github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenID-Connect-Java-Spring-.../account-chooser
History
Amanda Anganes 8d4e046408 All logging is now org.slf4j. We had a mix of org.slf4j and apache commons-logging. Added error logging to all view which throw errors. 2012-08-07 10:04:38 -04:00
..
docs github doesn't like to follow relative paths for images used in markdown docs. 2012-05-22 12:40:08 -04:00
src/main All logging is now org.slf4j. We had a mix of org.slf4j and apache commons-logging. Added error logging to all view which throw errors. 2012-08-07 10:04:38 -04:00
.gitignore removed eclipse files from repository 2012-06-29 15:13:52 -04:00
README.md grammar tweak 2012-05-21 17:56:20 -04:00
pom.xml issue #39 2012-05-08 19:52:13 -04:00

README.md

Account Choooser UI Application

Overview

This is Web application created in response to Issue #39 to permit the Client AuthenticationFilter to speak to multiple OpenID Connect Servers. The protocol between the Clinent and the Account Chooser UI application is documented the README.md of the openid-connect-client submodule.

Configuration

Configure AccountChooserController via configuring a AccountChooserConfig bean in the spring-servlet.xml like so:

<bean name="AccountChooserConfig" class="org.mitre.account_chooser.AccountChooserConfig">
	<property name="issuers">
		<map>
			<entry key="http://sever.example.com:8080/openid-connect-server">
				<bean class="org.mitre.account_chooser.OIDCServer">
					<property name="name" value="Example Server" />
				</bean>
			</entry>
		</map>
	</property>
	<property name="validClientIds" value="FGWEUIASJK, IUYTTYEV, GFHDSFYD" />
</bean>

The keys must match those found in the OpenIdConnectAuthenticationFilter's configuration like so:

<bean id="openIdConnectAuthenticationFilter"
	class="org.mitre.openid.connect.client.OpenIdConnectAuthenticationFilter">
	<property name="errorRedirectURI" value="/login.jsp?authfail=openid" /> 
	<property name="authenticationManager" ref="authenticationManager" />
	<property name="accountChooserURI"
		value="http://sever.example.com:8080/account-chooser" />
	<property name="accountChooserClientID" value="FGWEUIASJK" />
	<property name="oidcServerConfigs">
		<map>
			<entry key="http://sever.example.com:8080/Fopenid-connect-server">
				<bean class="org.mitre.openid.connect.client.OIDCServerConfiguration">
					<property name="authorizationEndpointURI" 
						value="http://sever.example.com:8080/openid-connect-server/oauth/authorize" />
					<property name="tokenEndpointURI" 
						value="http://sever.example.com:8080/openid-connect-server/oauth/token" />
					<property name="checkIDEndpointURI" 
						value="http://sever.example.com:8080/openid-connect-server/checkid" />
					<property name="clientId" 
						value="someClientId" /> 
					<property name="clientSecret" value="someClientSecret" />
				</bean>
			</entry>
			. . .

Test the Default Configuration

To test the default config, deploy to a servlet container, and request:

http://localhost:8080/account-chooser/?redirect_uri=http://www.google.com&client_id=FGWEUIASJK

Click Submit or Cancel, and Google will open. Study the URL parameters of each.