github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

added transient passthroughs to JOSE algorithms for client

pull/516/head
Justin Richer 2013-09-12 14:08:37 -04:00
parent c9aa42dbef
commit e67a41c556
8 changed files with 384 additions and 154 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

128
openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java
View File

@ -55,6 +55,10 @@ import org.mitre.jose.JWSAlgorithmEmbed;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.provider.ClientDetails;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm;
/**
* @author jricher
*
@ -688,11 +692,11 @@ public class ClientDetailsEntity implements ClientDetails {
@AttributeOverrides({
@AttributeOverride(name = "algorithmName", column=@Column(name="request_object_signing_alg"))
})
public JWSAlgorithmEmbed getRequestObjectSigningAlg() {
public JWSAlgorithmEmbed getRequestObjectSigningAlgEmbed() {
return requestObjectSigningAlg;
}
public void setRequestObjectSigningAlg(JWSAlgorithmEmbed requestObjectSigningAlg) {
public void setRequestObjectSigningAlgEmbed(JWSAlgorithmEmbed requestObjectSigningAlg) {
this.requestObjectSigningAlg = requestObjectSigningAlg;
}
@ -700,11 +704,11 @@ public class ClientDetailsEntity implements ClientDetails {
@AttributeOverrides({
@AttributeOverride(name = "algorithmName", column=@Column(name="user_info_signed_response_alg"))
})
public JWSAlgorithmEmbed getUserInfoSignedResponseAlg() {
public JWSAlgorithmEmbed getUserInfoSignedResponseAlgEmbed() {
return userInfoSignedResponseAlg;
}
public void setUserInfoSignedResponseAlg(JWSAlgorithmEmbed userInfoSignedResponseAlg) {
public void setUserInfoSignedResponseAlgEmbed(JWSAlgorithmEmbed userInfoSignedResponseAlg) {
this.userInfoSignedResponseAlg = userInfoSignedResponseAlg;
}
@ -712,11 +716,11 @@ public class ClientDetailsEntity implements ClientDetails {
@AttributeOverrides({
@AttributeOverride(name = "algorithmName", column=@Column(name="user_info_encrypted_response_alg"))
})
public JWEAlgorithmEmbed getUserInfoEncryptedResponseAlg() {
public JWEAlgorithmEmbed getUserInfoEncryptedResponseAlgEmbed() {
return userInfoEncryptedResponseAlg;
}
public void setUserInfoEncryptedResponseAlg(JWEAlgorithmEmbed userInfoEncryptedResponseAlg) {
public void setUserInfoEncryptedResponseAlgEmbed(JWEAlgorithmEmbed userInfoEncryptedResponseAlg) {
this.userInfoEncryptedResponseAlg = userInfoEncryptedResponseAlg;
}
@ -724,11 +728,11 @@ public class ClientDetailsEntity implements ClientDetails {
@AttributeOverrides({
@AttributeOverride(name = "algorithmName", column=@Column(name="user_info_encrypted_response_enc"))
})
public JWEEncryptionMethodEmbed getUserInfoEncryptedResponseEnc() {
public JWEEncryptionMethodEmbed getUserInfoEncryptedResponseEncEmbed() {
return userInfoEncryptedResponseEnc;
}
public void setUserInfoEncryptedResponseEnc(JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc) {
public void setUserInfoEncryptedResponseEncEmbed(JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc) {
this.userInfoEncryptedResponseEnc = userInfoEncryptedResponseEnc;
}
@ -736,11 +740,11 @@ public class ClientDetailsEntity implements ClientDetails {
@AttributeOverrides({
@AttributeOverride(name = "algorithmName", column=@Column(name="id_token_signed_response_alg"))
})
public JWSAlgorithmEmbed getIdTokenSignedResponseAlg() {
public JWSAlgorithmEmbed getIdTokenSignedResponseAlgEmbed() {
return idTokenSignedResponseAlg;
}
public void setIdTokenSignedResponseAlg(JWSAlgorithmEmbed idTokenSignedResponseAlg) {
public void setIdTokenSignedResponseAlgEmbed(JWSAlgorithmEmbed idTokenSignedResponseAlg) {
this.idTokenSignedResponseAlg = idTokenSignedResponseAlg;
}
@ -748,11 +752,11 @@ public class ClientDetailsEntity implements ClientDetails {
@AttributeOverrides({
@AttributeOverride(name = "algorithmName", column=@Column(name="id_token_encrypted_response_alg"))
})
public JWEAlgorithmEmbed getIdTokenEncryptedResponseAlg() {
public JWEAlgorithmEmbed getIdTokenEncryptedResponseAlgEmbed() {
return idTokenEncryptedResponseAlg;
}
public void setIdTokenEncryptedResponseAlg(JWEAlgorithmEmbed idTokenEncryptedResponseAlg) {
public void setIdTokenEncryptedResponseAlgEmbed(JWEAlgorithmEmbed idTokenEncryptedResponseAlg) {
this.idTokenEncryptedResponseAlg = idTokenEncryptedResponseAlg;
}
@ -760,14 +764,110 @@ public class ClientDetailsEntity implements ClientDetails {
@AttributeOverrides({
@AttributeOverride(name = "algorithmName", column=@Column(name="id_token_encrypted_response_enc"))
})
public JWEEncryptionMethodEmbed getIdTokenEncryptedResponseEnc() {
public JWEEncryptionMethodEmbed getIdTokenEncryptedResponseEncEmbed() {
return idTokenEncryptedResponseEnc;
}
public void setIdTokenEncryptedResponseEnc(JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc) {
public void setIdTokenEncryptedResponseEncEmbed(JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc) {
this.idTokenEncryptedResponseEnc = idTokenEncryptedResponseEnc;
}
//
// Transient passthrough methods for JOSE elements
//
@Transient
public JWSAlgorithm getRequestObjectSigningAlg() {
if (requestObjectSigningAlg != null) {
return requestObjectSigningAlg.getAlgorithm();
} else {
return null;
}
}
public void setRequestObjectSigningAlg(JWSAlgorithm requestObjectSigningAlg) {
this.requestObjectSigningAlg = new JWSAlgorithmEmbed(requestObjectSigningAlg);
}
@Transient
public JWSAlgorithm getUserInfoSignedResponseAlg() {
if (userInfoSignedResponseAlg != null) {
return userInfoSignedResponseAlg.getAlgorithm();
} else {
return null;
}
}
public void setUserInfoSignedResponseAlg(JWSAlgorithm userInfoSignedResponseAlg) {
this.userInfoSignedResponseAlg = new JWSAlgorithmEmbed(userInfoSignedResponseAlg);
}
@Transient
public JWEAlgorithm getUserInfoEncryptedResponseAlg() {
if (userInfoEncryptedResponseAlg != null) {
return userInfoEncryptedResponseAlg.getAlgorithm();
} else {
return null;
}
}
public void setUserInfoEncryptedResponseAlg(JWEAlgorithm userInfoEncryptedResponseAlg) {
this.userInfoEncryptedResponseAlg = new JWEAlgorithmEmbed(userInfoEncryptedResponseAlg);
}
@Transient
public EncryptionMethod getUserInfoEncryptedResponseEnc() {
if (userInfoEncryptedResponseEnc != null) {
return userInfoEncryptedResponseEnc.getAlgorithm();
} else {
return null;
}
}
public void setUserInfoEncryptedResponseEnc(EncryptionMethod userInfoEncryptedResponseEnc) {
this.userInfoEncryptedResponseEnc = new JWEEncryptionMethodEmbed(userInfoEncryptedResponseEnc);
}
@Transient
public JWSAlgorithm getIdTokenSignedResponseAlg() {
if (idTokenSignedResponseAlg != null) {
return idTokenSignedResponseAlg.getAlgorithm();
} else {
return null;
}
}
public void setIdTokenSignedResponseAlg(JWSAlgorithm idTokenSignedResponseAlg) {
this.idTokenSignedResponseAlg = new JWSAlgorithmEmbed(idTokenSignedResponseAlg);
}
@Transient
public JWEAlgorithm getIdTokenEncryptedResponseAlg() {
if (idTokenEncryptedResponseAlg != null) {
return idTokenEncryptedResponseAlg.getAlgorithm();
} else {
return null;
}
}
public void setIdTokenEncryptedResponseAlg(JWEAlgorithm idTokenEncryptedResponseAlg) {
this.idTokenEncryptedResponseAlg = new JWEAlgorithmEmbed(idTokenEncryptedResponseAlg);
}
@Transient
public EncryptionMethod getIdTokenEncryptedResponseEnc() {
if (idTokenEncryptedResponseEnc != null) {
return idTokenEncryptedResponseEnc.getAlgorithm();
} else {
return null;
}
}
public void setIdTokenEncryptedResponseEnc(EncryptionMethod idTokenEncryptedResponseEnc) {
this.idTokenEncryptedResponseEnc = new JWEEncryptionMethodEmbed(idTokenEncryptedResponseEnc);
}
@Basic
@Column(name="default_max_age")
public Integer getDefaultMaxAge() {

326
openid-connect-common/src/main/java/org/mitre/oauth2/model/RegisteredClient.java
View File

@ -31,6 +31,10 @@ import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
import org.springframework.security.core.GrantedAuthority;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm;
/**
* @author jricher
*
@ -473,104 +477,6 @@ public class RegisteredClient {
public void setSectorIdentifierUri(String sectorIdentifierUri) {
client.setSectorIdentifierUri(sectorIdentifierUri);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getRequestObjectSigningAlg()
*/
public JWSAlgorithmEmbed getRequestObjectSigningAlg() {
return client.getRequestObjectSigningAlg();
}
/**
* @param requestObjectSigningAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setRequestObjectSigningAlg(org.mitre.jose.JWSAlgorithmEmbed)
*/
public void setRequestObjectSigningAlg(JWSAlgorithmEmbed requestObjectSigningAlg) {
client.setRequestObjectSigningAlg(requestObjectSigningAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoSignedResponseAlg()
*/
public JWSAlgorithmEmbed getUserInfoSignedResponseAlg() {
return client.getUserInfoSignedResponseAlg();
}
/**
* @param userInfoSignedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoSignedResponseAlg(org.mitre.jose.JWSAlgorithmEmbed)
*/
public void setUserInfoSignedResponseAlg(JWSAlgorithmEmbed userInfoSignedResponseAlg) {
client.setUserInfoSignedResponseAlg(userInfoSignedResponseAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseAlg()
*/
public JWEAlgorithmEmbed getUserInfoEncryptedResponseAlg() {
return client.getUserInfoEncryptedResponseAlg();
}
/**
* @param userInfoEncryptedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseAlg(org.mitre.jose.JWEAlgorithmEmbed)
*/
public void setUserInfoEncryptedResponseAlg(JWEAlgorithmEmbed userInfoEncryptedResponseAlg) {
client.setUserInfoEncryptedResponseAlg(userInfoEncryptedResponseAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseEnc()
*/
public JWEEncryptionMethodEmbed getUserInfoEncryptedResponseEnc() {
return client.getUserInfoEncryptedResponseEnc();
}
/**
* @param userInfoEncryptedResponseEnc
* @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseEnc(org.mitre.jose.JWEEncryptionMethodEmbed)
*/
public void setUserInfoEncryptedResponseEnc(JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc) {
client.setUserInfoEncryptedResponseEnc(userInfoEncryptedResponseEnc);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenSignedResponseAlg()
*/
public JWSAlgorithmEmbed getIdTokenSignedResponseAlg() {
return client.getIdTokenSignedResponseAlg();
}
/**
* @param idTokenSignedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenSignedResponseAlg(org.mitre.jose.JWSAlgorithmEmbed)
*/
public void setIdTokenSignedResponseAlg(JWSAlgorithmEmbed idTokenSignedResponseAlg) {
client.setIdTokenSignedResponseAlg(idTokenSignedResponseAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseAlg()
*/
public JWEAlgorithmEmbed getIdTokenEncryptedResponseAlg() {
return client.getIdTokenEncryptedResponseAlg();
}
/**
* @param idTokenEncryptedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseAlg(org.mitre.jose.JWEAlgorithmEmbed)
*/
public void setIdTokenEncryptedResponseAlg(JWEAlgorithmEmbed idTokenEncryptedResponseAlg) {
client.setIdTokenEncryptedResponseAlg(idTokenEncryptedResponseAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseEnc()
*/
public JWEEncryptionMethodEmbed getIdTokenEncryptedResponseEnc() {
return client.getIdTokenEncryptedResponseEnc();
}
/**
* @param idTokenEncryptedResponseEnc
* @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseEnc(org.mitre.jose.JWEEncryptionMethodEmbed)
*/
public void setIdTokenEncryptedResponseEnc(JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc) {
client.setIdTokenEncryptedResponseEnc(idTokenEncryptedResponseEnc);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getDefaultMaxAge()
@ -669,6 +575,230 @@ public class RegisteredClient {
public void setRequestUris(Set<String> requestUris) {
client.setRequestUris(requestUris);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getRequestObjectSigningAlgEmbed()
*/
public JWSAlgorithmEmbed getRequestObjectSigningAlgEmbed() {
return client.getRequestObjectSigningAlgEmbed();
}
/**
* @param requestObjectSigningAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setRequestObjectSigningAlgEmbed(org.mitre.jose.JWSAlgorithmEmbed)
*/
public void setRequestObjectSigningAlgEmbed(JWSAlgorithmEmbed requestObjectSigningAlg) {
client.setRequestObjectSigningAlgEmbed(requestObjectSigningAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoSignedResponseAlgEmbed()
*/
public JWSAlgorithmEmbed getUserInfoSignedResponseAlgEmbed() {
return client.getUserInfoSignedResponseAlgEmbed();
}
/**
* @param userInfoSignedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoSignedResponseAlgEmbed(org.mitre.jose.JWSAlgorithmEmbed)
*/
public void setUserInfoSignedResponseAlgEmbed(JWSAlgorithmEmbed userInfoSignedResponseAlg) {
client.setUserInfoSignedResponseAlgEmbed(userInfoSignedResponseAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseAlgEmbed()
*/
public JWEAlgorithmEmbed getUserInfoEncryptedResponseAlgEmbed() {
return client.getUserInfoEncryptedResponseAlgEmbed();
}
/**
* @param userInfoEncryptedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseAlgEmbed(org.mitre.jose.JWEAlgorithmEmbed)
*/
public void setUserInfoEncryptedResponseAlgEmbed(JWEAlgorithmEmbed userInfoEncryptedResponseAlg) {
client.setUserInfoEncryptedResponseAlgEmbed(userInfoEncryptedResponseAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseEncEmbed()
*/
public JWEEncryptionMethodEmbed getUserInfoEncryptedResponseEncEmbed() {
return client.getUserInfoEncryptedResponseEncEmbed();
}
/**
* @param userInfoEncryptedResponseEnc
* @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseEncEmbed(org.mitre.jose.JWEEncryptionMethodEmbed)
*/
public void setUserInfoEncryptedResponseEncEmbed(JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc) {
client.setUserInfoEncryptedResponseEncEmbed(userInfoEncryptedResponseEnc);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenSignedResponseAlgEmbed()
*/
public JWSAlgorithmEmbed getIdTokenSignedResponseAlgEmbed() {
return client.getIdTokenSignedResponseAlgEmbed();
}
/**
* @param idTokenSignedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenSignedResponseAlgEmbed(org.mitre.jose.JWSAlgorithmEmbed)
*/
public void setIdTokenSignedResponseAlgEmbed(JWSAlgorithmEmbed idTokenSignedResponseAlg) {
client.setIdTokenSignedResponseAlgEmbed(idTokenSignedResponseAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseAlgEmbed()
*/
public JWEAlgorithmEmbed getIdTokenEncryptedResponseAlgEmbed() {
return client.getIdTokenEncryptedResponseAlgEmbed();
}
/**
* @param idTokenEncryptedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseAlgEmbed(org.mitre.jose.JWEAlgorithmEmbed)
*/
public void setIdTokenEncryptedResponseAlgEmbed(JWEAlgorithmEmbed idTokenEncryptedResponseAlg) {
client.setIdTokenEncryptedResponseAlgEmbed(idTokenEncryptedResponseAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseEncEmbed()
*/
public JWEEncryptionMethodEmbed getIdTokenEncryptedResponseEncEmbed() {
return client.getIdTokenEncryptedResponseEncEmbed();
}
/**
* @param idTokenEncryptedResponseEnc
* @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseEncEmbed(org.mitre.jose.JWEEncryptionMethodEmbed)
*/
public void setIdTokenEncryptedResponseEncEmbed(JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc) {
client.setIdTokenEncryptedResponseEncEmbed(idTokenEncryptedResponseEnc);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getRequestObjectSigningAlg()
*/
public JWSAlgorithm getRequestObjectSigningAlg() {
return client.getRequestObjectSigningAlg();
}
/**
* @param requestObjectSigningAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setRequestObjectSigningAlg(com.nimbusds.jose.JWSAlgorithm)
*/
public void setRequestObjectSigningAlg(JWSAlgorithm requestObjectSigningAlg) {
client.setRequestObjectSigningAlg(requestObjectSigningAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoSignedResponseAlg()
*/
public JWSAlgorithm getUserInfoSignedResponseAlg() {
return client.getUserInfoSignedResponseAlg();
}
/**
* @param userInfoSignedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoSignedResponseAlg(com.nimbusds.jose.JWSAlgorithm)
*/
public void setUserInfoSignedResponseAlg(JWSAlgorithm userInfoSignedResponseAlg) {
client.setUserInfoSignedResponseAlg(userInfoSignedResponseAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseAlg()
*/
public JWEAlgorithm getUserInfoEncryptedResponseAlg() {
return client.getUserInfoEncryptedResponseAlg();
}
/**
* @param userInfoEncryptedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseAlg(com.nimbusds.jose.JWEAlgorithm)
*/
public void setUserInfoEncryptedResponseAlg(JWEAlgorithm userInfoEncryptedResponseAlg) {
client.setUserInfoEncryptedResponseAlg(userInfoEncryptedResponseAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getUserInfoEncryptedResponseEnc()
*/
public EncryptionMethod getUserInfoEncryptedResponseEnc() {
return client.getUserInfoEncryptedResponseEnc();
}
/**
* @param userInfoEncryptedResponseEnc
* @see org.mitre.oauth2.model.ClientDetailsEntity#setUserInfoEncryptedResponseEnc(com.nimbusds.jose.EncryptionMethod)
*/
public void setUserInfoEncryptedResponseEnc(EncryptionMethod userInfoEncryptedResponseEnc) {
client.setUserInfoEncryptedResponseEnc(userInfoEncryptedResponseEnc);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenSignedResponseAlg()
*/
public JWSAlgorithm getIdTokenSignedResponseAlg() {
return client.getIdTokenSignedResponseAlg();
}
/**
* @param idTokenSignedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenSignedResponseAlg(com.nimbusds.jose.JWSAlgorithm)
*/
public void setIdTokenSignedResponseAlg(JWSAlgorithm idTokenSignedResponseAlg) {
client.setIdTokenSignedResponseAlg(idTokenSignedResponseAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseAlg()
*/
public JWEAlgorithm getIdTokenEncryptedResponseAlg() {
return client.getIdTokenEncryptedResponseAlg();
}
/**
* @param idTokenEncryptedResponseAlg
* @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseAlg(com.nimbusds.jose.JWEAlgorithm)
*/
public void setIdTokenEncryptedResponseAlg(JWEAlgorithm idTokenEncryptedResponseAlg) {
client.setIdTokenEncryptedResponseAlg(idTokenEncryptedResponseAlg);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getIdTokenEncryptedResponseEnc()
*/
public EncryptionMethod getIdTokenEncryptedResponseEnc() {
return client.getIdTokenEncryptedResponseEnc();
}
/**
* @param idTokenEncryptedResponseEnc
* @see org.mitre.oauth2.model.ClientDetailsEntity#setIdTokenEncryptedResponseEnc(com.nimbusds.jose.EncryptionMethod)
*/
public void setIdTokenEncryptedResponseEnc(EncryptionMethod idTokenEncryptedResponseEnc) {
client.setIdTokenEncryptedResponseEnc(idTokenEncryptedResponseEnc);
}
/**
* @return
* @see org.mitre.oauth2.model.ClientDetailsEntity#getCreatedAt()

32
openid-connect-common/src/main/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessor.java
View File

@ -22,9 +22,6 @@ package org.mitre.openid.connect;
import java.util.Date;
import java.util.Set;
import org.mitre.jose.JWEAlgorithmEmbed;
import org.mitre.jose.JWEEncryptionMethodEmbed;
import org.mitre.jose.JWSAlgorithmEmbed;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
@ -40,6 +37,9 @@ import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import com.google.gson.JsonSyntaxException;
import com.google.gson.reflect.TypeToken;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm;
/**
* @author jricher
@ -220,13 +220,13 @@ public class ClientDetailsEntityJsonProcessor {
o.addProperty("application_type", c.getApplicationType() != null ? c.getApplicationType().getValue() : null);
o.addProperty("sector_identifier_uri", c.getSectorIdentifierUri());
o.addProperty("subject_type", c.getSubjectType() != null ? c.getSubjectType().getValue() : null);
o.addProperty("request_object_signing_alg", c.getRequestObjectSigningAlg() != null ? c.getRequestObjectSigningAlg().getAlgorithmName() : null);
o.addProperty("userinfo_signed_response_alg", c.getUserInfoSignedResponseAlg() != null ? c.getUserInfoSignedResponseAlg().getAlgorithmName() : null);
o.addProperty("userinfo_encrypted_response_alg", c.getUserInfoEncryptedResponseAlg() != null ? c.getUserInfoEncryptedResponseAlg().getAlgorithmName() : null);
o.addProperty("userinfo_encrypted_response_enc", c.getUserInfoEncryptedResponseEnc() != null ? c.getUserInfoEncryptedResponseEnc().getAlgorithmName() : null);
o.addProperty("id_token_signed_response_alg", c.getIdTokenSignedResponseAlg() != null ? c.getIdTokenSignedResponseAlg().getAlgorithmName() : null);
o.addProperty("id_token_encrypted_response_alg", c.getIdTokenEncryptedResponseAlg() != null ? c.getIdTokenEncryptedResponseAlg().getAlgorithmName() : null);
o.addProperty("id_token_encrypted_response_enc", c.getIdTokenEncryptedResponseEnc() != null ? c.getIdTokenEncryptedResponseEnc().getAlgorithmName() : null);
o.addProperty("request_object_signing_alg", c.getRequestObjectSigningAlg() != null ? c.getRequestObjectSigningAlg().getName() : null);
o.addProperty("userinfo_signed_response_alg", c.getUserInfoSignedResponseAlg() != null ? c.getUserInfoSignedResponseAlg().getName() : null);
o.addProperty("userinfo_encrypted_response_alg", c.getUserInfoEncryptedResponseAlg() != null ? c.getUserInfoEncryptedResponseAlg().getName() : null);
o.addProperty("userinfo_encrypted_response_enc", c.getUserInfoEncryptedResponseEnc() != null ? c.getUserInfoEncryptedResponseEnc().getName() : null);
o.addProperty("id_token_signed_response_alg", c.getIdTokenSignedResponseAlg() != null ? c.getIdTokenSignedResponseAlg().getName() : null);
o.addProperty("id_token_encrypted_response_alg", c.getIdTokenEncryptedResponseAlg() != null ? c.getIdTokenEncryptedResponseAlg().getName() : null);
o.addProperty("id_token_encrypted_response_enc", c.getIdTokenEncryptedResponseEnc() != null ? c.getIdTokenEncryptedResponseEnc().getName() : null);
o.addProperty("default_max_age", c.getDefaultMaxAge());
o.addProperty("require_auth_time", c.getRequireAuthTime());
o.add("default_acr_values", getAsArray(c.getDefaultACRvalues()));
@ -239,10 +239,10 @@ public class ClientDetailsEntityJsonProcessor {
/**
* Gets the value of the given member as a JWE Algorithm, null if it doesn't exist
*/
private static JWEAlgorithmEmbed getAsJweAlgorithm(JsonObject o, String member) {
private static JWEAlgorithm getAsJweAlgorithm(JsonObject o, String member) {
String s = getAsString(o, member);
if (s != null) {
return JWEAlgorithmEmbed.getForAlgorithmName(s);
return JWEAlgorithm.parse(s);
} else {
return null;
}
@ -251,10 +251,10 @@ public class ClientDetailsEntityJsonProcessor {
/**
* Gets the value of the given member as a JWE Encryption Method, null if it doesn't exist
*/
private static JWEEncryptionMethodEmbed getAsJweEncryptionMethod(JsonObject o, String member) {
private static EncryptionMethod getAsJweEncryptionMethod(JsonObject o, String member) {
String s = getAsString(o, member);
if (s != null) {
return JWEEncryptionMethodEmbed.getForAlgorithmName(s);
return EncryptionMethod.parse(s);
} else {
return null;
}
@ -263,10 +263,10 @@ public class ClientDetailsEntityJsonProcessor {
/**
* Gets the value of the given member as a JWS Algorithm, null if it doesn't exist
*/
private static JWSAlgorithmEmbed getAsJwsAlgorithm(JsonObject o, String member) {
private static JWSAlgorithm getAsJwsAlgorithm(JsonObject o, String member) {
String s = getAsString(o, member);
if (s != null) {
return JWSAlgorithmEmbed.getForAlgorithmName(s);
return JWSAlgorithm.parse(s);
} else {
return null;
}

8
openid-connect-common/src/test/java/org/mitre/oauth2/model/ClientDetailsEntityTest.java
View File

@ -56,8 +56,8 @@ public class ClientDetailsEntityTest {
c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json");
c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC);
c.setJwksUri("https://client.example.org/my_public_keys.jwks");
c.setUserInfoEncryptedResponseAlg(new JWEAlgorithmEmbed(JWEAlgorithm.RSA1_5));
c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256));
c.setUserInfoEncryptedResponseAlg(JWEAlgorithm.RSA1_5);
c.setUserInfoEncryptedResponseEnc(EncryptionMethod.A128CBC_HS256);
c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"));
c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"));
c.setCreatedAt(now);
@ -73,8 +73,8 @@ public class ClientDetailsEntityTest {
assertEquals("https://other.example.net/file_of_redirect_uris.json", c.getSectorIdentifierUri());
assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod());
assertEquals("https://client.example.org/my_public_keys.jwks", c.getJwksUri());
assertEquals(JWEAlgorithm.RSA1_5, c.getUserInfoEncryptedResponseAlg().getAlgorithm());
assertEquals(EncryptionMethod.A128CBC_HS256, c.getUserInfoEncryptedResponseEnc().getAlgorithm());
assertEquals(JWEAlgorithm.RSA1_5, c.getUserInfoEncryptedResponseAlg());
assertEquals(EncryptionMethod.A128CBC_HS256, c.getUserInfoEncryptedResponseEnc());
assertEquals(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"), c.getContacts());
assertEquals(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"), c.getRequestUris());
assertEquals(now, c.getCreatedAt());

24
openid-connect-common/src/test/java/org/mitre/oauth2/model/RegisteredClientTest.java
View File

@ -60,8 +60,8 @@ public class RegisteredClientTest {
c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json");
c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC);
c.setJwksUri("https://client.example.org/my_public_keys.jwks");
c.setUserInfoEncryptedResponseAlg(new JWEAlgorithmEmbed(JWEAlgorithm.RSA1_5));
c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256));
c.setUserInfoEncryptedResponseAlg(JWEAlgorithm.RSA1_5);
c.setUserInfoEncryptedResponseEnc(EncryptionMethod.A128CBC_HS256);
c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"));
c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"));
@ -78,8 +78,8 @@ public class RegisteredClientTest {
assertEquals("https://other.example.net/file_of_redirect_uris.json", c.getSectorIdentifierUri());
assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod());
assertEquals("https://client.example.org/my_public_keys.jwks", c.getJwksUri());
assertEquals(JWEAlgorithm.RSA1_5, c.getUserInfoEncryptedResponseAlg().getAlgorithm());
assertEquals(EncryptionMethod.A128CBC_HS256, c.getUserInfoEncryptedResponseEnc().getAlgorithm());
assertEquals(JWEAlgorithm.RSA1_5, c.getUserInfoEncryptedResponseAlg());
assertEquals(EncryptionMethod.A128CBC_HS256, c.getUserInfoEncryptedResponseEnc());
assertEquals(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"), c.getContacts());
assertEquals(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"), c.getRequestUris());
}
@ -101,8 +101,8 @@ public class RegisteredClientTest {
c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json");
c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC);
c.setJwksUri("https://client.example.org/my_public_keys.jwks");
c.setUserInfoEncryptedResponseAlg(new JWEAlgorithmEmbed(JWEAlgorithm.RSA1_5));
c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256));
c.setUserInfoEncryptedResponseAlg(JWEAlgorithm.RSA1_5);
c.setUserInfoEncryptedResponseEnc(EncryptionMethod.A128CBC_HS256);
c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"));
c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"));
@ -126,8 +126,8 @@ public class RegisteredClientTest {
assertEquals("https://other.example.net/file_of_redirect_uris.json", rc.getSectorIdentifierUri());
assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, rc.getTokenEndpointAuthMethod());
assertEquals("https://client.example.org/my_public_keys.jwks", rc.getJwksUri());
assertEquals(JWEAlgorithm.RSA1_5, rc.getUserInfoEncryptedResponseAlg().getAlgorithm());
assertEquals(EncryptionMethod.A128CBC_HS256, rc.getUserInfoEncryptedResponseEnc().getAlgorithm());
assertEquals(JWEAlgorithm.RSA1_5, rc.getUserInfoEncryptedResponseAlg());
assertEquals(EncryptionMethod.A128CBC_HS256, rc.getUserInfoEncryptedResponseEnc());
assertEquals(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"), rc.getContacts());
assertEquals(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"), rc.getRequestUris());
}
@ -149,8 +149,8 @@ public class RegisteredClientTest {
c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json");
c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC);
c.setJwksUri("https://client.example.org/my_public_keys.jwks");
c.setUserInfoEncryptedResponseAlg(new JWEAlgorithmEmbed(JWEAlgorithm.RSA1_5));
c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256));
c.setUserInfoEncryptedResponseAlg(JWEAlgorithm.RSA1_5);
c.setUserInfoEncryptedResponseEnc(EncryptionMethod.A128CBC_HS256);
c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"));
c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"));
@ -170,8 +170,8 @@ public class RegisteredClientTest {
assertEquals("https://other.example.net/file_of_redirect_uris.json", rc.getSectorIdentifierUri());
assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, rc.getTokenEndpointAuthMethod());
assertEquals("https://client.example.org/my_public_keys.jwks", rc.getJwksUri());
assertEquals(JWEAlgorithm.RSA1_5, rc.getUserInfoEncryptedResponseAlg().getAlgorithm());
assertEquals(EncryptionMethod.A128CBC_HS256, rc.getUserInfoEncryptedResponseEnc().getAlgorithm());
assertEquals(JWEAlgorithm.RSA1_5, rc.getUserInfoEncryptedResponseAlg());
assertEquals(EncryptionMethod.A128CBC_HS256, rc.getUserInfoEncryptedResponseEnc());
assertEquals(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"), rc.getContacts());
assertEquals(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"), rc.getRequestUris());
}

12
openid-connect-common/src/test/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessorTest.java
View File

@ -81,8 +81,8 @@ public class ClientDetailsEntityJsonProcessorTest {
assertEquals("https://other.example.net/file_of_redirect_uris.json", c.getSectorIdentifierUri());
assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod());
assertEquals("https://client.example.org/my_public_keys.jwks", c.getJwksUri());
assertEquals(JWEAlgorithm.RSA1_5, c.getUserInfoEncryptedResponseAlg().getAlgorithm());
assertEquals(EncryptionMethod.A128CBC_HS256, c.getUserInfoEncryptedResponseEnc().getAlgorithm());
assertEquals(JWEAlgorithm.RSA1_5, c.getUserInfoEncryptedResponseAlg());
assertEquals(EncryptionMethod.A128CBC_HS256, c.getUserInfoEncryptedResponseEnc());
assertEquals(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"), c.getContacts());
assertEquals(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"), c.getRequestUris());
@ -143,8 +143,8 @@ public class ClientDetailsEntityJsonProcessorTest {
assertEquals("https://other.example.net/file_of_redirect_uris.json", c.getSectorIdentifierUri());
assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod());
assertEquals("https://client.example.org/my_public_keys.jwks", c.getJwksUri());
assertEquals(JWEAlgorithm.RSA1_5, c.getUserInfoEncryptedResponseAlg().getAlgorithm());
assertEquals(EncryptionMethod.A128CBC_HS256, c.getUserInfoEncryptedResponseEnc().getAlgorithm());
assertEquals(JWEAlgorithm.RSA1_5, c.getUserInfoEncryptedResponseAlg());
assertEquals(EncryptionMethod.A128CBC_HS256, c.getUserInfoEncryptedResponseEnc());
assertEquals(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"), c.getContacts());
assertEquals(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"), c.getRequestUris());
@ -172,8 +172,8 @@ public class ClientDetailsEntityJsonProcessorTest {
c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json");
c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC);
c.setJwksUri("https://client.example.org/my_public_keys.jwks");
c.setUserInfoEncryptedResponseAlg(new JWEAlgorithmEmbed(JWEAlgorithm.RSA1_5));
c.setUserInfoEncryptedResponseEnc(new JWEEncryptionMethodEmbed(EncryptionMethod.A128CBC_HS256));
c.setUserInfoEncryptedResponseAlg(JWEAlgorithm.RSA1_5);
c.setUserInfoEncryptedResponseEnc(EncryptionMethod.A128CBC_HS256);
c.setContacts(ImmutableSet.of("ve7jtb@example.org", "mary@example.org"));
c.setRequestUris(ImmutableSet.of("https://client.example.org/rf.txt#qpXaRLh_n93TTR9F252ValdatUQvQiJi5BDub2BeznA"));

6
openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectOAuth2RequestFactory.java
View File

@ -171,7 +171,7 @@ public class ConnectOAuth2RequestFactory extends DefaultOAuth2RequestFactory {
if (client.getRequestObjectSigningAlg() != null) {
if (!client.getRequestObjectSigningAlg().equals(alg)) {
throw new AuthenticationServiceException("Client's registered request object signing algorithm (" + client.getRequestObjectSigningAlg().getAlgorithmName() + ") does not match request object's actual algorithm (" + alg.getName() + ")");
throw new AuthenticationServiceException("Client's registered request object signing algorithm (" + client.getRequestObjectSigningAlg() + ") does not match request object's actual algorithm (" + alg.getName() + ")");
}
}
@ -231,8 +231,8 @@ public class ConnectOAuth2RequestFactory extends DefaultOAuth2RequestFactory {
if (client.getRequestObjectSigningAlg() == null) {
throw new InvalidClientException("Client is not registered for unsigned request objects (no request_object_signing_alg registered)");
} else if (!client.getRequestObjectSigningAlg().getAlgorithm().equals(Algorithm.NONE)) {
throw new InvalidClientException("Client is not registered for unsigned request objects (request_object_signing_alg is " + client.getRequestObjectSigningAlg().getAlgorithmName() +")");
} else if (!client.getRequestObjectSigningAlg().equals(Algorithm.NONE)) {
throw new InvalidClientException("Client is not registered for unsigned request objects (request_object_signing_alg is " + client.getRequestObjectSigningAlg() +")");
}
// if we got here, we're OK, keep processing

2
openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java
View File

@ -92,7 +92,7 @@ public class ConnectTokenEnhancer implements TokenEnhancer {
JWSAlgorithm signingAlg = jwtService.getDefaultSigningAlgorithm();
if (client.getIdTokenSignedResponseAlg() != null) {
signingAlg = client.getIdTokenSignedResponseAlg().getAlgorithm();
signingAlg = client.getIdTokenSignedResponseAlg();
}
SignedJWT signed = new SignedJWT(new JWSHeader(signingAlg), claims);