added Xrd support (fixes #63), updated configuration locations (fixes #47)

openid-connect-server/src/main/java/org/mitre/swd/view/XrdJsonResponse.java

@@ -0,0 +1,90 @@
+/*******************************************************************************
+ * Copyright 2012 The MITRE Corporation
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ ******************************************************************************/
+/**
+ * 
+ */
+package org.mitre.swd.view;
+
+import java.io.Writer;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.validation.BeanPropertyBindingResult;
+import org.springframework.web.servlet.view.AbstractView;
+
+import com.google.gson.ExclusionStrategy;
+import com.google.gson.FieldAttributes;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import com.google.gson.JsonArray;
+import com.google.gson.JsonObject;
+
+/**
+ * @author jricher
+ *
+ */
+public class XrdJsonResponse extends AbstractView {
+
+	/* (non-Javadoc)
+	 * @see org.springframework.web.servlet.view.AbstractView#renderMergedOutputModel(java.util.Map, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+	 */
+	@Override
+	protected void renderMergedOutputModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) throws Exception {
+		Gson gson = new GsonBuilder().setExclusionStrategies(new ExclusionStrategy() {
+
+			@Override
+			public boolean shouldSkipField(FieldAttributes f) {
+				return false;
+			}
+
+			@Override
+			public boolean shouldSkipClass(Class<?> clazz) {
+				// skip the JPA binding wrapper
+				if (clazz.equals(BeanPropertyBindingResult.class)) {
+					return true;
+				} else {
+					return false;
+				}
+			}
+
+		})
+		.create();
+
+		response.setContentType("application/json");
+
+		Writer out = response.getWriter();
+
+		Map<String, String> links = (Map<String, String>) model.get("links");
+
+		JsonObject obj = new JsonObject();
+		JsonArray linksList = new JsonArray();
+		obj.add("links", linksList);
+		
+		// map of "rel" -> "link" values
+		for (Map.Entry<String, String> link : links.entrySet()) {
+	        JsonObject l = new JsonObject();
+	        l.addProperty("rel", link.getKey());
+	        l.addProperty("link", link.getValue());
+	        
+	        linksList.add(l);
+        }
+		
+		gson.toJson(obj, out);
+	}
+
+}

openid-connect-server/src/main/java/org/mitre/swd/web/SimpleWebDiscoveryEndpoint.java

@@ -20,7 +20,9 @@ import java.util.Map;
 
 import javax.servlet.http.HttpServletRequest;
 
+import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
 import org.mitre.util.Utility;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
@@ -31,11 +33,14 @@ import com.google.common.collect.Lists;
 @Controller
 public class SimpleWebDiscoveryEndpoint {
 
+	@Autowired
+	ConfigurationPropertiesBean config;
+	
 	@RequestMapping(value="/.well-known/simple-web-discovery", 
 					params={"principal", "service=http://openid.net/specs/connect/1.0/issuer"})
-	public ModelAndView openIdConnectIssuerDiscovery(@RequestParam("principal") String principal, ModelAndView modelAndView, HttpServletRequest request) {
+	public ModelAndView openIdConnectIssuerDiscovery(@RequestParam("principal") String principal, ModelAndView modelAndView) {
 		
-		String baseUrl = Utility.findBaseUrl(request);
+		String baseUrl = config.getIssuer();
 		
 		// look up user, see if they're local
 		// if so, return this server
@@ -51,11 +56,24 @@ public class SimpleWebDiscoveryEndpoint {
 		return modelAndView;
 	}
 	
+	@RequestMapping(value="/.well-known/host-meta",
+			params={"resource", "rel=http://openid.net/specs/connect/1.0/issuer"})
+	public ModelAndView xrdDiscovery(@RequestParam("resource") String resource, ModelAndView modelAndView) {
+		
+		Map<String, String> relMap = new HashMap<String, String>();
+		relMap.put("http://openid.net/specs/connect/1.0/issuer", config.getIssuer());
+		
+		modelAndView.getModel().put("links", relMap);
+		
+		modelAndView.setViewName("jsonXrdResponseView");
+		
+		return modelAndView;
+	}
 
 	@RequestMapping("/.well-known/openid-configuration")
-	public ModelAndView providerConfiguration(ModelAndView modelAndView, HttpServletRequest request) {
+	public ModelAndView providerConfiguration(ModelAndView modelAndView) {
 
-		String baseUrl = Utility.findBaseUrl(request);
+		String baseUrl = config.getIssuer();
 		
 		/*	
 		 * version 	string 	Version of the provider response. "3.0" is the default.
@@ -84,15 +102,15 @@ public class SimpleWebDiscoveryEndpoint {
 		Map<String, Object> m = new HashMap<String, Object>();
 		m.put("version", "3.0");
 		m.put("issuer", baseUrl);
-		m.put("authorization_endpoint", baseUrl + "/authorize");
+		m.put("authorization_endpoint", baseUrl + "/openidconnect/auth");
-		m.put("token_endpoint", baseUrl + "/oauth");
+		m.put("token_endpoint", baseUrl + "/openidconnect/token");
 		m.put("userinfo_endpoint", baseUrl + "/userinfo");
 		m.put("check_id_endpoint", baseUrl + "/checkid");
-		m.put("refresh_session_endpoint", baseUrl + "/refresh_session");
+		//m.put("refresh_session_endpoint", baseUrl + "/refresh_session");
-		m.put("end_session_endpoint", baseUrl + "/end_session");
+		//m.put("end_session_endpoint", baseUrl + "/end_session");
 		m.put("jwk_url", baseUrl + "/jwk");
-		m.put("registration_endpoint", baseUrl + "/register_client");
+		//m.put("registration_endpoint", baseUrl + "/register_client");
-		m.put("scopes_supported", Lists.newArrayList("openid"));
+		m.put("scopes_supported", Lists.newArrayList("openid", "email", "profile", "address", "phone"));
 		m.put("response_types_supported", Lists.newArrayList("code"));
 				
 		

openid-connect-server/src/main/webapp/WEB-INF/spring-servlet.xml

@@ -190,8 +190,11 @@
 	<!-- </bean> -->
 
 	<!-- JSON views for each type of model object -->
+	
 	<bean id="jsonOpenIdConfigurationView" class="org.mitre.swd.view.JsonOpenIdConfigurationView" />
 	<bean id="jsonSwdResponseView" class="org.mitre.swd.view.SwdResponse" />
+	<bean id="jsonXrdResponseView" class="org.mitre.swd.view.XrdJsonResponse" />
+	
 	<bean id="jwkKeyList" class="org.mitre.openid.connect.view.JwkKeyListView" />
 
 	<bean id="jsonUserInfoView" class="org.mitre.openid.connect.view.JSONUserInfoView" />