added webfinger lookup helper service

10 years ago · e89d8cd985
6 changed files with 104 additions and 7 deletions
--- a/openid-connect-server-webapp/pom.xml
+++ b/openid-connect-server-webapp/pom.xml
@ -127,6 +127,5 @@
 			<groupId>javax.servlet</groupId>
 			<artifactId>jstl</artifactId>
 		</dependency>
-
 	</dependencies>
 </project>
--- a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json
@ -346,7 +346,8 @@
    	"policy-table": {
    		"edit": "Edit Policies",
    		"no-resource-sets": "There are no resource sets registered. Introduce a protected to this authorization server to let it register some.",
-    		"no-required-claims": "There are no required claims for this resource set."
+    		"no-required-claims": "There are no required claims for this resource set.",
+    		"share-email": "Share with email address"
    	}	
    },
 	"copyright": "Powered by <a href=\"https://github.com/mitreid-connect/\">MITREid Connect <span class=\"label\">{0}</span></a> <span class=\"pull-right\">&copy; 2015 The MITRE Corporation and MIT KIT.</span>.",
--- a/openid-connect-server-webapp/src/main/webapp/resources/template/policy.html
+++ b/openid-connect-server-webapp/src/main/webapp/resources/template/policy.html
@ -68,9 +68,10 @@
 	</div>

 	<div id="add-required-claim">
-		<form>
+		<form class="form-horizontal">
 			<fieldset>
-				<input type="text" />
+				<input type="text" id="email" placeholder="email address" />
+				<button id="add-email" class="btn btn-info"><i class="icon-share icon-white"></i> <span data-i18n="policy.policy-table.share-email">Share with email address</span></button>
 			</fieldset>
 		</form>
 	</div>
@ -79,7 +80,7 @@
        <thead>
 			<tr>
 				<th>Issuers</th>
-				<th>Name</th>
+				<th>Claim</th>
 				<th>Value</th>
 				<th></th>			
        </thead>
@ -97,7 +98,7 @@
 <script type="text/html" id="tmpl-required-claim">
    <td>
 		<% _.each(issuer, function(issuer) { %>
-			<span class="label"><%- issuer %></span>
+			<span class="label label-info"><%- issuer %></span>
 		<% }); %>
   </td>

@ -111,7 +112,7 @@

    <td>
 		<div class="btn-group pull-right">
-	        <button class="btn btn-edit"><i class="icon-edit"></i> <span data-i18n="policy.policy-table.edit">Edit Policies</span></button> &nbsp; 
+	        <button class="btn btn-danger btn-remove"><i class="icon-trash icon-white"></i> <span data-i18n="policy.policy-table.remove">Remove</span></button> &nbsp; 
 		</div>
    </td>

--- a/openid-connect-server/pom.xml
+++ b/openid-connect-server/pom.xml
@ -43,6 +43,10 @@
 			<groupId>org.mitre</groupId>
 			<artifactId>openid-connect-common</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>org.mitre</groupId>
+			<artifactId>openid-connect-client</artifactId>
+		</dependency>
 		<dependency>
 			<groupId>org.springframework</groupId>
 			<artifactId>spring-tx</artifactId>
--- a/openid-connect-server/src/main/java/org/mitre/uma/web/UserClaimSearchHelper.java
+++ b/openid-connect-server/src/main/java/org/mitre/uma/web/UserClaimSearchHelper.java
@ -0,0 +1,87 @@
+/*******************************************************************************
+ * Copyright 2015 The MITRE Corporation
+ *   and the MIT Kerberos and Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+package org.mitre.uma.web;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.mitre.openid.connect.client.model.IssuerServiceResponse;
+import org.mitre.openid.connect.client.service.impl.WebfingerIssuerService;
+import org.mitre.openid.connect.service.UserInfoService;
+import org.mitre.openid.connect.view.HttpCodeView;
+import org.mitre.openid.connect.view.JsonEntityView;
+import org.mitre.openid.connect.view.JsonErrorView;
+import org.mitre.openid.connect.web.RootController;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.core.Authentication;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.util.MimeTypeUtils;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+
+import com.google.common.collect.ImmutableSet;
+
+
+/**
+ * @author jricher
+ *
+ */
+@Controller
+@RequestMapping("/" + UserClaimSearchHelper.URL)
+@PreAuthorize("hasRole('ROLE_USER')")
+public class UserClaimSearchHelper {
+
+	public static final String URL = RootController.API_URL + "/emailsearch";
+	
+	private WebfingerIssuerService webfingerIssuerService = new WebfingerIssuerService();
+	
+	@Autowired
+	private UserInfoService userInfoService;
+
+	
+	@RequestMapping(method = RequestMethod.GET, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+	public String search(@RequestParam(value = "identifier") String email, Model m, Authentication auth, HttpServletRequest req) {
+		
+		// check locally first
+		//UserInfo localUser = userInfoService.getByEmailAddress(email);
+		
+		
+		IssuerServiceResponse resp = webfingerIssuerService.getIssuer(req);
+		
+		if (resp.getIssuer() != null) {
+			// we found an issuer, return that
+			Map<String, Object> entity = new HashMap<>();
+			entity.put("issuers", ImmutableSet.of(resp.getIssuer()));
+			entity.put("name", "email");
+			entity.put("value", email);
+			
+			m.addAttribute(JsonEntityView.ENTITY, entity);
+			return JsonEntityView.VIEWNAME;
+		} else {
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
+			return JsonErrorView.VIEWNAME;
+		}
+	}
+	
+}
--- a/pom.xml
+++ b/pom.xml
@ -480,6 +480,11 @@
 				<version>3.9</version>
 			</dependency>

+			<dependency>
+				<groupId>org.mitre</groupId>
+				<artifactId>openid-connect-client</artifactId>
+				<version>${project.version}</version>
+			</dependency>
 		</dependencies>
 	</dependencyManagement>