/Address.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/Address.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java index 6b70bc9da..195f87e34 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/BlacklistedSite.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/BlacklistedSite.java index 8fa035148..0dde4f9b6 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/BlacklistedSite.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/BlacklistedSite.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/DefaultUserInfo.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/DefaultUserInfo.java index 5e27b6b8c..3c47d5ff8 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/DefaultUserInfo.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/DefaultUserInfo.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/Event.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/Event.java index e63c8b6f0..a01f13299 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/Event.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/Event.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/Nonce.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/Nonce.java index b1818d246..c186e9d78 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/Nonce.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/Nonce.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/OIDCAuthenticationToken.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/OIDCAuthenticationToken.java index e9b310e71..223d72356 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/OIDCAuthenticationToken.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/OIDCAuthenticationToken.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/UserInfo.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/UserInfo.java index 8eb947c94..5307ccc31 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/UserInfo.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/UserInfo.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/WhitelistedSite.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/WhitelistedSite.java index e35e51090..715aa5092 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/WhitelistedSite.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/WhitelistedSite.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/AddressRepository.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/AddressRepository.java index bd62bfd4f..d7afd6301 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/AddressRepository.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/AddressRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/ApprovedSiteRepository.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/ApprovedSiteRepository.java index c626e4b43..28267f0a0 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/ApprovedSiteRepository.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/ApprovedSiteRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -84,7 +83,7 @@ public interface ApprovedSiteRepository { * @return */ public Collection getByClientId(String clientId); - + /** * Get all expired sites * @return diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/BlacklistedSiteRepository.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/BlacklistedSiteRepository.java index 861249353..ac9c5d02b 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/BlacklistedSiteRepository.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/BlacklistedSiteRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/EventRepository.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/EventRepository.java index 002ffcd90..218f3b28d 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/EventRepository.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/EventRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/NonceRepository.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/NonceRepository.java index 560a74ff5..f4cc45b6e 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/NonceRepository.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/NonceRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/UserInfoRepository.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/UserInfoRepository.java index c927a6540..aba451298 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/UserInfoRepository.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/UserInfoRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/WhitelistedSiteRepository.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/WhitelistedSiteRepository.java index 0b1bc7c36..1fd497f04 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/WhitelistedSiteRepository.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/repository/WhitelistedSiteRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/service/ApprovedSiteService.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/service/ApprovedSiteService.java index 0e3fb0be3..964ecb2fd 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/service/ApprovedSiteService.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/service/ApprovedSiteService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -96,7 +95,7 @@ public interface ApprovedSiteService { * @param client */ public void clearApprovedSitesForClient(ClientDetails client); - + /** * Remove all expired approved sites fromt he data store. * @return diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/service/BlacklistedSiteService.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/service/BlacklistedSiteService.java index 7b2c47f19..47366d4e2 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/service/BlacklistedSiteService.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/service/BlacklistedSiteService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/service/NonceService.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/service/NonceService.java index b338b5263..4ecf91639 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/service/NonceService.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/service/NonceService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/service/StatsService.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/service/StatsService.java index f2a760363..9effc81eb 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/service/StatsService.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/service/StatsService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -42,14 +41,14 @@ public interface StatsService { * * @return a map of id of client object to number of approvals */ - public Map calculateByClientId(); + public Map calculateByClientId(); /** * Calculate the usage count for a single client * - * @param id the id of the client to search on + * @param id the id of the client to search on * @return */ - public Integer countForClientId(Long id); + public Integer countForClientId(Long id); } diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/service/UserInfoService.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/service/UserInfoService.java index 5644be198..0dbf24624 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/service/UserInfoService.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/service/UserInfoService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/service/WhitelistedSiteService.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/service/WhitelistedSiteService.java index 524d6b7a0..4c939a474 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/service/WhitelistedSiteService.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/service/WhitelistedSiteService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/view/JwkKeyListView.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/view/JwkKeyListView.java index 58b1ed9ea..6cffe2073 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/view/JwkKeyListView.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/view/JwkKeyListView.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/web/UserInfoInterceptor.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/web/UserInfoInterceptor.java index 644e8ab01..5fe2c34c7 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/web/UserInfoInterceptor.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/web/UserInfoInterceptor.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -55,16 +54,16 @@ public class UserInfoInterceptor extends HandlerInterceptorAdapter { modelAndView.addObject("userInfo", oidc.getUserInfo()); } else { if (p != null && p.getName() != null) { // don't bother checking if we don't have a principal - + // try to look up a user based on the principal's name UserInfo user = userInfoService.getBySubject(p.getName()); - + // if we have one, inject it so views can use it if (user != null) { modelAndView.addObject("userInfo", user); - } + } } - } + } } } diff --git a/openid-connect-common/src/main/java/org/mitre/util/jpa/JpaUtil.java b/openid-connect-common/src/main/java/org/mitre/util/jpa/JpaUtil.java index e5f17098f..3650434c2 100644 --- a/openid-connect-common/src/main/java/org/mitre/util/jpa/JpaUtil.java +++ b/openid-connect-common/src/main/java/org/mitre/util/jpa/JpaUtil.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-common/src/test/java/org/mitre/discovery/util/TestWebfingerURLNormalizer.java b/openid-connect-common/src/test/java/org/mitre/discovery/util/TestWebfingerURLNormalizer.java index f1ce151b4..7bb57ffd9 100644 --- a/openid-connect-common/src/test/java/org/mitre/discovery/util/TestWebfingerURLNormalizer.java +++ b/openid-connect-common/src/test/java/org/mitre/discovery/util/TestWebfingerURLNormalizer.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,15 +15,12 @@ ******************************************************************************/ package org.mitre.discovery.util; -import static org.junit.Assert.*; - -import java.util.List; - import org.junit.Test; import org.springframework.web.util.UriComponents; import com.google.common.collect.ImmutableMap; -import com.google.common.collect.Lists; + +import static org.junit.Assert.assertEquals; /** * @author wkim @@ -96,7 +92,7 @@ public class TestWebfingerURLNormalizer { /* Adapted from Nov Matake's Ruby normalizer implementation. - + ## INPUT => NORMALIZED # example.com => https://example.com # example.com:8080 => https://example.com:8080 @@ -104,35 +100,35 @@ public class TestWebfingerURLNormalizer { # example.com?query => https://example.com?query # example.com#fragment => https://example.com # example.com:8080/path?query#fragment => https://example.com:8080/path?query - + # http://example.com => http://example.com # http://example.com:8080 => http://example.com:8080 # http://example.com/path => http://example.com/path # http://example.com?query => http://example.com?query # http://example.com#fragment => http://example.com # http://example.com:8080/path?query#fragment => http://example.com:8080/path?query - + # nov@example.com => acct:nov@example.com # nov@example.com:8080 => https://nov@example.com:8080 # nov@example.com/path => https://nov@example.com/path # nov@example.com?query => https://nov@example.com?query # nov@example.com#fragment => acct:nov@example.com # nov@example.com:8080/path?query#fragment => https://nov@example.com:8080/path?query - + # acct:nov@matake.jp => acct:nov@matake.jp # acct:nov@example.com:8080 => acct:nov@example.com:8080 # acct:nov@example.com/path => acct:nov@example.com/path # acct:nov@example.com?query => acct:nov@example.com?query # acct:nov@example.com#fragment => acct:nov@example.com # acct:nov@example.com:8080/path?query#fragment => acct:nov@example.com:8080/path?query - + # mailto:nov@matake.jp => mailto:nov@matake.jp # mailto:nov@example.com:8080 => mailto:nov@example.com:8080 # mailto:nov@example.com/path => mailto:nov@example.com/path # mailto:nov@example.com?query => mailto:nov@example.com?query # mailto:nov@example.com#fragment => mailto:nov@example.com # mailto:nov@example.com:8080/path?query#fragment => mailto:nov@example.com:8080/path?query - + # localhost => https://localhost # localhost:8080 => https://localhost:8080 # localhost/path => https://localhost/path @@ -145,7 +141,7 @@ public class TestWebfingerURLNormalizer { # nov@localhost?query => https://nov@localhost?query # nov@localhost#fragment => acct:nov@localhost # nov@localhost/path?query#fragment => https://nov@localhost/path?query - + # tel:+810312345678 => tel:+810312345678 # device:192.168.2.1 => device:192.168.2.1 # device:192.168.2.1:8080 => device:192.168.2.1:8080 @@ -155,18 +151,18 @@ public class TestWebfingerURLNormalizer { # device:192.168.2.1/path?query#fragment => device:192.168.2.1/path?query * - + */ - - + + @Test public void normalizeResource_novTest() { for (String input : inputToNormalized.keySet()) { - + UriComponents actualNormalized = WebfingerURLNormalizer.normalizeResource(input); - + String expectedNormalized = inputToNormalized.get(input); - + assertEquals("Identifer/Normalized failed.", expectedNormalized, WebfingerURLNormalizer.serializeURL(actualNormalized)); } } diff --git a/openid-connect-common/src/test/java/org/mitre/jose/JOSEEmbedTest.java b/openid-connect-common/src/test/java/org/mitre/jose/JOSEEmbedTest.java index 9854ef74f..263a1d32e 100644 --- a/openid-connect-common/src/test/java/org/mitre/jose/JOSEEmbedTest.java +++ b/openid-connect-common/src/test/java/org/mitre/jose/JOSEEmbedTest.java @@ -1,3 +1,18 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ /** * */ @@ -9,11 +24,11 @@ import com.nimbusds.jose.EncryptionMethod; import com.nimbusds.jose.JWEAlgorithm; import com.nimbusds.jose.JWSAlgorithm; -import static org.junit.Assert.*; +import static org.junit.Assert.assertEquals; /** * - * These tests make sure that the algorithm name processing + * These tests make sure that the algorithm name processing * is functional on the three embedded JOSE classes. * * @author jricher @@ -24,15 +39,15 @@ public class JOSEEmbedTest { @Test public void testJWSAlgorithmEmbed() { JWSAlgorithmEmbed a = new JWSAlgorithmEmbed(JWSAlgorithm.HS256); - + assertEquals(JWSAlgorithm.HS256, a.getAlgorithm()); assertEquals("HS256", a.getAlgorithmName()); } - + @Test public void testJWSAlgorithmEmbedGetForAlgoirthmName() { JWSAlgorithmEmbed a = JWSAlgorithmEmbed.getForAlgorithmName("RS256"); - + assertEquals(JWSAlgorithm.RS256, a.getAlgorithm()); assertEquals("RS256", a.getAlgorithmName()); } @@ -40,15 +55,15 @@ public class JOSEEmbedTest { @Test public void testJWEAlgorithmEmbed() { JWEAlgorithmEmbed a = new JWEAlgorithmEmbed(JWEAlgorithm.A128KW); - + assertEquals(JWEAlgorithm.A128KW, a.getAlgorithm()); assertEquals("A128KW", a.getAlgorithmName()); } - + @Test public void testJWEAlgorithmEmbedGetForAlgoirthmName() { JWEAlgorithmEmbed a = JWEAlgorithmEmbed.getForAlgorithmName("RSA1_5"); - + assertEquals(JWEAlgorithm.RSA1_5, a.getAlgorithm()); assertEquals("RSA1_5", a.getAlgorithmName()); } @@ -56,15 +71,15 @@ public class JOSEEmbedTest { @Test public void testJWEEncryptionMethodEmbed() { JWEEncryptionMethodEmbed a = new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256); - + assertEquals(EncryptionMethod.A128CBC_HS256, a.getAlgorithm()); assertEquals("A128CBC-HS256", a.getAlgorithmName()); } - + @Test public void testJWEEncryptionMethodEmbedGetForAlgoirthmName() { JWEEncryptionMethodEmbed a = JWEEncryptionMethodEmbed.getForAlgorithmName("A256GCM"); - + assertEquals(EncryptionMethod.A256GCM, a.getAlgorithm()); assertEquals("A256GCM", a.getAlgorithmName()); } diff --git a/openid-connect-common/src/test/java/org/mitre/oauth2/model/ClientDetailsEntityTest.java b/openid-connect-common/src/test/java/org/mitre/oauth2/model/ClientDetailsEntityTest.java index 122a2ad58..93af454de 100644 --- a/openid-connect-common/src/test/java/org/mitre/oauth2/model/ClientDetailsEntityTest.java +++ b/openid-connect-common/src/test/java/org/mitre/oauth2/model/ClientDetailsEntityTest.java @@ -1,3 +1,18 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ /** * */ @@ -13,7 +28,7 @@ import com.google.common.collect.ImmutableSet; import com.nimbusds.jose.EncryptionMethod; import com.nimbusds.jose.JWEAlgorithm; -import static org.junit.Assert.*; +import static org.junit.Assert.assertEquals; /** * @author jricher @@ -26,10 +41,10 @@ public class ClientDetailsEntityTest { */ @Test public void testClientDetailsEntity() { - Date now = new Date(); - + Date now = new Date(); + ClientDetailsEntity c = new ClientDetailsEntity(); - + c.setClientId("s6BhdRkqt3"); c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk"); c.setApplicationType(ClientDetailsEntity.AppType.WEB); diff --git a/openid-connect-common/src/test/java/org/mitre/oauth2/model/RegisteredClientTest.java b/openid-connect-common/src/test/java/org/mitre/oauth2/model/RegisteredClientTest.java index 1c782a5a8..085c7eec4 100644 --- a/openid-connect-common/src/test/java/org/mitre/oauth2/model/RegisteredClientTest.java +++ b/openid-connect-common/src/test/java/org/mitre/oauth2/model/RegisteredClientTest.java @@ -1,3 +1,18 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ /** * */ @@ -13,7 +28,7 @@ import com.google.common.collect.ImmutableSet; import com.nimbusds.jose.EncryptionMethod; import com.nimbusds.jose.JWEAlgorithm; -import static org.junit.Assert.*; +import static org.junit.Assert.assertEquals; /** * @author jricher @@ -26,11 +41,11 @@ public class RegisteredClientTest { */ @Test public void testRegisteredClient() { - + // make sure all the pass-through getters and setters work - + RegisteredClient c = new RegisteredClient(); - + c.setClientId("s6BhdRkqt3"); c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk"); c.setClientSecretExpiresAt(new Date(1577858400L * 1000L)); @@ -48,7 +63,7 @@ public class RegisteredClientTest { c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256)); c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org")); c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA")); - + assertEquals("s6BhdRkqt3", c.getClientId()); assertEquals("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk", c.getClientSecret()); assertEquals(new Date(1577858400L * 1000L), c.getClientSecretExpiresAt()); @@ -73,8 +88,8 @@ public class RegisteredClientTest { */ @Test public void testRegisteredClientClientDetailsEntity() { - ClientDetailsEntity c = new ClientDetailsEntity(); - + ClientDetailsEntity c = new ClientDetailsEntity(); + c.setClientId("s6BhdRkqt3"); c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk"); c.setApplicationType(ClientDetailsEntity.AppType.WEB); @@ -89,13 +104,13 @@ public class RegisteredClientTest { c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256)); c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org")); c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA")); - + // Create a RegisteredClient based on a ClientDetailsEntity object and set several properties RegisteredClient rc = new RegisteredClient(c); rc.setClientSecretExpiresAt(new Date(1577858400L * 1000L)); rc.setRegistrationAccessToken("this.is.an.access.token.value.ffx83"); rc.setRegistrationClientUri("https://server.example.com/connect/register?client_id=s6BhdRkqt3"); - + // make sure all the pass-throughs work assertEquals("s6BhdRkqt3", rc.getClientId()); assertEquals("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk", rc.getClientSecret()); @@ -121,8 +136,8 @@ public class RegisteredClientTest { */ @Test public void testRegisteredClientClientDetailsEntityStringString() { - ClientDetailsEntity c = new ClientDetailsEntity(); - + ClientDetailsEntity c = new ClientDetailsEntity(); + c.setClientId("s6BhdRkqt3"); c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk"); c.setApplicationType(ClientDetailsEntity.AppType.WEB); @@ -137,10 +152,10 @@ public class RegisteredClientTest { c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256)); c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org")); c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA")); - + // Create a RegisteredClient based on a ClientDetails, a token, and a server URI RegisteredClient rc = new RegisteredClient(c, "this.is.an.access.token.value.ffx83", "https://server.example.com/connect/register?client_id=s6BhdRkqt3"); - + // make sure all the pass-throughs work assertEquals("s6BhdRkqt3", rc.getClientId()); assertEquals("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk", rc.getClientSecret()); diff --git a/openid-connect-common/src/test/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessorTest.java b/openid-connect-common/src/test/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessorTest.java index 5a09eea1d..4b78673a6 100644 --- a/openid-connect-common/src/test/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessorTest.java +++ b/openid-connect-common/src/test/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessorTest.java @@ -1,3 +1,18 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ /** * */ @@ -17,7 +32,8 @@ import com.google.gson.JsonObject; import com.nimbusds.jose.EncryptionMethod; import com.nimbusds.jose.JWEAlgorithm; -import static org.junit.Assert.*; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; /** * @author jricher @@ -30,30 +46,30 @@ public class ClientDetailsEntityJsonProcessorTest { */ @Test public void testParse() { - String json = " {\n" + - " \"application_type\": \"web\",\n" + - " \"redirect_uris\":\n" + - " [\"https://client.example.org/callback\",\n" + - " \"https://client.example.org/callback2\"],\n" + - " \"client_name\": \"My Example\",\n" + - " \"client_name#ja-Jpan-JP\":\n" + - " \"クライアント名\",\n" + + String json = " {\n" + + " \"application_type\": \"web\",\n" + + " \"redirect_uris\":\n" + + " [\"https://client.example.org/callback\",\n" + + " \"https://client.example.org/callback2\"],\n" + + " \"client_name\": \"My Example\",\n" + + " \"client_name#ja-Jpan-JP\":\n" + + " \"クライアント名\",\n" + " \"response_types\": [\"code\", \"token\"],\n" + " \"grant_types\": [\"authorization_code\", \"implicit\"],\n" + - " \"logo_uri\": \"https://client.example.org/logo.png\",\n" + - " \"subject_type\": \"pairwise\",\n" + - " \"sector_identifier_uri\":\n" + - " \"https://other.example.net/file_of_redirect_uris.json\",\n" + - " \"token_endpoint_auth_method\": \"client_secret_basic\",\n" + - " \"jwks_uri\": \"https://client.example.org/my_public_keys.jwks\",\n" + - " \"userinfo_encrypted_response_alg\": \"RSA1_5\",\n" + - " \"userinfo_encrypted_response_enc\": \"A128CBC-HS256\",\n" + - " \"contacts\": [\"ve7jtb@example.org\", \"mary@example.org\"],\n" + - " \"request_uris\":\n" + - " [\"https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA\"]\n" + + " \"logo_uri\": \"https://client.example.org/logo.png\",\n" + + " \"subject_type\": \"pairwise\",\n" + + " \"sector_identifier_uri\":\n" + + " \"https://other.example.net/file_of_redirect_uris.json\",\n" + + " \"token_endpoint_auth_method\": \"client_secret_basic\",\n" + + " \"jwks_uri\": \"https://client.example.org/my_public_keys.jwks\",\n" + + " \"userinfo_encrypted_response_alg\": \"RSA1_5\",\n" + + " \"userinfo_encrypted_response_enc\": \"A128CBC-HS256\",\n" + + " \"contacts\": [\"ve7jtb@example.org\", \"mary@example.org\"],\n" + + " \"request_uris\":\n" + + " [\"https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA\"]\n" + " }"; ClientDetailsEntity c = ClientDetailsEntityJsonProcessor.parse(json); - + assertEquals(ClientDetailsEntity.AppType.WEB, c.getApplicationType()); assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), c.getRedirectUris()); assertEquals("My Example", c.getClientName()); @@ -68,7 +84,7 @@ public class ClientDetailsEntityJsonProcessorTest { assertEquals(EncryptionMethod.A128CBC_HS256, c.getUserInfoEncryptedResponseEnc().getAlgorithm()); assertEquals(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"), c.getContacts()); assertEquals(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"), c.getRequestUris()); - + } /** @@ -76,41 +92,41 @@ public class ClientDetailsEntityJsonProcessorTest { */ @Test public void testParseRegistered() { - String json = " {\n" + - " \"client_id\": \"s6BhdRkqt3\",\n" + - " \"client_secret\":\n" + - " \"ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk\",\n" + - " \"client_secret_expires_at\": 1577858400,\n" + - " \"registration_access_token\":\n" + - " \"this.is.an.access.token.value.ffx83\",\n" + - " \"registration_client_uri\":\n" + - " \"https://server.example.com/connect/register?client_id=s6BhdRkqt3\",\n" + - " \"token_endpoint_auth_method\":\n" + - " \"client_secret_basic\",\n" + - " \"application_type\": \"web\",\n" + - " \"redirect_uris\":\n" + - " [\"https://client.example.org/callback\",\n" + - " \"https://client.example.org/callback2\"],\n" + - " \"client_name\": \"My Example\",\n" + - " \"client_name#ja-Jpan-JP\":\n" + - " \"クライアント名\",\n" + + String json = " {\n" + + " \"client_id\": \"s6BhdRkqt3\",\n" + + " \"client_secret\":\n" + + " \"ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk\",\n" + + " \"client_secret_expires_at\": 1577858400,\n" + + " \"registration_access_token\":\n" + + " \"this.is.an.access.token.value.ffx83\",\n" + + " \"registration_client_uri\":\n" + + " \"https://server.example.com/connect/register?client_id=s6BhdRkqt3\",\n" + + " \"token_endpoint_auth_method\":\n" + + " \"client_secret_basic\",\n" + + " \"application_type\": \"web\",\n" + + " \"redirect_uris\":\n" + + " [\"https://client.example.org/callback\",\n" + + " \"https://client.example.org/callback2\"],\n" + + " \"client_name\": \"My Example\",\n" + + " \"client_name#ja-Jpan-JP\":\n" + + " \"クライアント名\",\n" + " \"response_types\": [\"code\", \"token\"],\n" + " \"grant_types\": [\"authorization_code\", \"implicit\"],\n" + - " \"logo_uri\": \"https://client.example.org/logo.png\",\n" + - " \"subject_type\": \"pairwise\",\n" + - " \"sector_identifier_uri\":\n" + - " \"https://other.example.net/file_of_redirect_uris.json\",\n" + - " \"jwks_uri\": \"https://client.example.org/my_public_keys.jwks\",\n" + - " \"userinfo_encrypted_response_alg\": \"RSA1_5\",\n" + - " \"userinfo_encrypted_response_enc\": \"A128CBC-HS256\",\n" + - " \"contacts\": [\"ve7jtb@example.org\", \"mary@example.org\"],\n" + - " \"request_uris\":\n" + - " [\"https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA\"]\n" + + " \"logo_uri\": \"https://client.example.org/logo.png\",\n" + + " \"subject_type\": \"pairwise\",\n" + + " \"sector_identifier_uri\":\n" + + " \"https://other.example.net/file_of_redirect_uris.json\",\n" + + " \"jwks_uri\": \"https://client.example.org/my_public_keys.jwks\",\n" + + " \"userinfo_encrypted_response_alg\": \"RSA1_5\",\n" + + " \"userinfo_encrypted_response_enc\": \"A128CBC-HS256\",\n" + + " \"contacts\": [\"ve7jtb@example.org\", \"mary@example.org\"],\n" + + " \"request_uris\":\n" + + " [\"https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA\"]\n" + " }"; - + RegisteredClient c = ClientDetailsEntityJsonProcessor.parseRegistered(json); - + assertEquals("s6BhdRkqt3", c.getClientId()); assertEquals("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk", c.getClientSecret()); assertEquals(new Date(1577858400L * 1000L), c.getClientSecretExpiresAt()); @@ -139,7 +155,7 @@ public class ClientDetailsEntityJsonProcessorTest { @Test public void testSerialize() { RegisteredClient c = new RegisteredClient(); - + c.setClientId("s6BhdRkqt3"); c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk"); c.setClientSecretExpiresAt(new Date(1577858400L * 1000L)); @@ -159,7 +175,7 @@ public class ClientDetailsEntityJsonProcessorTest { c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256)); c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org")); c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA")); - + JsonObject j = ClientDetailsEntityJsonProcessor.serialize(c); assertEquals("s6BhdRkqt3", j.get("client_id").getAsString()); @@ -168,9 +184,9 @@ public class ClientDetailsEntityJsonProcessorTest { assertEquals("this.is.an.access.token.value.ffx83", j.get("registration_access_token").getAsString()); assertEquals("https://server.example.com/connect/register?client_id=s6BhdRkqt3", j.get("registration_client_uri").getAsString()); assertEquals(ClientDetailsEntity.AppType.WEB.getValue(), j.get("application_type").getAsString()); - for (JsonElement e : j.get("redirect_uris").getAsJsonArray()) { + for (JsonElement e : j.get("redirect_uris").getAsJsonArray()) { assertTrue(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2").contains(e.getAsString())); - } + } assertEquals("My Example", j.get("client_name").getAsString()); for (JsonElement e : j.get("response_types").getAsJsonArray()) { assertTrue(ImmutableSet.of("code", "token").contains(e.getAsString())); @@ -191,7 +207,7 @@ public class ClientDetailsEntityJsonProcessorTest { for (JsonElement e : j.get("request_uris").getAsJsonArray()) { assertTrue(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA").contains(e.getAsString())); } - + } } diff --git a/openid-connect-common/src/test/java/org/mitre/openid/connect/config/ConfigurationPropertiesBeanTest.java b/openid-connect-common/src/test/java/org/mitre/openid/connect/config/ConfigurationPropertiesBeanTest.java index 4820afdaa..e136b2f83 100644 --- a/openid-connect-common/src/test/java/org/mitre/openid/connect/config/ConfigurationPropertiesBeanTest.java +++ b/openid-connect-common/src/test/java/org/mitre/openid/connect/config/ConfigurationPropertiesBeanTest.java @@ -1,3 +1,18 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ /** * */ @@ -5,7 +20,7 @@ package org.mitre.openid.connect.config; import org.junit.Test; -import static org.junit.Assert.*; +import static org.junit.Assert.assertEquals; /** * @author jricher @@ -18,22 +33,22 @@ public class ConfigurationPropertiesBeanTest { */ @Test public void testConfigurationPropertiesBean() { - + // make sure the values that go in come back out unchanged ConfigurationPropertiesBean bean = new ConfigurationPropertiesBean(); - + String iss = "http://localhost:8080/openid-connect-server/"; String title = "OpenID Connect Server"; String logoUrl = "/images/logo.png"; - + bean.setIssuer(iss); bean.setTopbarTitle(title); bean.setLogoImageUrl(logoUrl); - + assertEquals(iss, bean.getIssuer()); assertEquals(title, bean.getTopbarTitle()); assertEquals(logoUrl, bean.getLogoImageUrl()); - + } } diff --git a/openid-connect-common/src/test/java/org/mitre/openid/connect/config/ServerConfigurationTest.java b/openid-connect-common/src/test/java/org/mitre/openid/connect/config/ServerConfigurationTest.java index 984855e2b..688a80ef5 100644 --- a/openid-connect-common/src/test/java/org/mitre/openid/connect/config/ServerConfigurationTest.java +++ b/openid-connect-common/src/test/java/org/mitre/openid/connect/config/ServerConfigurationTest.java @@ -1,3 +1,18 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ /** * */ @@ -5,7 +20,8 @@ package org.mitre.openid.connect.config; import org.junit.Test; -import static org.junit.Assert.*; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertTrue; /** * @author jricher @@ -24,7 +40,7 @@ public class ServerConfigurationTest { String issuer = "http://localhost:8080/openid-connect-server/"; String jwksUri = "http://localhost:8080/openid-connect-server/jwk"; String userInfoUri = "http://localhost:8080/openid-connect-server/userinfo"; - + ServerConfiguration sc = new ServerConfiguration(); sc.setAuthorizationEndpointUri(authorizationEndpointUri); sc.setTokenEndpointUri(tokenEndpointUri); @@ -32,17 +48,17 @@ public class ServerConfigurationTest { sc.setIssuer(issuer); sc.setJwksUri(jwksUri); sc.setUserInfoUri(userInfoUri); - + assertEquals(authorizationEndpointUri, sc.getAuthorizationEndpointUri()); assertEquals(tokenEndpointUri, sc.getTokenEndpointUri()); assertEquals(registrationEndpointUri, sc.getRegistrationEndpointUri()); assertEquals(issuer, sc.getIssuer()); assertEquals(jwksUri, sc.getJwksUri()); assertEquals(userInfoUri, sc.getUserInfoUri()); - + } - - + + /** * Test method for {@link org.mitre.openid.connect.config.ServerConfiguration#equals(java.lang.Object)}. */ @@ -54,7 +70,7 @@ public class ServerConfigurationTest { String issuer = "http://localhost:8080/openid-connect-server/"; String jwksUri = "http://localhost:8080/openid-connect-server/jwk"; String userInfoUri = "http://localhost:8080/openid-connect-server/userinfo"; - + ServerConfiguration sc1 = new ServerConfiguration(); sc1.setAuthorizationEndpointUri(authorizationEndpointUri); sc1.setTokenEndpointUri(tokenEndpointUri); @@ -62,7 +78,7 @@ public class ServerConfigurationTest { sc1.setIssuer(issuer); sc1.setJwksUri(jwksUri); sc1.setUserInfoUri(userInfoUri); - + ServerConfiguration sc2 = new ServerConfiguration(); sc2.setAuthorizationEndpointUri(authorizationEndpointUri); sc2.setTokenEndpointUri(tokenEndpointUri); @@ -72,7 +88,7 @@ public class ServerConfigurationTest { sc2.setUserInfoUri(userInfoUri); assertTrue(sc1.equals(sc2)); - + } } diff --git a/openid-connect-server/src/main/java/org/mitre/discovery/view/WebfingerView.java b/openid-connect-server/src/main/java/org/mitre/discovery/view/WebfingerView.java index 816eb7cbf..071a38c76 100644 --- a/openid-connect-server/src/main/java/org/mitre/discovery/view/WebfingerView.java +++ b/openid-connect-server/src/main/java/org/mitre/discovery/view/WebfingerView.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/discovery/web/DiscoveryEndpoint.java b/openid-connect-server/src/main/java/org/mitre/discovery/web/DiscoveryEndpoint.java index 78d4682d8..12ea910c0 100644 --- a/openid-connect-server/src/main/java/org/mitre/discovery/web/DiscoveryEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/discovery/web/DiscoveryEndpoint.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,10 +15,7 @@ ******************************************************************************/ package org.mitre.discovery.web; -import java.net.URI; -import java.net.URISyntaxException; import java.util.HashMap; -import java.util.List; import java.util.Map; import org.mitre.discovery.util.WebfingerURLNormalizer; @@ -39,7 +35,6 @@ import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.util.UriComponents; import com.google.common.base.Function; -import com.google.common.base.Splitter; import com.google.common.collect.Collections2; import com.google.common.collect.Lists; import com.nimbusds.jose.Algorithm; @@ -129,115 +124,115 @@ public class DiscoveryEndpoint { token_endpoint OPTIONAL. URL of the OP's OAuth 2.0 Token Endpoint [OpenID.Messages]. userinfo_endpoint - RECOMMENDED. URL of the OP's UserInfo Endpoint [OpenID.Messages]. This URL MUST use the https scheme + RECOMMENDED. URL of the OP's UserInfo Endpoint [OpenID.Messages]. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. check_session_iframe - OPTIONAL. URL of an OP endpoint that provides a page to support cross-origin communications for session state information with - the RP Client, using the HTML5 postMessage API. The page is loaded from an invisible iframe embedded in an RP page so that + OPTIONAL. URL of an OP endpoint that provides a page to support cross-origin communications for session state information with + the RP Client, using the HTML5 postMessage API. The page is loaded from an invisible iframe embedded in an RP page so that it can run in the OP's security context. See [OpenID.Session]. end_session_endpoint OPTIONAL. URL of the OP's endpoint that initiates logging out the End-User. See [OpenID.Session]. jwks_uri - REQUIRED. URL of the OP's JSON Web Key Set [JWK] document. This contains the signing key(s) the Client uses to - validate signatures from the OP. The JWK Set MAY also contain the Server's encryption key(s), - which are used by Clients to encrypt requests to the Server. When both signing and encryption keys are made available, + REQUIRED. URL of the OP's JSON Web Key Set [JWK] document. This contains the signing key(s) the Client uses to + validate signatures from the OP. The JWK Set MAY also contain the Server's encryption key(s), + which are used by Clients to encrypt requests to the Server. When both signing and encryption keys are made available, a use (Key Use) parameter value is REQUIRED for all keys in the document to indicate each key's intended usage. registration_endpoint RECOMMENDED. URL of the OP's Dynamic Client Registration Endpoint [OpenID.Registration]. scopes_supported - RECOMMENDED. JSON array containing a list of the OAuth 2.0 [RFC6749] scope values that this server supports. + RECOMMENDED. JSON array containing a list of the OAuth 2.0 [RFC6749] scope values that this server supports. The server MUST support the openid scope value. response_types_supported - REQUIRED. JSON array containing a list of the OAuth 2.0 response_type values that this server supports. + REQUIRED. JSON array containing a list of the OAuth 2.0 response_type values that this server supports. The server MUST support the code, id_token, and the token id_token response type values. grant_types_supported - OPTIONAL. JSON array containing a list of the OAuth 2.0 grant type values that this server supports. - The server MUST support the authorization_code and implicit grant type values - and MAY support the urn:ietf:params:oauth:grant-type:jwt-bearer grant type defined in OAuth JWT Bearer Token Profiles [OAuth.JWT]. + OPTIONAL. JSON array containing a list of the OAuth 2.0 grant type values that this server supports. + The server MUST support the authorization_code and implicit grant type values + and MAY support the urn:ietf:params:oauth:grant-type:jwt-bearer grant type defined in OAuth JWT Bearer Token Profiles [OAuth.JWT]. If omitted, the default value is ["authorization_code", "implicit"]. acr_values_supported OPTIONAL. JSON array containing a list of the Authentication Context Class References that this server supports. subject_types_supported REQUIRED. JSON array containing a list of the subject identifier types that this server supports. Valid types include pairwise and public. userinfo_signing_alg_values_supported - OPTIONAL. JSON array containing a list of the JWS [JWS] signing algorithms (alg values) [JWA] supported by the UserInfo Endpoint to + OPTIONAL. JSON array containing a list of the JWS [JWS] signing algorithms (alg values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT]. userinfo_encryption_alg_values_supported - OPTIONAL. JSON array containing a list of the JWE [JWE] encryption algorithms (alg values) [JWA] supported by the UserInfo Endpoint to + OPTIONAL. JSON array containing a list of the JWE [JWE] encryption algorithms (alg values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT]. userinfo_encryption_enc_values_supported - OPTIONAL. JSON array containing a list of the JWE encryption algorithms (enc values) [JWA] supported by the UserInfo Endpoint to + OPTIONAL. JSON array containing a list of the JWE encryption algorithms (enc values) [JWA] supported by the UserInfo Endpoint to encode the Claims in a JWT [JWT]. id_token_signing_alg_values_supported - REQUIRED. JSON array containing a list of the JWS signing algorithms (alg values) supported by the Authorization Server for the + REQUIRED. JSON array containing a list of the JWS signing algorithms (alg values) supported by the Authorization Server for the ID Token to encode the Claims in a JWT [JWT]. id_token_encryption_alg_values_supported - OPTIONAL. JSON array containing a list of the JWE encryption algorithms (alg values) supported by the Authorization Server for the + OPTIONAL. JSON array containing a list of the JWE encryption algorithms (alg values) supported by the Authorization Server for the ID Token to encode the Claims in a JWT [JWT]. id_token_encryption_enc_values_supported - OPTIONAL. JSON array containing a list of the JWE encryption algorithms (enc values) supported by the Authorization Server for the + OPTIONAL. JSON array containing a list of the JWE encryption algorithms (enc values) supported by the Authorization Server for the ID Token to encode the Claims in a JWT [JWT]. request_object_signing_alg_values_supported - OPTIONAL. JSON array containing a list of the JWS signing algorithms (alg values) supported by the Authorization Server for - the Request Object described in Section 2.9 of OpenID Connect Messages 1.0 [OpenID.Messages]. These algorithms are used both when - the Request Object is passed by value (using the request parameter) and when it is passed by reference (using the request_uri parameter). + OPTIONAL. JSON array containing a list of the JWS signing algorithms (alg values) supported by the Authorization Server for + the Request Object described in Section 2.9 of OpenID Connect Messages 1.0 [OpenID.Messages]. These algorithms are used both when + the Request Object is passed by value (using the request parameter) and when it is passed by reference (using the request_uri parameter). Servers SHOULD support none and RS256. request_object_encryption_alg_values_supported - OPTIONAL. JSON array containing a list of the JWE encryption algorithms (alg values) supported by the Authorization Server for - the Request Object described in Section 2.9 of OpenID Connect Messages 1.0 [OpenID.Messages]. These algorithms are used both when + OPTIONAL. JSON array containing a list of the JWE encryption algorithms (alg values) supported by the Authorization Server for + the Request Object described in Section 2.9 of OpenID Connect Messages 1.0 [OpenID.Messages]. These algorithms are used both when the Request Object is passed by value and when it is passed by reference. request_object_encryption_enc_values_supported - OPTIONAL. JSON array containing a list of the JWE encryption algorithms (enc values) supported by the Authorization Server for - the Request Object described in Section 2.9 of OpenID Connect Messages 1.0 [OpenID.Messages]. These algorithms are used both when + OPTIONAL. JSON array containing a list of the JWE encryption algorithms (enc values) supported by the Authorization Server for + the Request Object described in Section 2.9 of OpenID Connect Messages 1.0 [OpenID.Messages]. These algorithms are used both when the Request Object is passed by value and when it is passed by reference. token_endpoint_auth_methods_supported - OPTIONAL. JSON array containing a list of authentication methods supported by this Token Endpoint. - The options are client_secret_post, client_secret_basic, client_secret_jwt, and private_key_jwt, - as described in Section 2.2.1 of OpenID Connect Messages 1.0 [OpenID.Messages]. - Other authentication methods MAY be defined by extensions. - If omitted, the default is client_secret_basic -- the HTTP Basic Authentication Scheme as specified in + OPTIONAL. JSON array containing a list of authentication methods supported by this Token Endpoint. + The options are client_secret_post, client_secret_basic, client_secret_jwt, and private_key_jwt, + as described in Section 2.2.1 of OpenID Connect Messages 1.0 [OpenID.Messages]. + Other authentication methods MAY be defined by extensions. + If omitted, the default is client_secret_basic -- the HTTP Basic Authentication Scheme as specified in Section 2.3.1 of OAuth 2.0 [RFC6749]. token_endpoint_auth_signing_alg_values_supported - OPTIONAL. JSON array containing a list of the JWS signing algorithms (alg values) supported by the Token Endpoint for + OPTIONAL. JSON array containing a list of the JWS signing algorithms (alg values) supported by the Token Endpoint for the private_key_jwt and client_secret_jwt methods to encode the JWT [JWT]. Servers SHOULD support RS256. display_values_supported - OPTIONAL. JSON array containing a list of the display parameter values that the OpenID Provider supports. + OPTIONAL. JSON array containing a list of the display parameter values that the OpenID Provider supports. These values are described in Section 2.1.1 of OpenID Connect Messages 1.0 [OpenID.Messages]. claim_types_supported - OPTIONAL. JSON array containing a list of the Claim Types that the OpenID Provider supports. - These Claim Types are described in Section 2.6 of OpenID Connect Messages 1.0 [OpenID.Messages]. - Values defined by this specification are normal, aggregated, and distributed. + OPTIONAL. JSON array containing a list of the Claim Types that the OpenID Provider supports. + These Claim Types are described in Section 2.6 of OpenID Connect Messages 1.0 [OpenID.Messages]. + Values defined by this specification are normal, aggregated, and distributed. If not specified, the implementation supports only normal Claims. claims_supported - RECOMMENDED. JSON array containing a list of the Claim Names of the Claims that the OpenID Provider MAY be able to supply values for. + RECOMMENDED. JSON array containing a list of the Claim Names of the Claims that the OpenID Provider MAY be able to supply values for. Note that for privacy or other reasons, this might not be an exhaustive list. service_documentation - OPTIONAL. URL of a page containing human-readable information that developers might want or need to know when using the OpenID Provider. - In particular, if the OpenID Provider does not support Dynamic Client Registration, then information on how to register Clients needs + OPTIONAL. URL of a page containing human-readable information that developers might want or need to know when using the OpenID Provider. + In particular, if the OpenID Provider does not support Dynamic Client Registration, then information on how to register Clients needs to be provided in this documentation. claims_locales_supported - OPTIONAL. Languages and scripts supported for values in Claims being returned, represented as a JSON array of + OPTIONAL. Languages and scripts supported for values in Claims being returned, represented as a JSON array of BCP47 [RFC5646] language tag values. Not all languages and scripts are necessarily supported for all Claim values. ui_locales_supported OPTIONAL. Languages and scripts supported for the user interface, represented as a JSON array of BCP47 [RFC5646] language tag values. claims_parameter_supported - OPTIONAL. Boolean value specifying whether the OP supports use of the claims parameter, with true indicating support. + OPTIONAL. Boolean value specifying whether the OP supports use of the claims parameter, with true indicating support. If omitted, the default value is false. request_parameter_supported - OPTIONAL. Boolean value specifying whether the OP supports use of the request parameter, with true indicating support. + OPTIONAL. Boolean value specifying whether the OP supports use of the request parameter, with true indicating support. If omitted, the default value is false. request_uri_parameter_supported - OPTIONAL. Boolean value specifying whether the OP supports use of the request_uri parameter, with true indicating support. + OPTIONAL. Boolean value specifying whether the OP supports use of the request_uri parameter, with true indicating support. If omitted, the default value is true. require_request_uri_registration - OPTIONAL. Boolean value specifying whether the OP requires any request_uri values used to be pre-registered using + OPTIONAL. Boolean value specifying whether the OP requires any request_uri values used to be pre-registered using the request_uris registration parameter. Pre-registration is REQUIRED when the value is true. If omitted, the default value is false. op_policy_uri - OPTIONAL. URL that the OpenID Provider provides to the person registering the Client to read about the OP's requirements on - how the Relying Party can use the data provided by the OP. The registration process SHOULD display this URL to the person registering + OPTIONAL. URL that the OpenID Provider provides to the person registering the Client to read about the OP's requirements on + how the Relying Party can use the data provided by the OP. The registration process SHOULD display this URL to the person registering the Client if it is given. op_tos_uri - OPTIONAL. URL that the OpenID Provider provides to the person registering the Client to read about OpenID Provider's terms of service. + OPTIONAL. URL that the OpenID Provider provides to the person registering the Client to read about OpenID Provider's terms of service. The registration process SHOULD display this URL to the person registering the Client if it is given. */ String baseUrl = config.getIssuer(); diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/exception/DuplicateClientIdException.java b/openid-connect-server/src/main/java/org/mitre/oauth2/exception/DuplicateClientIdException.java index 66f31391a..ec1bb2449 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/exception/DuplicateClientIdException.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/exception/DuplicateClientIdException.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/exception/NonceReuseException.java b/openid-connect-server/src/main/java/org/mitre/oauth2/exception/NonceReuseException.java index fee33064e..b867b7609 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/exception/NonceReuseException.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/exception/NonceReuseException.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthenticationHolderRepository.java b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthenticationHolderRepository.java index a16d4af70..c284e6ac7 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthenticationHolderRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthenticationHolderRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java index 6b6607839..af9f5f1d9 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2ClientRepository.java b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2ClientRepository.java index 364bb2bcb..46bb88b69 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2ClientRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2ClientRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2TokenRepository.java b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2TokenRepository.java index 9b009225f..535f5ff67 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2TokenRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaOAuth2TokenRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -48,10 +47,10 @@ public class JpaOAuth2TokenRepository implements OAuth2TokenRepository { @Override public Set getAllRefreshTokens() { TypedQuery query = manager.createNamedQuery("OAuth2RefreshTokenEntity.getAll", OAuth2RefreshTokenEntity.class); - return new LinkedHashSet(query.getResultList()); + return new LinkedHashSet(query.getResultList()); } - + @Override public OAuth2AccessTokenEntity getAccessTokenByValue(String accessTokenValue) { TypedQuery query = manager.createNamedQuery("OAuth2AccessTokenEntity.getByTokenValue", OAuth2AccessTokenEntity.class); diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaSystemScopeRepository.java b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaSystemScopeRepository.java index 362e62afe..36d27fa70 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaSystemScopeRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaSystemScopeRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java index 92eef8aa0..c00a9c4f0 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java index bd38821b9..a27367aae 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ClientDetailsEntityService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -56,7 +55,7 @@ public class DefaultOAuth2ClientDetailsEntityService implements ClientDetailsEnt @Autowired private BlacklistedSiteService blacklistedSiteService; - + @Override public ClientDetailsEntity saveNewClient(ClientDetailsEntity client) { if (client.getId() != null) { // if it's not null, it's already been saved, this is an error diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java index e926afa0a..c92eecddb 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -72,42 +71,46 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi @Autowired private TokenEnhancer tokenEnhancer; + @Override public Set getAllAccessTokensForUser(String id) { - + Set all = tokenRepository.getAllAccessTokens(); Set results = Sets.newLinkedHashSet(); - + for (OAuth2AccessTokenEntity token : all) { if (token.getAuthenticationHolder().getAuthentication().getName().equals(id)) { results.add(token); } } - + return results; } - - + + + @Override public Set getAllRefreshTokensForUser(String id) { Set all = tokenRepository.getAllRefreshTokens(); Set results = Sets.newLinkedHashSet(); - + for (OAuth2RefreshTokenEntity token : all) { if (token.getAuthenticationHolder().getAuthentication().getName().equals(id)) { results.add(token); } } - + return results; } - + + @Override public OAuth2AccessTokenEntity getAccessTokenById(Long id) { return tokenRepository.getAccessTokenById(id); } - + + @Override public OAuth2RefreshTokenEntity getRefreshTokenById(Long id) { return tokenRepository.getRefreshTokenById(id); } - + @Override public OAuth2AccessTokenEntity createAccessToken(OAuth2Authentication authentication) throws AuthenticationException, InvalidClientException { if (authentication != null && authentication.getAuthorizationRequest() != null) { diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java index d15e61956..e860ff2f2 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultSystemScopeService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/token/ChainedTokenGranter.java b/openid-connect-server/src/main/java/org/mitre/oauth2/token/ChainedTokenGranter.java index 4a3f36bab..508365f11 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/token/ChainedTokenGranter.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/token/ChainedTokenGranter.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/token/JwtAssertionTokenGranter.java b/openid-connect-server/src/main/java/org/mitre/oauth2/token/JwtAssertionTokenGranter.java index f3474d675..4d830bc7b 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/token/JwtAssertionTokenGranter.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/token/JwtAssertionTokenGranter.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/view/TokenIntrospectionView.java b/openid-connect-server/src/main/java/org/mitre/oauth2/view/TokenIntrospectionView.java index 291679440..58ef80238 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/view/TokenIntrospectionView.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/view/TokenIntrospectionView.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -37,10 +36,8 @@ import com.google.gson.ExclusionStrategy; import com.google.gson.FieldAttributes; import com.google.gson.Gson; import com.google.gson.GsonBuilder; -import com.google.gson.JsonArray; import com.google.gson.JsonElement; import com.google.gson.JsonObject; -import com.google.gson.JsonPrimitive; import com.google.gson.JsonSerializationContext; import com.google.gson.JsonSerializer; @@ -96,7 +93,7 @@ public class TokenIntrospectionView extends AbstractView { token.addProperty("scope", Joiner.on(" ").join(src.getScope())); token.add("exp", context.serialize(src.getExpiration())); - + //token.addProperty("audience", src.getAuthenticationHolder().getAuthentication().getAuthorizationRequest().getClientId()); token.addProperty("sub", src.getAuthenticationHolder().getAuthentication().getName()); @@ -104,7 +101,7 @@ public class TokenIntrospectionView extends AbstractView { token.addProperty("client_id", src.getAuthenticationHolder().getAuthentication().getAuthorizationRequest().getClientId()); token.addProperty("token_type", src.getTokenType()); - + return token; } @@ -119,7 +116,7 @@ public class TokenIntrospectionView extends AbstractView { token.addProperty("scope", Joiner.on(" ").join(src.getAuthenticationHolder().getAuthentication().getAuthorizationRequest().getScope())); token.add("exp", context.serialize(src.getExpiration())); - + //token.addProperty("audience", src.getAuthenticationHolder().getAuthentication().getAuthorizationRequest().getClientId()); token.addProperty("sub", src.getAuthenticationHolder().getAuthentication().getName()); diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/web/AccessTokenAPI.java b/openid-connect-server/src/main/java/org/mitre/oauth2/web/AccessTokenAPI.java index 6befebaa7..84663d6db 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/web/AccessTokenAPI.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/web/AccessTokenAPI.java @@ -1,3 +1,18 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ package org.mitre.oauth2.web; import java.security.Principal; @@ -9,8 +24,6 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; -import org.springframework.security.access.prepost.PreAuthorize; -import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestMapping; @@ -28,9 +41,9 @@ public class AccessTokenAPI { @Autowired private OAuth2TokenEntityService tokenService; - + private static Logger logger = LoggerFactory.getLogger(AccessTokenAPI.class); - + @RequestMapping(value = "", method = RequestMethod.GET, produces = "application/json") public String getAll(ModelMap m, Principal p) { @@ -38,18 +51,18 @@ public class AccessTokenAPI { m.put("entity", allTokens); return "jsonEntityView"; } - + @RequestMapping(value = "/{id}", method = RequestMethod.GET, produces = "application/json") public String getById(@PathVariable("id") Long id, ModelMap m, Principal p) { - + OAuth2AccessTokenEntity token = tokenService.getAccessTokenById(id); - - if (token == null) { + + if (token == null) { logger.error("getToken failed; token not found: " + id); m.put("code", HttpStatus.NOT_FOUND); m.put("errorMessage", "The requested token with id " + id + " could not be found."); return "jsonErrorView"; - } else if (!token.getAuthenticationHolder().getAuthentication().getName().equals(p.getName())) { + } else if (!token.getAuthenticationHolder().getAuthentication().getName().equals(p.getName())) { logger.error("getToken failed; token does not belong to principal " + p.getName()); m.put("code", HttpStatus.FORBIDDEN); m.put("errorMessage", "You do not have permission to view this token"); @@ -59,5 +72,5 @@ public class AccessTokenAPI { return "jsonEntityView"; } } - + } diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java b/openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java index 5a181d6c5..8a8ef0c78 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,7 +16,6 @@ package org.mitre.oauth2.web; import java.security.Principal; -import java.util.Collection; import java.util.Map; import java.util.Set; @@ -61,10 +59,10 @@ public class IntrospectionEndpoint { @PreAuthorize("hasRole('ROLE_CLIENT')") @RequestMapping("/introspect") - public String verify(@RequestParam("token") String tokenValue, - @RequestParam(value = "resource_id", required = false) String resourceId, - @RequestParam(value = "token_type_hint", required = false) String tokenType, - Principal p, Model model) { + public String verify(@RequestParam("token") String tokenValue, + @RequestParam(value = "resource_id", required = false) String resourceId, + @RequestParam(value = "token_type_hint", required = false) String tokenType, + Principal p, Model model) { if (Strings.isNullOrEmpty(tokenValue)) { logger.error("Verify failed; token value is null"); @@ -77,30 +75,30 @@ public class IntrospectionEndpoint { ClientDetailsEntity tokenClient = null; Set scopes = null; Object token = null; - + try { - + // check access tokens first (includes ID tokens) OAuth2AccessTokenEntity access = tokenServices.readAccessToken(tokenValue); - + tokenClient = access.getClient(); scopes = access.getScope(); - + token = access; - + } catch (InvalidTokenException e) { logger.error("Verify failed; Invalid access token. Checking refresh token.", e); try { - + // check refresh tokens next OAuth2RefreshTokenEntity refresh = tokenServices.getRefreshToken(tokenValue); - + tokenClient = refresh.getClient(); scopes = refresh.getAuthenticationHolder().getAuthentication().getAuthorizationRequest().getScope(); - + token = refresh; - - } catch (InvalidTokenException e2) { + + } catch (InvalidTokenException e2) { logger.error("Verify failed; Invalid refresh token", e2); Map entity = ImmutableMap.of("active", Boolean.FALSE); model.addAttribute("entity", entity); diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java b/openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java index 1efd39eb2..8da45752b 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/web/RefreshTokenAPI.java b/openid-connect-server/src/main/java/org/mitre/oauth2/web/RefreshTokenAPI.java index 08f69726c..631cc5e7b 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/web/RefreshTokenAPI.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/web/RefreshTokenAPI.java @@ -1,3 +1,18 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ package org.mitre.oauth2.web; import java.security.Principal; @@ -9,8 +24,6 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; -import org.springframework.security.access.prepost.PreAuthorize; -import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestMapping; @@ -29,9 +42,9 @@ public class RefreshTokenAPI { @Autowired private OAuth2TokenEntityService tokenService; - + private static Logger logger = LoggerFactory.getLogger(RefreshTokenAPI.class); - + @RequestMapping(value = "", method = RequestMethod.GET, produces = "application/json") public String getAll(ModelMap m, Principal p) { @@ -41,18 +54,18 @@ public class RefreshTokenAPI { return "jsonEntityView"; } - + @RequestMapping(value = "/{id}", method = RequestMethod.GET, produces = "application/json") public String getById(@PathVariable("id") Long id, ModelMap m, Principal p) { - + OAuth2RefreshTokenEntity token = tokenService.getRefreshTokenById(id); - - if (token == null) { + + if (token == null) { logger.error("getToken failed; token not found: " + id); m.put("code", HttpStatus.NOT_FOUND); m.put("errorMessage", "The requested token with id " + id + " could not be found."); return "jsonErrorView"; - } else if (!token.getAuthenticationHolder().getAuthentication().getName().equals(p.getName())) { + } else if (!token.getAuthenticationHolder().getAuthentication().getName().equals(p.getName())) { logger.error("getToken failed; token does not belong to principal " + p.getName()); m.put("code", HttpStatus.FORBIDDEN); m.put("errorMessage", "You do not have permission to view this token"); @@ -62,5 +75,5 @@ public class RefreshTokenAPI { return "jsonEntityView"; } } - + } diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/web/RevocationEndpoint.java b/openid-connect-server/src/main/java/org/mitre/oauth2/web/RevocationEndpoint.java index bf0cf834c..65290d98b 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/web/RevocationEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/web/RevocationEndpoint.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java b/openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java index 757376fe3..e05509365 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectAuthorizationRequestManager.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectAuthorizationRequestManager.java index c1bd89a27..d1262bac4 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectAuthorizationRequestManager.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectAuthorizationRequestManager.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -231,7 +230,7 @@ public class ConnectAuthorizationRequestManager implements AuthorizationRequestM } } catch (ParseException e) { - + logger.error("Failed to process request object, error was: ", e); } return parameters; diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerAssertionAuthenticationToken.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerAssertionAuthenticationToken.java index 0f27394c6..c2d121718 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerAssertionAuthenticationToken.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerAssertionAuthenticationToken.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerAuthenticationProvider.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerAuthenticationProvider.java index cc0fb8bdb..c6c44d53a 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerAuthenticationProvider.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerAuthenticationProvider.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -136,9 +135,9 @@ public class JwtBearerAuthenticationProvider implements AuthenticationProvider { } catch (InvalidClientException e) { throw new UsernameNotFoundException("Could not find client: " + jwtAuth.getClientId()); } catch (ParseException e) { - + logger.error("Failure during authentication, error was: ", e); - + throw new AuthenticationServiceException("Invalid JWT format"); } } diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerClientAssertionTokenEndpointFilter.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerClientAssertionTokenEndpointFilter.java index dbbbc60d8..7fac81e44 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerClientAssertionTokenEndpointFilter.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/assertion/JwtBearerClientAssertionTokenEndpointFilter.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/filter/PromptFilter.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/filter/PromptFilter.java index 0e7fad904..9267d1391 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/filter/PromptFilter.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/filter/PromptFilter.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaAddressRepository.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaAddressRepository.java index 56793e6fe..58481cd70 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaAddressRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaAddressRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaApprovedSiteRepository.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaApprovedSiteRepository.java index 5c1f642aa..3d73663e1 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaApprovedSiteRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaApprovedSiteRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,8 +15,6 @@ ******************************************************************************/ package org.mitre.openid.connect.repository.impl; -import static org.mitre.util.jpa.JpaUtil.saveOrUpdate; - import java.util.Collection; import javax.persistence.EntityManager; @@ -29,6 +26,8 @@ import org.mitre.openid.connect.repository.ApprovedSiteRepository; import org.springframework.stereotype.Repository; import org.springframework.transaction.annotation.Transactional; +import static org.mitre.util.jpa.JpaUtil.saveOrUpdate; + /** * JPA ApprovedSite repository implementation * @@ -101,7 +100,7 @@ public class JpaApprovedSiteRepository implements ApprovedSiteRepository { return query.getResultList(); } - + @Override @Transactional public Collection getExpired() { diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaBlacklistedSiteRepository.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaBlacklistedSiteRepository.java index 69c4d5ee6..2638f9eff 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaBlacklistedSiteRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaBlacklistedSiteRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaEventRepository.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaEventRepository.java index 80bdea045..10ef8a931 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaEventRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaEventRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaNonceRepository.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaNonceRepository.java index 431c882df..721455b62 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaNonceRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaNonceRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaUserInfoRepository.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaUserInfoRepository.java index 27a4853a8..32319fa65 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaUserInfoRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaUserInfoRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaWhitelistedSiteRepository.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaWhitelistedSiteRepository.java index dddf4b0a3..be15c18b4 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaWhitelistedSiteRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/repository/impl/JpaWhitelistedSiteRepository.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultApprovedSiteService.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultApprovedSiteService.java index 6b768d432..c1a6ea425 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultApprovedSiteService.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultApprovedSiteService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -42,7 +41,7 @@ import org.springframework.transaction.annotation.Transactional; public class DefaultApprovedSiteService implements ApprovedSiteService { private static Logger logger = LoggerFactory.getLogger(DefaultApprovedSiteService.class); - + @Autowired private ApprovedSiteRepository approvedSiteRepository; @@ -125,12 +124,12 @@ public class DefaultApprovedSiteService implements ApprovedSiteService { } } } - + @Override public void clearExpiredSites() { - + logger.info("Clearing expired approved sites"); - + Collection expiredSites = approvedSiteRepository.getExpired(); if (expiredSites != null) { for (ApprovedSite expired : expiredSites) { diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultBlacklistedSiteService.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultBlacklistedSiteService.java index cea94da0a..d883967e3 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultBlacklistedSiteService.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultBlacklistedSiteService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultNonceService.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultNonceService.java index 8605a7be3..366d4440a 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultNonceService.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultNonceService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -112,7 +111,7 @@ public class DefaultNonceService implements NonceService { } @Override - //We are eventually deleting this class, but if we weren't, + //We are eventually deleting this class, but if we weren't, //this would have been moved to application-context.xml for easier configuration. //@Scheduled(fixedRate = 5 * 60 * 1000) // schedule this task every five minutes public void clearExpiredNonces() { diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultStatsService.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultStatsService.java index 6e70a91a6..b03aeea9f 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultStatsService.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultStatsService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -22,7 +21,6 @@ package org.mitre.openid.connect.service.impl; import java.util.Collection; import java.util.HashMap; import java.util.HashSet; -import java.util.List; import java.util.Map; import java.util.Set; @@ -46,7 +44,7 @@ public class DefaultStatsService implements StatsService { @Autowired private ApprovedSiteService approvedSiteService; - + @Autowired private ClientDetailsEntityService clientService; @@ -74,8 +72,8 @@ public class DefaultStatsService implements StatsService { /* (non-Javadoc) * @see org.mitre.openid.connect.service.StatsService#calculateByClientId() */ - @Override - public Map calculateByClientId() { + @Override + public Map calculateByClientId() { // get all approved sites Collection allSites = approvedSiteService.getAll(); @@ -83,39 +81,39 @@ public class DefaultStatsService implements StatsService { for (ApprovedSite approvedSite : allSites) { clientIds.add(approvedSite.getClientId()); } - + Map counts = getEmptyClientCountMap(); for (String clientId : clientIds) { - ClientDetailsEntity client = clientService.loadClientByClientId(clientId); - counts.put(client.getId(), clientIds.count(clientId)); - } - - return counts; - } + ClientDetailsEntity client = clientService.loadClientByClientId(clientId); + counts.put(client.getId(), clientIds.count(clientId)); + } + + return counts; + } /* (non-Javadoc) * @see org.mitre.openid.connect.service.StatsService#countForClientId(java.lang.String) */ - @Override - public Integer countForClientId(Long id) { - - Map counts = calculateByClientId(); - return counts.get(id); - - } - - /** - * Create a new map of all client ids set to zero - * @return - */ - private Map getEmptyClientCountMap() { + @Override + public Integer countForClientId(Long id) { + + Map counts = calculateByClientId(); + return counts.get(id); + + } + + /** + * Create a new map of all client ids set to zero + * @return + */ + private Map getEmptyClientCountMap() { Map counts = new HashMap(); - Collection clients = clientService.getAllClients(); - for (ClientDetailsEntity client : clients) { - counts.put(client.getId(), 0); - } - - return counts; - } + Collection clients = clientService.getAllClients(); + for (ClientDetailsEntity client : clients) { + counts.put(client.getId(), 0); + } + + return counts; + } } diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoService.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoService.java index 4ac665287..b667c7f27 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoService.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoUserDetailsService.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoUserDetailsService.java index ef49dbf07..5686e2e07 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoUserDetailsService.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultUserInfoUserDetailsService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -46,7 +45,7 @@ public class DefaultUserInfoUserDetailsService implements UserDetailsService { public static final GrantedAuthority ROLE_ADMIN = new SimpleGrantedAuthority("ROLE_ADMIN"); private List admins = new ArrayList(); - + @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { UserInfo userInfo = repository.getByUsername(username); diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultWhitelistedSiteService.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultWhitelistedSiteService.java index 30f48fe2d..8abf315aa 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultWhitelistedSiteService.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultWhitelistedSiteService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java index 2dc8e8c9e..39ef59e29 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -174,11 +173,11 @@ public class ConnectTokenEnhancer implements TokenEnhancer { idClaims.setClaim("at_hash", at_hash); } catch (NoSuchAlgorithmException e) { - + logger.error("No such algorithm error: ", e); - + } catch (InvalidKeyException e) { - + logger.error("Invalid key error: ", e); } diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/token/TofuUserApprovalHandler.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/token/TofuUserApprovalHandler.java index 33457cc13..721dc6789 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/token/TofuUserApprovalHandler.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/token/TofuUserApprovalHandler.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/AbstractClientEntityView.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/AbstractClientEntityView.java index b2ce084e8..2fd361d40 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/AbstractClientEntityView.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/AbstractClientEntityView.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -96,33 +95,33 @@ public abstract class AbstractClientEntityView extends AbstractView { /** * @return */ - protected abstract ExclusionStrategy getExclusionStrategy(); + protected abstract ExclusionStrategy getExclusionStrategy(); - @Override - protected void renderMergedOutputModel(Map model, HttpServletRequest request, HttpServletResponse response) { + @Override + protected void renderMergedOutputModel(Map model, HttpServletRequest request, HttpServletResponse response) { - response.setContentType("application/json"); + response.setContentType("application/json"); - HttpStatus code = (HttpStatus) model.get("code"); - if (code == null) { - code = HttpStatus.OK; // default to 200 - } + HttpStatus code = (HttpStatus) model.get("code"); + if (code == null) { + code = HttpStatus.OK; // default to 200 + } - response.setStatus(code.value()); + response.setStatus(code.value()); - try { + try { - Writer out = response.getWriter(); - Object obj = model.get("entity"); - gson.toJson(obj, out); + Writer out = response.getWriter(); + Object obj = model.get("entity"); + gson.toJson(obj, out); - } catch (IOException e) { + } catch (IOException e) { - logger.error("IOException in JsonEntityView.java: ", e); + logger.error("IOException in JsonEntityView.java: ", e); - } - } + } + } } diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientEntityViewForAdmins.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientEntityViewForAdmins.java index df28945ff..f8389e4dc 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientEntityViewForAdmins.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientEntityViewForAdmins.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientEntityViewForUsers.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientEntityViewForUsers.java index e8bba8c61..118774cd2 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientEntityViewForUsers.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientEntityViewForUsers.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientInformationResponseView.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientInformationResponseView.java index 549ed8330..654aff466 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientInformationResponseView.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/ClientInformationResponseView.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -50,7 +49,7 @@ import com.google.gson.JsonObject; public class ClientInformationResponseView extends AbstractView { private static Logger logger = LoggerFactory.getLogger(ClientInformationResponseView.class); - + // note that this won't serialize nulls by default private Gson gson = new Gson(); @@ -65,7 +64,7 @@ public class ClientInformationResponseView extends AbstractView { RegisteredClient c = (RegisteredClient) model.get("client"); //OAuth2AccessTokenEntity token = (OAuth2AccessTokenEntity) model.get("token"); //String uri = (String)model.get("uri"); //request.getRequestURL() + "/" + c.getClientId(); - + HttpStatus code = (HttpStatus) model.get("code"); if (code == null) { code = HttpStatus.OK; @@ -77,13 +76,13 @@ public class ClientInformationResponseView extends AbstractView { Writer out = response.getWriter(); gson.toJson(o, out); } catch (JsonIOException e) { - + logger.error("JsonIOException in ClientInformationResponseView.java: ", e); - + } catch (IOException e) { - + logger.error("IOException in ClientInformationResponseView.java: ", e); - + } } diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/HttpCodeView.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/HttpCodeView.java index 9ce73d968..2675d7e75 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/HttpCodeView.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/HttpCodeView.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonEntityView.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonEntityView.java index 84652fd6f..f2c3db332 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonEntityView.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonEntityView.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonErrorView.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonErrorView.java index c0446ca53..42f95eb1c 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonErrorView.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonErrorView.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java index 960d47f59..dba05ec4a 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -116,7 +115,7 @@ public class UserInfoView extends AbstractView { } } catch (IOException e) { - + logger.error("IOException in UserInfoView.java: ", e); } diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java index 13ff6764a..7724aa3ec 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/AuthenticationTimeStamper.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/AuthenticationTimeStamper.java index c67009f8a..53160a56f 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/AuthenticationTimeStamper.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/AuthenticationTimeStamper.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java index 4290d89f3..663f918a6 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java index bcb2c8a7f..b50303c16 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java index 365d714cc..27a6055ad 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,14 +13,11 @@ * See the License for the specific language governing permissions and * limitations under the License. ******************************************************************************/ - package org.mitre.openid.connect.web; import java.util.Set; import java.util.concurrent.TimeUnit; -import org.apache.http.client.utils.URIUtils; -import org.apache.http.client.utils.URLEncodedUtils; import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod; import org.mitre.oauth2.model.OAuth2AccessTokenEntity; @@ -63,7 +59,7 @@ public class ClientDynamicRegistrationEndpoint { @Autowired private SystemScopeService scopeService; - + @Autowired private ConfigurationPropertiesBean config; @@ -152,15 +148,15 @@ public class ClientDynamicRegistrationEndpoint { OAuth2AccessTokenEntity token = createRegistrationAccessToken(savedClient); // send it all out to the view - + // TODO: urlencode the client id for safety? RegisteredClient registered = new RegisteredClient(savedClient, token.getValue(), config.getIssuer() + "register/" + savedClient.getClientId()); - + m.addAttribute("client", registered); m.addAttribute("code", HttpStatus.CREATED); // http 201 //m.addAttribute("token", token); //m.addAttribute("uri", config.getIssuer() + "register/" + savedClient.getClientId()); - + return "clientInformationResponseView"; } else { // didn't parse, this is a bad request diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/JsonWebKeyEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/JsonWebKeyEndpoint.java index e244752ae..8e7c9e6d4 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/JsonWebKeyEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/JsonWebKeyEndpoint.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ManagerController.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ManagerController.java index 4d119ea2a..2d2927de9 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ManagerController.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ManagerController.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java index 1173bf7a8..a061f1263 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/RequestObjectAuthorizationEndpoint.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ServerConfigInterceptor.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ServerConfigInterceptor.java index baf3bfda4..415da09b9 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ServerConfigInterceptor.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ServerConfigInterceptor.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/StatsAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/StatsAPI.java index 063b99b6f..800252ae0 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/StatsAPI.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/StatsAPI.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -44,22 +43,22 @@ public class StatsAPI { return "jsonEntityView"; } - + @RequestMapping(value = "byclientid", produces = "application/json") public String statsByClient(ModelMap m) { Map e = statsService.calculateByClientId(); - + m.put("entity", e); - + return "jsonEntityView"; } - + @RequestMapping(value = "byclientid/{id}", produces = "application/json") public String statsByClientId(@PathVariable("id") Long id, ModelMap m) { Integer e = statsService.countForClientId(id); - + m.put("entity", e); - + return "jsonEntityView"; } diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java index 3b8626b41..c54f51a10 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/UserInfoEndpoint.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java index ce3ed070d..5ffe0b23c 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultOAuth2ClientDetailsEntityService.java b/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultOAuth2ClientDetailsEntityService.java index fed2f26d7..ba47adbf4 100644 --- a/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultOAuth2ClientDetailsEntityService.java +++ b/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultOAuth2ClientDetailsEntityService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,12 +15,8 @@ ******************************************************************************/ package org.mitre.oauth2.service.impl; -import static org.junit.Assert.*; -import static org.hamcrest.CoreMatchers.*; - import java.util.Set; - import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; @@ -33,6 +28,7 @@ import org.mitre.openid.connect.service.ApprovedSiteService; import org.mitre.openid.connect.service.BlacklistedSiteService; import org.mitre.openid.connect.service.WhitelistedSiteService; import org.mockito.InjectMocks; +import org.mockito.Matchers; import org.mockito.Mock; import org.mockito.Mockito; import org.mockito.runners.MockitoJUnitRunner; @@ -40,6 +36,11 @@ import org.springframework.security.oauth2.common.exceptions.InvalidClientExcept import com.google.common.collect.Sets; +import static org.hamcrest.CoreMatchers.is; +import static org.hamcrest.CoreMatchers.notNullValue; +import static org.junit.Assert.assertThat; +import static org.junit.Assert.fail; + /** * @author wkim * @@ -109,7 +110,7 @@ public class TestDefaultOAuth2ClientDetailsEntityService { service.saveNewClient(client); - Mockito.verify(client).setClientId(Mockito.anyString()); + Mockito.verify(client).setClientId(Matchers.anyString()); } /** @@ -122,11 +123,11 @@ public class TestDefaultOAuth2ClientDetailsEntityService { Mockito.when(client.getId()).thenReturn(null); Mockito.when(client.isAllowRefresh()).thenReturn(true); - + // scopes returned by client entities are Strings @SuppressWarnings("unchecked") Set scopes = Mockito.mock(Set.class); - + Mockito.when(client.getScope()).thenReturn(scopes); service.saveNewClient(client); @@ -144,11 +145,11 @@ public class TestDefaultOAuth2ClientDetailsEntityService { Mockito.when(client.getId()).thenReturn(null); Mockito.when(client.isAllowRefresh()).thenReturn(false); - + // scopes returned by client entities are Strings @SuppressWarnings("unchecked") Set scopes = Mockito.mock(Set.class); - + Mockito.when(client.getScope()).thenReturn(scopes); service.saveNewClient(client); @@ -270,15 +271,15 @@ public class TestDefaultOAuth2ClientDetailsEntityService { ClientDetailsEntity newClient = Mockito.mock(ClientDetailsEntity.class); Mockito.when(newClient.isAllowRefresh()).thenReturn(true); - + // scopes returned by client entities are Strings @SuppressWarnings("unchecked") Set scopes = Mockito.mock(Set.class); - + Mockito.when(newClient.getScope()).thenReturn(scopes); service.updateClient(oldClient, newClient); - + Mockito.verify(scopes).add("offline_access"); } @@ -293,11 +294,11 @@ public class TestDefaultOAuth2ClientDetailsEntityService { // scopes returned by client entities are Strings @SuppressWarnings("unchecked") Set scopes = Mockito.mock(Set.class); - + Mockito.when(newClient.getScope()).thenReturn(scopes); service.updateClient(oldClient, newClient); - + Mockito.verify(scopes).remove("offline_access"); } } diff --git a/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultOAuth2ProviderTokenService.java b/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultOAuth2ProviderTokenService.java index 290b5df5b..a875b6dcb 100644 --- a/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultOAuth2ProviderTokenService.java +++ b/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultOAuth2ProviderTokenService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,14 +15,6 @@ ******************************************************************************/ package org.mitre.oauth2.service.impl; -import static org.hamcrest.CoreMatchers.equalTo; -import static org.hamcrest.CoreMatchers.is; -import static org.hamcrest.CoreMatchers.notNullValue; -import static org.hamcrest.CoreMatchers.nullValue; -import static org.junit.Assert.assertThat; -import static org.junit.Assert.assertTrue; -import static org.junit.Assert.fail; - import java.util.Date; import java.util.Set; @@ -38,6 +29,7 @@ import org.mitre.oauth2.repository.AuthenticationHolderRepository; import org.mitre.oauth2.repository.OAuth2TokenRepository; import org.mitre.oauth2.service.ClientDetailsEntityService; import org.mockito.InjectMocks; +import org.mockito.Matchers; import org.mockito.Mock; import org.mockito.Mockito; import org.mockito.runners.MockitoJUnitRunner; @@ -51,6 +43,14 @@ import org.springframework.security.oauth2.provider.token.TokenEnhancer; import com.google.common.collect.Sets; +import static org.hamcrest.CoreMatchers.equalTo; +import static org.hamcrest.CoreMatchers.is; +import static org.hamcrest.CoreMatchers.notNullValue; +import static org.hamcrest.CoreMatchers.nullValue; +import static org.junit.Assert.assertThat; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + /** * @author wkim * @@ -159,7 +159,7 @@ public class TestDefaultOAuth2ProviderTokenService { @Test(expected = InvalidClientException.class) public void createAccessToken_nullClient() { - Mockito.when(clientDetailsService.loadClientByClientId(Mockito.anyString())).thenReturn(null); + Mockito.when(clientDetailsService.loadClientByClientId(Matchers.anyString())).thenReturn(null); service.createAccessToken(authentication); } @@ -174,12 +174,12 @@ public class TestDefaultOAuth2ProviderTokenService { OAuth2AccessTokenEntity token = service.createAccessToken(authentication); - Mockito.verify(clientDetailsService).loadClientByClientId(Mockito.anyString()); - Mockito.verify(authenticationHolderRepository).save(Mockito.any(AuthenticationHolderEntity.class)); + Mockito.verify(clientDetailsService).loadClientByClientId(Matchers.anyString()); + Mockito.verify(authenticationHolderRepository).save(Matchers.any(AuthenticationHolderEntity.class)); Mockito.verify(tokenEnhancer).enhance(token, authentication); Mockito.verify(tokenRepository).saveAccessToken(token); - Mockito.verify(tokenRepository, Mockito.never()).saveRefreshToken(Mockito.any(OAuth2RefreshTokenEntity.class)); + Mockito.verify(tokenRepository, Mockito.never()).saveRefreshToken(Matchers.any(OAuth2RefreshTokenEntity.class)); assertThat(token.getRefreshToken(), is(nullValue())); } @@ -196,7 +196,7 @@ public class TestDefaultOAuth2ProviderTokenService { OAuth2AccessTokenEntity token = service.createAccessToken(authentication); // Note: a refactor may be appropriate to only save refresh tokens once to the repository during creation. - Mockito.verify(tokenRepository, Mockito.atLeastOnce()).saveRefreshToken(Mockito.any(OAuth2RefreshTokenEntity.class)); + Mockito.verify(tokenRepository, Mockito.atLeastOnce()).saveRefreshToken(Matchers.any(OAuth2RefreshTokenEntity.class)); assertThat(token.getRefreshToken(), is(notNullValue())); } @@ -249,18 +249,18 @@ public class TestDefaultOAuth2ProviderTokenService { AuthenticationHolderEntity authHolder = Mockito.mock(AuthenticationHolderEntity.class); Mockito.when(authHolder.getAuthentication()).thenReturn(authentication); - Mockito.when(authenticationHolderRepository.save(Mockito.any(AuthenticationHolderEntity.class))).thenReturn(authHolder); + Mockito.when(authenticationHolderRepository.save(Matchers.any(AuthenticationHolderEntity.class))).thenReturn(authHolder); OAuth2AccessTokenEntity token = service.createAccessToken(authentication); assertThat(token.getAuthenticationHolder().getAuthentication(), equalTo(authentication)); - Mockito.verify(authenticationHolderRepository).save(Mockito.any(AuthenticationHolderEntity.class)); + Mockito.verify(authenticationHolderRepository).save(Matchers.any(AuthenticationHolderEntity.class)); } @Test(expected = InvalidTokenException.class) public void refreshAccessToken_noRefreshToken() { - Mockito.when(tokenRepository.getRefreshTokenByValue(Mockito.anyString())).thenReturn(null); + Mockito.when(tokenRepository.getRefreshTokenByValue(Matchers.anyString())).thenReturn(null); service.refreshAccessToken(refreshTokenValue, authRequest); } @@ -329,7 +329,7 @@ public class TestDefaultOAuth2ProviderTokenService { } /** - * Tests the case where only some of the valid scope values are being requested along with + * Tests the case where only some of the valid scope values are being requested along with * other extra unauthorized scope values. */ @Test(expected = InvalidScopeException.class) diff --git a/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultSystemScopeService.java b/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultSystemScopeService.java index bfc2a9ab3..4905378b7 100644 --- a/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultSystemScopeService.java +++ b/openid-connect-server/src/test/java/org/mitre/oauth2/service/impl/TestDefaultSystemScopeService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,9 +15,6 @@ ******************************************************************************/ package org.mitre.oauth2.service.impl; -import static org.junit.Assert.*; -import static org.hamcrest.CoreMatchers.*; - import java.util.Set; import org.junit.Before; @@ -33,6 +29,11 @@ import org.mockito.runners.MockitoJUnitRunner; import com.google.common.collect.Sets; +import static org.hamcrest.CoreMatchers.equalTo; +import static org.hamcrest.CoreMatchers.is; +import static org.hamcrest.CoreMatchers.nullValue; +import static org.junit.Assert.assertThat; + /** * @author wkim * @@ -47,7 +48,7 @@ public class TestDefaultSystemScopeService { private SystemScope defaultScope2; private SystemScope dynScope1; private SystemScope extraScope1; - + private String defaultDynScope1String = "defaultDynScope1"; private String defaultDynScope2String = "defaultDynScope2"; private String defaultScope1String = "defaultScope1"; @@ -57,7 +58,7 @@ public class TestDefaultSystemScopeService { private Set allScopes; private Set allScopeStrings; - + @Mock private SystemScopeRepository repository; @@ -69,7 +70,7 @@ public class TestDefaultSystemScopeService { */ @Before public void prepare() { - + Mockito.reset(repository); // two default and dynamically registerable scopes @@ -85,17 +86,17 @@ public class TestDefaultSystemScopeService { defaultScope2 = new SystemScope(defaultScope2String); defaultScope1.setDefaultScope(true); defaultScope2.setDefaultScope(true); - + // one strictly dynamically registerable scope (isDefault false) dynScope1 = new SystemScope(dynScope1String); dynScope1.setAllowDynReg(true); - + // extraScope1 : extra scope that is neither (defaults to false/false) extraScope1 = new SystemScope(extraScope1String); - + allScopes = Sets.newHashSet(defaultDynScope1, defaultDynScope2, defaultScope1, defaultScope2, dynScope1, extraScope1); allScopeStrings = Sets.newHashSet(defaultDynScope1String, defaultDynScope2String, defaultScope1String, defaultScope2String, dynScope1String, extraScope1String); - + Mockito.when(repository.getAll()).thenReturn(allScopes); } @@ -107,42 +108,42 @@ public class TestDefaultSystemScopeService { @Test public void getDefaults() { - + Set defaults = Sets.newHashSet(defaultDynScope1, defaultDynScope2, defaultScope1, defaultScope2); - + assertThat(service.getDefaults(), equalTo(defaults)); } - + @Test public void getDynReg() { - + Set dynReg = Sets.newHashSet(defaultDynScope1, defaultDynScope2, dynScope1); - + assertThat(service.getDynReg(), equalTo(dynReg)); } @Test public void fromStrings() { - + // check null condition assertThat(service.fromStrings(null), is(nullValue())); - + // reinitialize the set of SystemScope objects to clear boolean flags.. allScopes = Sets.newHashSet(); for (String scope : allScopeStrings) { allScopes.add(new SystemScope(scope)); } - + assertThat(service.fromStrings(allScopeStrings), equalTo(allScopes)); } - + @Test public void toStrings() { - + // check null condition assertThat(service.toStrings(null), is(nullValue())); - + assertThat(service.toStrings(allScopes), equalTo(allScopeStrings)); } - + } diff --git a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultApprovedSiteService.java b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultApprovedSiteService.java index 2257812f1..be19bfcda 100644 --- a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultApprovedSiteService.java +++ b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultApprovedSiteService.java @@ -1,9 +1,20 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ package org.mitre.openid.connect.service.impl; -import static org.mockito.Matchers.any; -import static org.mockito.Mockito.never; -import static org.mockito.Mockito.times; - import java.util.HashSet; import java.util.Set; @@ -22,52 +33,56 @@ import org.springframework.test.annotation.Rollback; import com.google.common.collect.Sets; +import static org.mockito.Matchers.any; +import static org.mockito.Mockito.never; +import static org.mockito.Mockito.times; + @RunWith(MockitoJUnitRunner.class) public class TestDefaultApprovedSiteService { private ApprovedSite site1; private ApprovedSite site2; private ApprovedSite site3; - + private ClientDetailsEntity client; private final String clientId = "client"; - + @Mock private ApprovedSiteRepository repository; - + @InjectMocks private ApprovedSiteService service = new DefaultApprovedSiteService(); - - + + /** * Initialize the service and repository mock. Initialize a client and * several ApprovedSite objects for use in unit tests. */ @Before public void prepare() { - + client = new ClientDetailsEntity(); client.setClientId(clientId); - + site1 = new ApprovedSite(); site1.setId(1L); site1.setUserId("user1"); site1.setClientId("other"); - + site2 = new ApprovedSite(); site2.setId(2L); site2.setUserId("user1"); site2.setClientId(clientId); - + site3 = new ApprovedSite(); site3.setId(3L); site3.setUserId("user2"); site3.setClientId(clientId); - + Mockito.reset(repository); } - + /** * Test clearing approved sites for a client that has 2 stored approved sites. * Ensure that the repository's remove() method is called twice. @@ -76,12 +91,12 @@ public class TestDefaultApprovedSiteService { public void clearApprovedSitesForClient_success() { Set setToReturn = Sets.newHashSet(site2, site3); Mockito.when(repository.getByClientId(client.getClientId())).thenReturn(setToReturn); - + service.clearApprovedSitesForClient(client); - + Mockito.verify(repository, times(2)).remove(any(ApprovedSite.class)); } - + /** * Test clearing approved sites for a client that doesn't have any stored approved * sites. Ensure that the repository's remove() method is never called in this case. @@ -95,6 +110,6 @@ public class TestDefaultApprovedSiteService { Mockito.when(repository.getByClientId(otherId)).thenReturn(new HashSet()); Mockito.verify(repository, never()).remove(any(ApprovedSite.class)); } - - + + } diff --git a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultBlacklistedSiteService.java b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultBlacklistedSiteService.java index 7da845274..bc0ea4e09 100644 --- a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultBlacklistedSiteService.java +++ b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultBlacklistedSiteService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,8 +15,6 @@ ******************************************************************************/ package org.mitre.openid.connect.service.impl; -import static org.junit.Assert.*; - import java.util.Set; import org.junit.Before; @@ -30,10 +27,12 @@ import org.mockito.Mock; import org.mockito.Mockito; import org.mockito.runners.MockitoJUnitRunner; -import static org.mockito.Mockito.times; - import com.google.common.collect.Sets; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; +import static org.mockito.Mockito.times; + /** * @author wkim * @@ -43,31 +42,31 @@ public class TestDefaultBlacklistedSiteService { private BlacklistedSite site1; private BlacklistedSite site2; - + private String uri1 = "black1"; private String uri2 = "black2"; private String uri3 = "not-black"; - + private Set blackListedSitesSet; - + @Mock private BlacklistedSiteRepository mockRepository; - + @InjectMocks private DefaultBlacklistedSiteService service = new DefaultBlacklistedSiteService(); - + /** * @throws java.lang.Exception */ @Before public void prepare() throws Exception { - + site1 = new BlacklistedSite(); site2 = new BlacklistedSite(); - + site1.setUri(uri1); site2.setUri(uri2); - + blackListedSitesSet = Sets.newHashSet(site1, site2); } @@ -76,25 +75,25 @@ public class TestDefaultBlacklistedSiteService { */ @Test public void isBlacklisted_yes() { - + Mockito.when(mockRepository.getAll()).thenReturn(blackListedSitesSet); - + assertTrue(service.isBlacklisted(uri1)); assertTrue(service.isBlacklisted(uri2)); - + Mockito.verify(mockRepository, times(2)).getAll(); } - + /** * Tests for finding a site that is not blacklisted in the repository. */ @Test public void isBlacklisted_no() { - + Mockito.when(mockRepository.getAll()).thenReturn(blackListedSitesSet); - + assertFalse(service.isBlacklisted(uri3)); - + Mockito.verify(mockRepository).getAll(); } diff --git a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultNonceService.java b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultNonceService.java index 49de146db..9a1186f3c 100644 --- a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultNonceService.java +++ b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultNonceService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,8 +15,6 @@ ******************************************************************************/ package org.mitre.openid.connect.service.impl; -import static org.junit.Assert.*; - import java.util.Date; import org.joda.time.DateTime; @@ -34,74 +31,78 @@ import org.mockito.runners.MockitoJUnitRunner; import com.google.common.collect.Sets; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; + /** * @author wkim * */ @RunWith(MockitoJUnitRunner.class) public class TestDefaultNonceService { - + // Test value for nonce storage duration time. private Period nonceStorageDuration = new Period().withSeconds(1); - + private String clientId = "123abc"; private String value1 = "n1"; private String value2 = "n2"; private String value3 = "n3"; - + @Mock private NonceRepository repository; - + @InjectMocks private DefaultNonceService service = new DefaultNonceService(); @Before public void prepare() { - + Mockito.reset(repository); - + service.setNonceStorageDuration(nonceStorageDuration); - - + + } - + /** * Tests the correctness of created nonces. */ @Test public void create() { - + Date start = new Date(System.currentTimeMillis() - 100); // time skew of 100ms on either side - + Nonce nonce = service.create(clientId, value1); - + Date end = new Date(System.currentTimeMillis() + 100); // time skew of 100ms on either side - + assertEquals(clientId, nonce.getClientId()); assertEquals(value1, nonce.getValue()); assertTrue(nonce.getUseDate().after(start) && nonce.getUseDate().before(end)); // make sure the date is within the right range (within 100ms on either side) - + // Check expiration date. assertEquals(new DateTime(nonce.getUseDate()).plus(nonceStorageDuration), new DateTime(nonce.getExpireDate())); } - + /** - * Verifies that if any nonce returned by the repository already has the value being checked for, - * then the service method returns true. + * Verifies that if any nonce returned by the repository already has the value being checked for, + * then the service method returns true. * * Also checks a nonce value not returned by the repository to verify the method returns false in this case. */ @Test public void alreadyUsed() { - + Nonce nonce1 = service.create(clientId, value1); Nonce nonce2 = service.create(clientId, value2); - + Mockito.when(repository.getByClientId(clientId)).thenReturn(Sets.newHashSet(nonce1, nonce2)); - + assertTrue(service.alreadyUsed(clientId, value1)); assertTrue(service.alreadyUsed(clientId, value2)); - + assertFalse(service.alreadyUsed(clientId, value3)); } } diff --git a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultStatsService.java b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultStatsService.java index 5d73941f7..d765e08f1 100644 --- a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultStatsService.java +++ b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultStatsService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,9 +15,6 @@ ******************************************************************************/ package org.mitre.openid.connect.service.impl; -import static org.junit.Assert.*; -import static org.hamcrest.CoreMatchers.*; - import java.util.HashSet; import java.util.Map; @@ -36,6 +32,9 @@ import org.mockito.runners.MockitoJUnitRunner; import com.google.common.collect.Sets; +import static org.hamcrest.CoreMatchers.is; +import static org.junit.Assert.assertThat; + /** * @author wkim * @@ -129,14 +128,14 @@ public class TestDefaultStatsService { assertThat(stats.get("userCount"), is(2)); assertThat(stats.get("clientCount"), is(3)); } - + @Test public void calculateByClientId_empty() { - + Mockito.when(approvedSiteService.getAll()).thenReturn(new HashSet()); - + Map stats = service.calculateByClientId(); - + assertThat(stats.get(1L), is(0)); assertThat(stats.get(2L), is(0)); assertThat(stats.get(3L), is(0)); @@ -145,15 +144,15 @@ public class TestDefaultStatsService { @Test public void calculateByClientId() { - + Map stats = service.calculateByClientId(); - + assertThat(stats.get(1L), is(2)); assertThat(stats.get(2L), is(1)); assertThat(stats.get(3L), is(1)); assertThat(stats.get(4L), is(0)); } - + @Test public void countForClientId() { diff --git a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultUserInfoUserDetailsService.java b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultUserInfoUserDetailsService.java index f7e04ea20..f0ed05684 100644 --- a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultUserInfoUserDetailsService.java +++ b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultUserInfoUserDetailsService.java @@ -1,10 +1,20 @@ +/******************************************************************************* + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ package org.mitre.openid.connect.service.impl; -import static org.hamcrest.core.IsNot.not; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertThat; -import static org.junit.matchers.JUnitMatchers.hasItem; - import java.util.ArrayList; import org.junit.Before; @@ -23,82 +33,87 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException; import com.google.common.collect.Lists; +import static org.hamcrest.core.IsNot.not; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertThat; +import static org.junit.matchers.JUnitMatchers.hasItem; + @RunWith(MockitoJUnitRunner.class) public class TestDefaultUserInfoUserDetailsService { @InjectMocks private DefaultUserInfoUserDetailsService service = new DefaultUserInfoUserDetailsService(); - + @Mock private UserInfoRepository userInfoRepository; - + private UserInfo userInfoAdmin; private UserInfo userInfoRegular; private String adminUsername = "username"; private String regularUsername = "regular"; private String adminSub = "adminSub12d3a1f34a2"; private String regularSub = "regularSub652ha23b"; - + /** * Initialize the service and the mocked repository. * Initialize 2 users, one of them an admin, for use in unit tests. */ @Before public void prepare() { - - + + service.setAdmins(Lists.newArrayList(adminUsername)); - + userInfoAdmin = new DefaultUserInfo(); userInfoAdmin.setPreferredUsername(adminUsername); userInfoAdmin.setSub(adminSub); - + userInfoRegular = new DefaultUserInfo(); userInfoRegular.setPreferredUsername(regularUsername); - userInfoRegular.setSub(regularSub); + userInfoRegular.setSub(regularSub); } - + /** * Test loading an admin user, ensuring that the UserDetails object returned * has both the ROLE_USER and ROLE_ADMIN authorities. */ @Test public void loadByUsername_admin_success() { - + Mockito.when(userInfoRepository.getByUsername(adminUsername)).thenReturn(userInfoAdmin); UserDetails user = service.loadUserByUsername(adminUsername); ArrayList userAuthorities = Lists.newArrayList(user.getAuthorities()); assertThat(userAuthorities, hasItem(DefaultUserInfoUserDetailsService.ROLE_ADMIN)); assertThat(userAuthorities, hasItem(DefaultUserInfoUserDetailsService.ROLE_USER)); assertEquals(user.getUsername(), adminSub); - + } - + /** * Test loading a regular, non-admin user, ensuring that the returned UserDetails * object has ROLE_USER but *not* ROLE_ADMIN. */ @Test public void loadByUsername_regular_success() { - + Mockito.when(userInfoRepository.getByUsername(regularUsername)).thenReturn(userInfoRegular); UserDetails user = service.loadUserByUsername(regularUsername); ArrayList userAuthorities = Lists.newArrayList(user.getAuthorities()); assertThat(userAuthorities, not(hasItem(DefaultUserInfoUserDetailsService.ROLE_ADMIN))); assertThat(userAuthorities, hasItem(DefaultUserInfoUserDetailsService.ROLE_USER)); assertEquals(user.getUsername(), regularSub); - - } - + + } + /** * If a user is not found, the loadByUsername method should throw an exception. */ @Test(expected = UsernameNotFoundException.class) public void loadByUsername_nullUser() { - + Mockito.when(userInfoRepository.getByUsername(adminUsername)).thenReturn(null); service.loadUserByUsername(adminUsername); - + } - + } diff --git a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultWhitelistedSiteService.java b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultWhitelistedSiteService.java index 9d690f798..f40e3a3b7 100644 --- a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultWhitelistedSiteService.java +++ b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultWhitelistedSiteService.java @@ -1,6 +1,5 @@ /******************************************************************************* - * Copyright 2013 The MITRE Corporation - * and the MIT Kerberos and Internet Trust Consortium + * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,9 +15,6 @@ ******************************************************************************/ package org.mitre.openid.connect.service.impl; -import static org.junit.Assert.*; -import static org.hamcrest.CoreMatchers.*; - import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; @@ -29,6 +25,11 @@ import org.mockito.Mock; import org.mockito.Mockito; import org.mockito.runners.MockitoJUnitRunner; +import static org.hamcrest.CoreMatchers.is; +import static org.hamcrest.CoreMatchers.notNullValue; +import static org.junit.Assert.assertThat; +import static org.junit.Assert.fail; + /** * @author wkim *