Updated SECOAUTH reference, made required alterations to our configuration

2012-09-07 16:08:15 -04:00 · 2012-09-07 16:08:15 -04:00 · f3c225d8f2
parent ea16f4e2b6
commit f3c225d8f2
4 changed files with 12 additions and 21 deletions
--- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
@ -42,7 +42,8 @@ import org.springframework.security.oauth2.provider.AuthorizationRequest;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
 import org.springframework.security.oauth2.provider.token.TokenEnhancer;
 import org.springframework.stereotype.Service;
-import org.springframework.transaction.annotation.Transactional;
+
+import com.google.common.collect.Sets;


 /**
@ -83,8 +84,11 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi
 		    // attach the client
 	    	token.setClient(client);
 	    	
-		    // inherit the scope from the auth
-		    token.setScope(clientAuth.getScope());
+		    // inherit the scope from the auth, but make a new set so it is 
+	    	//not unmodifiable. Unmodifiables don't play nicely with Eclipselink, which 
+	    	//wants to use the clone operation.
+	    	Set<String> scopes = Sets.newHashSet(clientAuth.getScope());
+		    token.setScope(scopes);

 		    // make it expire if necessary
 		    // TODO: pending upstream updates, check for 0 or -1 value here
--- a/openid-connect-server/src/main/webapp/WEB-INF/application-context.xml
+++ b/openid-connect-server/src/main/webapp/WEB-INF/application-context.xml
@ -47,12 +47,12 @@

 	<oauth:resource-server id="resourceServerFilter" token-services-ref="defaultOAuth2ProviderTokenService" />

-	<security:http pattern="/oauth/token" 
+	<security:http pattern="/token" 
 		create-session="stateless"
 		authentication-manager-ref="clientAuthenticationManager"
 		entry-point-ref="oauthAuthenticationEntryPoint">
 		
-		<security:intercept-url pattern="/oauth/token" access="IS_AUTHENTICATED_FULLY" />
+		<security:intercept-url pattern="/token" access="IS_AUTHENTICATED_FULLY" />
 		<security:anonymous enabled="false" />
 		<security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
 		<!-- include this only if you need to authenticate clients via request parameters -->
@ -101,6 +101,7 @@

 	<bean id="clientCredentialsTokenEndpointFilter" class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
 		<property name="authenticationManager" ref="clientAuthenticationManager" />
+		<property name="filterProcessesUrl" value="/token"/>
 	</bean>

 	<authentication-manager id="clientAuthenticationManager" xmlns="http://www.springframework.org/schema/security">
--- a/openid-connect-server/src/main/webapp/WEB-INF/web.xml
+++ b/openid-connect-server/src/main/webapp/WEB-INF/web.xml
@ -18,20 +18,6 @@
 	
 	<!-- filter through Spring Security -->

-	<filter>
-	    <filter-name>oauth2EndpointUrlFilter</filter-name>
-	    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
-	    <init-param>
-	        <param-name>contextAttribute</param-name>
-	        <param-value>org.springframework.web.servlet.FrameworkServlet.CONTEXT.spring</param-value>
-	    </init-param>
-	</filter>
-	
-	<filter-mapping>
-	    <filter-name>oauth2EndpointUrlFilter</filter-name>
-	    <url-pattern>/*</url-pattern>
-	</filter-mapping>
-
 	<filter>
 		<filter-name>clientCredentialsTokenEndpointFilter</filter-name>
 		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
@ -52,7 +38,7 @@

 	<filter-mapping>
 		<filter-name>clientCredentialsTokenEndpointFilter</filter-name>
-		<url-pattern>/oauth/token</url-pattern>
+		<url-pattern>/token</url-pattern>
 	</filter-mapping>

 	<filter-mapping>
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit 2a3e2636d0c85620fbd495b40c5ef8fe11a94eba
+Subproject commit 9615bd9a62da1946e2291a6b2663c0258bda4f82