diff options
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java | 37 |
1 files changed, 26 insertions, 11 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java index 5a4655b42..b5baa6a05 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java @@ -30,9 +30,9 @@ import javax.servlet.http.HttpServletRequest; import org.opensaml.saml2.core.Attribute; -import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20; +import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants; import at.gv.egovernment.moa.id.config.ConfigurationException; -import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider; +import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory; import at.gv.egovernment.moa.id.config.auth.OAAuthParameter; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants; import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util; @@ -46,7 +46,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AttributQueryBuilder; import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.IAttributeBuilder; import at.gv.egovernment.moa.logging.Logger; -class OAuth20AuthRequest extends OAuth20BaseRequest { +public class OAuth20AuthRequest extends OAuth20BaseRequest { private static final long serialVersionUID = 1L; @@ -55,6 +55,7 @@ class OAuth20AuthRequest extends OAuth20BaseRequest { private String redirectUri; private String scope; private String clientID; + private String nonce; /** * @return the responseType @@ -131,6 +132,22 @@ class OAuth20AuthRequest extends OAuth20BaseRequest { this.clientID = clientID; } + + + /** + * @return the nonce + */ + public String getNonce() { + return nonce; + } + + /** + * @param nonce the nonce to set + */ + public void setNonce(String nonce) { + this.nonce = nonce; + } + @Override protected void populateSpecialParameters(HttpServletRequest request) throws OAuth20Exception { this.setResponseType(this.getParam(request, OAuth20Constants.PARAM_RESPONSE_TYPE, true)); @@ -138,6 +155,7 @@ class OAuth20AuthRequest extends OAuth20BaseRequest { this.setRedirectUri(this.getParam(request, OAuth20Constants.PARAM_REDIRECT_URI, true)); this.setClientID(this.getParam(request, OAuth20Constants.PARAM_CLIENT_ID, true)); this.setScope(this.getParam(request, OAuth20Constants.PARAM_SCOPE, false)); + this.setNonce(this.getParam(request, OAuth20Constants.PARAM_NONCE, false)); // check for response type if (!this.responseType.equals(OAuth20Constants.RESPONSE_CODE)) { @@ -152,15 +170,12 @@ class OAuth20AuthRequest extends OAuth20BaseRequest { // check if client id and redirect uri are ok try { // OAOAUTH20 cannot be null at this point. check was done in base request - OAAuthParameter oaConfig = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(this.getOAURL()); - OAOAUTH20 oAuthConfig = oaConfig.getoAuth20Config(); - - if (!this.getClientID().equals(oAuthConfig.getOAuthClientId()) - || !this.getRedirectUri().equals(oAuthConfig.getOAuthRedirectUri())) { + OAAuthParameter oAuthConfig = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getOAURL()); + + if (!this.getClientID().equals(oAuthConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID)) + || !this.getRedirectUri().equals(oAuthConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_REDIRECTURL))) { throw new OAuth20AccessDeniedException(); } - - this.setOnlineApplicationConfiguration(oaConfig); } catch (ConfigurationException e) { throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID); @@ -178,7 +193,7 @@ class OAuth20AuthRequest extends OAuth20BaseRequest { reqAttr.put(el, ""); try { - OAAuthParameter oa = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(getOAURL()); + OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(getOAURL()); for (String s : scope.split(" ")) { if (s.equalsIgnoreCase("profile")) { |