github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Include additional claims in ID token 

Read https://github.com/indigo-iam/iam/issues/202
pull/1611/head
enricovianello 2018-02-26 10:35:43 +01:00
parent 366660dbf7
commit f6e6954450
3 changed files with 45 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
openid-connect-common/src/main/java/org/mitre/openid/connect/service/IDTokenClaimsEnhancer.java Normal file
View File

@ -0,0 +1,12 @@
package org.mitre.openid.connect.service;
import java.util.Date;
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
import org.springframework.security.oauth2.provider.OAuth2Request;
import com.nimbusds.jwt.JWTClaimsSet;
public interface IDTokenClaimsEnhancer {
void enhanceIdTokenClaims(JWTClaimsSet.Builder claimsBuilder, OAuth2Request request, Date issueTime,
String sub, OAuth2AccessTokenEntity accessToken);
}

27
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultIdTokenClaimsEnhancer.java Normal file
View File

@ -0,0 +1,27 @@
package org.mitre.openid.connect.service.impl;
import java.util.Date;
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
import org.mitre.openid.connect.service.IDTokenClaimsEnhancer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.stereotype.Service;
import com.nimbusds.jwt.JWTClaimsSet;
@Service("defaultIdTokenClaimsEnhancer")
public class DefaultIdTokenClaimsEnhancer implements IDTokenClaimsEnhancer {
/**
* Logger for this class
*/
private static final Logger logger = LoggerFactory.getLogger(DefaultOIDCTokenService.class);
@Override
public void enhanceIdTokenClaims(JWTClaimsSet.Builder claimsBuilder, OAuth2Request request, Date issueTime,
String sub, OAuth2AccessTokenEntity accessToken) {
logger.debug("Enhancing Id-Token claims: no claims added.");
}
}

6
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultOIDCTokenService.java
View File

@ -36,6 +36,7 @@ import org.mitre.oauth2.service.AuthenticationHolderEntityService;
import org.mitre.oauth2.service.OAuth2TokenEntityService; import org.mitre.oauth2.service.OAuth2TokenEntityService;
import org.mitre.oauth2.service.SystemScopeService; import org.mitre.oauth2.service.SystemScopeService;
import org.mitre.openid.connect.config.ConfigurationPropertiesBean; import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
import org.mitre.openid.connect.service.IDTokenClaimsEnhancer;
import org.mitre.openid.connect.service.OIDCTokenService; import org.mitre.openid.connect.service.OIDCTokenService;
import org.mitre.openid.connect.util.IdTokenHashUtils; import org.mitre.openid.connect.util.IdTokenHashUtils;
import org.mitre.openid.connect.web.AuthenticationTimeStamper; import org.mitre.openid.connect.web.AuthenticationTimeStamper;
@ -94,6 +95,9 @@ public class DefaultOIDCTokenService implements OIDCTokenService {
@Autowired @Autowired
private OAuth2TokenEntityService tokenService; private OAuth2TokenEntityService tokenService;
@Autowired
private IDTokenClaimsEnhancer idTokenClaimsEnhancer;
@Override @Override
public JWT createIdToken(ClientDetailsEntity client, OAuth2Request request, Date issueTime, String sub, OAuth2AccessTokenEntity accessToken) { public JWT createIdToken(ClientDetailsEntity client, OAuth2Request request, Date issueTime, String sub, OAuth2AccessTokenEntity accessToken) {
@ -142,6 +146,8 @@ public class DefaultOIDCTokenService implements OIDCTokenService {
idClaims.claim("nonce", nonce); idClaims.claim("nonce", nonce);
} }
idTokenClaimsEnhancer.enhanceIdTokenClaims(idClaims, request, issueTime, sub, accessToken);
Set<String> responseTypes = request.getResponseTypes(); Set<String> responseTypes = request.getResponseTypes();
if (responseTypes.contains("token")) { if (responseTypes.contains("token")) {