swapped exception class for existing BeanCreationException, added example flag in config file (commented out)

closes #528 closes #689
2014-10-04 14:59:36 -04:00 · 2014-10-04 14:59:36 -04:00 · f097e589a4
parent be485da8ff
commit f097e589a4
4 changed files with 21 additions and 64 deletions
--- a/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java
+++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/config/ConfigurationPropertiesBean.java
@ -20,6 +20,7 @@ import javax.annotation.PostConstruct;

 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.BeanCreationException;
 import org.springframework.util.StringUtils;


@ -55,11 +56,11 @@ public class ConfigurationPropertiesBean {
 	 * @throws HttpsUrlRequiredException 
 	 */
 	@PostConstruct
-	public void checkForHttps() throws HttpsUrlRequiredException {
+	public void checkForHttps() {
 		if (!StringUtils.startsWithIgnoreCase(issuer, "https")) {
 			if (this.forceHttps) {
-				logger.warn("Configured issuer url is not using https scheme. This is not allowed!");
-				throw new HttpsUrlRequiredException(issuer);
+				logger.error("Configured issuer url is not using https scheme. Server will be shut down!");
+				throw new BeanCreationException("Issuer is not using https scheme as required: " + issuer);
 			}
 			else {
 				logger.warn("Configured issuer url is not using https scheme.");
--- a/openid-connect-common/src/main/java/org/mitre/openid/connect/config/HttpsUrlRequiredException.java
+++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/config/HttpsUrlRequiredException.java
@ -1,43 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 The MITRE Corporation
- *   and the MIT Kerberos and Internet Trust Consortium
- * 
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *   http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- ******************************************************************************/
-package org.mitre.openid.connect.config;
-
-public class HttpsUrlRequiredException extends RuntimeException {
-
-	/**
-	 * 
-	 */
-	private static final long serialVersionUID = 1318613592371145910L;
-	private String error;
-	/**
-	 * @param error
-	 */
-	public HttpsUrlRequiredException(String error) {
-		this.setError(error);
-	}
-	public String getError() {
-		return error;
-	}
-	public void setError(String error) {
-		this.error = error;
-	}
-	@Override
-	public String toString() {
-		return "HttpsUrlRequiredException [error=" + this.error + "]";
-	}
-	
-}
--- a/openid-connect-common/src/test/java/org/mitre/openid/connect/config/ConfigurationPropertiesBeanTest.java
+++ b/openid-connect-common/src/test/java/org/mitre/openid/connect/config/ConfigurationPropertiesBeanTest.java
@ -22,6 +22,7 @@ package org.mitre.openid.connect.config;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.fail;
 import org.junit.Test;
+import org.springframework.beans.factory.BeanCreationException;

 /**
 * @author jricher
@ -62,9 +63,8 @@ public class ConfigurationPropertiesBeanTest {
 		try {
 			bean.setIssuer("http://localhost:8080/openid-connect-server/");
 			bean.checkForHttps();			
-		}
-		catch (HttpsUrlRequiredException e) {
-			fail("Unexpected HttpsUrlRequiredException for http issuer with default forceHttps, message:" + e.getError());
+		} catch (BeanCreationException e) {
+			fail("Unexpected BeanCreationException for http issuer with default forceHttps, message:" + e.getMessage());
 		}
 	}

@ -77,14 +77,13 @@ public class ConfigurationPropertiesBeanTest {
 			bean.setIssuer("http://localhost:8080/openid-connect-server/");
 			bean.setForceHttps(false);
 			bean.checkForHttps();
-		}
-		catch (HttpsUrlRequiredException e) {
-			fail("Unexpected HttpsUrlRequiredException for http issuer with forceHttps=false, message:" + e.getError());
+		} catch (BeanCreationException e) {
+			fail("Unexpected BeanCreationException for http issuer with forceHttps=false, message:" + e.getMessage());
 		}
 	}

-	@Test(expected = HttpsUrlRequiredException.class)
-	public void testCheckForHttpsIssuerHttpTrueFlag() throws HttpsUrlRequiredException {
+	@Test(expected = BeanCreationException.class)
+	public void testCheckForHttpsIssuerHttpTrueFlag() {
 		ConfigurationPropertiesBean bean = new ConfigurationPropertiesBean();
 		// issuer is http	
 		// set to true
@ -101,9 +100,8 @@ public class ConfigurationPropertiesBeanTest {
 		try {
 			bean.setIssuer("https://localhost:8080/openid-connect-server/");
 			bean.checkForHttps();			
-		}
-		catch (HttpsUrlRequiredException e) {
-			fail("Unexpected HttpsUrlRequiredException for https issuer with default forceHttps, message:" + e.getError());
+		} catch (BeanCreationException e) {
+			fail("Unexpected BeanCreationException for https issuer with default forceHttps, message:" + e.getMessage());
 		}
 	}
 	
@ -116,9 +114,8 @@ public class ConfigurationPropertiesBeanTest {
 			bean.setIssuer("https://localhost:8080/openid-connect-server/");
 			bean.setForceHttps(false);
 			bean.checkForHttps();
-		}
-		catch (HttpsUrlRequiredException e) {
-			fail("Unexpected HttpsUrlRequiredException for https issuer with forceHttps=false, message:" + e.getError());
+		} catch (BeanCreationException e) {
+			fail("Unexpected BeanCreationException for https issuer with forceHttps=false, message:" + e.getMessage());
 		}
 	}
 	
@ -131,9 +128,8 @@ public class ConfigurationPropertiesBeanTest {
 			bean.setIssuer("https://localhost:8080/openid-connect-server/");
 			bean.setForceHttps(true);
 			bean.checkForHttps();
-		}
-		catch (HttpsUrlRequiredException e) {
-			fail("Unexpected HttpsUrlRequiredException for https issuer with forceHttps=true, message:" + e.getError());
+		} catch (BeanCreationException e) {
+			fail("Unexpected BeanCreationException for https issuer with forceHttps=true, message:" + e.getMessage());
 		}
 		
 	}
--- a/openid-connect-server-webapp/src/main/webapp/WEB-INF/server-config.xml
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/server-config.xml
@ -30,7 +30,7 @@

 	<bean id="configBean" class="org.mitre.openid.connect.config.ConfigurationPropertiesBean">
 	    
-	    <!-- This property sets the root URL of the server, known as the issuer. -->
+	    <!-- This property sets the root URL of the server, known as the issuer -->
 		<property name="issuer" value="http://localhost:8080/openid-connect-server-webapp/" />
 		
 		<!-- This property is a URL pointing to a logo image 24px high to be used in the top bar -->
@ -41,6 +41,9 @@
 		
 		<!-- This property sets the lifetime of registration access tokens, in seconds. Leave it unset (null) for no rotation. -->
 		<!-- <property name="regTokenLifeTime" value="172800" /> -->
+		
+		<!-- This property forces the issuer value to start with "https" -->
+		<!-- <property name="forceHttps" value="true" /> -->

 	</bean>