auth_type -> auth_method (addresses #258)
parent
fd2253303e
commit
f0ee36dad2
|
@ -84,7 +84,7 @@ public class ClientDetailsEntity implements ClientDetails {
|
||||||
/** Fields from Client Registration Specification **/
|
/** Fields from Client Registration Specification **/
|
||||||
private AppType applicationType;
|
private AppType applicationType;
|
||||||
private String clientName;
|
private String clientName;
|
||||||
private AuthType tokenEndpointAuthType = AuthType.SECRET_BASIC;
|
private AuthMethod tokenEndpointAuthMethod = AuthMethod.SECRET_BASIC;
|
||||||
private SubjectType subjectType;
|
private SubjectType subjectType;
|
||||||
|
|
||||||
private Set<String> contacts;
|
private Set<String> contacts;
|
||||||
|
@ -116,7 +116,7 @@ public class ClientDetailsEntity implements ClientDetails {
|
||||||
private String defaultACR;
|
private String defaultACR;
|
||||||
|
|
||||||
|
|
||||||
public enum AuthType {
|
public enum AuthMethod {
|
||||||
SECRET_POST("client_secret_post"),
|
SECRET_POST("client_secret_post"),
|
||||||
SECRET_BASIC("client_secret_basic"),
|
SECRET_BASIC("client_secret_basic"),
|
||||||
SECRET_JWT("client_secret_jwt"),
|
SECRET_JWT("client_secret_jwt"),
|
||||||
|
@ -126,14 +126,14 @@ public class ClientDetailsEntity implements ClientDetails {
|
||||||
private final String value;
|
private final String value;
|
||||||
|
|
||||||
// map to aid reverse lookup
|
// map to aid reverse lookup
|
||||||
private static final Map<String, AuthType> lookup = new HashMap<String, AuthType>();
|
private static final Map<String, AuthMethod> lookup = new HashMap<String, AuthMethod>();
|
||||||
static {
|
static {
|
||||||
for (AuthType a : AuthType.values()) {
|
for (AuthMethod a : AuthMethod.values()) {
|
||||||
lookup.put(a.getValue(), a);
|
lookup.put(a.getValue(), a);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
AuthType(String value) {
|
AuthMethod(String value) {
|
||||||
this.value = value;
|
this.value = value;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -141,7 +141,7 @@ public class ClientDetailsEntity implements ClientDetails {
|
||||||
return value;
|
return value;
|
||||||
}
|
}
|
||||||
|
|
||||||
public static AuthType getByValue(String value) {
|
public static AuthMethod getByValue(String value) {
|
||||||
return lookup.get(value);
|
return lookup.get(value);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -537,13 +537,13 @@ public class ClientDetailsEntity implements ClientDetails {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Enumerated(EnumType.STRING)
|
@Enumerated(EnumType.STRING)
|
||||||
@Column(name="token_endpoint_auth_type")
|
@Column(name="token_endpoint_auth_method")
|
||||||
public AuthType getTokenEndpointAuthType() {
|
public AuthMethod getTokenEndpointAuthMethod() {
|
||||||
return tokenEndpointAuthType;
|
return tokenEndpointAuthMethod;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setTokenEndpointAuthType(AuthType tokenEndpointAuthType) {
|
public void setTokenEndpointAuthMethod(AuthMethod tokenEndpointAuthMethod) {
|
||||||
this.tokenEndpointAuthType = tokenEndpointAuthType;
|
this.tokenEndpointAuthMethod = tokenEndpointAuthMethod;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Enumerated(EnumType.STRING)
|
@Enumerated(EnumType.STRING)
|
||||||
|
@ -841,8 +841,8 @@ public class ClientDetailsEntity implements ClientDetails {
|
||||||
+ applicationType + ", " : "")
|
+ applicationType + ", " : "")
|
||||||
+ (clientName != null ? "clientName="
|
+ (clientName != null ? "clientName="
|
||||||
+ clientName + ", " : "")
|
+ clientName + ", " : "")
|
||||||
+ (tokenEndpointAuthType != null ? "tokenEndpointAuthType="
|
+ (tokenEndpointAuthMethod != null ? "tokenEndpointAuthMethod="
|
||||||
+ tokenEndpointAuthType + ", " : "")
|
+ tokenEndpointAuthMethod + ", " : "")
|
||||||
+ (subjectType != null ? "subjectType=" + subjectType + ", " : "")
|
+ (subjectType != null ? "subjectType=" + subjectType + ", " : "")
|
||||||
+ (contacts != null ? "contacts=" + contacts + ", " : "")
|
+ (contacts != null ? "contacts=" + contacts + ", " : "")
|
||||||
+ (logoUrl != null ? "logoUrl=" + logoUrl + ", " : "")
|
+ (logoUrl != null ? "logoUrl=" + logoUrl + ", " : "")
|
||||||
|
@ -980,7 +980,7 @@ public class ClientDetailsEntity implements ClientDetails {
|
||||||
.hashCode());
|
.hashCode());
|
||||||
result = prime
|
result = prime
|
||||||
* result
|
* result
|
||||||
+ ((tokenEndpointAuthType == null) ? 0 : tokenEndpointAuthType
|
+ ((tokenEndpointAuthMethod == null) ? 0 : tokenEndpointAuthMethod
|
||||||
.hashCode());
|
.hashCode());
|
||||||
result = prime * result
|
result = prime * result
|
||||||
+ ((subjectType == null) ? 0 : subjectType.hashCode());
|
+ ((subjectType == null) ? 0 : subjectType.hashCode());
|
||||||
|
@ -1209,7 +1209,7 @@ public class ClientDetailsEntity implements ClientDetails {
|
||||||
} else if (!sectorIdentifierUrl.equals(other.sectorIdentifierUrl)) {
|
} else if (!sectorIdentifierUrl.equals(other.sectorIdentifierUrl)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if (tokenEndpointAuthType != other.tokenEndpointAuthType) {
|
if (tokenEndpointAuthMethod != other.tokenEndpointAuthMethod) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if (subjectType != other.subjectType) {
|
if (subjectType != other.subjectType) {
|
||||||
|
|
|
@ -9,7 +9,7 @@ import org.mitre.jwt.signer.JwsAlgorithm;
|
||||||
import org.mitre.oauth2.exception.ClientNotFoundException;
|
import org.mitre.oauth2.exception.ClientNotFoundException;
|
||||||
import org.mitre.oauth2.model.ClientDetailsEntity;
|
import org.mitre.oauth2.model.ClientDetailsEntity;
|
||||||
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
|
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
|
||||||
import org.mitre.oauth2.model.ClientDetailsEntity.AuthType;
|
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
|
||||||
import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
|
import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
|
||||||
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
|
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
|
||||||
import org.mitre.oauth2.service.ClientDetailsEntityService;
|
import org.mitre.oauth2.service.ClientDetailsEntityService;
|
||||||
|
@ -75,19 +75,19 @@ public class ClientDynamicRegistrationEndpoint {
|
||||||
/*
|
/*
|
||||||
* Authentication type
|
* Authentication type
|
||||||
*/
|
*/
|
||||||
binder.registerCustomEditor(AuthType.class, new PropertyEditorSupport() {
|
binder.registerCustomEditor(AuthMethod.class, new PropertyEditorSupport() {
|
||||||
@Override
|
@Override
|
||||||
public void setAsText(String text) throws IllegalArgumentException {
|
public void setAsText(String text) throws IllegalArgumentException {
|
||||||
if (Strings.isNullOrEmpty(text)) {
|
if (Strings.isNullOrEmpty(text)) {
|
||||||
setValue(null);
|
setValue(null);
|
||||||
} else {
|
} else {
|
||||||
setValue(AuthType.getByValue(text));
|
setValue(AuthMethod.getByValue(text));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String getAsText() {
|
public String getAsText() {
|
||||||
AuthType at = (AuthType) getValue();
|
AuthMethod at = (AuthMethod) getValue();
|
||||||
return at == null ? null : at.getValue();
|
return at == null ? null : at.getValue();
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
@ -190,7 +190,7 @@ public class ClientDynamicRegistrationEndpoint {
|
||||||
@RequestParam(value = "logo_url", required = false) String logoUrl,
|
@RequestParam(value = "logo_url", required = false) String logoUrl,
|
||||||
@RequestParam(value = "contacts", required = false) Set<String> contacts,
|
@RequestParam(value = "contacts", required = false) Set<String> contacts,
|
||||||
@RequestParam(value = "tos_url", required = false) String tosUrl,
|
@RequestParam(value = "tos_url", required = false) String tosUrl,
|
||||||
@RequestParam(value = "token_endpoint_auth_type", required = false) AuthType tokenEndpointAuthType,
|
@RequestParam(value = "token_endpoint_auth_method", required = false) AuthMethod tokenEndpointAuthMethod,
|
||||||
@RequestParam(value = "policy_url", required = false) String policyUrl,
|
@RequestParam(value = "policy_url", required = false) String policyUrl,
|
||||||
|
|
||||||
@RequestParam(value = "scope", required = false) Set<String> scope,
|
@RequestParam(value = "scope", required = false) Set<String> scope,
|
||||||
|
@ -230,7 +230,7 @@ public class ClientDynamicRegistrationEndpoint {
|
||||||
ClientDetailsEntity client = new ClientDetailsEntity();
|
ClientDetailsEntity client = new ClientDetailsEntity();
|
||||||
|
|
||||||
// if it's not using a private key or no auth, then generate a secret
|
// if it's not using a private key or no auth, then generate a secret
|
||||||
if (tokenEndpointAuthType != AuthType.PRIVATE_KEY && tokenEndpointAuthType != AuthType.NONE) {
|
if (tokenEndpointAuthMethod != AuthMethod.PRIVATE_KEY && tokenEndpointAuthMethod != AuthMethod.NONE) {
|
||||||
client = clientService.generateClientSecret(client);
|
client = clientService.generateClientSecret(client);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -241,7 +241,7 @@ public class ClientDynamicRegistrationEndpoint {
|
||||||
client.setTosUrl(tosUrl);
|
client.setTosUrl(tosUrl);
|
||||||
client.setLogoUrl(logoUrl);
|
client.setLogoUrl(logoUrl);
|
||||||
client.setRegisteredRedirectUri(redirectUris);
|
client.setRegisteredRedirectUri(redirectUris);
|
||||||
client.setTokenEndpointAuthType(tokenEndpointAuthType);
|
client.setTokenEndpointAuthMethod(tokenEndpointAuthMethod);
|
||||||
client.setPolicyUrl(policyUrl);
|
client.setPolicyUrl(policyUrl);
|
||||||
client.setJwkUrl(jwkUrl);
|
client.setJwkUrl(jwkUrl);
|
||||||
client.setJwkEncryptionUrl(jwkEncryptionUrl);
|
client.setJwkEncryptionUrl(jwkEncryptionUrl);
|
||||||
|
@ -353,7 +353,7 @@ public class ClientDynamicRegistrationEndpoint {
|
||||||
@RequestParam(value = "logo_url", required = false) String logoUrl,
|
@RequestParam(value = "logo_url", required = false) String logoUrl,
|
||||||
@RequestParam(value = "contacts", required = false) Set<String> contacts,
|
@RequestParam(value = "contacts", required = false) Set<String> contacts,
|
||||||
@RequestParam(value = "tos_url", required = false) String tosUrl,
|
@RequestParam(value = "tos_url", required = false) String tosUrl,
|
||||||
@RequestParam(value = "token_endpoint_auth_type", required = false) AuthType tokenEndpointAuthType,
|
@RequestParam(value = "token_endpoint_auth_method", required = false) AuthMethod tokenEndpointAuthMethod,
|
||||||
@RequestParam(value = "policy_url", required = false) String policyUrl,
|
@RequestParam(value = "policy_url", required = false) String policyUrl,
|
||||||
|
|
||||||
@RequestParam(value = "scope", required = false) Set<String> scope,
|
@RequestParam(value = "scope", required = false) Set<String> scope,
|
||||||
|
@ -425,8 +425,8 @@ public class ClientDynamicRegistrationEndpoint {
|
||||||
if (params.containsKey("redirect_uris")) {
|
if (params.containsKey("redirect_uris")) {
|
||||||
client.setRegisteredRedirectUri(redirectUris);
|
client.setRegisteredRedirectUri(redirectUris);
|
||||||
}
|
}
|
||||||
if (params.containsKey("token_endpoint_auth_type")) {
|
if (params.containsKey("token_endpoint_auth_method")) {
|
||||||
client.setTokenEndpointAuthType(tokenEndpointAuthType);
|
client.setTokenEndpointAuthMethod(tokenEndpointAuthMethod);
|
||||||
}
|
}
|
||||||
if (params.containsKey("policy_url")) {
|
if (params.containsKey("policy_url")) {
|
||||||
client.setPolicyUrl(Strings.emptyToNull(policyUrl));
|
client.setPolicyUrl(Strings.emptyToNull(policyUrl));
|
||||||
|
|
|
@ -92,7 +92,7 @@ public class SimpleWebDiscoveryEndpoint {
|
||||||
userinfo_algs_supported array A JSON array containing a list of the JWS [JWS] and JWE [JWE] signing and encryption algorithms [JWA] supported by the UserInfo Endpoint to encode the JWT [JWT].
|
userinfo_algs_supported array A JSON array containing a list of the JWS [JWS] and JWE [JWE] signing and encryption algorithms [JWA] supported by the UserInfo Endpoint to encode the JWT [JWT].
|
||||||
id_token_algs_supported array A JSON array containing a list of the JWS and JWE signing and encryption algorithms [JWA] supported by the Authorization Server for the ID Token to encode the JWT [JWT].
|
id_token_algs_supported array A JSON array containing a list of the JWS and JWE signing and encryption algorithms [JWA] supported by the Authorization Server for the ID Token to encode the JWT [JWT].
|
||||||
request_object_algs_supported array A JSON array containing a list of the JWS and JWE signing and encryption algorithms [JWA] supported by the Authorization Server for the OpenID Request Object described in Section 2.1.2.1 of OpenID Connect Messages [OpenID.Messages] to encode the JWT [JWT]. Servers SHOULD support RS256.
|
request_object_algs_supported array A JSON array containing a list of the JWS and JWE signing and encryption algorithms [JWA] supported by the Authorization Server for the OpenID Request Object described in Section 2.1.2.1 of OpenID Connect Messages [OpenID.Messages] to encode the JWT [JWT]. Servers SHOULD support RS256.
|
||||||
token_endpoint_auth_types_supported array A JSON array containing a list of authentication types supported by this Token Endpoint. The options are client_secret_post, client_secret_basic, client_secret_jwt, and private_key_jwt, as described in Section 2.2.1 of OpenID Connect Messages 1.0 [OpenID.Messages]. Other Authentication types may be defined by extension. If unspecified or omitted, the default is client_secret_basic HTTP Basic Authentication Scheme as specified in Section 2.3.1 of OAuth 2.0 [OAuth2.0].
|
token_endpoint_auth_methods_supported array A JSON array containing a list of authentication types supported by this Token Endpoint. The options are client_secret_post, client_secret_basic, client_secret_jwt, and private_key_jwt, as described in Section 2.2.1 of OpenID Connect Messages 1.0 [OpenID.Messages]. Other Authentication types may be defined by extension. If unspecified or omitted, the default is client_secret_basic HTTP Basic Authentication Scheme as specified in Section 2.3.1 of OAuth 2.0 [OAuth2.0].
|
||||||
token_endpoint_auth_algs_supported array A JSON array containing a list of the JWS signing algorithms [JWA] supported by the Token Endpoint for the private_key_jwt method to encode the JWT [JWT]. Servers SHOULD support RS256.
|
token_endpoint_auth_algs_supported array A JSON array containing a list of the JWS signing algorithms [JWA] supported by the Token Endpoint for the private_key_jwt method to encode the JWT [JWT]. Servers SHOULD support RS256.
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
|
@ -115,7 +115,7 @@ public class SimpleWebDiscoveryEndpoint {
|
||||||
m.put("registration_endpoint", baseUrl + "register");
|
m.put("registration_endpoint", baseUrl + "register");
|
||||||
m.put("scopes_supported", Lists.newArrayList("openid", "email", "profile", "address", "phone"));
|
m.put("scopes_supported", Lists.newArrayList("openid", "email", "profile", "address", "phone"));
|
||||||
m.put("response_types_supported", Lists.newArrayList("code"));
|
m.put("response_types_supported", Lists.newArrayList("code"));
|
||||||
m.put("token_endpoint_auth_types_supported", Lists.newArrayList("client_secret_post", "client_secret_basic"));
|
m.put("token_endpoint_auth_methods_supported", Lists.newArrayList("client_secret_post", "client_secret_basic", "private_key_jwt", "none"));
|
||||||
|
|
||||||
modelAndView.getModel().put("entity", m);
|
modelAndView.getModel().put("entity", m);
|
||||||
// TODO: everything in the list up there
|
// TODO: everything in the list up there
|
||||||
|
|
|
@ -82,7 +82,7 @@ CREATE TABLE IF NOT EXISTS client_details (
|
||||||
|
|
||||||
application_type VARCHAR(256),
|
application_type VARCHAR(256),
|
||||||
client_name VARCHAR(256),
|
client_name VARCHAR(256),
|
||||||
token_endpoint_auth_type VARCHAR(256),
|
token_endpoint_auth_method VARCHAR(256),
|
||||||
subject_type VARCHAR(256),
|
subject_type VARCHAR(256),
|
||||||
|
|
||||||
logo_url VARCHAR(2048),
|
logo_url VARCHAR(2048),
|
||||||
|
|
|
@ -77,7 +77,7 @@ CREATE TABLE client_details (
|
||||||
|
|
||||||
application_type VARCHAR(256),
|
application_type VARCHAR(256),
|
||||||
client_name VARCHAR(256),
|
client_name VARCHAR(256),
|
||||||
token_endpoint_auth_type VARCHAR(256),
|
token_endpoint_auth_method VARCHAR(256),
|
||||||
subject_type VARCHAR(256),
|
subject_type VARCHAR(256),
|
||||||
|
|
||||||
logo_url VARCHAR(2048),
|
logo_url VARCHAR(2048),
|
||||||
|
|
Loading…
Reference in New Issue