diff options
| author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2019-02-19 11:29:19 +0100 |
|---|---|---|
| committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2019-02-19 11:29:19 +0100 |
| commit | 0ec665ef207e9fb0f599a2b66789e5c39b2893dd (patch) | |
| tree | 61e771243e682114f38908455e3ddc304cf529df /id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java | |
| parent | c7cd9327bbc4d7e180bab9b6bff2a17028c166dc (diff) | |
| download | moa-id-spss-0ec665ef207e9fb0f599a2b66789e5c39b2893dd.tar.gz moa-id-spss-0ec665ef207e9fb0f599a2b66789e5c39b2893dd.tar.bz2 moa-id-spss-0ec665ef207e9fb0f599a2b66789e5c39b2893dd.zip | |
update OpenID-Connect request validation
Diffstat (limited to 'id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java')
| -rw-r--r-- | id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java | 22 |
1 files changed, 8 insertions, 14 deletions
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java index 118de861c..9cceea7d5 100644 --- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java +++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java @@ -35,10 +35,8 @@ import at.gv.egiz.eaaf.core.api.idp.IConfiguration; import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration; import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException; import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl; -import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception; -import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20OANotSupportedException; import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20WrongParameterException; import at.gv.egovernment.moa.id.util.ParamValidatorUtils; import at.gv.egovernment.moa.logging.Logger; @@ -77,21 +75,17 @@ abstract class OAuth20BaseRequest extends RequestImpl { throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID); } - if (StringUtils.isEmpty(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTSECRET)) - || StringUtils.isEmpty(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID)) - || StringUtils.isEmpty(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_REDIRECTURL))) { - throw new OAuth20OANotSupportedException(); - } + // oAuth + this.populateSpecialParameters(request, authConfig, oaParam); + + // cleanup parameters + this.checkAllowedParameters(request); + } catch (EAAFConfigurationException e) { throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID); } - - // oAuth - this.populateSpecialParameters(request, authConfig); - - // cleanup parameters - this.checkAllowedParameters(request); + } private void checkAllowedParameters(final HttpServletRequest request) throws OAuth20WrongParameterException { @@ -112,6 +106,6 @@ abstract class OAuth20BaseRequest extends RequestImpl { } - protected abstract void populateSpecialParameters(final HttpServletRequest request, IConfiguration authConfig) throws OAuth20Exception; + protected abstract void populateSpecialParameters(final HttpServletRequest request, IConfiguration authConfig, ISPConfiguration oaParam) throws OAuth20Exception; } |