Removed IdTokenGeneratorService. Addresses issue #75

openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java

@@ -23,6 +23,7 @@ import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
 import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
 import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
 import org.mitre.openid.connect.model.IdToken;
+import org.mitre.openid.connect.model.IdTokenClaims;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.slf4j.spi.LoggerFactoryBinder;
@@ -42,9 +43,6 @@ public class ConnectTokenEnhancer implements TokenEnhancer {
 	@Autowired
 	private ConfigurationPropertiesBean configBean;
 	
-	@Autowired
-	private IdTokenGeneratorService idTokenService;
-	
 	@Autowired
 	private JwtSigningAndValidationService jwtService;
 	
@@ -69,7 +67,6 @@ public class ConnectTokenEnhancer implements TokenEnhancer {
 			token.getRefreshToken().getJwt().getClaims().setNonce(UUID.randomUUID().toString()); // set a random nonce in the middle of it
 		}
 		
-		//TODO: check for client's preferred signer alg and use that
 		try {
 	        jwtService.signJwt(token.getJwt());
         } catch (NoSuchAlgorithmException e) {
@@ -86,18 +83,26 @@ public class ConnectTokenEnhancer implements TokenEnhancer {
 
 			String userId = authentication.getName();
 		
-			IdToken idToken = idTokenService.generateIdToken(userId, configBean.getIssuer());
+			IdToken idToken = new IdToken();
-			idToken.getClaims().setAudience(clientId);
+			
-			idToken.getClaims().setIssuedAt(new Date());
+			IdTokenClaims claims = new IdTokenClaims();
-			idToken.getClaims().setIssuer(configBean.getIssuer());
+			claims.setAuthTime(new Date());
+			claims.setIssuedAt(new Date());
+			//TODO: Set expiration
+			//claims.setExpiration(new Date());
+			claims.setIssuer(configBean.getIssuer());
+			claims.setUserId(userId);
+			claims.setAudience(clientId);
+			
+			idToken.setClaims(claims);
 			
 			String nonce = authentication.getAuthorizationRequest().getAuthorizationParameters().get("nonce");
 			if (!Strings.isNullOrEmpty(nonce)) {
 				idToken.getClaims().setNonce(nonce);
 			}
-			// TODO: expiration? other fields?
 
 			//TODO: check for client's preferred signer alg and use that
+			
 			try {
 	            jwtService.signJwt(idToken);
             } catch (NoSuchAlgorithmException e) {
@@ -118,14 +123,6 @@ public class ConnectTokenEnhancer implements TokenEnhancer {
 		this.configBean = configBean;
 	}
 
-	public IdTokenGeneratorService getIdTokenService() {
-		return idTokenService;
-	}
-
-	public void setIdTokenService(IdTokenGeneratorService idTokenService) {
-		this.idTokenService = idTokenService;
-	}
-
 	public JwtSigningAndValidationService getJwtService() {
 		return jwtService;
 	}

openid-connect-server/src/main/java/org/mitre/openid/connect/token/DummyIdTokenGeneratorService.java

@@ -1,52 +0,0 @@
-/*******************************************************************************
- * Copyright 2012 The MITRE Corporation
- * 
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *   http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- ******************************************************************************/
-package org.mitre.openid.connect.token;
-
-import java.util.Date;
-
-import org.mitre.openid.connect.model.IdToken;
-import org.mitre.openid.connect.model.IdTokenClaims;
-import org.springframework.stereotype.Service;
-
-/**
- * Dummy implementation of the IdTokenGeneratorService.
- * 
- * A concrete implementation would need access to a data service that 
- * would provide information / claims about the users in the system. This
- * information would be pulled up by the given userId and inserted into 
- * a new IdToken.
- * 
- * @author AANGANES
- *
- */
-@Service
-public class DummyIdTokenGeneratorService implements IdTokenGeneratorService {
-
-	@Override
-	public IdToken generateIdToken(String userId, String issuer) {
-		IdToken token = new IdToken();
-		
-		IdTokenClaims claims = new IdTokenClaims();
-		claims.setAuthTime(new Date());
-		claims.setIssuer(issuer);
-		claims.setUserId(userId);
-		
-		token.setClaims(claims);
-		
-		return token;
-	}
-
-}

openid-connect-server/src/main/java/org/mitre/openid/connect/token/IdTokenGeneratorService.java

@@ -1,24 +0,0 @@
-/*******************************************************************************
- * Copyright 2012 The MITRE Corporation
- * 
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *   http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- ******************************************************************************/
-package org.mitre.openid.connect.token;
-
-import org.mitre.openid.connect.model.IdToken;
-
-public interface IdTokenGeneratorService {
-
-	public IdToken generateIdToken(String userId, String issuer);
-	
-}