aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20')
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Configuration.java6
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Constants.java1
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java29
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdNonceAttribute.java57
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java10
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java37
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java16
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java4
-rw-r--r--id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java13
9 files changed, 125 insertions, 48 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Configuration.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Configuration.java
index 93a2f7d6d..8eddd7833 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Configuration.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Configuration.java
@@ -25,7 +25,7 @@ package at.gv.egovernment.moa.id.protocols.oauth20;
import java.util.Properties;
import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.util.FileUtils;
public class OAuth20Configuration {
@@ -49,8 +49,8 @@ public class OAuth20Configuration {
private OAuth20Configuration() {
try {
- props = AuthConfigurationProvider.getInstance().getGeneralOAuth20ProperiesConfig();
- rootDir = AuthConfigurationProvider.getInstance().getRootConfigFileDir();
+ props = AuthConfigurationProviderFactory.getInstance().getGeneralOAuth20ProperiesConfig();
+ rootDir = AuthConfigurationProviderFactory.getInstance().getRootConfigFileDir();
}
catch (ConfigurationException e) {
e.printStackTrace();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Constants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Constants.java
index 75501d812..b0736ff2e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Constants.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/OAuth20Constants.java
@@ -48,6 +48,7 @@ public final class OAuth20Constants {
public static final String PARAM_RESPONSE_TYPE = "response_type";
public static final String PARAM_REDIRECT_URI = "redirect_uri";
public static final String PARAM_STATE = "state";
+ public static final String PARAM_NONCE = "nonce";
public static final String PARAM_GRANT_TYPE = "grant_type";
public static final String PARAM_GRANT_TYPE_VALUE_AUTHORIZATION_CODE = "authorization_code";
public static final String PARAM_CLIENT_ID = "client_id";
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java
index 583120a86..439d08e0b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OAuth20AttributeBuilder.java
@@ -30,6 +30,7 @@ import org.apache.commons.lang.StringUtils;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.data.IAuthData;
import at.gv.egovernment.moa.id.protocols.oauth20.Pair;
+import at.gv.egovernment.moa.id.protocols.oauth20.protocol.OAuth20AuthRequest;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.BPKAttributeBuilder;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.EIDAuthBlock;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.EIDCcsURL;
@@ -116,6 +117,7 @@ public final class OAuth20AttributeBuilder {
buildersOpenId.add(new OpenIdIssueInstantAttribute());
buildersOpenId.add(new OpenIdAuthenticationTimeAttribute());
buildersOpenId.add(new OpenIdAudiencesAttribute());
+ buildersOpenId.add(new OpenIdNonceAttribute());
// profile
buildersProfile.add(new ProfileGivenNameAttribute());
@@ -173,10 +175,18 @@ public final class OAuth20AttributeBuilder {
}
private static void addAttibutes(final List<IAttributeBuilder> builders, final JsonObject jsonObject,
- final OAAuthParameter oaParam, final IAuthData authData) {
+ final OAAuthParameter oaParam, final IAuthData authData, OAuth20AuthRequest oAuthRequest) {
for (IAttributeBuilder b : builders) {
try {
- Pair<String, JsonPrimitive> attribute = b.build(oaParam, authData, generator);
+ //TODO: better solution requires more refactoring :(
+ Pair<String, JsonPrimitive> attribute = null;
+ if (b instanceof OpenIdNonceAttribute) {
+ OpenIdNonceAttribute nonceBuilder = (OpenIdNonceAttribute) b;
+ attribute = nonceBuilder.build(oaParam, authData, oAuthRequest, generator);
+
+ } else
+ attribute = b.build(oaParam, authData, generator);
+
if (attribute != null && !StringUtils.isEmpty(attribute.getSecond().getAsString())) {
jsonObject.add(attribute.getFirst(), attribute.getSecond());
}
@@ -188,33 +198,34 @@ public final class OAuth20AttributeBuilder {
}
public static void addScopeOpenId(final JsonObject jsonObject,
- final OAAuthParameter oaParam, final IAuthData authData) {
- addAttibutes(buildersOpenId, jsonObject, oaParam, authData);
+ final OAAuthParameter oaParam, final IAuthData authData,
+ final OAuth20AuthRequest oAuthRequest) {
+ addAttibutes(buildersOpenId, jsonObject, oaParam, authData, oAuthRequest);
}
public static void addScopeProfile(final JsonObject jsonObject,
final OAAuthParameter oaParam, final IAuthData authData) {
- addAttibutes(buildersProfile, jsonObject, oaParam, authData);
+ addAttibutes(buildersProfile, jsonObject, oaParam, authData, null);
}
public static void addScopeEID(final JsonObject jsonObject,
final OAAuthParameter oaParam, final IAuthData authData) {
- addAttibutes(buildersEID, jsonObject, oaParam, authData);
+ addAttibutes(buildersEID, jsonObject, oaParam, authData, null);
}
public static void addScopeEIDGov(final JsonObject jsonObject,
final OAAuthParameter oaParam, final IAuthData authData) {
- addAttibutes(buildersEIDGov, jsonObject, oaParam, authData);
+ addAttibutes(buildersEIDGov, jsonObject, oaParam, authData, null);
}
public static void addScopeMandate(final JsonObject jsonObject,
final OAAuthParameter oaParam, final IAuthData authData) {
- addAttibutes(buildersMandate, jsonObject, oaParam, authData);
+ addAttibutes(buildersMandate, jsonObject, oaParam, authData, null);
}
public static void addScopeSTORK(final JsonObject jsonObject,
final OAAuthParameter oaParam, final IAuthData authData) {
- addAttibutes(buildersSTORK, jsonObject, oaParam, authData);
+ addAttibutes(buildersSTORK, jsonObject, oaParam, authData, null);
}
/**
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdNonceAttribute.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdNonceAttribute.java
new file mode 100644
index 000000000..6baa69b1e
--- /dev/null
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/attributes/OpenIdNonceAttribute.java
@@ -0,0 +1,57 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.protocols.oauth20.attributes;
+
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.id.data.IAuthData;
+import at.gv.egovernment.moa.id.protocols.oauth20.protocol.OAuth20AuthRequest;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.IAttributeBuilder;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.IAttributeGenerator;
+import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.exceptions.AttributeException;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class OpenIdNonceAttribute implements IAttributeBuilder {
+
+ public String getName() {
+ return "nonce";
+ }
+
+ public <ATT> ATT build(OAAuthParameter oaParam, IAuthData authData,
+ IAttributeGenerator<ATT> g) throws AttributeException {
+ return g.buildStringAttribute(this.getName(), "", null);
+ }
+
+ public <ATT> ATT build(OAAuthParameter oaParam, IAuthData authData, OAuth20AuthRequest oAuthRequest,
+ IAttributeGenerator<ATT> g) throws AttributeException {
+ if (MiscUtil.isNotEmpty(oAuthRequest.getNonce()))
+ return g.buildStringAttribute(this.getName(), "", oAuthRequest.getNonce());
+ else
+ return null;
+ }
+
+ public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
+ return g.buildEmptyAttribute(this.getName(), "");
+ }
+
+}
+
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
index 562113920..d90df51e7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthAction.java
@@ -33,7 +33,7 @@ import javax.servlet.http.HttpServletResponse;
import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.data.IAuthData;
import at.gv.egovernment.moa.id.data.SLOInformationImpl;
@@ -54,6 +54,7 @@ import at.gv.egovernment.moa.id.protocols.oauth20.json.OAuthSigner;
import at.gv.egovernment.moa.id.storage.AssertionStorage;
import at.gv.egovernment.moa.id.util.Random;
import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
class OAuth20AuthAction implements IAction {
@@ -130,8 +131,7 @@ class OAuth20AuthAction implements IAction {
Map<String, Object> params = new HashMap<String, Object>();
params.put(OAuth20Constants.RESPONSE_ACCESS_TOKEN, accessToken);
params.put(OAuth20Constants.RESPONSE_TOKEN_TYPE, OAuth20Constants.RESPONSE_TOKEN_TYPE_VALUE_BEARER);
- params.put(OAuth20Constants.RESPONSE_EXPIRES_IN, OpenIdExpirationTimeAttribute.expirationTime);
-
+ params.put(OAuth20Constants.RESPONSE_EXPIRES_IN, OpenIdExpirationTimeAttribute.expirationTime);
// build id token and scope
Pair<String, String> pair = buildIdToken(auth20SessionObject.getScope(), oAuthRequest,
authData);
@@ -146,14 +146,14 @@ class OAuth20AuthAction implements IAction {
private Pair<String, String> buildIdToken(String scope, OAuth20AuthRequest oAuthRequest, IAuthData authData)
throws MOAIDException, SignatureException {
- OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oAuthRequest.getOAURL());
+ OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(oAuthRequest.getOAURL());
OAuthSigner signer = OAuth20SignatureUtil.loadSigner(authData.getIssuer());
OAuthJsonToken token = new OAuthJsonToken(signer);
StringBuilder resultScopes = new StringBuilder();
// always fill with open id
- OAuth20AttributeBuilder.addScopeOpenId(token.getPayloadAsJsonObject(), oaParam, authData);
+ OAuth20AttributeBuilder.addScopeOpenId(token.getPayloadAsJsonObject(), oaParam, authData, oAuthRequest);
resultScopes.append("openId");
for (String s : scope.split(" ")) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
index 5a4655b42..b5baa6a05 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
@@ -30,9 +30,9 @@ import javax.servlet.http.HttpServletRequest;
import org.opensaml.saml2.core.Attribute;
-import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util;
@@ -46,7 +46,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.builder.AttributQueryBuilder;
import at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes.IAttributeBuilder;
import at.gv.egovernment.moa.logging.Logger;
-class OAuth20AuthRequest extends OAuth20BaseRequest {
+public class OAuth20AuthRequest extends OAuth20BaseRequest {
private static final long serialVersionUID = 1L;
@@ -55,6 +55,7 @@ class OAuth20AuthRequest extends OAuth20BaseRequest {
private String redirectUri;
private String scope;
private String clientID;
+ private String nonce;
/**
* @return the responseType
@@ -131,6 +132,22 @@ class OAuth20AuthRequest extends OAuth20BaseRequest {
this.clientID = clientID;
}
+
+
+ /**
+ * @return the nonce
+ */
+ public String getNonce() {
+ return nonce;
+ }
+
+ /**
+ * @param nonce the nonce to set
+ */
+ public void setNonce(String nonce) {
+ this.nonce = nonce;
+ }
+
@Override
protected void populateSpecialParameters(HttpServletRequest request) throws OAuth20Exception {
this.setResponseType(this.getParam(request, OAuth20Constants.PARAM_RESPONSE_TYPE, true));
@@ -138,6 +155,7 @@ class OAuth20AuthRequest extends OAuth20BaseRequest {
this.setRedirectUri(this.getParam(request, OAuth20Constants.PARAM_REDIRECT_URI, true));
this.setClientID(this.getParam(request, OAuth20Constants.PARAM_CLIENT_ID, true));
this.setScope(this.getParam(request, OAuth20Constants.PARAM_SCOPE, false));
+ this.setNonce(this.getParam(request, OAuth20Constants.PARAM_NONCE, false));
// check for response type
if (!this.responseType.equals(OAuth20Constants.RESPONSE_CODE)) {
@@ -152,15 +170,12 @@ class OAuth20AuthRequest extends OAuth20BaseRequest {
// check if client id and redirect uri are ok
try {
// OAOAUTH20 cannot be null at this point. check was done in base request
- OAAuthParameter oaConfig = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(this.getOAURL());
- OAOAUTH20 oAuthConfig = oaConfig.getoAuth20Config();
-
- if (!this.getClientID().equals(oAuthConfig.getOAuthClientId())
- || !this.getRedirectUri().equals(oAuthConfig.getOAuthRedirectUri())) {
+ OAAuthParameter oAuthConfig = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getOAURL());
+
+ if (!this.getClientID().equals(oAuthConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID))
+ || !this.getRedirectUri().equals(oAuthConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_REDIRECTURL))) {
throw new OAuth20AccessDeniedException();
}
-
- this.setOnlineApplicationConfiguration(oaConfig);
}
catch (ConfigurationException e) {
throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID);
@@ -178,7 +193,7 @@ class OAuth20AuthRequest extends OAuth20BaseRequest {
reqAttr.put(el, "");
try {
- OAAuthParameter oa = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(getOAURL());
+ OAAuthParameter oa = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(getOAURL());
for (String s : scope.split(" ")) {
if (s.equalsIgnoreCase("profile")) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
index d08bd593a..844cfa815 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
@@ -31,16 +31,15 @@ import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang.StringUtils;
-import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.moduls.RequestImpl;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20InvalidRequestException;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20OANotSupportedException;
-import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20ServerErrorException;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20WrongParameterException;
import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
import at.gv.egovernment.moa.logging.Logger;
@@ -77,19 +76,16 @@ abstract class OAuth20BaseRequest extends RequestImpl {
throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID);
}
this.setOAURL(oaURL);
- OAAuthParameter oaParam = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(oaURL);
+ OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(oaURL);
if (oaParam == null) {
throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID);
}
this.setTarget(oaParam.getTarget());
- OAOAUTH20 config = oaParam.getoAuth20Config();
- if (config == null) {
- throw new OAuth20InvalidRequestException();
- }
- if (StringUtils.isEmpty(config.getOAuthClientSecret()) || StringUtils.isEmpty(config.getOAuthClientId())
- || StringUtils.isEmpty(config.getOAuthRedirectUri())) {
+ if (StringUtils.isEmpty(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTSECRET))
+ || StringUtils.isEmpty(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID))
+ || StringUtils.isEmpty(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_REDIRECTURL))) {
throw new OAuth20OANotSupportedException();
}
}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
index 182f07675..98d46d424 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
@@ -11,7 +11,7 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.moduls.IAction;
import at.gv.egovernment.moa.id.moduls.IModulInfo;
import at.gv.egovernment.moa.id.moduls.IRequest;
@@ -103,7 +103,7 @@ public class OAuth20Protocol implements IModulInfo {
// get error code and description
String errorCode;
String errorDescription;
- String errorUri = AuthConfigurationProvider.getInstance().getPublicURLPrefix()
+ String errorUri = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix()
+"/" + OAuth20Constants.ERRORPAGE;
String moaError = null;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
index 50240b37b..1b6d93fdd 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
@@ -28,9 +28,9 @@ import javax.servlet.http.HttpServletRequest;
import org.opensaml.saml2.core.Attribute;
-import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
+import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20AccessDeniedException;
@@ -122,19 +122,16 @@ class OAuth20TokenRequest extends OAuth20BaseRequest {
// check if client id and secret are ok
try {
// OAOAUTH20 cannot be null at this point. check was done in base request
- OAAuthParameter oaConfig = AuthConfigurationProvider.getInstance().getOnlineApplicationParameter(this.getOAURL());
- OAOAUTH20 oAuthConfig = oaConfig.getoAuth20Config();
+ OAAuthParameter oaParam = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getOAURL());
- if (!this.getClientID().equals(oAuthConfig.getOAuthClientId())) {
+ if (!this.getClientID().equals(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID))) {
throw new OAuth20AccessDeniedException();
}
- if (!this.getClientSecret().equals(oAuthConfig.getOAuthClientSecret())) {
+ if (!this.getClientSecret().equals(oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTSECRET))) {
throw new OAuth20AccessDeniedException();
}
- this.setOnlineApplicationConfiguration(oaConfig);
-
}
catch (ConfigurationException e) {
throw new OAuth20WrongParameterException(OAuth20Constants.PARAM_CLIENT_ID);
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-24 18:10:14 +0000