github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9f16f309bd'
${ noResults }
OpenID-Connect-Java-Spring-.../account-chooser
History
Justin Richer c619e736f9
removed eclipse files from repository 		13 years ago
..
docs github doesn't like to follow relative paths for images used in markdown docs. 13 years ago
src/main
.gitignore removed eclipse files from repository 13 years ago
README.md grammar tweak 13 years ago
pom.xml

README.md

Account Choooser UI Application

Overview

This is Web application created in response to Issue #39 to permit the Client AuthenticationFilter to speak to multiple OpenID Connect Servers. The protocol between the Clinent and the Account Chooser UI application is documented the README.md of the openid-connect-client submodule.

Configuration

Configure AccountChooserController via configuring a AccountChooserConfig bean in the spring-servlet.xml like so:

<bean name="AccountChooserConfig" class="org.mitre.account_chooser.AccountChooserConfig">
	<property name="issuers">
		<map>
			<entry key="http://sever.example.com:8080/openid-connect-server">
				<bean class="org.mitre.account_chooser.OIDCServer">
					<property name="name" value="Example Server" />
				</bean>
			</entry>
		</map>
	</property>
	<property name="validClientIds" value="FGWEUIASJK, IUYTTYEV, GFHDSFYD" />
</bean>

The keys must match those found in the OpenIdConnectAuthenticationFilter's configuration like so:

<bean id="openIdConnectAuthenticationFilter"
	class="org.mitre.openid.connect.client.OpenIdConnectAuthenticationFilter">
	<property name="errorRedirectURI" value="/login.jsp?authfail=openid" /> 
	<property name="authenticationManager" ref="authenticationManager" />
	<property name="accountChooserURI"
		value="http://sever.example.com:8080/account-chooser" />
	<property name="accountChooserClientID" value="FGWEUIASJK" />
	<property name="oidcServerConfigs">
		<map>
			<entry key="http://sever.example.com:8080/Fopenid-connect-server">
				<bean class="org.mitre.openid.connect.client.OIDCServerConfiguration">
					<property name="authorizationEndpointURI" 
						value="http://sever.example.com:8080/openid-connect-server/oauth/authorize" />
					<property name="tokenEndpointURI" 
						value="http://sever.example.com:8080/openid-connect-server/oauth/token" />
					<property name="checkIDEndpointURI" 
						value="http://sever.example.com:8080/openid-connect-server/checkid" />
					<property name="clientId" 
						value="someClientId" /> 
					<property name="clientSecret" value="someClientSecret" />
				</bean>
			</entry>
			. . .

Test the Default Configuration

To test the default config, deploy to a servlet container, and request:

http://localhost:8080/account-chooser/?redirect_uri=http://www.google.com&client_id=FGWEUIASJK

Click Submit or Cancel, and Google will open. Study the URL parameters of each.