github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

format/cleanup and copyright

pull/477/head
Justin Richer 2013-07-29 11:28:51 -04:00
parent d4b544d519
commit e658ffd7fc
173 changed files with 1701 additions and 1468 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/AuthorizationRequestImpl.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
package org.mitre.oauth2.introspectingfilter; package org.mitre.oauth2.introspectingfilter;
import java.util.Collection; import java.util.Collection;

11
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
package org.mitre.oauth2.introspectingfilter; package org.mitre.oauth2.introspectingfilter;
import java.util.Date; import java.util.Date;
@ -38,7 +39,7 @@ import com.google.gson.JsonObject;
import com.google.gson.JsonParser; import com.google.gson.JsonParser;
/** /**
* This ResourceServerTokenServices implementation introspects incoming tokens at a * This ResourceServerTokenServices implementation introspects incoming tokens at a
* server's introspection endpoint URL and passes an Authentication object along * server's introspection endpoint URL and passes an Authentication object along
* based on the response from the introspection endpoint. * based on the response from the introspection endpoint.
* @author jricher * @author jricher
@ -50,7 +51,7 @@ public class IntrospectingTokenService implements ResourceServerTokenServices {
private String clientSecret; private String clientSecret;
private IntrospectionUrlProvider introspectionUrlProvider; private IntrospectionUrlProvider introspectionUrlProvider;
private IntrospectionAuthorityGranter introspectionAuthorityGranter = new SimpleIntrospectionAuthorityGranter(); private IntrospectionAuthorityGranter introspectionAuthorityGranter = new SimpleIntrospectionAuthorityGranter();
// Inner class to store in the hash map // Inner class to store in the hash map
private class TokenCacheObject { private class TokenCacheObject {
OAuth2AccessToken token; OAuth2AccessToken token;
@ -132,7 +133,7 @@ public class IntrospectingTokenService implements ResourceServerTokenServices {
// find out which URL to ask // find out which URL to ask
String introspectionUrl = introspectionUrlProvider.getIntrospectionUrl(accessToken); String introspectionUrl = introspectionUrlProvider.getIntrospectionUrl(accessToken);
// Use the SpringFramework RestTemplate to send the request to the // Use the SpringFramework RestTemplate to send the request to the
// endpoint // endpoint
String validatedToken = null; String validatedToken = null;

19
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionAuthorityGranter.java
View File

@ -1,3 +1,20 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/** /**
* *
*/ */
@ -16,5 +33,5 @@ import com.google.gson.JsonObject;
public interface IntrospectionAuthorityGranter { public interface IntrospectionAuthorityGranter {
public List<GrantedAuthority> getAuthorities(JsonObject introspectionResponse); public List<GrantedAuthority> getAuthorities(JsonObject introspectionResponse);
} }

19
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionUrlProvider.java
View File

@ -1,3 +1,20 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/** /**
* *
*/ */
@ -15,5 +32,5 @@ public interface IntrospectionUrlProvider {
* @return * @return
*/ */
public String getIntrospectionUrl(String accessToken); public String getIntrospectionUrl(String accessToken);
} }

73
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/JWTParsingIntrospectionUrlProvider.java
View File

@ -1,11 +1,26 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/** /**
* *
*/ */
package org.mitre.oauth2.introspectingfilter; package org.mitre.oauth2.introspectingfilter;
import java.text.ParseException; import java.text.ParseException;
import java.util.HashSet;
import java.util.Set;
import org.mitre.openid.connect.client.service.ServerConfigurationService; import org.mitre.openid.connect.client.service.ServerConfigurationService;
import org.mitre.openid.connect.config.ServerConfiguration; import org.mitre.openid.connect.config.ServerConfiguration;
@ -26,7 +41,7 @@ import com.nimbusds.jwt.JWTParser;
public class JWTParsingIntrospectionUrlProvider implements IntrospectionUrlProvider { public class JWTParsingIntrospectionUrlProvider implements IntrospectionUrlProvider {
private ServerConfigurationService serverConfigurationService; private ServerConfigurationService serverConfigurationService;
/** /**
* @return the serverConfigurationService * @return the serverConfigurationService
*/ */
@ -46,33 +61,33 @@ public class JWTParsingIntrospectionUrlProvider implements IntrospectionUrlProvi
*/ */
@Override @Override
public String getIntrospectionUrl(String accessToken) { public String getIntrospectionUrl(String accessToken) {
try { try {
JWT jwt = JWTParser.parse(accessToken); JWT jwt = JWTParser.parse(accessToken);
String issuer = jwt.getJWTClaimsSet().getIssuer(); String issuer = jwt.getJWTClaimsSet().getIssuer();
if (!Strings.isNullOrEmpty(issuer)) { if (!Strings.isNullOrEmpty(issuer)) {
ServerConfiguration server = serverConfigurationService.getServerConfiguration(issuer); ServerConfiguration server = serverConfigurationService.getServerConfiguration(issuer);
if (server != null) { if (server != null) {
if (!Strings.isNullOrEmpty(server.getIntrospectionEndpointUri())) { if (!Strings.isNullOrEmpty(server.getIntrospectionEndpointUri())) {
return server.getIntrospectionEndpointUri(); return server.getIntrospectionEndpointUri();
} else { } else {
throw new IllegalArgumentException("Server does not have Introspection Endpoint defined"); throw new IllegalArgumentException("Server does not have Introspection Endpoint defined");
} }
} else { } else {
throw new IllegalArgumentException("Could not find server configuration for issuer " + issuer); throw new IllegalArgumentException("Could not find server configuration for issuer " + issuer);
} }
} else { } else {
throw new IllegalArgumentException("No issuer claim found in JWT"); throw new IllegalArgumentException("No issuer claim found in JWT");
} }
} catch (ParseException e) { } catch (ParseException e) {
throw new IllegalArgumentException("Unable to parse JWT", e); throw new IllegalArgumentException("Unable to parse JWT", e);
} }
} }
} }

5
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/OAuth2AccessTokenImpl.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
package org.mitre.oauth2.introspectingfilter; package org.mitre.oauth2.introspectingfilter;
import java.text.DateFormat; import java.text.DateFormat;

19
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/SimpleIntrospectionAuthorityGranter.java
View File

@ -1,3 +1,20 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/** /**
* *
*/ */
@ -20,7 +37,7 @@ import com.google.gson.JsonObject;
public class SimpleIntrospectionAuthorityGranter implements IntrospectionAuthorityGranter { public class SimpleIntrospectionAuthorityGranter implements IntrospectionAuthorityGranter {
private List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_API"); private List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_API");
/* (non-Javadoc) /* (non-Javadoc)
* @see org.mitre.oauth2.introspectingfilter.IntrospectionAuthorityGranter#getAuthorities(net.minidev.json.JSONObject) * @see org.mitre.oauth2.introspectingfilter.IntrospectionAuthorityGranter#getAuthorities(net.minidev.json.JSONObject)
*/ */

21
openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/StaticIntrospectionUrlProvider.java
View File

@ -1,3 +1,20 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/** /**
* *
*/ */
@ -13,8 +30,8 @@ package org.mitre.oauth2.introspectingfilter;
*/ */
public class StaticIntrospectionUrlProvider implements IntrospectionUrlProvider { public class StaticIntrospectionUrlProvider implements IntrospectionUrlProvider {
private String introspectionUrl; private String introspectionUrl;
/** /**
* @return the introspectionUrl * @return the introspectionUrl
*/ */

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/NamedAdminAuthoritiesMapper.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
/** /**
* *
*/ */

7
openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationFilter.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
package org.mitre.openid.connect.client; package org.mitre.openid.connect.client;
import java.io.IOException; import java.io.IOException;
@ -185,7 +186,7 @@ public class OIDCAuthenticationFilter extends AbstractAuthenticationProcessingFi
throw new AuthenticationServiceException("No client configuration found for issuer: " + issuer); throw new AuthenticationServiceException("No client configuration found for issuer: " + issuer);
} }
String redirectUri = null; String redirectUri = null;
if (clientConfig.getRegisteredRedirectUri() != null && clientConfig.getRegisteredRedirectUri().size() == 1) { if (clientConfig.getRegisteredRedirectUri() != null && clientConfig.getRegisteredRedirectUri().size() == 1) {
// if there's a redirect uri configured (and only one), use that // if there's a redirect uri configured (and only one), use that
redirectUri = clientConfig.getRegisteredRedirectUri().toArray(new String[] {})[0]; redirectUri = clientConfig.getRegisteredRedirectUri().toArray(new String[] {})[0];

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationProvider.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
package org.mitre.openid.connect.client; package org.mitre.openid.connect.client;
import java.util.Collection; import java.util.Collection;

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/SubjectIssuerGrantedAuthority.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
/** /**
* *
*/ */

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/UserInfoFetcher.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
package org.mitre.openid.connect.client; package org.mitre.openid.connect.client;
import org.apache.http.client.HttpClient; import org.apache.http.client.HttpClient;

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisher.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
package org.mitre.openid.connect.client.keypublisher; package org.mitre.openid.connect.client.keypublisher;
import java.util.Map; import java.util.Map;

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/ClientKeyPublisherMapping.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
/** /**
* *
*/ */

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/keypublisher/JwkViewResolver.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
/** /**
* *
*/ */

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/model/IssuerServiceResponse.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
/** /**
* *
*/ */

6
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/AuthRequestUrlBuilder.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
/** /**
* *
*/ */
@ -21,7 +22,6 @@ package org.mitre.openid.connect.client.service;
import org.mitre.oauth2.model.RegisteredClient; import org.mitre.oauth2.model.RegisteredClient;
import org.mitre.openid.connect.config.ServerConfiguration; import org.mitre.openid.connect.config.ServerConfiguration;
import org.springframework.security.oauth2.provider.ClientDetails;
/** /**
* @author jricher * @author jricher

7
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/ClientConfigurationService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,15 +13,15 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
/** /**
* *
*/ */
package org.mitre.openid.connect.client.service; package org.mitre.openid.connect.client.service;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.RegisteredClient; import org.mitre.oauth2.model.RegisteredClient;
import org.mitre.openid.connect.config.ServerConfiguration; import org.mitre.openid.connect.config.ServerConfiguration;
import org.springframework.security.oauth2.provider.ClientDetails;
/** /**
* @author jricher * @author jricher

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/IssuerService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
/** /**
* *
*/ */

25
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/RegisteredClientService.java
View File

@ -1,3 +1,20 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/** /**
* *
*/ */
@ -12,13 +29,13 @@ import org.mitre.oauth2.model.RegisteredClient;
public interface RegisteredClientService { public interface RegisteredClientService {
/** /**
* Get a remembered client (if one exists) to talk to the given issuer. This * Get a remembered client (if one exists) to talk to the given issuer. This
* client likely doesn't have its full configuration information but contains * client likely doesn't have its full configuration information but contains
* the information needed to fetch it. * the information needed to fetch it.
* @param issuer * @param issuer
* @return * @return
*/ */
RegisteredClient getByIssuer(String issuer); RegisteredClient getByIssuer(String issuer);
/** /**
* Save this client's information for talking to the given issuer. This will * Save this client's information for talking to the given issuer. This will
@ -26,6 +43,6 @@ public interface RegisteredClientService {
* the server. * the server.
* @param client * @param client
*/ */
void save(String issuer, RegisteredClient client); void save(String issuer, RegisteredClient client);
} }

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/ServerConfigurationService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
/** /**
* *
*/ */

41
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/DynamicRegistrationClientConfigurationService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
/** /**
* *
*/ */
@ -56,15 +57,15 @@ public class DynamicRegistrationClientConfigurationService implements ClientConf
private static Logger logger = LoggerFactory.getLogger(DynamicServerConfigurationService.class); private static Logger logger = LoggerFactory.getLogger(DynamicServerConfigurationService.class);
private LoadingCache<ServerConfiguration, RegisteredClient> clients; private LoadingCache<ServerConfiguration, RegisteredClient> clients;
private RegisteredClientService registeredClientService = new InMemoryRegisteredClientService(); private RegisteredClientService registeredClientService = new InMemoryRegisteredClientService();
// TODO: make sure the template doesn't have "client_id", "client_secret", or "registration_access_token" set on it already // TODO: make sure the template doesn't have "client_id", "client_secret", or "registration_access_token" set on it already
private RegisteredClient template; private RegisteredClient template;
private Set<String> whitelist = new HashSet<String>(); private Set<String> whitelist = new HashSet<String>();
private Set<String> blacklist = new HashSet<String>(); private Set<String> blacklist = new HashSet<String>();
public DynamicRegistrationClientConfigurationService() { public DynamicRegistrationClientConfigurationService() {
clients = CacheBuilder.newBuilder().build(new DynamicClientRegistrationLoader()); clients = CacheBuilder.newBuilder().build(new DynamicClientRegistrationLoader());
} }
@ -75,11 +76,11 @@ public class DynamicRegistrationClientConfigurationService implements ClientConf
if (!whitelist.isEmpty() && !whitelist.contains(issuer)) { if (!whitelist.isEmpty() && !whitelist.contains(issuer)) {
throw new AuthenticationServiceException("Whitelist was nonempty, issuer was not in whitelist: " + issuer); throw new AuthenticationServiceException("Whitelist was nonempty, issuer was not in whitelist: " + issuer);
} }
if (blacklist.contains(issuer)) { if (blacklist.contains(issuer)) {
throw new AuthenticationServiceException("Issuer was in blacklist: " + issuer); throw new AuthenticationServiceException("Issuer was in blacklist: " + issuer);
} }
return clients.get(issuer); return clients.get(issuer);
} catch (ExecutionException e) { } catch (ExecutionException e) {
logger.warn("Unable to get client configuration", e); logger.warn("Unable to get client configuration", e);
@ -162,42 +163,42 @@ public class DynamicRegistrationClientConfigurationService implements ClientConf
public RegisteredClient load(ServerConfiguration serverConfig) throws Exception { public RegisteredClient load(ServerConfiguration serverConfig) throws Exception {
RestTemplate restTemplate = new RestTemplate(httpFactory); RestTemplate restTemplate = new RestTemplate(httpFactory);
RegisteredClient knownClient = registeredClientService.getByIssuer(serverConfig.getIssuer()); RegisteredClient knownClient = registeredClientService.getByIssuer(serverConfig.getIssuer());
if (knownClient == null) { if (knownClient == null) {
// dynamically register this client // dynamically register this client
JsonObject jsonRequest = ClientDetailsEntityJsonProcessor.serialize(template); JsonObject jsonRequest = ClientDetailsEntityJsonProcessor.serialize(template);
HttpHeaders headers = new HttpHeaders(); HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON); headers.setContentType(MediaType.APPLICATION_JSON);
headers.setAccept(Lists.newArrayList(MediaType.APPLICATION_JSON)); headers.setAccept(Lists.newArrayList(MediaType.APPLICATION_JSON));
HttpEntity<String> entity = new HttpEntity<String>(jsonRequest.toString(), headers); HttpEntity<String> entity = new HttpEntity<String>(jsonRequest.toString(), headers);
String registered = restTemplate.postForObject(serverConfig.getRegistrationEndpointUri(), entity, String.class); String registered = restTemplate.postForObject(serverConfig.getRegistrationEndpointUri(), entity, String.class);
// TODO: handle HTTP errors // TODO: handle HTTP errors
RegisteredClient client = ClientDetailsEntityJsonProcessor.parseRegistered(registered); RegisteredClient client = ClientDetailsEntityJsonProcessor.parseRegistered(registered);
// save this client for later // save this client for later
registeredClientService.save(serverConfig.getIssuer(), client); registeredClientService.save(serverConfig.getIssuer(), client);
return client; return client;
} else { } else {
// load this client's information from the server // load this client's information from the server
HttpHeaders headers = new HttpHeaders(); HttpHeaders headers = new HttpHeaders();
headers.set("Authorization", String.format("%s %s", OAuth2AccessToken.BEARER_TYPE, knownClient.getRegistrationAccessToken())); headers.set("Authorization", String.format("%s %s", OAuth2AccessToken.BEARER_TYPE, knownClient.getRegistrationAccessToken()));
headers.setAccept(Lists.newArrayList(MediaType.APPLICATION_JSON)); headers.setAccept(Lists.newArrayList(MediaType.APPLICATION_JSON));
HttpEntity<String> entity = new HttpEntity<String>(headers); HttpEntity<String> entity = new HttpEntity<String>(headers);
String registered = restTemplate.exchange(knownClient.getRegistrationClientUri(), HttpMethod.GET, entity, String.class).getBody(); String registered = restTemplate.exchange(knownClient.getRegistrationClientUri(), HttpMethod.GET, entity, String.class).getBody();
// TODO: handle HTTP errors // TODO: handle HTTP errors
RegisteredClient client = ClientDetailsEntityJsonProcessor.parseRegistered(registered); RegisteredClient client = ClientDetailsEntityJsonProcessor.parseRegistered(registered);
return client; return client;
} }
} }

19
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/DynamicServerConfigurationService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
/** /**
* *
*/ */
@ -56,7 +57,7 @@ public class DynamicServerConfigurationService implements ServerConfigurationSer
private Set<String> whitelist = new HashSet<String>(); private Set<String> whitelist = new HashSet<String>();
private Set<String> blacklist = new HashSet<String>(); private Set<String> blacklist = new HashSet<String>();
public DynamicServerConfigurationService() { public DynamicServerConfigurationService() {
// initialize the cache // initialize the cache
servers = CacheBuilder.newBuilder().build(new OpenIDConnectServiceConfigurationFetcher()); servers = CacheBuilder.newBuilder().build(new OpenIDConnectServiceConfigurationFetcher());
@ -93,15 +94,15 @@ public class DynamicServerConfigurationService implements ServerConfigurationSer
@Override @Override
public ServerConfiguration getServerConfiguration(String issuer) { public ServerConfiguration getServerConfiguration(String issuer) {
try { try {
if (!whitelist.isEmpty() && !whitelist.contains(issuer)) { if (!whitelist.isEmpty() && !whitelist.contains(issuer)) {
throw new AuthenticationServiceException("Whitelist was nonempty, issuer was not in whitelist: " + issuer); throw new AuthenticationServiceException("Whitelist was nonempty, issuer was not in whitelist: " + issuer);
} }
if (blacklist.contains(issuer)) { if (blacklist.contains(issuer)) {
throw new AuthenticationServiceException("Issuer was in blacklist: " + issuer); throw new AuthenticationServiceException("Issuer was in blacklist: " + issuer);
} }
return servers.get(issuer); return servers.get(issuer);
} catch (ExecutionException e) { } catch (ExecutionException e) {
logger.warn("Couldn't load configuration for " + issuer, e); logger.warn("Couldn't load configuration for " + issuer, e);
@ -141,13 +142,13 @@ public class DynamicServerConfigurationService implements ServerConfigurationSer
if (!o.has("issuer")) { if (!o.has("issuer")) {
throw new IllegalStateException("Returned object did not have an 'issuer' field"); throw new IllegalStateException("Returned object did not have an 'issuer' field");
} }
if (!issuer.equals(o.get("issuer").getAsString())) { if (!issuer.equals(o.get("issuer").getAsString())) {
throw new IllegalStateException("Discovered issuers didn't match, expected " + issuer + " got " + o.get("issuer").getAsString()); throw new IllegalStateException("Discovered issuers didn't match, expected " + issuer + " got " + o.get("issuer").getAsString());
} }
conf.setIssuer(o.get("issuer").getAsString()); conf.setIssuer(o.get("issuer").getAsString());
if (o.has("authorization_endpoint")) { if (o.has("authorization_endpoint")) {
conf.setAuthorizationEndpointUri(o.get("authorization_endpoint").getAsString()); conf.setAuthorizationEndpointUri(o.get("authorization_endpoint").getAsString());
} }
@ -166,7 +167,7 @@ public class DynamicServerConfigurationService implements ServerConfigurationSer
if (o.has("introspection_endpoint")) { if (o.has("introspection_endpoint")) {
conf.setIntrospectionEndpointUri(o.get("introspection_endpoint").getAsString()); conf.setIntrospectionEndpointUri(o.get("introspection_endpoint").getAsString());
} }
return conf; return conf;
} else { } else {
throw new IllegalStateException("Couldn't parse server discovery results for " + url); throw new IllegalStateException("Couldn't parse server discovery results for " + url);

85
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/HybridClientConfigurationService.java
View File

@ -1,3 +1,20 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/** /**
* *
*/ */
@ -25,102 +42,102 @@ import org.mitre.openid.connect.config.ServerConfiguration;
public class HybridClientConfigurationService implements ClientConfigurationService { public class HybridClientConfigurationService implements ClientConfigurationService {
private StaticClientConfigurationService staticClientService = new StaticClientConfigurationService(); private StaticClientConfigurationService staticClientService = new StaticClientConfigurationService();
private DynamicRegistrationClientConfigurationService dynamicClientService = new DynamicRegistrationClientConfigurationService(); private DynamicRegistrationClientConfigurationService dynamicClientService = new DynamicRegistrationClientConfigurationService();
/* (non-Javadoc) /* (non-Javadoc)
* @see org.mitre.openid.connect.client.service.ClientConfigurationService#getClientConfiguration(org.mitre.openid.connect.config.ServerConfiguration) * @see org.mitre.openid.connect.client.service.ClientConfigurationService#getClientConfiguration(org.mitre.openid.connect.config.ServerConfiguration)
*/ */
@Override @Override
public RegisteredClient getClientConfiguration(ServerConfiguration issuer) { public RegisteredClient getClientConfiguration(ServerConfiguration issuer) {
RegisteredClient client = staticClientService.getClientConfiguration(issuer); RegisteredClient client = staticClientService.getClientConfiguration(issuer);
if (client != null) { if (client != null) {
return client; return client;
} else { } else {
return dynamicClientService.getClientConfiguration(issuer); return dynamicClientService.getClientConfiguration(issuer);
} }
} }
/** /**
* @return * @return
* @see org.mitre.openid.connect.client.service.impl.StaticClientConfigurationService#getClients() * @see org.mitre.openid.connect.client.service.impl.StaticClientConfigurationService#getClients()
*/ */
public Map<String, RegisteredClient> getClients() { public Map<String, RegisteredClient> getClients() {
return staticClientService.getClients(); return staticClientService.getClients();
} }
/** /**
* @param clients * @param clients
* @see org.mitre.openid.connect.client.service.impl.StaticClientConfigurationService#setClients(java.util.Map) * @see org.mitre.openid.connect.client.service.impl.StaticClientConfigurationService#setClients(java.util.Map)
*/ */
public void setClients(Map<String, RegisteredClient> clients) { public void setClients(Map<String, RegisteredClient> clients) {
staticClientService.setClients(clients); staticClientService.setClients(clients);
} }
/** /**
* @return * @return
* @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#getTemplate() * @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#getTemplate()
*/ */
public RegisteredClient getTemplate() { public RegisteredClient getTemplate() {
return dynamicClientService.getTemplate(); return dynamicClientService.getTemplate();
} }
/** /**
* @param template * @param template
* @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#setTemplate(org.mitre.oauth2.model.RegisteredClient) * @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#setTemplate(org.mitre.oauth2.model.RegisteredClient)
*/ */
public void setTemplate(RegisteredClient template) { public void setTemplate(RegisteredClient template) {
dynamicClientService.setTemplate(template); dynamicClientService.setTemplate(template);
} }
/** /**
* @return * @return
* @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#getRegisteredClientService() * @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#getRegisteredClientService()
*/ */
public RegisteredClientService getRegisteredClientService() { public RegisteredClientService getRegisteredClientService() {
return dynamicClientService.getRegisteredClientService(); return dynamicClientService.getRegisteredClientService();
} }
/** /**
* @param registeredClientService * @param registeredClientService
* @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#setRegisteredClientService(org.mitre.openid.connect.client.service.RegisteredClientService) * @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#setRegisteredClientService(org.mitre.openid.connect.client.service.RegisteredClientService)
*/ */
public void setRegisteredClientService(RegisteredClientService registeredClientService) { public void setRegisteredClientService(RegisteredClientService registeredClientService) {
dynamicClientService.setRegisteredClientService(registeredClientService); dynamicClientService.setRegisteredClientService(registeredClientService);
} }
/** /**
* @return * @return
* @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#getWhitelist() * @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#getWhitelist()
*/ */
public Set<String> getWhitelist() { public Set<String> getWhitelist() {
return dynamicClientService.getWhitelist(); return dynamicClientService.getWhitelist();
} }
/** /**
* @param whitelist * @param whitelist
* @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#setWhitelist(java.util.Set) * @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#setWhitelist(java.util.Set)
*/ */
public void setWhitelist(Set<String> whitelist) { public void setWhitelist(Set<String> whitelist) {
dynamicClientService.setWhitelist(whitelist); dynamicClientService.setWhitelist(whitelist);
} }
/** /**
* @return * @return
* @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#getBlacklist() * @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#getBlacklist()
*/ */
public Set<String> getBlacklist() { public Set<String> getBlacklist() {
return dynamicClientService.getBlacklist(); return dynamicClientService.getBlacklist();
} }
/** /**
* @param blacklist * @param blacklist
* @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#setBlacklist(java.util.Set) * @see org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService#setBlacklist(java.util.Set)
*/ */
public void setBlacklist(Set<String> blacklist) { public void setBlacklist(Set<String> blacklist) {
dynamicClientService.setBlacklist(blacklist); dynamicClientService.setBlacklist(blacklist);
} }
} }

61
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/HybridServerConfigurationService.java
View File

@ -1,3 +1,20 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/** /**
* *
*/ */
@ -14,7 +31,7 @@ import org.mitre.openid.connect.config.ServerConfiguration;
* service in one object. Checks the static service first, then falls through to * service in one object. Checks the static service first, then falls through to
* the dynamic service. * the dynamic service.
* *
* Provides configuration passthrough to the dynamic service's whitelist and blacklist, * Provides configuration passthrough to the dynamic service's whitelist and blacklist,
* and to the static service's server map. * and to the static service's server map.
* *
* *
@ -22,11 +39,11 @@ import org.mitre.openid.connect.config.ServerConfiguration;
* *
*/ */
public class HybridServerConfigurationService implements ServerConfigurationService { public class HybridServerConfigurationService implements ServerConfigurationService {
private StaticServerConfigurationService staticServerService; private StaticServerConfigurationService staticServerService;
private DynamicServerConfigurationService dynamicServerService; private DynamicServerConfigurationService dynamicServerService;
/* (non-Javadoc) /* (non-Javadoc)
* @see org.mitre.openid.connect.client.service.ServerConfigurationService#getServerConfiguration(java.lang.String) * @see org.mitre.openid.connect.client.service.ServerConfigurationService#getServerConfiguration(java.lang.String)
@ -46,53 +63,53 @@ public class HybridServerConfigurationService implements ServerConfigurationServ
* @return * @return
* @see org.mitre.openid.connect.client.service.impl.StaticServerConfigurationService#getServers() * @see org.mitre.openid.connect.client.service.impl.StaticServerConfigurationService#getServers()
*/ */
public Map<String, ServerConfiguration> getServers() { public Map<String, ServerConfiguration> getServers() {
return staticServerService.getServers(); return staticServerService.getServers();
} }
/** /**
* @param servers * @param servers
* @see org.mitre.openid.connect.client.service.impl.StaticServerConfigurationService#setServers(java.util.Map) * @see org.mitre.openid.connect.client.service.impl.StaticServerConfigurationService#setServers(java.util.Map)
*/ */
public void setServers(Map<String, ServerConfiguration> servers) { public void setServers(Map<String, ServerConfiguration> servers) {
staticServerService.setServers(servers); staticServerService.setServers(servers);
} }
/** /**
* @return * @return
* @see org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService#getWhitelist() * @see org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService#getWhitelist()
*/ */
public Set<String> getWhitelist() { public Set<String> getWhitelist() {
return dynamicServerService.getWhitelist(); return dynamicServerService.getWhitelist();
} }
/** /**
* @param whitelist * @param whitelist
* @see org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService#setWhitelist(java.util.Set) * @see org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService#setWhitelist(java.util.Set)
*/ */
public void setWhitelist(Set<String> whitelist) { public void setWhitelist(Set<String> whitelist) {
dynamicServerService.setWhitelist(whitelist); dynamicServerService.setWhitelist(whitelist);
} }
/** /**
* @return * @return
* @see org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService#getBlacklist() * @see org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService#getBlacklist()
*/ */
public Set<String> getBlacklist() { public Set<String> getBlacklist() {
return dynamicServerService.getBlacklist(); return dynamicServerService.getBlacklist();
} }
/** /**
* @param blacklist * @param blacklist
* @see org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService#setBlacklist(java.util.Set) * @see org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService#setBlacklist(java.util.Set)
*/ */
public void setBlacklist(Set<String> blacklist) { public void setBlacklist(Set<String> blacklist) {
dynamicServerService.setBlacklist(blacklist); dynamicServerService.setBlacklist(blacklist);
} }
} }

19
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/InMemoryRegisteredClientService.java
View File

@ -1,3 +1,20 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/** /**
* *
*/ */
@ -16,7 +33,7 @@ import org.mitre.openid.connect.client.service.RegisteredClientService;
public class InMemoryRegisteredClientService implements RegisteredClientService { public class InMemoryRegisteredClientService implements RegisteredClientService {
private Map<String, RegisteredClient> clients = new HashMap<String, RegisteredClient>(); private Map<String, RegisteredClient> clients = new HashMap<String, RegisteredClient>();
/* (non-Javadoc) /* (non-Javadoc)
* @see org.mitre.openid.connect.client.service.RegisteredClientService#getByIssuer(java.lang.String) * @see org.mitre.openid.connect.client.service.RegisteredClientService#getByIssuer(java.lang.String)
*/ */

79
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/JsonFileRegisteredClientService.java
View File

@ -1,12 +1,27 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/** /**
* *
*/ */
package org.mitre.openid.connect.client.service.impl; package org.mitre.openid.connect.client.service.impl;
import java.io.File; import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException; import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.FileReader; import java.io.FileReader;
import java.io.FileWriter; import java.io.FileWriter;
import java.io.IOException; import java.io.IOException;
@ -38,11 +53,11 @@ import com.google.gson.JsonSerializer;
public class JsonFileRegisteredClientService implements RegisteredClientService { public class JsonFileRegisteredClientService implements RegisteredClientService {
private static Logger logger = LoggerFactory.getLogger(JsonFileRegisteredClientService.class); private static Logger logger = LoggerFactory.getLogger(JsonFileRegisteredClientService.class);
private Gson gson = new GsonBuilder() private Gson gson = new GsonBuilder()
.registerTypeAdapter(RegisteredClient.class, new JsonSerializer<RegisteredClient>() { .registerTypeAdapter(RegisteredClient.class, new JsonSerializer<RegisteredClient>() {
@Override @Override
public JsonElement serialize(RegisteredClient src, Type typeOfSrc, JsonSerializationContext context) { public JsonElement serialize(RegisteredClient src, Type typeOfSrc, JsonSerializationContext context) {
JsonObject obj = new JsonObject(); JsonObject obj = new JsonObject();
obj.addProperty("token", src.getRegistrationAccessToken()); obj.addProperty("token", src.getRegistrationAccessToken());
obj.addProperty("uri", src.getRegistrationClientUri()); obj.addProperty("uri", src.getRegistrationClientUri());
@ -52,12 +67,12 @@ public class JsonFileRegisteredClientService implements RegisteredClientService
if (src.getClientSecretExpiresAt() != null) { if (src.getClientSecretExpiresAt() != null) {
obj.addProperty("expires", src.getClientSecretExpiresAt().getTime()); obj.addProperty("expires", src.getClientSecretExpiresAt().getTime());
} }
return obj; return obj;
} }
}) })
.registerTypeAdapter(RegisteredClient.class, new JsonDeserializer<RegisteredClient>() { .registerTypeAdapter(RegisteredClient.class, new JsonDeserializer<RegisteredClient>() {
@Override @Override
public RegisteredClient deserialize(JsonElement json, Type typeOfT, JsonDeserializationContext context) throws JsonParseException { public RegisteredClient deserialize(JsonElement json, Type typeOfT, JsonDeserializationContext context) throws JsonParseException {
if (json.isJsonObject()) { if (json.isJsonObject()) {
JsonObject src = json.getAsJsonObject(); JsonObject src = json.getAsJsonObject();
RegisteredClient rc = new RegisteredClient(); RegisteredClient rc = new RegisteredClient();
@ -73,19 +88,19 @@ public class JsonFileRegisteredClientService implements RegisteredClientService
} else { } else {
return null; return null;
} }
} }
}) })
.create(); .create();
private File file; private File file;
private Map<String, RegisteredClient> clients = new HashMap<String, RegisteredClient>(); private Map<String, RegisteredClient> clients = new HashMap<String, RegisteredClient>();
public JsonFileRegisteredClientService(String filename) { public JsonFileRegisteredClientService(String filename) {
this.file = new File(filename); this.file = new File(filename);
load(); load();
} }
/* (non-Javadoc) /* (non-Javadoc)
* @see org.mitre.openid.connect.client.service.RegisteredClientService#getByIssuer(java.lang.String) * @see org.mitre.openid.connect.client.service.RegisteredClientService#getByIssuer(java.lang.String)
*/ */
@ -102,7 +117,7 @@ public class JsonFileRegisteredClientService implements RegisteredClientService
clients.put(issuer, client); clients.put(issuer, client);
write(); write();
} }
/** /**
* Sync the map of clients out to disk. * Sync the map of clients out to disk.
*/ */
@ -114,18 +129,18 @@ public class JsonFileRegisteredClientService implements RegisteredClientService
file.createNewFile(); file.createNewFile();
} }
FileWriter out = new FileWriter(file); FileWriter out = new FileWriter(file);
gson.toJson(clients, new TypeToken<Map<String, RegisteredClient>>(){}.getType(), out); gson.toJson(clients, new TypeToken<Map<String, RegisteredClient>>(){}.getType(), out);
out.close(); out.close();
} catch (FileNotFoundException e) { } catch (FileNotFoundException e) {
logger.error("Could not write to output file", e); logger.error("Could not write to output file", e);
} catch (IOException e) { } catch (IOException e) {
logger.error("Could not write to output file", e); logger.error("Could not write to output file", e);
} }
} }
/** /**
* Load the map in from disk. * Load the map in from disk.
*/ */
@ -136,16 +151,16 @@ public class JsonFileRegisteredClientService implements RegisteredClientService
return; return;
} }
FileReader in = new FileReader(file); FileReader in = new FileReader(file);
clients = gson.fromJson(in, new TypeToken<Map<String, RegisteredClient>>(){}.getType()); clients = gson.fromJson(in, new TypeToken<Map<String, RegisteredClient>>(){}.getType());
in.close(); in.close();
} catch (FileNotFoundException e) { } catch (FileNotFoundException e) {
logger.error("Could not read from input file", e); logger.error("Could not read from input file", e);
} catch (IOException e) { } catch (IOException e) {
logger.error("Could not read from input file", e); logger.error("Could not read from input file", e);
} }
} }
} }

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/PlainAuthRequestUrlBuilder.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
/** /**
* *
*/ */

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/SignedAuthRequestUrlBuilder.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
/** /**
* *
*/ */

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticClientConfigurationService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
/** /**
* *
*/ */

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticServerConfigurationService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
/** /**
* *
*/ */

5
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/StaticSingleIssuerService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
/** /**
* *
*/ */

11
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/ThirdPartyIssuerService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
/** /**
* *
*/ */
@ -43,7 +44,7 @@ import com.google.common.base.Strings;
public class ThirdPartyIssuerService implements IssuerService { public class ThirdPartyIssuerService implements IssuerService {
private String accountChooserUrl; private String accountChooserUrl;
private Set<String> whitelist = new HashSet<String>(); private Set<String> whitelist = new HashSet<String>();
private Set<String> blacklist = new HashSet<String>(); private Set<String> blacklist = new HashSet<String>();
@ -59,11 +60,11 @@ public class ThirdPartyIssuerService implements IssuerService {
if (!whitelist.isEmpty() && !whitelist.contains(iss)) { if (!whitelist.isEmpty() && !whitelist.contains(iss)) {
throw new AuthenticationServiceException("Whitelist was nonempty, issuer was not in whitelist: " + iss); throw new AuthenticationServiceException("Whitelist was nonempty, issuer was not in whitelist: " + iss);
} }
if (blacklist.contains(iss)) { if (blacklist.contains(iss)) {
throw new AuthenticationServiceException("Issuer was in blacklist: " + iss); throw new AuthenticationServiceException("Issuer was in blacklist: " + iss);
} }
return new IssuerServiceResponse(iss, request.getParameter("login_hint"), request.getParameter("target_link_uri")); return new IssuerServiceResponse(iss, request.getParameter("login_hint"), request.getParameter("target_link_uri"));
} else { } else {

29
openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/WebfingerIssuerService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,6 +13,8 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
/** /**
* *
*/ */
@ -89,11 +90,11 @@ public class WebfingerIssuerService implements IssuerService {
if (!whitelist.isEmpty() && !whitelist.contains(issuer)) { if (!whitelist.isEmpty() && !whitelist.contains(issuer)) {
throw new AuthenticationServiceException("Whitelist was nonempty, issuer was not in whitelist: " + issuer); throw new AuthenticationServiceException("Whitelist was nonempty, issuer was not in whitelist: " + issuer);
} }
if (blacklist.contains(issuer)) { if (blacklist.contains(issuer)) {
throw new AuthenticationServiceException("Issuer was in blacklist: " + issuer); throw new AuthenticationServiceException("Issuer was in blacklist: " + issuer);
} }
return new IssuerServiceResponse(issuer, null, null); return new IssuerServiceResponse(issuer, null, null);
} catch (ExecutionException e) { } catch (ExecutionException e) {
logger.warn("Issue fetching issuer for user input: " + identifier, e); logger.warn("Issue fetching issuer for user input: " + identifier, e);
@ -177,7 +178,7 @@ public class WebfingerIssuerService implements IssuerService {
RestTemplate restTemplate = new RestTemplate(httpFactory); RestTemplate restTemplate = new RestTemplate(httpFactory);
// construct the URL to go to // construct the URL to go to
// preserving http scheme is strictly for demo system use only. // preserving http scheme is strictly for demo system use only.
String scheme = key.getScheme(); String scheme = key.getScheme();
if (!Strings.isNullOrEmpty(scheme) && scheme.equals("http")) { if (!Strings.isNullOrEmpty(scheme) && scheme.equals("http")) {
@ -188,13 +189,13 @@ public class WebfingerIssuerService implements IssuerService {
} }
// do a webfinger lookup // do a webfinger lookup
URIBuilder builder = new URIBuilder(scheme URIBuilder builder = new URIBuilder(scheme
+ key.getHost() + key.getHost()
+ (key.getPort() >= 0 ? ":" + key.getPort() : "") + (key.getPort() >= 0 ? ":" + key.getPort() : "")
+ Strings.nullToEmpty(key.getPath()) + Strings.nullToEmpty(key.getPath())
+ "/.well-known/webfinger" + "/.well-known/webfinger"
+ (Strings.isNullOrEmpty(key.getQuery()) ? "" : "?" + key.getQuery()) + (Strings.isNullOrEmpty(key.getQuery()) ? "" : "?" + key.getQuery())
); );
builder.addParameter("resource", key.toString()); builder.addParameter("resource", key.toString());
builder.addParameter("rel", "http://openid.net/specs/connect/1.0/issuer"); builder.addParameter("rel", "http://openid.net/specs/connect/1.0/issuer");
@ -226,7 +227,7 @@ public class WebfingerIssuerService implements IssuerService {
} }
// we couldn't find it // we couldn't find it
if (key.getScheme().equals("http") || key.getScheme().equals("https")) { if (key.getScheme().equals("http") || key.getScheme().equals("https")) {
// if it looks like HTTP then punt and return the input // if it looks like HTTP then punt and return the input
logger.warn("Returning normalized input string as issuer, hoping for the best: " + key.toString()); logger.warn("Returning normalized input string as issuer, hoping for the best: " + key.toString());
@ -236,7 +237,7 @@ public class WebfingerIssuerService implements IssuerService {
logger.warn("Couldn't find issuer: " + key.toString()); logger.warn("Couldn't find issuer: " + key.toString());
return null; return null;
} }
} }
} }

64
openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestHybridClientConfigurationService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,12 +13,9 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
package org.mitre.openid.connect.client.service.impl;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.nullValue; package org.mitre.openid.connect.client.service.impl;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
import org.junit.Before; import org.junit.Before;
import org.junit.Test; import org.junit.Test;
@ -27,65 +23,71 @@ import org.junit.runner.RunWith;
import org.mitre.oauth2.model.RegisteredClient; import org.mitre.oauth2.model.RegisteredClient;
import org.mitre.openid.connect.config.ServerConfiguration; import org.mitre.openid.connect.config.ServerConfiguration;
import org.mockito.InjectMocks; import org.mockito.InjectMocks;
import org.mockito.Matchers;
import org.mockito.Mock; import org.mockito.Mock;
import org.mockito.Mockito; import org.mockito.Mockito;
import org.mockito.runners.MockitoJUnitRunner; import org.mockito.runners.MockitoJUnitRunner;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
/** /**
* @author wkim * @author wkim
* *
*/ */
@RunWith(MockitoJUnitRunner.class) @RunWith(MockitoJUnitRunner.class)
public class TestHybridClientConfigurationService { public class TestHybridClientConfigurationService {
@Mock @Mock
private StaticClientConfigurationService mockStaticService; private StaticClientConfigurationService mockStaticService;
@Mock @Mock
private DynamicRegistrationClientConfigurationService mockDynamicService; private DynamicRegistrationClientConfigurationService mockDynamicService;
@InjectMocks @InjectMocks
private HybridClientConfigurationService hybridService; private HybridClientConfigurationService hybridService;
// test fixture // test fixture
@Mock @Mock
private RegisteredClient mockClient; private RegisteredClient mockClient;
@Mock @Mock
private ServerConfiguration mockServerConfig; private ServerConfiguration mockServerConfig;
private String issuer = "https://www.example.com/"; private String issuer = "https://www.example.com/";
@Before @Before
public void prepare() { public void prepare() {
Mockito.reset(mockDynamicService, mockStaticService); Mockito.reset(mockDynamicService, mockStaticService);
Mockito.when(mockServerConfig.getIssuer()).thenReturn(issuer); Mockito.when(mockServerConfig.getIssuer()).thenReturn(issuer);
} }
@Test @Test
public void getClientConfiguration_useStatic() { public void getClientConfiguration_useStatic() {
Mockito.when(mockStaticService.getClientConfiguration(mockServerConfig)).thenReturn(mockClient); Mockito.when(mockStaticService.getClientConfiguration(mockServerConfig)).thenReturn(mockClient);
RegisteredClient result = hybridService.getClientConfiguration(mockServerConfig); RegisteredClient result = hybridService.getClientConfiguration(mockServerConfig);
Mockito.verify(mockStaticService).getClientConfiguration(mockServerConfig); Mockito.verify(mockStaticService).getClientConfiguration(mockServerConfig);
Mockito.verify(mockDynamicService, Mockito.never()).getClientConfiguration(Mockito.any(ServerConfiguration.class)); Mockito.verify(mockDynamicService, Mockito.never()).getClientConfiguration(Matchers.any(ServerConfiguration.class));
assertEquals(mockClient, result); assertEquals(mockClient, result);
} }
@Test @Test
public void getClientConfiguration_useDynamic() { public void getClientConfiguration_useDynamic() {
Mockito.when(mockStaticService.getClientConfiguration(mockServerConfig)).thenReturn(null); Mockito.when(mockStaticService.getClientConfiguration(mockServerConfig)).thenReturn(null);
Mockito.when(mockDynamicService.getClientConfiguration(mockServerConfig)).thenReturn(mockClient); Mockito.when(mockDynamicService.getClientConfiguration(mockServerConfig)).thenReturn(mockClient);
RegisteredClient result = hybridService.getClientConfiguration(mockServerConfig); RegisteredClient result = hybridService.getClientConfiguration(mockServerConfig);
Mockito.verify(mockStaticService).getClientConfiguration(mockServerConfig); Mockito.verify(mockStaticService).getClientConfiguration(mockServerConfig);
Mockito.verify(mockDynamicService).getClientConfiguration(mockServerConfig); Mockito.verify(mockDynamicService).getClientConfiguration(mockServerConfig);
assertEquals(mockClient, result); assertEquals(mockClient, result);
@ -96,17 +98,17 @@ public class TestHybridClientConfigurationService {
*/ */
@Test @Test
public void getClientConfiguration_noIssuer() { public void getClientConfiguration_noIssuer() {
// The mockServerConfig is known to both services // The mockServerConfig is known to both services
Mockito.when(mockStaticService.getClientConfiguration(mockServerConfig)).thenReturn(mockClient); Mockito.when(mockStaticService.getClientConfiguration(mockServerConfig)).thenReturn(mockClient);
Mockito.when(mockDynamicService.getClientConfiguration(mockServerConfig)).thenReturn(mockClient); Mockito.when(mockDynamicService.getClientConfiguration(mockServerConfig)).thenReturn(mockClient);
// But oh noes! We're going to ask it to find us some other issuer // But oh noes! We're going to ask it to find us some other issuer
ServerConfiguration badIssuer = Mockito.mock(ServerConfiguration.class); ServerConfiguration badIssuer = Mockito.mock(ServerConfiguration.class);
Mockito.when(badIssuer.getIssuer()).thenReturn("www.badexample.com"); Mockito.when(badIssuer.getIssuer()).thenReturn("www.badexample.com");
RegisteredClient result = hybridService.getClientConfiguration(badIssuer); RegisteredClient result = hybridService.getClientConfiguration(badIssuer);
Mockito.verify(mockStaticService).getClientConfiguration(badIssuer); Mockito.verify(mockStaticService).getClientConfiguration(badIssuer);
Mockito.verify(mockDynamicService).getClientConfiguration(badIssuer); Mockito.verify(mockDynamicService).getClientConfiguration(badIssuer);
assertThat(result, is(nullValue())); assertThat(result, is(nullValue()));

56
openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestHybridServerConfigurationService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,23 +13,26 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
package org.mitre.openid.connect.client.service.impl; package org.mitre.openid.connect.client.service.impl;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
import org.junit.Before; import org.junit.Before;
import org.junit.Test; import org.junit.Test;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
import org.mitre.openid.connect.config.ServerConfiguration; import org.mitre.openid.connect.config.ServerConfiguration;
import org.mockito.InjectMocks; import org.mockito.InjectMocks;
import org.mockito.Matchers;
import org.mockito.Mock; import org.mockito.Mock;
import org.mockito.Mockito; import org.mockito.Mockito;
import org.mockito.runners.MockitoJUnitRunner; import org.mockito.runners.MockitoJUnitRunner;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
/** /**
* @author wkim * @author wkim
* *
@ -40,44 +42,44 @@ public class TestHybridServerConfigurationService {
@Mock @Mock
private StaticServerConfigurationService mockStaticService; private StaticServerConfigurationService mockStaticService;
@Mock @Mock
private DynamicServerConfigurationService mockDynamicService; private DynamicServerConfigurationService mockDynamicService;
@InjectMocks @InjectMocks
private HybridServerConfigurationService hybridService; private HybridServerConfigurationService hybridService;
@Mock @Mock
private ServerConfiguration mockServerConfig; private ServerConfiguration mockServerConfig;
private String issuer = "https://www.example.com/"; private String issuer = "https://www.example.com/";
@Before @Before
public void prepare() { public void prepare() {
Mockito.reset(mockDynamicService, mockStaticService); Mockito.reset(mockDynamicService, mockStaticService);
} }
@Test @Test
public void getServerConfiguration_useStatic() { public void getServerConfiguration_useStatic() {
Mockito.when(mockStaticService.getServerConfiguration(issuer)).thenReturn(mockServerConfig); Mockito.when(mockStaticService.getServerConfiguration(issuer)).thenReturn(mockServerConfig);
ServerConfiguration result = hybridService.getServerConfiguration(issuer); ServerConfiguration result = hybridService.getServerConfiguration(issuer);
Mockito.verify(mockStaticService).getServerConfiguration(issuer); Mockito.verify(mockStaticService).getServerConfiguration(issuer);
Mockito.verify(mockDynamicService, Mockito.never()).getServerConfiguration(Mockito.anyString()); Mockito.verify(mockDynamicService, Mockito.never()).getServerConfiguration(Matchers.anyString());
assertEquals(mockServerConfig, result); assertEquals(mockServerConfig, result);
} }
@Test @Test
public void getServerConfiguration_useDynamic() { public void getServerConfiguration_useDynamic() {
Mockito.when(mockStaticService.getServerConfiguration(issuer)).thenReturn(null); Mockito.when(mockStaticService.getServerConfiguration(issuer)).thenReturn(null);
Mockito.when(mockDynamicService.getServerConfiguration(issuer)).thenReturn(mockServerConfig); Mockito.when(mockDynamicService.getServerConfiguration(issuer)).thenReturn(mockServerConfig);
ServerConfiguration result = hybridService.getServerConfiguration(issuer); ServerConfiguration result = hybridService.getServerConfiguration(issuer);
Mockito.verify(mockStaticService).getServerConfiguration(issuer); Mockito.verify(mockStaticService).getServerConfiguration(issuer);
@ -90,14 +92,14 @@ public class TestHybridServerConfigurationService {
*/ */
@Test @Test
public void getServerConfiguration_noIssuer() { public void getServerConfiguration_noIssuer() {
Mockito.when(mockStaticService.getServerConfiguration(issuer)).thenReturn(mockServerConfig); Mockito.when(mockStaticService.getServerConfiguration(issuer)).thenReturn(mockServerConfig);
Mockito.when(mockDynamicService.getServerConfiguration(issuer)).thenReturn(mockServerConfig); Mockito.when(mockDynamicService.getServerConfiguration(issuer)).thenReturn(mockServerConfig);
String badIssuer = "www.badexample.com"; String badIssuer = "www.badexample.com";
ServerConfiguration result = hybridService.getServerConfiguration(badIssuer); ServerConfiguration result = hybridService.getServerConfiguration(badIssuer);
Mockito.verify(mockStaticService).getServerConfiguration(badIssuer); Mockito.verify(mockStaticService).getServerConfiguration(badIssuer);
Mockito.verify(mockDynamicService).getServerConfiguration(badIssuer); Mockito.verify(mockDynamicService).getServerConfiguration(badIssuer);
assertThat(result, is(nullValue())); assertThat(result, is(nullValue()));

37
openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestPlainAuthRequestUrlBuilder.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,10 +13,9 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
package org.mitre.openid.connect.client.service.impl;
import static org.hamcrest.CoreMatchers.equalTo;
import static org.junit.Assert.*; package org.mitre.openid.connect.client.service.impl;
import org.junit.Before; import org.junit.Before;
import org.junit.Test; import org.junit.Test;
@ -28,6 +26,9 @@ import org.springframework.security.authentication.AuthenticationServiceExceptio
import com.google.common.collect.Sets; import com.google.common.collect.Sets;
import static org.hamcrest.CoreMatchers.equalTo;
import static org.junit.Assert.assertThat;
/** /**
* @author wkim * @author wkim
* *
@ -37,41 +38,41 @@ public class TestPlainAuthRequestUrlBuilder {
// Test fixture: // Test fixture:
ServerConfiguration serverConfig; ServerConfiguration serverConfig;
RegisteredClient clientConfig; RegisteredClient clientConfig;
private PlainAuthRequestUrlBuilder urlBuilder = new PlainAuthRequestUrlBuilder(); private PlainAuthRequestUrlBuilder urlBuilder = new PlainAuthRequestUrlBuilder();
@Before @Before
public void prepare() { public void prepare() {
serverConfig = Mockito.mock(ServerConfiguration.class); serverConfig = Mockito.mock(ServerConfiguration.class);
Mockito.when(serverConfig.getAuthorizationEndpointUri()).thenReturn("https://server.example.com/authorize"); Mockito.when(serverConfig.getAuthorizationEndpointUri()).thenReturn("https://server.example.com/authorize");
clientConfig = Mockito.mock(RegisteredClient.class); clientConfig = Mockito.mock(RegisteredClient.class);
Mockito.when(clientConfig.getClientId()).thenReturn("s6BhdRkqt3"); Mockito.when(clientConfig.getClientId()).thenReturn("s6BhdRkqt3");
Mockito.when(clientConfig.getScope()).thenReturn(Sets.newHashSet("openid", "profile")); Mockito.when(clientConfig.getScope()).thenReturn(Sets.newHashSet("openid", "profile"));
} }
@Test @Test
public void buildAuthRequestUrl() { public void buildAuthRequestUrl() {
String expectedUrl = "https://server.example.com/authorize?" + String expectedUrl = "https://server.example.com/authorize?" +
"response_type=code" + "response_type=code" +
"&client_id=s6BhdRkqt3" + "&client_id=s6BhdRkqt3" +
"&scope=openid+profile" + // plus sign used for space per application/x-www-form-encoded standard "&scope=openid+profile" + // plus sign used for space per application/x-www-form-encoded standard
"&redirect_uri=https%3A%2F%2Fclient.example.org%2F" + "&redirect_uri=https%3A%2F%2Fclient.example.org%2F" +
"&nonce=34fasf3ds" + "&nonce=34fasf3ds" +
"&state=af0ifjsldkj"; "&state=af0ifjsldkj";
String actualUrl = urlBuilder.buildAuthRequestUrl(serverConfig, clientConfig, "https://client.example.org/", "34fasf3ds", "af0ifjsldkj"); String actualUrl = urlBuilder.buildAuthRequestUrl(serverConfig, clientConfig, "https://client.example.org/", "34fasf3ds", "af0ifjsldkj");
assertThat(actualUrl, equalTo(expectedUrl)); assertThat(actualUrl, equalTo(expectedUrl));
} }
@Test(expected = AuthenticationServiceException.class) @Test(expected = AuthenticationServiceException.class)
public void buildAuthRequestUrl_badUri() { public void buildAuthRequestUrl_badUri() {
Mockito.when(serverConfig.getAuthorizationEndpointUri()).thenReturn("e=mc^2"); Mockito.when(serverConfig.getAuthorizationEndpointUri()).thenReturn("e=mc^2");
urlBuilder.buildAuthRequestUrl(serverConfig, clientConfig, "example.com", "", ""); urlBuilder.buildAuthRequestUrl(serverConfig, clientConfig, "example.com", "", "");
} }

53
openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestSignedAuthRequestUrlBuilder.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,11 +13,9 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
package org.mitre.openid.connect.client.service.impl;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue; package org.mitre.openid.connect.client.service.impl;
import static org.junit.Assert.fail;
import java.net.URI; import java.net.URI;
import java.net.URISyntaxException; import java.net.URISyntaxException;
@ -29,8 +26,6 @@ import java.util.Arrays;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import net.minidev.json.JSONObject;
import org.junit.Before; import org.junit.Before;
import org.junit.Test; import org.junit.Test;
import org.mitre.jwt.signer.service.impl.DefaultJwtSigningAndValidationService; import org.mitre.jwt.signer.service.impl.DefaultJwtSigningAndValidationService;
@ -41,20 +36,20 @@ import org.springframework.security.authentication.AuthenticationServiceExceptio
import org.springframework.web.util.UriComponents; import org.springframework.web.util.UriComponents;
import org.springframework.web.util.UriComponentsBuilder; import org.springframework.web.util.UriComponentsBuilder;
import com.google.common.base.Joiner;
import com.google.common.collect.Maps; import com.google.common.collect.Maps;
import com.google.common.collect.Sets; import com.google.common.collect.Sets;
import com.nimbusds.jose.Algorithm; import com.nimbusds.jose.Algorithm;
import com.nimbusds.jose.JWSObject;
import com.nimbusds.jose.jwk.JWK; import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jose.jwk.RSAKey; import com.nimbusds.jose.jwk.RSAKey;
import com.nimbusds.jose.jwk.Use; import com.nimbusds.jose.jwk.Use;
import com.nimbusds.jose.util.Base64URL; import com.nimbusds.jose.util.Base64URL;
import com.nimbusds.jose.util.JSONObjectUtils;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.ReadOnlyJWTClaimsSet; import com.nimbusds.jwt.ReadOnlyJWTClaimsSet;
import com.nimbusds.jwt.SignedJWT; import com.nimbusds.jwt.SignedJWT;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
/** /**
* @author wkim * @author wkim
* *
@ -72,17 +67,17 @@ public class TestSignedAuthRequestUrlBuilder {
// RSA key properties: // RSA key properties:
// {@link package com.nimbusds.jose.jwk#RSAKey} // {@link package com.nimbusds.jose.jwk#RSAKey}
private String n = "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86zw" + private String n = "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86zw" +
"u1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ_2W-5JsGY4Hc" + "u1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ_2W-5JsGY4Hc" +
"5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2QvzqY368QQMicAtaSqzs8K" + "5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2QvzqY368QQMicAtaSqzs8K" +
"JZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt-bFTWhAI4vMQFh" + "JZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt-bFTWhAI4vMQFh" +
"6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw"; "6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw";
private String e = "AQAB"; private String e = "AQAB";
private String d = "X4cTteJY_gn4FYPsXB8rdXix5vwsg1FLN5E3EaG6RJoVH-HLLKD9M7dx5oo7GURknc" + private String d = "X4cTteJY_gn4FYPsXB8rdXix5vwsg1FLN5E3EaG6RJoVH-HLLKD9M7dx5oo7GURknc" +
"hnrRweUkC7hT5fJLM0WbFAKNLWY2vv7B6NqXSzUvxT0_YSfqijwp3RTzlBaCxWp4doFk5" + "hnrRweUkC7hT5fJLM0WbFAKNLWY2vv7B6NqXSzUvxT0_YSfqijwp3RTzlBaCxWp4doFk5" +
"N2o8Gy_nHNKroADIkJ46pRUohsXywbReAdYaMwFs9tv8d_cPVY3i07a3t8MN6TNwm0dSa" + "N2o8Gy_nHNKroADIkJ46pRUohsXywbReAdYaMwFs9tv8d_cPVY3i07a3t8MN6TNwm0dSa" +
"wm9v47UiCl3Sk5ZiG7xojPLu4sbg1U2jx4IBTNBznbJSzFHK66jT8bgkuqsk0GjskDJk1" + "wm9v47UiCl3Sk5ZiG7xojPLu4sbg1U2jx4IBTNBznbJSzFHK66jT8bgkuqsk0GjskDJk1" +
"9Z4qwjwbsnn4j2WBii3RL-Us2lGVkY8fkFzme1z0HbIkfz0Y6mqnOYtqc0X4jfcKoAC8Q"; "9Z4qwjwbsnn4j2WBii3RL-Us2lGVkY8fkFzme1z0HbIkfz0Y6mqnOYtqc0X4jfcKoAC8Q";
private String alg = "RS256"; private String alg = "RS256";
private String kid = "2011-04-29"; private String kid = "2011-04-29";
@ -112,8 +107,8 @@ public class TestSignedAuthRequestUrlBuilder {
} }
/** /**
* This test takes the URI from the result of building a signed request * This test takes the URI from the result of building a signed request
* and checks that the JWS object parsed from the request URI matches up * and checks that the JWS object parsed from the request URI matches up
* with the expected claim values. * with the expected claim values.
*/ */
@Test @Test
@ -123,30 +118,30 @@ public class TestSignedAuthRequestUrlBuilder {
// parsing the result // parsing the result
UriComponentsBuilder builder = null; UriComponentsBuilder builder = null;
try { try {
builder = UriComponentsBuilder.fromUri(new URI(requestUri)); builder = UriComponentsBuilder.fromUri(new URI(requestUri));
} catch (URISyntaxException e1) { } catch (URISyntaxException e1) {
fail("URISyntaxException was thrown."); fail("URISyntaxException was thrown.");
} }
UriComponents components = builder.build(); UriComponents components = builder.build();
String jwtString = components.getQueryParams().get("request").get(0); String jwtString = components.getQueryParams().get("request").get(0);
ReadOnlyJWTClaimsSet claims = null; ReadOnlyJWTClaimsSet claims = null;
try { try {
SignedJWT jwt = SignedJWT.parse(jwtString); SignedJWT jwt = SignedJWT.parse(jwtString);
claims = jwt.getJWTClaimsSet(); claims = jwt.getJWTClaimsSet();
} catch (ParseException e) { } catch (ParseException e) {
fail("ParseException was thrown."); fail("ParseException was thrown.");
} }
assertEquals(responseType, claims.getClaim("response_type")); assertEquals(responseType, claims.getClaim("response_type"));
assertEquals(clientConfig.getClientId(), claims.getClaim("client_id")); assertEquals(clientConfig.getClientId(), claims.getClaim("client_id"));
List<String> scopeList = Arrays.asList(((String) claims.getClaim("scope")).split(" ")); List<String> scopeList = Arrays.asList(((String) claims.getClaim("scope")).split(" "));
assertTrue(scopeList.containsAll(clientConfig.getScope())); assertTrue(scopeList.containsAll(clientConfig.getScope()));
assertEquals(redirectUri, claims.getClaim("redirect_uri")); assertEquals(redirectUri, claims.getClaim("redirect_uri"));
assertEquals(nonce, claims.getClaim("nonce")); assertEquals(nonce, claims.getClaim("nonce"));
assertEquals(state, claims.getClaim("state")); assertEquals(state, claims.getClaim("state"));

47
openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestStaticClientConfigurationService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,13 +13,9 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
package org.mitre.openid.connect.client.service.impl;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.notNullValue; package org.mitre.openid.connect.client.service.impl;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
@ -34,54 +29,60 @@ import org.mockito.Mock;
import org.mockito.Mockito; import org.mockito.Mockito;
import org.mockito.runners.MockitoJUnitRunner; import org.mockito.runners.MockitoJUnitRunner;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.notNullValue;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
/** /**
* @author wkim * @author wkim
* *
*/ */
@RunWith(MockitoJUnitRunner.class) @RunWith(MockitoJUnitRunner.class)
public class TestStaticClientConfigurationService { public class TestStaticClientConfigurationService {
private StaticClientConfigurationService service; private StaticClientConfigurationService service;
private String issuer = "https://www.example.com/"; private String issuer = "https://www.example.com/";
@Mock @Mock
private RegisteredClient mockClient; private RegisteredClient mockClient;
@Mock @Mock
private ServerConfiguration mockServerConfig; private ServerConfiguration mockServerConfig;
@Before @Before
public void prepare() { public void prepare() {
service = new StaticClientConfigurationService(); service = new StaticClientConfigurationService();
Map<String, RegisteredClient> clients = new HashMap<String, RegisteredClient>(); Map<String, RegisteredClient> clients = new HashMap<String, RegisteredClient>();
clients.put(issuer, mockClient); clients.put(issuer, mockClient);
service.setClients(clients); service.setClients(clients);
Mockito.when(mockServerConfig.getIssuer()).thenReturn(issuer); Mockito.when(mockServerConfig.getIssuer()).thenReturn(issuer);
} }
@Test @Test
public void getClientConfiguration_success() { public void getClientConfiguration_success() {
RegisteredClient result = service.getClientConfiguration(mockServerConfig); RegisteredClient result = service.getClientConfiguration(mockServerConfig);
assertThat(mockClient, is(notNullValue())); assertThat(mockClient, is(notNullValue()));
assertEquals(mockClient, result); assertEquals(mockClient, result);
} }
/** /**
* Checks the behavior when the issuer is not known. * Checks the behavior when the issuer is not known.
*/ */
@Test @Test
public void getClientConfiguration_noIssuer() { public void getClientConfiguration_noIssuer() {
Mockito.when(mockServerConfig.getIssuer()).thenReturn("www.badexample.net"); Mockito.when(mockServerConfig.getIssuer()).thenReturn("www.badexample.net");
RegisteredClient actualClient = service.getClientConfiguration(mockServerConfig); RegisteredClient actualClient = service.getClientConfiguration(mockServerConfig);
assertThat(actualClient, is(nullValue())); assertThat(actualClient, is(nullValue()));
} }

43
openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestStaticServerConfigurationService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,13 +13,9 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
package org.mitre.openid.connect.client.service.impl;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.notNullValue; package org.mitre.openid.connect.client.service.impl;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
@ -32,6 +27,12 @@ import org.mitre.openid.connect.config.ServerConfiguration;
import org.mockito.Mock; import org.mockito.Mock;
import org.mockito.runners.MockitoJUnitRunner; import org.mockito.runners.MockitoJUnitRunner;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.notNullValue;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertThat;
/** /**
* @author wkim * @author wkim
* *
@ -39,42 +40,42 @@ import org.mockito.runners.MockitoJUnitRunner;
@RunWith(MockitoJUnitRunner.class) @RunWith(MockitoJUnitRunner.class)
public class TestStaticServerConfigurationService { public class TestStaticServerConfigurationService {
private StaticServerConfigurationService service; private StaticServerConfigurationService service;
private String issuer = "https://www.example.com/"; private String issuer = "https://www.example.com/";
@Mock @Mock
private ServerConfiguration mockServerConfig; private ServerConfiguration mockServerConfig;
@Before @Before
public void prepare() { public void prepare() {
service = new StaticServerConfigurationService(); service = new StaticServerConfigurationService();
Map<String, ServerConfiguration> servers = new HashMap<String, ServerConfiguration>(); Map<String, ServerConfiguration> servers = new HashMap<String, ServerConfiguration>();
servers.put(issuer, mockServerConfig); servers.put(issuer, mockServerConfig);
service.setServers(servers); service.setServers(servers);
} }
@Test @Test
public void getServerConfiguration_success() { public void getServerConfiguration_success() {
ServerConfiguration result = service.getServerConfiguration(issuer); ServerConfiguration result = service.getServerConfiguration(issuer);
assertThat(mockServerConfig, is(notNullValue())); assertThat(mockServerConfig, is(notNullValue()));
assertEquals(mockServerConfig, result); assertEquals(mockServerConfig, result);
} }
/** /**
* Checks the behavior when the issuer is not known. * Checks the behavior when the issuer is not known.
*/ */
@Test @Test
public void getClientConfiguration_noIssuer() { public void getClientConfiguration_noIssuer() {
ServerConfiguration result = service.getServerConfiguration("www.badexample.net"); ServerConfiguration result = service.getServerConfiguration("www.badexample.net");
assertThat(result, is(nullValue())); assertThat(result, is(nullValue()));
} }

13
openid-connect-client/src/test/java/org/mitre/openid/connect/client/service/impl/TestThirdPartyIssuerService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -14,11 +13,9 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
******************************************************************************/ ******************************************************************************/
package org.mitre.openid.connect.client.service.impl;
import static org.hamcrest.CoreMatchers.equalTo;
import static org.hamcrest.CoreMatchers.nullValue; package org.mitre.openid.connect.client.service.impl;
import static org.junit.Assert.*;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
@ -30,6 +27,10 @@ import org.springframework.security.authentication.AuthenticationServiceExceptio
import com.google.common.collect.Sets; import com.google.common.collect.Sets;
import static org.hamcrest.CoreMatchers.equalTo;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.junit.Assert.assertThat;
/** /**
* @author wkim * @author wkim
* *

38
openid-connect-common/src/main/java/org/mitre/discovery/util/WebfingerURLNormalizer.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -18,6 +17,7 @@ package org.mitre.discovery.util;
import java.util.regex.Matcher; import java.util.regex.Matcher;
import java.util.regex.Pattern; import java.util.regex.Pattern;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
@ -28,14 +28,14 @@ import com.google.common.base.Strings;
/** /**
* Provides utility methods for normalizing and parsing URIs for use with Webfinger Discovery. * Provides utility methods for normalizing and parsing URIs for use with Webfinger Discovery.
* *
* @author wkim * @author wkim
* *
*/ */
public class WebfingerURLNormalizer { public class WebfingerURLNormalizer {
private static Logger logger = LoggerFactory.getLogger(WebfingerURLNormalizer.class); private static Logger logger = LoggerFactory.getLogger(WebfingerURLNormalizer.class);
// pattern used to parse user input; we can't use the built-in java URI parser // pattern used to parse user input; we can't use the built-in java URI parser
private static final Pattern pattern = Pattern.compile("^" + private static final Pattern pattern = Pattern.compile("^" +
"((https|acct|http|mailto|tel|device):(//)?)?" + // scheme "((https|acct|http|mailto|tel|device):(//)?)?" + // scheme
@ -50,15 +50,15 @@ public class WebfingerURLNormalizer {
"$" "$"
); );
/** /**
* Private constructor to prevent instantiation. * Private constructor to prevent instantiation.
*/ */
private WebfingerURLNormalizer() { private WebfingerURLNormalizer() {
// intentionally blank // intentionally blank
} }
/** /**
* Normalize the resource string as per OIDC Discovery. * Normalize the resource string as per OIDC Discovery.
* @param identifier * @param identifier
@ -93,36 +93,36 @@ public class WebfingerURLNormalizer {
logger.warn("Parser couldn't match input: " + identifier); logger.warn("Parser couldn't match input: " + identifier);
return null; return null;
} }
UriComponents n = builder.build(); UriComponents n = builder.build();
if (Strings.isNullOrEmpty(n.getScheme())) { if (Strings.isNullOrEmpty(n.getScheme())) {
if (!Strings.isNullOrEmpty(n.getUserInfo()) if (!Strings.isNullOrEmpty(n.getUserInfo())
&& Strings.isNullOrEmpty(n.getPath()) && Strings.isNullOrEmpty(n.getPath())
&& Strings.isNullOrEmpty(n.getQuery()) && Strings.isNullOrEmpty(n.getQuery())
&& n.getPort() < 0) { && n.getPort() < 0) {
// scheme empty, userinfo is not empty, path/query/port are empty // scheme empty, userinfo is not empty, path/query/port are empty
// set to "acct" (rule 2) // set to "acct" (rule 2)
builder.scheme("acct"); builder.scheme("acct");
} else { } else {
// scheme is empty, but rule 2 doesn't apply // scheme is empty, but rule 2 doesn't apply
// set scheme to "https" (rule 3) // set scheme to "https" (rule 3)
builder.scheme("https"); builder.scheme("https");
} }
} }
// fragment must be stripped (rule 4) // fragment must be stripped (rule 4)
builder.fragment(null); builder.fragment(null);
return builder.build(); return builder.build();
} }
} }
public static String serializeURL(UriComponents uri) { public static String serializeURL(UriComponents uri) {
if (uri.getScheme() != null && if (uri.getScheme() != null &&
(uri.getScheme().equals("acct") || (uri.getScheme().equals("acct") ||
@ -130,9 +130,9 @@ public class WebfingerURLNormalizer {
uri.getScheme().equals("tel") || uri.getScheme().equals("tel") ||
uri.getScheme().equals("device") uri.getScheme().equals("device")
)) { )) {
// serializer copied from HierarchicalUriComponents but with "//" removed // serializer copied from HierarchicalUriComponents but with "//" removed
StringBuilder uriBuilder = new StringBuilder(); StringBuilder uriBuilder = new StringBuilder();
if (uri.getScheme() != null) { if (uri.getScheme() != null) {
@ -177,8 +177,8 @@ public class WebfingerURLNormalizer {
} else { } else {
return uri.toUriString(); return uri.toUriString();
} }
} }
} }

3
openid-connect-common/src/main/java/org/mitre/jose/JWEAlgorithmEmbed.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/jose/JWEEncryptionMethodEmbed.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/jose/JWSAlgorithmEmbed.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/jose/keystore/JWKSetKeyStore.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/JwtSigningAndValidationService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

9
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/DefaultJwtSigningAndValidationService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -115,7 +114,7 @@ public class DefaultJwtSigningAndValidationService implements JwtSigningAndValid
logger.info("DefaultJwtSigningAndValidationService is ready: " + this.toString()); logger.info("DefaultJwtSigningAndValidationService is ready: " + this.toString());
} }
/** /**
* @return the defaultSignerKeyId * @return the defaultSignerKeyId
*/ */
@ -209,7 +208,7 @@ public class DefaultJwtSigningAndValidationService implements JwtSigningAndValid
try { try {
jwt.sign(signer); jwt.sign(signer);
} catch (JOSEException e) { } catch (JOSEException e) {
logger.error("Failed to sign JWT, error was: ", e); logger.error("Failed to sign JWT, error was: ", e);
} }
@ -224,7 +223,7 @@ public class DefaultJwtSigningAndValidationService implements JwtSigningAndValid
return true; return true;
} }
} catch (JOSEException e) { } catch (JOSEException e) {
logger.error("Failed to validate signature, error was: ", e); logger.error("Failed to validate signature, error was: ", e);
} }
} }

3
openid-connect-common/src/main/java/org/mitre/jwt/signer/service/impl/JWKSetSigningAndValidationServiceCacheService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthenticationHolderEntity.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

7
openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2AccessTokenEntity.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -290,7 +289,7 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken {
@Override @Override
@Transient @Transient
public int getExpiresIn() { public int getExpiresIn() {
if (getExpiration() == null) { if (getExpiration() == null) {
return -1; // no expiration time return -1; // no expiration time
} else { } else {
@ -302,5 +301,5 @@ public class OAuth2AccessTokenEntity implements OAuth2AccessToken {
} }
} }
} }
} }

3
openid-connect-common/src/main/java/org/mitre/oauth2/model/OAuth2RefreshTokenEntity.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

563
openid-connect-common/src/main/java/org/mitre/oauth2/model/RegisteredClient.java
View File

@ -1,3 +1,18 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/** /**
* *
*/ */
@ -27,31 +42,31 @@ public class RegisteredClient {
private Date clientSecretExpiresAt; private Date clientSecretExpiresAt;
private Date clientIdIssuedAt; private Date clientIdIssuedAt;
private ClientDetailsEntity client; private ClientDetailsEntity client;
/** /**
* *
*/ */
public RegisteredClient() { public RegisteredClient() {
this.client = new ClientDetailsEntity(); this.client = new ClientDetailsEntity();
} }
/** /**
* @param client * @param client
*/ */
public RegisteredClient(ClientDetailsEntity client) { public RegisteredClient(ClientDetailsEntity client) {
this.client = client; this.client = client;
} }
/** /**
* @param client * @param client
* @param registrationAccessToken * @param registrationAccessToken
* @param registrationClientUri * @param registrationClientUri
*/ */
public RegisteredClient(ClientDetailsEntity client, String registrationAccessToken, String registrationClientUri) { public RegisteredClient(ClientDetailsEntity client, String registrationAccessToken, String registrationClientUri) {
this.client = client; this.client = client;
this.registrationAccessToken = registrationAccessToken; this.registrationAccessToken = registrationAccessToken;
this.registrationClientUri = registrationClientUri; this.registrationClientUri = registrationClientUri;
} }
/** /**
* @return the client * @return the client
@ -69,604 +84,604 @@ public class RegisteredClient {
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getClientDescription() * @see org.mitre.oauth2.model.ClientDetailsEntity#getClientDescription()
*/ */
public String getClientDescription() { public String getClientDescription() {
return client.getClientDescription(); return client.getClientDescription();
} }
/** /**
* @param clientDescription * @param clientDescription
* @see org.mitre.oauth2.model.ClientDetailsEntity#setClientDescription(java.lang.String) * @see org.mitre.oauth2.model.ClientDetailsEntity#setClientDescription(java.lang.String)
*/ */
public void setClientDescription(String clientDescription) { public void setClientDescription(String clientDescription) {
client.setClientDescription(clientDescription); client.setClientDescription(clientDescription);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#isAllowRefresh() * @see org.mitre.oauth2.model.ClientDetailsEntity#isAllowRefresh()
*/ */
public boolean isAllowRefresh() { public boolean isAllowRefresh() {
return client.isAllowRefresh(); return client.isAllowRefresh();
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#isReuseRefreshToken() * @see org.mitre.oauth2.model.ClientDetailsEntity#isReuseRefreshToken()
*/ */
public boolean isReuseRefreshToken() { public boolean isReuseRefreshToken() {
return client.isReuseRefreshToken(); return client.isReuseRefreshToken();
} }
/** /**
* @param reuseRefreshToken * @param reuseRefreshToken
* @see org.mitre.oauth2.model.ClientDetailsEntity#setReuseRefreshToken(boolean) * @see org.mitre.oauth2.model.ClientDetailsEntity#setReuseRefreshToken(boolean)
*/ */
public void setReuseRefreshToken(boolean reuseRefreshToken) { public void setReuseRefreshToken(boolean reuseRefreshToken) {
client.setReuseRefreshToken(reuseRefreshToken); client.setReuseRefreshToken(reuseRefreshToken);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenValiditySeconds() * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenValiditySeconds()
*/ */
public Integer getIdTokenValiditySeconds() { public Integer getIdTokenValiditySeconds() {
return client.getIdTokenValiditySeconds(); return client.getIdTokenValiditySeconds();
} }
/** /**
* @param idTokenValiditySeconds * @param idTokenValiditySeconds
* @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenValiditySeconds(java.lang.Integer) * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenValiditySeconds(java.lang.Integer)
*/ */
public void setIdTokenValiditySeconds(Integer idTokenValiditySeconds) { public void setIdTokenValiditySeconds(Integer idTokenValiditySeconds) {
client.setIdTokenValiditySeconds(idTokenValiditySeconds); client.setIdTokenValiditySeconds(idTokenValiditySeconds);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#isDynamicallyRegistered() * @see org.mitre.oauth2.model.ClientDetailsEntity#isDynamicallyRegistered()
*/ */
public boolean isDynamicallyRegistered() { public boolean isDynamicallyRegistered() {
return client.isDynamicallyRegistered(); return client.isDynamicallyRegistered();
} }
/** /**
* @param dynamicallyRegistered * @param dynamicallyRegistered
* @see org.mitre.oauth2.model.ClientDetailsEntity#setDynamicallyRegistered(boolean) * @see org.mitre.oauth2.model.ClientDetailsEntity#setDynamicallyRegistered(boolean)
*/ */
public void setDynamicallyRegistered(boolean dynamicallyRegistered) { public void setDynamicallyRegistered(boolean dynamicallyRegistered) {
client.setDynamicallyRegistered(dynamicallyRegistered); client.setDynamicallyRegistered(dynamicallyRegistered);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#isAllowIntrospection() * @see org.mitre.oauth2.model.ClientDetailsEntity#isAllowIntrospection()
*/ */
public boolean isAllowIntrospection() { public boolean isAllowIntrospection() {
return client.isAllowIntrospection(); return client.isAllowIntrospection();
} }
/** /**
* @param allowIntrospection * @param allowIntrospection
* @see org.mitre.oauth2.model.ClientDetailsEntity#setAllowIntrospection(boolean) * @see org.mitre.oauth2.model.ClientDetailsEntity#setAllowIntrospection(boolean)
*/ */
public void setAllowIntrospection(boolean allowIntrospection) { public void setAllowIntrospection(boolean allowIntrospection) {
client.setAllowIntrospection(allowIntrospection); client.setAllowIntrospection(allowIntrospection);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#isSecretRequired() * @see org.mitre.oauth2.model.ClientDetailsEntity#isSecretRequired()
*/ */
public boolean isSecretRequired() { public boolean isSecretRequired() {
return client.isSecretRequired(); return client.isSecretRequired();
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#isScoped() * @see org.mitre.oauth2.model.ClientDetailsEntity#isScoped()
*/ */
public boolean isScoped() { public boolean isScoped() {
return client.isScoped(); return client.isScoped();
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getClientId() * @see org.mitre.oauth2.model.ClientDetailsEntity#getClientId()
*/ */
public String getClientId() { public String getClientId() {
return client.getClientId(); return client.getClientId();
} }
/** /**
* @param clientId * @param clientId
* @see org.mitre.oauth2.model.ClientDetailsEntity#setClientId(java.lang.String) * @see org.mitre.oauth2.model.ClientDetailsEntity#setClientId(java.lang.String)
*/ */
public void setClientId(String clientId) { public void setClientId(String clientId) {
client.setClientId(clientId); client.setClientId(clientId);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getClientSecret() * @see org.mitre.oauth2.model.ClientDetailsEntity#getClientSecret()
*/ */
public String getClientSecret() { public String getClientSecret() {
return client.getClientSecret(); return client.getClientSecret();
} }
/** /**
* @param clientSecret * @param clientSecret
* @see org.mitre.oauth2.model.ClientDetailsEntity#setClientSecret(java.lang.String) * @see org.mitre.oauth2.model.ClientDetailsEntity#setClientSecret(java.lang.String)
*/ */
public void setClientSecret(String clientSecret) { public void setClientSecret(String clientSecret) {
client.setClientSecret(clientSecret); client.setClientSecret(clientSecret);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getScope() * @see org.mitre.oauth2.model.ClientDetailsEntity#getScope()
*/ */
public Set<String> getScope() { public Set<String> getScope() {
return client.getScope(); return client.getScope();
} }
/** /**
* @param scope * @param scope
* @see org.mitre.oauth2.model.ClientDetailsEntity#setScope(java.util.Set) * @see org.mitre.oauth2.model.ClientDetailsEntity#setScope(java.util.Set)
*/ */
public void setScope(Set<String> scope) { public void setScope(Set<String> scope) {
client.setScope(scope); client.setScope(scope);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getGrantTypes() * @see org.mitre.oauth2.model.ClientDetailsEntity#getGrantTypes()
*/ */
public Set<String> getGrantTypes() { public Set<String> getGrantTypes() {
return client.getGrantTypes(); return client.getGrantTypes();
} }
/** /**
* @param grantTypes * @param grantTypes
* @see org.mitre.oauth2.model.ClientDetailsEntity#setGrantTypes(java.util.Set) * @see org.mitre.oauth2.model.ClientDetailsEntity#setGrantTypes(java.util.Set)
*/ */
public void setGrantTypes(Set<String> grantTypes) { public void setGrantTypes(Set<String> grantTypes) {
client.setGrantTypes(grantTypes); client.setGrantTypes(grantTypes);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getAuthorizedGrantTypes() * @see org.mitre.oauth2.model.ClientDetailsEntity#getAuthorizedGrantTypes()
*/ */
public Set<String> getAuthorizedGrantTypes() { public Set<String> getAuthorizedGrantTypes() {
return client.getAuthorizedGrantTypes(); return client.getAuthorizedGrantTypes();
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getAuthorities() * @see org.mitre.oauth2.model.ClientDetailsEntity#getAuthorities()
*/ */
public Set<GrantedAuthority> getAuthorities() { public Set<GrantedAuthority> getAuthorities() {
return client.getAuthorities(); return client.getAuthorities();
} }
/** /**
* @param authorities * @param authorities
* @see org.mitre.oauth2.model.ClientDetailsEntity#setAuthorities(java.util.Set) * @see org.mitre.oauth2.model.ClientDetailsEntity#setAuthorities(java.util.Set)
*/ */
public void setAuthorities(Set<GrantedAuthority> authorities) { public void setAuthorities(Set<GrantedAuthority> authorities) {
client.setAuthorities(authorities); client.setAuthorities(authorities);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getAccessTokenValiditySeconds() * @see org.mitre.oauth2.model.ClientDetailsEntity#getAccessTokenValiditySeconds()
*/ */
public Integer getAccessTokenValiditySeconds() { public Integer getAccessTokenValiditySeconds() {
return client.getAccessTokenValiditySeconds(); return client.getAccessTokenValiditySeconds();
} }
/** /**
* @param accessTokenValiditySeconds * @param accessTokenValiditySeconds
* @see org.mitre.oauth2.model.ClientDetailsEntity#setAccessTokenValiditySeconds(java.lang.Integer) * @see org.mitre.oauth2.model.ClientDetailsEntity#setAccessTokenValiditySeconds(java.lang.Integer)
*/ */
public void setAccessTokenValiditySeconds(Integer accessTokenValiditySeconds) { public void setAccessTokenValiditySeconds(Integer accessTokenValiditySeconds) {
client.setAccessTokenValiditySeconds(accessTokenValiditySeconds); client.setAccessTokenValiditySeconds(accessTokenValiditySeconds);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getRefreshTokenValiditySeconds() * @see org.mitre.oauth2.model.ClientDetailsEntity#getRefreshTokenValiditySeconds()
*/ */
public Integer getRefreshTokenValiditySeconds() { public Integer getRefreshTokenValiditySeconds() {
return client.getRefreshTokenValiditySeconds(); return client.getRefreshTokenValiditySeconds();
} }
/** /**
* @param refreshTokenValiditySeconds * @param refreshTokenValiditySeconds
* @see org.mitre.oauth2.model.ClientDetailsEntity#setRefreshTokenValiditySeconds(java.lang.Integer) * @see org.mitre.oauth2.model.ClientDetailsEntity#setRefreshTokenValiditySeconds(java.lang.Integer)
*/ */
public void setRefreshTokenValiditySeconds(Integer refreshTokenValiditySeconds) { public void setRefreshTokenValiditySeconds(Integer refreshTokenValiditySeconds) {
client.setRefreshTokenValiditySeconds(refreshTokenValiditySeconds); client.setRefreshTokenValiditySeconds(refreshTokenValiditySeconds);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getRedirectUris() * @see org.mitre.oauth2.model.ClientDetailsEntity#getRedirectUris()
*/ */
public Set<String> getRedirectUris() { public Set<String> getRedirectUris() {
return client.getRedirectUris(); return client.getRedirectUris();
} }
/** /**
* @param redirectUris * @param redirectUris
* @see org.mitre.oauth2.model.ClientDetailsEntity#setRedirectUris(java.util.Set) * @see org.mitre.oauth2.model.ClientDetailsEntity#setRedirectUris(java.util.Set)
*/ */
public void setRedirectUris(Set<String> redirectUris) { public void setRedirectUris(Set<String> redirectUris) {
client.setRedirectUris(redirectUris); client.setRedirectUris(redirectUris);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getRegisteredRedirectUri() * @see org.mitre.oauth2.model.ClientDetailsEntity#getRegisteredRedirectUri()
*/ */
public Set<String> getRegisteredRedirectUri() { public Set<String> getRegisteredRedirectUri() {
return client.getRegisteredRedirectUri(); return client.getRegisteredRedirectUri();
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getResourceIds() * @see org.mitre.oauth2.model.ClientDetailsEntity#getResourceIds()
*/ */
public Set<String> getResourceIds() { public Set<String> getResourceIds() {
return client.getResourceIds(); return client.getResourceIds();
} }
/** /**
* @param resourceIds * @param resourceIds
* @see org.mitre.oauth2.model.ClientDetailsEntity#setResourceIds(java.util.Set) * @see org.mitre.oauth2.model.ClientDetailsEntity#setResourceIds(java.util.Set)
*/ */
public void setResourceIds(Set<String> resourceIds) { public void setResourceIds(Set<String> resourceIds) {
client.setResourceIds(resourceIds); client.setResourceIds(resourceIds);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getAdditionalInformation() * @see org.mitre.oauth2.model.ClientDetailsEntity#getAdditionalInformation()
*/ */
public Map<String, Object> getAdditionalInformation() { public Map<String, Object> getAdditionalInformation() {
return client.getAdditionalInformation(); return client.getAdditionalInformation();
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getApplicationType() * @see org.mitre.oauth2.model.ClientDetailsEntity#getApplicationType()
*/ */
public AppType getApplicationType() { public AppType getApplicationType() {
return client.getApplicationType(); return client.getApplicationType();
} }
/** /**
* @param applicationType * @param applicationType
* @see org.mitre.oauth2.model.ClientDetailsEntity#setApplicationType(org.mitre.oauth2.model.ClientDetailsEntity.AppType) * @see org.mitre.oauth2.model.ClientDetailsEntity#setApplicationType(org.mitre.oauth2.model.ClientDetailsEntity.AppType)
*/ */
public void setApplicationType(AppType applicationType) { public void setApplicationType(AppType applicationType) {
client.setApplicationType(applicationType); client.setApplicationType(applicationType);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getClientName() * @see org.mitre.oauth2.model.ClientDetailsEntity#getClientName()
*/ */
public String getClientName() { public String getClientName() {
return client.getClientName(); return client.getClientName();
} }
/** /**
* @param clientName * @param clientName
* @see org.mitre.oauth2.model.ClientDetailsEntity#setClientName(java.lang.String) * @see org.mitre.oauth2.model.ClientDetailsEntity#setClientName(java.lang.String)
*/ */
public void setClientName(String clientName) { public void setClientName(String clientName) {
client.setClientName(clientName); client.setClientName(clientName);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getTokenEndpointAuthMethod() * @see org.mitre.oauth2.model.ClientDetailsEntity#getTokenEndpointAuthMethod()
*/ */
public AuthMethod getTokenEndpointAuthMethod() { public AuthMethod getTokenEndpointAuthMethod() {
return client.getTokenEndpointAuthMethod(); return client.getTokenEndpointAuthMethod();
} }
/** /**
* @param tokenEndpointAuthMethod * @param tokenEndpointAuthMethod
* @see org.mitre.oauth2.model.ClientDetailsEntity#setTokenEndpointAuthMethod(org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod) * @see org.mitre.oauth2.model.ClientDetailsEntity#setTokenEndpointAuthMethod(org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod)
*/ */
public void setTokenEndpointAuthMethod(AuthMethod tokenEndpointAuthMethod) { public void setTokenEndpointAuthMethod(AuthMethod tokenEndpointAuthMethod) {
client.setTokenEndpointAuthMethod(tokenEndpointAuthMethod); client.setTokenEndpointAuthMethod(tokenEndpointAuthMethod);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getSubjectType() * @see org.mitre.oauth2.model.ClientDetailsEntity#getSubjectType()
*/ */
public SubjectType getSubjectType() { public SubjectType getSubjectType() {
return client.getSubjectType(); return client.getSubjectType();
} }
/** /**
* @param subjectType * @param subjectType
* @see org.mitre.oauth2.model.ClientDetailsEntity#setSubjectType(org.mitre.oauth2.model.ClientDetailsEntity.SubjectType) * @see org.mitre.oauth2.model.ClientDetailsEntity#setSubjectType(org.mitre.oauth2.model.ClientDetailsEntity.SubjectType)
*/ */
public void setSubjectType(SubjectType subjectType) { public void setSubjectType(SubjectType subjectType) {
client.setSubjectType(subjectType); client.setSubjectType(subjectType);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getContacts() * @see org.mitre.oauth2.model.ClientDetailsEntity#getContacts()
*/ */
public Set<String> getContacts() { public Set<String> getContacts() {
return client.getContacts(); return client.getContacts();
} }
/** /**
* @param contacts * @param contacts
* @see org.mitre.oauth2.model.ClientDetailsEntity#setContacts(java.util.Set) * @see org.mitre.oauth2.model.ClientDetailsEntity#setContacts(java.util.Set)
*/ */
public void setContacts(Set<String> contacts) { public void setContacts(Set<String> contacts) {
client.setContacts(contacts); client.setContacts(contacts);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getLogoUri() * @see org.mitre.oauth2.model.ClientDetailsEntity#getLogoUri()
*/ */
public String getLogoUri() { public String getLogoUri() {
return client.getLogoUri(); return client.getLogoUri();
} }
/** /**
* @param logoUri * @param logoUri
* @see org.mitre.oauth2.model.ClientDetailsEntity#setLogoUri(java.lang.String) * @see org.mitre.oauth2.model.ClientDetailsEntity#setLogoUri(java.lang.String)
*/ */
public void setLogoUri(String logoUri) { public void setLogoUri(String logoUri) {
client.setLogoUri(logoUri); client.setLogoUri(logoUri);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getPolicyUri() * @see org.mitre.oauth2.model.ClientDetailsEntity#getPolicyUri()
*/ */
public String getPolicyUri() { public String getPolicyUri() {
return client.getPolicyUri(); return client.getPolicyUri();
} }
/** /**
* @param policyUri * @param policyUri
* @see org.mitre.oauth2.model.ClientDetailsEntity#setPolicyUri(java.lang.String) * @see org.mitre.oauth2.model.ClientDetailsEntity#setPolicyUri(java.lang.String)
*/ */
public void setPolicyUri(String policyUri) { public void setPolicyUri(String policyUri) {
client.setPolicyUri(policyUri); client.setPolicyUri(policyUri);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getClientUri() * @see org.mitre.oauth2.model.ClientDetailsEntity#getClientUri()
*/ */
public String getClientUri() { public String getClientUri() {
return client.getClientUri(); return client.getClientUri();
} }
/** /**
* @param clientUri * @param clientUri
* @see org.mitre.oauth2.model.ClientDetailsEntity#setClientUri(java.lang.String) * @see org.mitre.oauth2.model.ClientDetailsEntity#setClientUri(java.lang.String)
*/ */
public void setClientUri(String clientUri) { public void setClientUri(String clientUri) {
client.setClientUri(clientUri); client.setClientUri(clientUri);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getTosUri() * @see org.mitre.oauth2.model.ClientDetailsEntity#getTosUri()
*/ */
public String getTosUri() { public String getTosUri() {
return client.getTosUri(); return client.getTosUri();
} }
/** /**
* @param tosUri * @param tosUri
* @see org.mitre.oauth2.model.ClientDetailsEntity#setTosUri(java.lang.String) * @see org.mitre.oauth2.model.ClientDetailsEntity#setTosUri(java.lang.String)
*/ */
public void setTosUri(String tosUri) { public void setTosUri(String tosUri) {
client.setTosUri(tosUri); client.setTosUri(tosUri);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getJwksUri() * @see org.mitre.oauth2.model.ClientDetailsEntity#getJwksUri()
*/ */
public String getJwksUri() { public String getJwksUri() {
return client.getJwksUri(); return client.getJwksUri();
} }
/** /**
* @param jwksUri * @param jwksUri
* @see org.mitre.oauth2.model.ClientDetailsEntity#setJwksUri(java.lang.String) * @see org.mitre.oauth2.model.ClientDetailsEntity#setJwksUri(java.lang.String)
*/ */
public void setJwksUri(String jwksUri) { public void setJwksUri(String jwksUri) {
client.setJwksUri(jwksUri); client.setJwksUri(jwksUri);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getSectorIdentifierUri() * @see org.mitre.oauth2.model.ClientDetailsEntity#getSectorIdentifierUri()
*/ */
public String getSectorIdentifierUri() { public String getSectorIdentifierUri() {
return client.getSectorIdentifierUri(); return client.getSectorIdentifierUri();
} }
/** /**
* @param sectorIdentifierUri * @param sectorIdentifierUri
* @see org.mitre.oauth2.model.ClientDetailsEntity#setSectorIdentifierUri(java.lang.String) * @see org.mitre.oauth2.model.ClientDetailsEntity#setSectorIdentifierUri(java.lang.String)
*/ */
public void setSectorIdentifierUri(String sectorIdentifierUri) { public void setSectorIdentifierUri(String sectorIdentifierUri) {
client.setSectorIdentifierUri(sectorIdentifierUri); client.setSectorIdentifierUri(sectorIdentifierUri);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getRequestObjectSigningAlg() * @see org.mitre.oauth2.model.ClientDetailsEntity#getRequestObjectSigningAlg()
*/ */
public JWSAlgorithmEmbed getRequestObjectSigningAlg() { public JWSAlgorithmEmbed getRequestObjectSigningAlg() {
return client.getRequestObjectSigningAlg(); return client.getRequestObjectSigningAlg();
} }
/** /**
* @param requestObjectSigningAlg * @param requestObjectSigningAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setRequestObjectSigningAlg(org.mitre.jose.JWSAlgorithmEmbed) * @see org.mitre.oauth2.model.ClientDetailsEntity#setRequestObjectSigningAlg(org.mitre.jose.JWSAlgorithmEmbed)
*/ */
public void setRequestObjectSigningAlg(JWSAlgorithmEmbed requestObjectSigningAlg) { public void setRequestObjectSigningAlg(JWSAlgorithmEmbed requestObjectSigningAlg) {
client.setRequestObjectSigningAlg(requestObjectSigningAlg); client.setRequestObjectSigningAlg(requestObjectSigningAlg);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoSignedResponseAlg() * @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoSignedResponseAlg()
*/ */
public JWSAlgorithmEmbed getUserInfoSignedResponseAlg() { public JWSAlgorithmEmbed getUserInfoSignedResponseAlg() {
return client.getUserInfoSignedResponseAlg(); return client.getUserInfoSignedResponseAlg();
} }
/** /**
* @param userInfoSignedResponseAlg * @param userInfoSignedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoSignedResponseAlg(org.mitre.jose.JWSAlgorithmEmbed) * @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoSignedResponseAlg(org.mitre.jose.JWSAlgorithmEmbed)
*/ */
public void setUserInfoSignedResponseAlg(JWSAlgorithmEmbed userInfoSignedResponseAlg) { public void setUserInfoSignedResponseAlg(JWSAlgorithmEmbed userInfoSignedResponseAlg) {
client.setUserInfoSignedResponseAlg(userInfoSignedResponseAlg); client.setUserInfoSignedResponseAlg(userInfoSignedResponseAlg);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseAlg() * @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseAlg()
*/ */
public JWEAlgorithmEmbed getUserInfoEncryptedResponseAlg() { public JWEAlgorithmEmbed getUserInfoEncryptedResponseAlg() {
return client.getUserInfoEncryptedResponseAlg(); return client.getUserInfoEncryptedResponseAlg();
} }
/** /**
* @param userInfoEncryptedResponseAlg * @param userInfoEncryptedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseAlg(org.mitre.jose.JWEAlgorithmEmbed) * @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseAlg(org.mitre.jose.JWEAlgorithmEmbed)
*/ */
public void setUserInfoEncryptedResponseAlg(JWEAlgorithmEmbed userInfoEncryptedResponseAlg) { public void setUserInfoEncryptedResponseAlg(JWEAlgorithmEmbed userInfoEncryptedResponseAlg) {
client.setUserInfoEncryptedResponseAlg(userInfoEncryptedResponseAlg); client.setUserInfoEncryptedResponseAlg(userInfoEncryptedResponseAlg);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseEnc() * @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseEnc()
*/ */
public JWEEncryptionMethodEmbed getUserInfoEncryptedResponseEnc() { public JWEEncryptionMethodEmbed getUserInfoEncryptedResponseEnc() {
return client.getUserInfoEncryptedResponseEnc(); return client.getUserInfoEncryptedResponseEnc();
} }
/** /**
* @param userInfoEncryptedResponseEnc * @param userInfoEncryptedResponseEnc
* @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseEnc(org.mitre.jose.JWEEncryptionMethodEmbed) * @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseEnc(org.mitre.jose.JWEEncryptionMethodEmbed)
*/ */
public void setUserInfoEncryptedResponseEnc(JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc) { public void setUserInfoEncryptedResponseEnc(JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc) {
client.setUserInfoEncryptedResponseEnc(userInfoEncryptedResponseEnc); client.setUserInfoEncryptedResponseEnc(userInfoEncryptedResponseEnc);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenSignedResponseAlg() * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenSignedResponseAlg()
*/ */
public JWSAlgorithmEmbed getIdTokenSignedResponseAlg() { public JWSAlgorithmEmbed getIdTokenSignedResponseAlg() {
return client.getIdTokenSignedResponseAlg(); return client.getIdTokenSignedResponseAlg();
} }
/** /**
* @param idTokenSignedResponseAlg * @param idTokenSignedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenSignedResponseAlg(org.mitre.jose.JWSAlgorithmEmbed) * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenSignedResponseAlg(org.mitre.jose.JWSAlgorithmEmbed)
*/ */
public void setIdTokenSignedResponseAlg(JWSAlgorithmEmbed idTokenSignedResponseAlg) { public void setIdTokenSignedResponseAlg(JWSAlgorithmEmbed idTokenSignedResponseAlg) {
client.setIdTokenSignedResponseAlg(idTokenSignedResponseAlg); client.setIdTokenSignedResponseAlg(idTokenSignedResponseAlg);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseAlg() * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseAlg()
*/ */
public JWEAlgorithmEmbed getIdTokenEncryptedResponseAlg() { public JWEAlgorithmEmbed getIdTokenEncryptedResponseAlg() {
return client.getIdTokenEncryptedResponseAlg(); return client.getIdTokenEncryptedResponseAlg();
} }
/** /**
* @param idTokenEncryptedResponseAlg * @param idTokenEncryptedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseAlg(org.mitre.jose.JWEAlgorithmEmbed) * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseAlg(org.mitre.jose.JWEAlgorithmEmbed)
*/ */
public void setIdTokenEncryptedResponseAlg(JWEAlgorithmEmbed idTokenEncryptedResponseAlg) { public void setIdTokenEncryptedResponseAlg(JWEAlgorithmEmbed idTokenEncryptedResponseAlg) {
client.setIdTokenEncryptedResponseAlg(idTokenEncryptedResponseAlg); client.setIdTokenEncryptedResponseAlg(idTokenEncryptedResponseAlg);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseEnc() * @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseEnc()
*/ */
public JWEEncryptionMethodEmbed getIdTokenEncryptedResponseEnc() { public JWEEncryptionMethodEmbed getIdTokenEncryptedResponseEnc() {
return client.getIdTokenEncryptedResponseEnc(); return client.getIdTokenEncryptedResponseEnc();
} }
/** /**
* @param idTokenEncryptedResponseEnc * @param idTokenEncryptedResponseEnc
* @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseEnc(org.mitre.jose.JWEEncryptionMethodEmbed) * @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseEnc(org.mitre.jose.JWEEncryptionMethodEmbed)
*/ */
public void setIdTokenEncryptedResponseEnc(JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc) { public void setIdTokenEncryptedResponseEnc(JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc) {
client.setIdTokenEncryptedResponseEnc(idTokenEncryptedResponseEnc); client.setIdTokenEncryptedResponseEnc(idTokenEncryptedResponseEnc);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getDefaultMaxAge() * @see org.mitre.oauth2.model.ClientDetailsEntity#getDefaultMaxAge()
*/ */
public Integer getDefaultMaxAge() { public Integer getDefaultMaxAge() {
return client.getDefaultMaxAge(); return client.getDefaultMaxAge();
} }
/** /**
* @param defaultMaxAge * @param defaultMaxAge
* @see org.mitre.oauth2.model.ClientDetailsEntity#setDefaultMaxAge(java.lang.Integer) * @see org.mitre.oauth2.model.ClientDetailsEntity#setDefaultMaxAge(java.lang.Integer)
*/ */
public void setDefaultMaxAge(Integer defaultMaxAge) { public void setDefaultMaxAge(Integer defaultMaxAge) {
client.setDefaultMaxAge(defaultMaxAge); client.setDefaultMaxAge(defaultMaxAge);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getRequireAuthTime() * @see org.mitre.oauth2.model.ClientDetailsEntity#getRequireAuthTime()
*/ */
public Boolean getRequireAuthTime() { public Boolean getRequireAuthTime() {
return client.getRequireAuthTime(); return client.getRequireAuthTime();
} }
/** /**
* @param requireAuthTime * @param requireAuthTime
* @see org.mitre.oauth2.model.ClientDetailsEntity#setRequireAuthTime(java.lang.Boolean) * @see org.mitre.oauth2.model.ClientDetailsEntity#setRequireAuthTime(java.lang.Boolean)
*/ */
public void setRequireAuthTime(Boolean requireAuthTime) { public void setRequireAuthTime(Boolean requireAuthTime) {
client.setRequireAuthTime(requireAuthTime); client.setRequireAuthTime(requireAuthTime);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getResponseTypes() * @see org.mitre.oauth2.model.ClientDetailsEntity#getResponseTypes()
*/ */
public Set<String> getResponseTypes() { public Set<String> getResponseTypes() {
return client.getResponseTypes(); return client.getResponseTypes();
} }
/** /**
* @param responseTypes * @param responseTypes
* @see org.mitre.oauth2.model.ClientDetailsEntity#setResponseTypes(java.util.Set) * @see org.mitre.oauth2.model.ClientDetailsEntity#setResponseTypes(java.util.Set)
*/ */
public void setResponseTypes(Set<String> responseTypes) { public void setResponseTypes(Set<String> responseTypes) {
client.setResponseTypes(responseTypes); client.setResponseTypes(responseTypes);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getDefaultACRvalues() * @see org.mitre.oauth2.model.ClientDetailsEntity#getDefaultACRvalues()
*/ */
public Set<String> getDefaultACRvalues() { public Set<String> getDefaultACRvalues() {
return client.getDefaultACRvalues(); return client.getDefaultACRvalues();
} }
/** /**
* @param defaultACRvalues * @param defaultACRvalues
* @see org.mitre.oauth2.model.ClientDetailsEntity#setDefaultACRvalues(java.util.Set) * @see org.mitre.oauth2.model.ClientDetailsEntity#setDefaultACRvalues(java.util.Set)
*/ */
public void setDefaultACRvalues(Set<String> defaultACRvalues) { public void setDefaultACRvalues(Set<String> defaultACRvalues) {
client.setDefaultACRvalues(defaultACRvalues); client.setDefaultACRvalues(defaultACRvalues);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getInitiateLoginUri() * @see org.mitre.oauth2.model.ClientDetailsEntity#getInitiateLoginUri()
*/ */
public String getInitiateLoginUri() { public String getInitiateLoginUri() {
return client.getInitiateLoginUri(); return client.getInitiateLoginUri();
} }
/** /**
* @param initiateLoginUri * @param initiateLoginUri
* @see org.mitre.oauth2.model.ClientDetailsEntity#setInitiateLoginUri(java.lang.String) * @see org.mitre.oauth2.model.ClientDetailsEntity#setInitiateLoginUri(java.lang.String)
*/ */
public void setInitiateLoginUri(String initiateLoginUri) { public void setInitiateLoginUri(String initiateLoginUri) {
client.setInitiateLoginUri(initiateLoginUri); client.setInitiateLoginUri(initiateLoginUri);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getPostLogoutRedirectUri() * @see org.mitre.oauth2.model.ClientDetailsEntity#getPostLogoutRedirectUri()
*/ */
public String getPostLogoutRedirectUri() { public String getPostLogoutRedirectUri() {
return client.getPostLogoutRedirectUri(); return client.getPostLogoutRedirectUri();
} }
/** /**
* @param postLogoutRedirectUri * @param postLogoutRedirectUri
* @see org.mitre.oauth2.model.ClientDetailsEntity#setPostLogoutRedirectUri(java.lang.String) * @see org.mitre.oauth2.model.ClientDetailsEntity#setPostLogoutRedirectUri(java.lang.String)
*/ */
public void setPostLogoutRedirectUri(String postLogoutRedirectUri) { public void setPostLogoutRedirectUri(String postLogoutRedirectUri) {
client.setPostLogoutRedirectUri(postLogoutRedirectUri); client.setPostLogoutRedirectUri(postLogoutRedirectUri);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getRequestUris() * @see org.mitre.oauth2.model.ClientDetailsEntity#getRequestUris()
*/ */
public Set<String> getRequestUris() { public Set<String> getRequestUris() {
return client.getRequestUris(); return client.getRequestUris();
} }
/** /**
* @param requestUris * @param requestUris
* @see org.mitre.oauth2.model.ClientDetailsEntity#setRequestUris(java.util.Set) * @see org.mitre.oauth2.model.ClientDetailsEntity#setRequestUris(java.util.Set)
*/ */
public void setRequestUris(Set<String> requestUris) { public void setRequestUris(Set<String> requestUris) {
client.setRequestUris(requestUris); client.setRequestUris(requestUris);
} }
/** /**
* @return * @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getCreatedAt() * @see org.mitre.oauth2.model.ClientDetailsEntity#getCreatedAt()
*/ */
public Date getCreatedAt() { public Date getCreatedAt() {
return client.getCreatedAt(); return client.getCreatedAt();
} }
/** /**
* @param createdAt * @param createdAt
* @see org.mitre.oauth2.model.ClientDetailsEntity#setCreatedAt(java.util.Date) * @see org.mitre.oauth2.model.ClientDetailsEntity#setCreatedAt(java.util.Date)
*/ */
public void setCreatedAt(Date createdAt) { public void setCreatedAt(Date createdAt) {
client.setCreatedAt(createdAt); client.setCreatedAt(createdAt);
} }
/** /**
* @return the registrationAccessToken * @return the registrationAccessToken
*/ */
@ -715,7 +730,7 @@ public class RegisteredClient {
public void setClientIdIssuedAt(Date issuedAt) { public void setClientIdIssuedAt(Date issuedAt) {
this.clientIdIssuedAt = issuedAt; this.clientIdIssuedAt = issuedAt;
} }
} }

3
openid-connect-common/src/main/java/org/mitre/oauth2/model/SystemScope.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthenticationHolderRepository.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2ClientRepository.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/oauth2/repository/OAuth2TokenRepository.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/oauth2/repository/SystemScopeRepository.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/oauth2/service/ClientDetailsEntityService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

7
openid-connect-common/src/main/java/org/mitre/oauth2/service/OAuth2TokenEntityService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -27,7 +26,7 @@ import org.springframework.security.oauth2.provider.token.AuthorizationServerTok
import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices; import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
public interface OAuth2TokenEntityService extends AuthorizationServerTokenServices, ResourceServerTokenServices { public interface OAuth2TokenEntityService extends AuthorizationServerTokenServices, ResourceServerTokenServices {
@Override @Override
public OAuth2AccessTokenEntity readAccessToken(String accessTokenValue); public OAuth2AccessTokenEntity readAccessToken(String accessTokenValue);
@ -57,7 +56,7 @@ public interface OAuth2TokenEntityService extends AuthorizationServerTokenServic
public OAuth2AccessTokenEntity getAccessTokenForIdToken(OAuth2AccessTokenEntity idToken); public OAuth2AccessTokenEntity getAccessTokenForIdToken(OAuth2AccessTokenEntity idToken);
public OAuth2AccessTokenEntity getAccessTokenById(Long id); public OAuth2AccessTokenEntity getAccessTokenById(Long id);
public OAuth2RefreshTokenEntity getRefreshTokenById(Long id); public OAuth2RefreshTokenEntity getRefreshTokenById(Long id);
public Set<OAuth2AccessTokenEntity> getAllAccessTokensForUser(String name); public Set<OAuth2AccessTokenEntity> getAllAccessTokensForUser(String name);

3
openid-connect-common/src/main/java/org/mitre/oauth2/service/SystemScopeService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/oauth2/service/impl/DefaultClientUserDetailsService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

18
openid-connect-common/src/main/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessor.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -29,7 +28,6 @@ import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.ClientDetailsEntity.AppType; import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod; import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType; import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
import org.mitre.oauth2.model.RegisteredClient; import org.mitre.oauth2.model.RegisteredClient;
import com.google.common.base.Joiner; import com.google.common.base.Joiner;
@ -146,8 +144,8 @@ public class ClientDetailsEntityJsonProcessor {
* Parse the JSON as a RegisteredClient (useful in the dynamic client filter) * Parse the JSON as a RegisteredClient (useful in the dynamic client filter)
*/ */
public static RegisteredClient parseRegistered(String jsonString) { public static RegisteredClient parseRegistered(String jsonString) {
JsonElement jsonEl = parser.parse(jsonString); JsonElement jsonEl = parser.parse(jsonString);
if (jsonEl.isJsonObject()) { if (jsonEl.isJsonObject()) {
@ -166,7 +164,7 @@ public class ClientDetailsEntityJsonProcessor {
return null; return null;
} }
} }
/** /**
* @param c * @param c
* @param token * @param token
@ -179,7 +177,7 @@ public class ClientDetailsEntityJsonProcessor {
o.addProperty("client_id", c.getClientId()); o.addProperty("client_id", c.getClientId());
if (c.getClientSecret() != null) { if (c.getClientSecret() != null) {
o.addProperty("client_secret", c.getClientSecret()); o.addProperty("client_secret", c.getClientSecret());
if (c.getClientSecretExpiresAt() == null) { if (c.getClientSecretExpiresAt() == null) {
o.addProperty("client_secret_expires_at", 0); // TODO: do we want to let secrets expire? o.addProperty("client_secret_expires_at", 0); // TODO: do we want to let secrets expire?
} else { } else {
@ -304,7 +302,7 @@ public class ClientDetailsEntityJsonProcessor {
return null; return null;
} }
} }
/** /**
* Gets the value of the given given member as a set of strings, null if it doesn't exist * Gets the value of the given given member as a set of strings, null if it doesn't exist
*/ */
@ -315,8 +313,8 @@ public class ClientDetailsEntityJsonProcessor {
return null; return null;
} }
} }
/** /**
* Translate a set of strings to a JSON array * Translate a set of strings to a JSON array
* @param value * @param value

7
openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -35,7 +34,7 @@ import org.springframework.util.StringUtils;
public class ConfigurationPropertiesBean { public class ConfigurationPropertiesBean {
private static Logger logger = LoggerFactory.getLogger(ConfigurationPropertiesBean.class); private static Logger logger = LoggerFactory.getLogger(ConfigurationPropertiesBean.class);
private String issuer; private String issuer;
private String topbarTitle; private String topbarTitle;
@ -45,7 +44,7 @@ public class ConfigurationPropertiesBean {
public ConfigurationPropertiesBean() { public ConfigurationPropertiesBean() {
} }
/** /**
* Endpoints protected by TLS must have https scheme in the URI. * Endpoints protected by TLS must have https scheme in the URI.
*/ */

157
openid-connect-common/src/main/java/org/mitre/openid/connect/config/ServerConfiguration.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -40,7 +39,7 @@ public class ServerConfiguration {
private String userInfoUri; private String userInfoUri;
private String introspectionEndpointUri; private String introspectionEndpointUri;
/** /**
* @return the authorizationEndpointUri * @return the authorizationEndpointUri
*/ */
@ -142,86 +141,86 @@ public class ServerConfiguration {
/* (non-Javadoc) /* (non-Javadoc)
* @see java.lang.Object#hashCode() * @see java.lang.Object#hashCode()
*/ */
@Override @Override
public int hashCode() { public int hashCode() {
final int prime = 31; final int prime = 31;
int result = 1; int result = 1;
result = prime * result + ((authorizationEndpointUri == null) ? 0 : authorizationEndpointUri.hashCode()); result = prime * result + ((authorizationEndpointUri == null) ? 0 : authorizationEndpointUri.hashCode());
result = prime * result + ((introspectionEndpointUri == null) ? 0 : introspectionEndpointUri.hashCode()); result = prime * result + ((introspectionEndpointUri == null) ? 0 : introspectionEndpointUri.hashCode());
result = prime * result + ((issuer == null) ? 0 : issuer.hashCode()); result = prime * result + ((issuer == null) ? 0 : issuer.hashCode());
result = prime * result + ((jwksUri == null) ? 0 : jwksUri.hashCode()); result = prime * result + ((jwksUri == null) ? 0 : jwksUri.hashCode());
result = prime * result + ((registrationEndpointUri == null) ? 0 : registrationEndpointUri.hashCode()); result = prime * result + ((registrationEndpointUri == null) ? 0 : registrationEndpointUri.hashCode());
result = prime * result + ((tokenEndpointUri == null) ? 0 : tokenEndpointUri.hashCode()); result = prime * result + ((tokenEndpointUri == null) ? 0 : tokenEndpointUri.hashCode());
result = prime * result + ((userInfoUri == null) ? 0 : userInfoUri.hashCode()); result = prime * result + ((userInfoUri == null) ? 0 : userInfoUri.hashCode());
return result; return result;
} }
/* (non-Javadoc) /* (non-Javadoc)
* @see java.lang.Object#equals(java.lang.Object) * @see java.lang.Object#equals(java.lang.Object)
*/ */
@Override @Override
public boolean equals(Object obj) { public boolean equals(Object obj) {
if (this == obj) { if (this == obj) {
return true; return true;
} }
if (obj == null) { if (obj == null) {
return false; return false;
} }
if (!(obj instanceof ServerConfiguration)) { if (!(obj instanceof ServerConfiguration)) {
return false; return false;
} }
ServerConfiguration other = (ServerConfiguration) obj; ServerConfiguration other = (ServerConfiguration) obj;
if (authorizationEndpointUri == null) { if (authorizationEndpointUri == null) {
if (other.authorizationEndpointUri != null) { if (other.authorizationEndpointUri != null) {
return false; return false;
} }
} else if (!authorizationEndpointUri.equals(other.authorizationEndpointUri)) { } else if (!authorizationEndpointUri.equals(other.authorizationEndpointUri)) {
return false; return false;
} }
if (introspectionEndpointUri == null) { if (introspectionEndpointUri == null) {
if (other.introspectionEndpointUri != null) { if (other.introspectionEndpointUri != null) {
return false; return false;
} }
} else if (!introspectionEndpointUri.equals(other.introspectionEndpointUri)) { } else if (!introspectionEndpointUri.equals(other.introspectionEndpointUri)) {
return false; return false;
} }
if (issuer == null) { if (issuer == null) {
if (other.issuer != null) { if (other.issuer != null) {
return false; return false;
} }
} else if (!issuer.equals(other.issuer)) { } else if (!issuer.equals(other.issuer)) {
return false; return false;
} }
if (jwksUri == null) { if (jwksUri == null) {
if (other.jwksUri != null) { if (other.jwksUri != null) {
return false; return false;
} }
} else if (!jwksUri.equals(other.jwksUri)) { } else if (!jwksUri.equals(other.jwksUri)) {
return false; return false;
} }
if (registrationEndpointUri == null) { if (registrationEndpointUri == null) {
if (other.registrationEndpointUri != null) { if (other.registrationEndpointUri != null) {
return false; return false;
} }
} else if (!registrationEndpointUri.equals(other.registrationEndpointUri)) { } else if (!registrationEndpointUri.equals(other.registrationEndpointUri)) {
return false; return false;
} }
if (tokenEndpointUri == null) { if (tokenEndpointUri == null) {
if (other.tokenEndpointUri != null) { if (other.tokenEndpointUri != null) {
return false; return false;
} }
} else if (!tokenEndpointUri.equals(other.tokenEndpointUri)) { } else if (!tokenEndpointUri.equals(other.tokenEndpointUri)) {
return false; return false;
} }
if (userInfoUri == null) { if (userInfoUri == null) {
if (other.userInfoUri != null) { if (other.userInfoUri != null) {
return false; return false;
} }
} else if (!userInfoUri.equals(other.userInfoUri)) { } else if (!userInfoUri.equals(other.userInfoUri)) {
return false; return false;
} }
return true; return true;
} }
} }

3
openid-connect-common/src/main/java/org/mitre/openid/connect/model/Address.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/model/BlacklistedSite.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/model/DefaultUserInfo.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/model/Event.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/model/Nonce.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/model/OIDCAuthenticationToken.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/model/UserInfo.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/model/WhitelistedSite.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/repository/AddressRepository.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

5
openid-connect-common/src/main/java/org/mitre/openid/connect/repository/ApprovedSiteRepository.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -84,7 +83,7 @@ public interface ApprovedSiteRepository {
* @return * @return
*/ */
public Collection<ApprovedSite> getByClientId(String clientId); public Collection<ApprovedSite> getByClientId(String clientId);
/** /**
* Get all expired sites * Get all expired sites
* @return * @return

3
openid-connect-common/src/main/java/org/mitre/openid/connect/repository/BlacklistedSiteRepository.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/repository/EventRepository.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/repository/NonceRepository.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/repository/UserInfoRepository.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/repository/WhitelistedSiteRepository.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

5
openid-connect-common/src/main/java/org/mitre/openid/connect/service/ApprovedSiteService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -96,7 +95,7 @@ public interface ApprovedSiteService {
* @param client * @param client
*/ */
public void clearApprovedSitesForClient(ClientDetails client); public void clearApprovedSitesForClient(ClientDetails client);
/** /**
* Remove all expired approved sites fromt he data store. * Remove all expired approved sites fromt he data store.
* @return * @return

3
openid-connect-common/src/main/java/org/mitre/openid/connect/service/BlacklistedSiteService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/service/NonceService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

9
openid-connect-common/src/main/java/org/mitre/openid/connect/service/StatsService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -42,14 +41,14 @@ public interface StatsService {
* *
* @return a map of id of client object to number of approvals * @return a map of id of client object to number of approvals
*/ */
public Map<Long, Integer> calculateByClientId(); public Map<Long, Integer> calculateByClientId();
/** /**
* Calculate the usage count for a single client * Calculate the usage count for a single client
* *
* @param id the id of the client to search on * @param id the id of the client to search on
* @return * @return
*/ */
public Integer countForClientId(Long id); public Integer countForClientId(Long id);
} }

3
openid-connect-common/src/main/java/org/mitre/openid/connect/service/UserInfoService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/service/WhitelistedSiteService.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

3
openid-connect-common/src/main/java/org/mitre/openid/connect/view/JwkKeyListView.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

11
openid-connect-common/src/main/java/org/mitre/openid/connect/web/UserInfoInterceptor.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -55,16 +54,16 @@ public class UserInfoInterceptor extends HandlerInterceptorAdapter {
modelAndView.addObject("userInfo", oidc.getUserInfo()); modelAndView.addObject("userInfo", oidc.getUserInfo());
} else { } else {
if (p != null && p.getName() != null) { // don't bother checking if we don't have a principal if (p != null && p.getName() != null) { // don't bother checking if we don't have a principal
// try to look up a user based on the principal's name // try to look up a user based on the principal's name
UserInfo user = userInfoService.getBySubject(p.getName()); UserInfo user = userInfoService.getBySubject(p.getName());
// if we have one, inject it so views can use it // if we have one, inject it so views can use it
if (user != null) { if (user != null) {
modelAndView.addObject("userInfo", user); modelAndView.addObject("userInfo", user);
} }
} }
} }
} }
} }

3
openid-connect-common/src/main/java/org/mitre/util/jpa/JpaUtil.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.

36
openid-connect-common/src/test/java/org/mitre/discovery/util/TestWebfingerURLNormalizer.java
View File

@ -1,6 +1,5 @@
/******************************************************************************* /*******************************************************************************
* Copyright 2013 The MITRE Corporation * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
* and the MIT Kerberos and Internet Trust Consortium
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -16,15 +15,12 @@
******************************************************************************/ ******************************************************************************/
package org.mitre.discovery.util; package org.mitre.discovery.util;
import static org.junit.Assert.*;
import java.util.List;
import org.junit.Test; import org.junit.Test;
import org.springframework.web.util.UriComponents; import org.springframework.web.util.UriComponents;
import com.google.common.collect.ImmutableMap; import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Lists;
import static org.junit.Assert.assertEquals;
/** /**
* @author wkim * @author wkim
@ -96,7 +92,7 @@ public class TestWebfingerURLNormalizer {
/* /*
Adapted from Nov Matake's Ruby normalizer implementation. Adapted from Nov Matake's Ruby normalizer implementation.
## INPUT => NORMALIZED ## INPUT => NORMALIZED
# example.com => https://example.com # example.com => https://example.com
# example.com:8080 => https://example.com:8080 # example.com:8080 => https://example.com:8080
@ -104,35 +100,35 @@ public class TestWebfingerURLNormalizer {
# example.com?query => https://example.com?query # example.com?query => https://example.com?query
# example.com#fragment => https://example.com # example.com#fragment => https://example.com
# example.com:8080/path?query#fragment => https://example.com:8080/path?query # example.com:8080/path?query#fragment => https://example.com:8080/path?query
# http://example.com => http://example.com # http://example.com => http://example.com
# http://example.com:8080 => http://example.com:8080 # http://example.com:8080 => http://example.com:8080
# http://example.com/path => http://example.com/path # http://example.com/path => http://example.com/path
# http://example.com?query => http://example.com?query # http://example.com?query => http://example.com?query
# http://example.com#fragment => http://example.com # http://example.com#fragment => http://example.com
# http://example.com:8080/path?query#fragment => http://example.com:8080/path?query # http://example.com:8080/path?query#fragment => http://example.com:8080/path?query
# nov@example.com => acct:nov@example.com # nov@example.com => acct:nov@example.com
# nov@example.com:8080 => https://nov@example.com:8080 # nov@example.com:8080 => https://nov@example.com:8080
# nov@example.com/path => https://nov@example.com/path # nov@example.com/path => https://nov@example.com/path
# nov@example.com?query => https://nov@example.com?query # nov@example.com?query => https://nov@example.com?query
# nov@example.com#fragment => acct:nov@example.com # nov@example.com#fragment => acct:nov@example.com
# nov@example.com:8080/path?query#fragment => https://nov@example.com:8080/path?query # nov@example.com:8080/path?query#fragment => https://nov@example.com:8080/path?query
# acct:nov@matake.jp => acct:nov@matake.jp # acct:nov@matake.jp => acct:nov@matake.jp
# acct:nov@example.com:8080 => acct:nov@example.com:8080 # acct:nov@example.com:8080 => acct:nov@example.com:8080
# acct:nov@example.com/path => acct:nov@example.com/path # acct:nov@example.com/path => acct:nov@example.com/path
# acct:nov@example.com?query => acct:nov@example.com?query # acct:nov@example.com?query => acct:nov@example.com?query
# acct:nov@example.com#fragment => acct:nov@example.com # acct:nov@example.com#fragment => acct:nov@example.com
# acct:nov@example.com:8080/path?query#fragment => acct:nov@example.com:8080/path?query # acct:nov@example.com:8080/path?query#fragment => acct:nov@example.com:8080/path?query
# mailto:nov@matake.jp => mailto:nov@matake.jp # mailto:nov@matake.jp => mailto:nov@matake.jp
# mailto:nov@example.com:8080 => mailto:nov@example.com:8080 # mailto:nov@example.com:8080 => mailto:nov@example.com:8080
# mailto:nov@example.com/path => mailto:nov@example.com/path # mailto:nov@example.com/path => mailto:nov@example.com/path
# mailto:nov@example.com?query => mailto:nov@example.com?query # mailto:nov@example.com?query => mailto:nov@example.com?query
# mailto:nov@example.com#fragment => mailto:nov@example.com # mailto:nov@example.com#fragment => mailto:nov@example.com
# mailto:nov@example.com:8080/path?query#fragment => mailto:nov@example.com:8080/path?query # mailto:nov@example.com:8080/path?query#fragment => mailto:nov@example.com:8080/path?query
# localhost => https://localhost # localhost => https://localhost
# localhost:8080 => https://localhost:8080 # localhost:8080 => https://localhost:8080
# localhost/path => https://localhost/path # localhost/path => https://localhost/path
@ -145,7 +141,7 @@ public class TestWebfingerURLNormalizer {
# nov@localhost?query => https://nov@localhost?query # nov@localhost?query => https://nov@localhost?query
# nov@localhost#fragment => acct:nov@localhost # nov@localhost#fragment => acct:nov@localhost
# nov@localhost/path?query#fragment => https://nov@localhost/path?query # nov@localhost/path?query#fragment => https://nov@localhost/path?query
# tel:+810312345678 => tel:+810312345678 # tel:+810312345678 => tel:+810312345678
# device:192.168.2.1 => device:192.168.2.1 # device:192.168.2.1 => device:192.168.2.1
# device:192.168.2.1:8080 => device:192.168.2.1:8080 # device:192.168.2.1:8080 => device:192.168.2.1:8080
@ -155,18 +151,18 @@ public class TestWebfingerURLNormalizer {
# device:192.168.2.1/path?query#fragment => device:192.168.2.1/path?query # device:192.168.2.1/path?query#fragment => device:192.168.2.1/path?query
* *
*/ */
@Test @Test
public void normalizeResource_novTest() { public void normalizeResource_novTest() {
for (String input : inputToNormalized.keySet()) { for (String input : inputToNormalized.keySet()) {
UriComponents actualNormalized = WebfingerURLNormalizer.normalizeResource(input); UriComponents actualNormalized = WebfingerURLNormalizer.normalizeResource(input);
String expectedNormalized = inputToNormalized.get(input); String expectedNormalized = inputToNormalized.get(input);
assertEquals("Identifer/Normalized failed.", expectedNormalized, WebfingerURLNormalizer.serializeURL(actualNormalized)); assertEquals("Identifer/Normalized failed.", expectedNormalized, WebfingerURLNormalizer.serializeURL(actualNormalized));
} }
} }

37
openid-connect-common/src/test/java/org/mitre/jose/JOSEEmbedTest.java
View File

@ -1,3 +1,18 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/** /**
* *
*/ */
@ -9,11 +24,11 @@ import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm; import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm; import com.nimbusds.jose.JWSAlgorithm;
import static org.junit.Assert.*; import static org.junit.Assert.assertEquals;
/** /**
* *
* These tests make sure that the algorithm name processing * These tests make sure that the algorithm name processing
* is functional on the three embedded JOSE classes. * is functional on the three embedded JOSE classes.
* *
* @author jricher * @author jricher
@ -24,15 +39,15 @@ public class JOSEEmbedTest {
@Test @Test
public void testJWSAlgorithmEmbed() { public void testJWSAlgorithmEmbed() {
JWSAlgorithmEmbed a = new JWSAlgorithmEmbed(JWSAlgorithm.HS256); JWSAlgorithmEmbed a = new JWSAlgorithmEmbed(JWSAlgorithm.HS256);
assertEquals(JWSAlgorithm.HS256, a.getAlgorithm()); assertEquals(JWSAlgorithm.HS256, a.getAlgorithm());
assertEquals("HS256", a.getAlgorithmName()); assertEquals("HS256", a.getAlgorithmName());
} }
@Test @Test
public void testJWSAlgorithmEmbedGetForAlgoirthmName() { public void testJWSAlgorithmEmbedGetForAlgoirthmName() {
JWSAlgorithmEmbed a = JWSAlgorithmEmbed.getForAlgorithmName("RS256"); JWSAlgorithmEmbed a = JWSAlgorithmEmbed.getForAlgorithmName("RS256");
assertEquals(JWSAlgorithm.RS256, a.getAlgorithm()); assertEquals(JWSAlgorithm.RS256, a.getAlgorithm());
assertEquals("RS256", a.getAlgorithmName()); assertEquals("RS256", a.getAlgorithmName());
} }
@ -40,15 +55,15 @@ public class JOSEEmbedTest {
@Test @Test
public void testJWEAlgorithmEmbed() { public void testJWEAlgorithmEmbed() {
JWEAlgorithmEmbed a = new JWEAlgorithmEmbed(JWEAlgorithm.A128KW); JWEAlgorithmEmbed a = new JWEAlgorithmEmbed(JWEAlgorithm.A128KW);
assertEquals(JWEAlgorithm.A128KW, a.getAlgorithm()); assertEquals(JWEAlgorithm.A128KW, a.getAlgorithm());
assertEquals("A128KW", a.getAlgorithmName()); assertEquals("A128KW", a.getAlgorithmName());
} }
@Test @Test
public void testJWEAlgorithmEmbedGetForAlgoirthmName() { public void testJWEAlgorithmEmbedGetForAlgoirthmName() {
JWEAlgorithmEmbed a = JWEAlgorithmEmbed.getForAlgorithmName("RSA1_5"); JWEAlgorithmEmbed a = JWEAlgorithmEmbed.getForAlgorithmName("RSA1_5");
assertEquals(JWEAlgorithm.RSA1_5, a.getAlgorithm()); assertEquals(JWEAlgorithm.RSA1_5, a.getAlgorithm());
assertEquals("RSA1_5", a.getAlgorithmName()); assertEquals("RSA1_5", a.getAlgorithmName());
} }
@ -56,15 +71,15 @@ public class JOSEEmbedTest {
@Test @Test
public void testJWEEncryptionMethodEmbed() { public void testJWEEncryptionMethodEmbed() {
JWEEncryptionMethodEmbed a = new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256); JWEEncryptionMethodEmbed a = new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256);
assertEquals(EncryptionMethod.A128CBC_HS256, a.getAlgorithm()); assertEquals(EncryptionMethod.A128CBC_HS256, a.getAlgorithm());
assertEquals("A128CBC-HS256", a.getAlgorithmName()); assertEquals("A128CBC-HS256", a.getAlgorithmName());
} }
@Test @Test
public void testJWEEncryptionMethodEmbedGetForAlgoirthmName() { public void testJWEEncryptionMethodEmbedGetForAlgoirthmName() {
JWEEncryptionMethodEmbed a = JWEEncryptionMethodEmbed.getForAlgorithmName("A256GCM"); JWEEncryptionMethodEmbed a = JWEEncryptionMethodEmbed.getForAlgorithmName("A256GCM");
assertEquals(EncryptionMethod.A256GCM, a.getAlgorithm()); assertEquals(EncryptionMethod.A256GCM, a.getAlgorithm());
assertEquals("A256GCM", a.getAlgorithmName()); assertEquals("A256GCM", a.getAlgorithmName());
} }

23
openid-connect-common/src/test/java/org/mitre/oauth2/model/ClientDetailsEntityTest.java
View File

@ -1,3 +1,18 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/** /**
* *
*/ */
@ -13,7 +28,7 @@ import com.google.common.collect.ImmutableSet;
import com.nimbusds.jose.EncryptionMethod; import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm; import com.nimbusds.jose.JWEAlgorithm;
import static org.junit.Assert.*; import static org.junit.Assert.assertEquals;
/** /**
* @author jricher * @author jricher
@ -26,10 +41,10 @@ public class ClientDetailsEntityTest {
*/ */
@Test @Test
public void testClientDetailsEntity() { public void testClientDetailsEntity() {
Date now = new Date(); Date now = new Date();
ClientDetailsEntity c = new ClientDetailsEntity(); ClientDetailsEntity c = new ClientDetailsEntity();
c.setClientId("s6BhdRkqt3"); c.setClientId("s6BhdRkqt3");
c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk"); c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk");
c.setApplicationType(ClientDetailsEntity.AppType.WEB); c.setApplicationType(ClientDetailsEntity.AppType.WEB);

41
openid-connect-common/src/test/java/org/mitre/oauth2/model/RegisteredClientTest.java
View File

@ -1,3 +1,18 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/** /**
* *
*/ */
@ -13,7 +28,7 @@ import com.google.common.collect.ImmutableSet;
import com.nimbusds.jose.EncryptionMethod; import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm; import com.nimbusds.jose.JWEAlgorithm;
import static org.junit.Assert.*; import static org.junit.Assert.assertEquals;
/** /**
* @author jricher * @author jricher
@ -26,11 +41,11 @@ public class RegisteredClientTest {
*/ */
@Test @Test
public void testRegisteredClient() { public void testRegisteredClient() {
// make sure all the pass-through getters and setters work // make sure all the pass-through getters and setters work
RegisteredClient c = new RegisteredClient(); RegisteredClient c = new RegisteredClient();
c.setClientId("s6BhdRkqt3"); c.setClientId("s6BhdRkqt3");
c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk"); c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk");
c.setClientSecretExpiresAt(new Date(1577858400L * 1000L)); c.setClientSecretExpiresAt(new Date(1577858400L * 1000L));
@ -48,7 +63,7 @@ public class RegisteredClientTest {
c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256)); c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256));
c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org")); c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"));
c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA")); c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"));
assertEquals("s6BhdRkqt3", c.getClientId()); assertEquals("s6BhdRkqt3", c.getClientId());
assertEquals("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk", c.getClientSecret()); assertEquals("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk", c.getClientSecret());
assertEquals(new Date(1577858400L * 1000L), c.getClientSecretExpiresAt()); assertEquals(new Date(1577858400L * 1000L), c.getClientSecretExpiresAt());
@ -73,8 +88,8 @@ public class RegisteredClientTest {
*/ */
@Test @Test
public void testRegisteredClientClientDetailsEntity() { public void testRegisteredClientClientDetailsEntity() {
ClientDetailsEntity c = new ClientDetailsEntity(); ClientDetailsEntity c = new ClientDetailsEntity();
c.setClientId("s6BhdRkqt3"); c.setClientId("s6BhdRkqt3");
c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk"); c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk");
c.setApplicationType(ClientDetailsEntity.AppType.WEB); c.setApplicationType(ClientDetailsEntity.AppType.WEB);
@ -89,13 +104,13 @@ public class RegisteredClientTest {
c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256)); c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256));
c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org")); c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"));
c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA")); c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"));
// Create a RegisteredClient based on a ClientDetailsEntity object and set several properties // Create a RegisteredClient based on a ClientDetailsEntity object and set several properties
RegisteredClient rc = new RegisteredClient(c); RegisteredClient rc = new RegisteredClient(c);
rc.setClientSecretExpiresAt(new Date(1577858400L * 1000L)); rc.setClientSecretExpiresAt(new Date(1577858400L * 1000L));
rc.setRegistrationAccessToken("this.is.an.access.token.value.ffx83"); rc.setRegistrationAccessToken("this.is.an.access.token.value.ffx83");
rc.setRegistrationClientUri("https://server.example.com/connect/register?client_id=s6BhdRkqt3"); rc.setRegistrationClientUri("https://server.example.com/connect/register?client_id=s6BhdRkqt3");
// make sure all the pass-throughs work // make sure all the pass-throughs work
assertEquals("s6BhdRkqt3", rc.getClientId()); assertEquals("s6BhdRkqt3", rc.getClientId());
assertEquals("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk", rc.getClientSecret()); assertEquals("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk", rc.getClientSecret());
@ -121,8 +136,8 @@ public class RegisteredClientTest {
*/ */
@Test @Test
public void testRegisteredClientClientDetailsEntityStringString() { public void testRegisteredClientClientDetailsEntityStringString() {
ClientDetailsEntity c = new ClientDetailsEntity(); ClientDetailsEntity c = new ClientDetailsEntity();
c.setClientId("s6BhdRkqt3"); c.setClientId("s6BhdRkqt3");
c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk"); c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk");
c.setApplicationType(ClientDetailsEntity.AppType.WEB); c.setApplicationType(ClientDetailsEntity.AppType.WEB);
@ -137,10 +152,10 @@ public class RegisteredClientTest {
c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256)); c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256));
c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org")); c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"));
c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA")); c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"));
// Create a RegisteredClient based on a ClientDetails, a token, and a server URI // Create a RegisteredClient based on a ClientDetails, a token, and a server URI
RegisteredClient rc = new RegisteredClient(c, "this.is.an.access.token.value.ffx83", "https://server.example.com/connect/register?client_id=s6BhdRkqt3"); RegisteredClient rc = new RegisteredClient(c, "this.is.an.access.token.value.ffx83", "https://server.example.com/connect/register?client_id=s6BhdRkqt3");
// make sure all the pass-throughs work // make sure all the pass-throughs work
assertEquals("s6BhdRkqt3", rc.getClientId()); assertEquals("s6BhdRkqt3", rc.getClientId());
assertEquals("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk", rc.getClientSecret()); assertEquals("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk", rc.getClientSecret());

130
openid-connect-common/src/test/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessorTest.java
View File

@ -1,3 +1,18 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/** /**
* *
*/ */
@ -17,7 +32,8 @@ import com.google.gson.JsonObject;
import com.nimbusds.jose.EncryptionMethod; import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm; import com.nimbusds.jose.JWEAlgorithm;
import static org.junit.Assert.*; import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
/** /**
* @author jricher * @author jricher
@ -30,30 +46,30 @@ public class ClientDetailsEntityJsonProcessorTest {
*/ */
@Test @Test
public void testParse() { public void testParse() {
String json = " {\n" + String json = " {\n" +
" \"application_type\": \"web\",\n" + " \"application_type\": \"web\",\n" +
" \"redirect_uris\":\n" + " \"redirect_uris\":\n" +
" [\"https://client.example.org/callback\",\n" + " [\"https://client.example.org/callback\",\n" +
" \"https://client.example.org/callback2\"],\n" + " \"https://client.example.org/callback2\"],\n" +
" \"client_name\": \"My Example\",\n" + " \"client_name\": \"My Example\",\n" +
" \"client_name#ja-Jpan-JP\":\n" + " \"client_name#ja-Jpan-JP\":\n" +
" \"クライアント名\",\n" + " \"クライアント名\",\n" +
" \"response_types\": [\"code\", \"token\"],\n" + " \"response_types\": [\"code\", \"token\"],\n" +
" \"grant_types\": [\"authorization_code\", \"implicit\"],\n" + " \"grant_types\": [\"authorization_code\", \"implicit\"],\n" +
" \"logo_uri\": \"https://client.example.org/logo.png\",\n" + " \"logo_uri\": \"https://client.example.org/logo.png\",\n" +
" \"subject_type\": \"pairwise\",\n" + " \"subject_type\": \"pairwise\",\n" +
" \"sector_identifier_uri\":\n" + " \"sector_identifier_uri\":\n" +
" \"https://other.example.net/file_of_redirect_uris.json\",\n" + " \"https://other.example.net/file_of_redirect_uris.json\",\n" +
" \"token_endpoint_auth_method\": \"client_secret_basic\",\n" + " \"token_endpoint_auth_method\": \"client_secret_basic\",\n" +
" \"jwks_uri\": \"https://client.example.org/my_public_keys.jwks\",\n" + " \"jwks_uri\": \"https://client.example.org/my_public_keys.jwks\",\n" +
" \"userinfo_encrypted_response_alg\": \"RSA1_5\",\n" + " \"userinfo_encrypted_response_alg\": \"RSA1_5\",\n" +
" \"userinfo_encrypted_response_enc\": \"A128CBC-HS256\",\n" + " \"userinfo_encrypted_response_enc\": \"A128CBC-HS256\",\n" +
" \"contacts\": [\"ve7jtb@example.org\", \"mary@example.org\"],\n" + " \"contacts\": [\"ve7jtb@example.org\", \"mary@example.org\"],\n" +
" \"request_uris\":\n" + " \"request_uris\":\n" +
" [\"https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA\"]\n" + " [\"https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA\"]\n" +
" }"; " }";
ClientDetailsEntity c = ClientDetailsEntityJsonProcessor.parse(json); ClientDetailsEntity c = ClientDetailsEntityJsonProcessor.parse(json);
assertEquals(ClientDetailsEntity.AppType.WEB, c.getApplicationType()); assertEquals(ClientDetailsEntity.AppType.WEB, c.getApplicationType());
assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), c.getRedirectUris()); assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), c.getRedirectUris());
assertEquals("My Example", c.getClientName()); assertEquals("My Example", c.getClientName());
@ -68,7 +84,7 @@ public class ClientDetailsEntityJsonProcessorTest {
assertEquals(EncryptionMethod.A128CBC_HS256, c.getUserInfoEncryptedResponseEnc().getAlgorithm()); assertEquals(EncryptionMethod.A128CBC_HS256, c.getUserInfoEncryptedResponseEnc().getAlgorithm());
assertEquals(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"), c.getContacts()); assertEquals(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"), c.getContacts());
assertEquals(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"), c.getRequestUris()); assertEquals(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"), c.getRequestUris());
} }
/** /**
@ -76,41 +92,41 @@ public class ClientDetailsEntityJsonProcessorTest {
*/ */
@Test @Test
public void testParseRegistered() { public void testParseRegistered() {
String json = " {\n" + String json = " {\n" +
" \"client_id\": \"s6BhdRkqt3\",\n" + " \"client_id\": \"s6BhdRkqt3\",\n" +
" \"client_secret\":\n" + " \"client_secret\":\n" +
" \"ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk\",\n" + " \"ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk\",\n" +
" \"client_secret_expires_at\": 1577858400,\n" + " \"client_secret_expires_at\": 1577858400,\n" +
" \"registration_access_token\":\n" + " \"registration_access_token\":\n" +
" \"this.is.an.access.token.value.ffx83\",\n" + " \"this.is.an.access.token.value.ffx83\",\n" +
" \"registration_client_uri\":\n" + " \"registration_client_uri\":\n" +
" \"https://server.example.com/connect/register?client_id=s6BhdRkqt3\",\n" + " \"https://server.example.com/connect/register?client_id=s6BhdRkqt3\",\n" +
" \"token_endpoint_auth_method\":\n" + " \"token_endpoint_auth_method\":\n" +
" \"client_secret_basic\",\n" + " \"client_secret_basic\",\n" +
" \"application_type\": \"web\",\n" + " \"application_type\": \"web\",\n" +
" \"redirect_uris\":\n" + " \"redirect_uris\":\n" +
" [\"https://client.example.org/callback\",\n" + " [\"https://client.example.org/callback\",\n" +
" \"https://client.example.org/callback2\"],\n" + " \"https://client.example.org/callback2\"],\n" +
" \"client_name\": \"My Example\",\n" + " \"client_name\": \"My Example\",\n" +
" \"client_name#ja-Jpan-JP\":\n" + " \"client_name#ja-Jpan-JP\":\n" +
" \"クライアント名\",\n" + " \"クライアント名\",\n" +
" \"response_types\": [\"code\", \"token\"],\n" + " \"response_types\": [\"code\", \"token\"],\n" +
" \"grant_types\": [\"authorization_code\", \"implicit\"],\n" + " \"grant_types\": [\"authorization_code\", \"implicit\"],\n" +
" \"logo_uri\": \"https://client.example.org/logo.png\",\n" + " \"logo_uri\": \"https://client.example.org/logo.png\",\n" +
" \"subject_type\": \"pairwise\",\n" + " \"subject_type\": \"pairwise\",\n" +
" \"sector_identifier_uri\":\n" + " \"sector_identifier_uri\":\n" +
" \"https://other.example.net/file_of_redirect_uris.json\",\n" + " \"https://other.example.net/file_of_redirect_uris.json\",\n" +
" \"jwks_uri\": \"https://client.example.org/my_public_keys.jwks\",\n" + " \"jwks_uri\": \"https://client.example.org/my_public_keys.jwks\",\n" +
" \"userinfo_encrypted_response_alg\": \"RSA1_5\",\n" + " \"userinfo_encrypted_response_alg\": \"RSA1_5\",\n" +
" \"userinfo_encrypted_response_enc\": \"A128CBC-HS256\",\n" + " \"userinfo_encrypted_response_enc\": \"A128CBC-HS256\",\n" +
" \"contacts\": [\"ve7jtb@example.org\", \"mary@example.org\"],\n" + " \"contacts\": [\"ve7jtb@example.org\", \"mary@example.org\"],\n" +
" \"request_uris\":\n" + " \"request_uris\":\n" +
" [\"https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA\"]\n" + " [\"https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA\"]\n" +
" }"; " }";
RegisteredClient c = ClientDetailsEntityJsonProcessor.parseRegistered(json); RegisteredClient c = ClientDetailsEntityJsonProcessor.parseRegistered(json);
assertEquals("s6BhdRkqt3", c.getClientId()); assertEquals("s6BhdRkqt3", c.getClientId());
assertEquals("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk", c.getClientSecret()); assertEquals("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk", c.getClientSecret());
assertEquals(new Date(1577858400L * 1000L), c.getClientSecretExpiresAt()); assertEquals(new Date(1577858400L * 1000L), c.getClientSecretExpiresAt());
@ -139,7 +155,7 @@ public class ClientDetailsEntityJsonProcessorTest {
@Test @Test
public void testSerialize() { public void testSerialize() {
RegisteredClient c = new RegisteredClient(); RegisteredClient c = new RegisteredClient();
c.setClientId("s6BhdRkqt3"); c.setClientId("s6BhdRkqt3");
c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk"); c.setClientSecret("ZJYCqe3GGRvdrudKyZS0XhGv_Z45DuKhCUk0gBR1vZk");
c.setClientSecretExpiresAt(new Date(1577858400L * 1000L)); c.setClientSecretExpiresAt(new Date(1577858400L * 1000L));
@ -159,7 +175,7 @@ public class ClientDetailsEntityJsonProcessorTest {
c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256)); c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256));
c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org")); c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"));
c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA")); c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"));
JsonObject j = ClientDetailsEntityJsonProcessor.serialize(c); JsonObject j = ClientDetailsEntityJsonProcessor.serialize(c);
assertEquals("s6BhdRkqt3", j.get("client_id").getAsString()); assertEquals("s6BhdRkqt3", j.get("client_id").getAsString());
@ -168,9 +184,9 @@ public class ClientDetailsEntityJsonProcessorTest {
assertEquals("this.is.an.access.token.value.ffx83", j.get("registration_access_token").getAsString()); assertEquals("this.is.an.access.token.value.ffx83", j.get("registration_access_token").getAsString());
assertEquals("https://server.example.com/connect/register?client_id=s6BhdRkqt3", j.get("registration_client_uri").getAsString()); assertEquals("https://server.example.com/connect/register?client_id=s6BhdRkqt3", j.get("registration_client_uri").getAsString());
assertEquals(ClientDetailsEntity.AppType.WEB.getValue(), j.get("application_type").getAsString()); assertEquals(ClientDetailsEntity.AppType.WEB.getValue(), j.get("application_type").getAsString());
for (JsonElement e : j.get("redirect_uris").getAsJsonArray()) { for (JsonElement e : j.get("redirect_uris").getAsJsonArray()) {
assertTrue(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2").contains(e.getAsString())); assertTrue(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2").contains(e.getAsString()));
} }
assertEquals("My Example", j.get("client_name").getAsString()); assertEquals("My Example", j.get("client_name").getAsString());
for (JsonElement e : j.get("response_types").getAsJsonArray()) { for (JsonElement e : j.get("response_types").getAsJsonArray()) {
assertTrue(ImmutableSet.of("code", "token").contains(e.getAsString())); assertTrue(ImmutableSet.of("code", "token").contains(e.getAsString()));
@ -191,7 +207,7 @@ public class ClientDetailsEntityJsonProcessorTest {
for (JsonElement e : j.get("request_uris").getAsJsonArray()) { for (JsonElement e : j.get("request_uris").getAsJsonArray()) {
assertTrue(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA").contains(e.getAsString())); assertTrue(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA").contains(e.getAsString()));
} }
} }
} }

27
openid-connect-common/src/test/java/org/mitre/openid/connect/config/ConfigurationPropertiesBeanTest.java
View File

@ -1,3 +1,18 @@
/*******************************************************************************
* Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
******************************************************************************/
/** /**
* *
*/ */
@ -5,7 +20,7 @@ package org.mitre.openid.connect.config;
import org.junit.Test; import org.junit.Test;
import static org.junit.Assert.*; import static org.junit.Assert.assertEquals;
/** /**
* @author jricher * @author jricher
@ -18,22 +33,22 @@ public class ConfigurationPropertiesBeanTest {
*/ */
@Test @Test
public void testConfigurationPropertiesBean() { public void testConfigurationPropertiesBean() {
// make sure the values that go in come back out unchanged // make sure the values that go in come back out unchanged
ConfigurationPropertiesBean bean = new ConfigurationPropertiesBean(); ConfigurationPropertiesBean bean = new ConfigurationPropertiesBean();
String iss = "http://localhost:8080/openid-connect-server/"; String iss = "http://localhost:8080/openid-connect-server/";
String title = "OpenID Connect Server"; String title = "OpenID Connect Server";
String logoUrl = "/images/logo.png"; String logoUrl = "/images/logo.png";
bean.setIssuer(iss); bean.setIssuer(iss);
bean.setTopbarTitle(title); bean.setTopbarTitle(title);
bean.setLogoImageUrl(logoUrl); bean.setLogoImageUrl(logoUrl);
assertEquals(iss, bean.getIssuer()); assertEquals(iss, bean.getIssuer());
assertEquals(title, bean.getTopbarTitle()); assertEquals(title, bean.getTopbarTitle());
assertEquals(logoUrl, bean.getLogoImageUrl()); assertEquals(logoUrl, bean.getLogoImageUrl());
} }
} }

Some files were not shown because too many files have changed in this diff Show More