org.xdi.oxauth.service.RedirectionUriService 連携図

公開メンバ関数
String	validateRedirectionUri (String clientIdentifier, String redirectionUri)

String	validatePostLogoutRedirectUri (String clientId, String postLogoutRedirectUri)

String	validatePostLogoutRedirectUri (SessionId sessionId, String postLogoutRedirectUri)

静的公開メンバ関数
static Map< String, String >	getParams (String uri)

static String	uriWithoutParams (String uri)

static boolean	compareParams (String uri1, String uri2)

非公開変数類
Logger	log

ClientService	clientService

ErrorResponseFactory	errorResponseFactory

詳解

著者: Javier Rojas Blum

バージョン: August 9, 2017

関数詳解

◆ compareParams()

static boolean org.xdi.oxauth.service.RedirectionUriService.compareParams	(	String	uri1,
		String	uri2
	)

inlinestatic

                                                                   {
         if (StringUtils.isBlank(uri1) || StringUtils.isBlank(uri2)) {
             return false;
         }
 
         Map<String, String> params1 = getParams(uri1);
         Map<String, String> params2 = getParams(uri2);
 
         return params1.equals(params2);
     }

◆ getParams()

static Map<String, String> org.xdi.oxauth.service.RedirectionUriService.getParams ( String uri )

inlinestatic

                                                             {
         Map<String, String> params = new HashMap<String, String>();
 
         if (uri != null) {
             int paramsIndex = uri.indexOf("?");
             if (paramsIndex != -1) {
                 String queryString = uri.substring(paramsIndex + 1);
                 params = QueryStringDecoder.decode(queryString);
             }
         }
         return params;
     }

◆ uriWithoutParams()

static String org.xdi.oxauth.service.RedirectionUriService.uriWithoutParams ( String uri )

inlinestatic

                                                       {
         if (uri != null) {
             int paramsIndex = uri.indexOf("?");
             if (paramsIndex != -1) {
                 return uri.substring(0, paramsIndex);
             }
         }
         return uri;
     }

◆ validatePostLogoutRedirectUri() [1/2]

String org.xdi.oxauth.service.RedirectionUriService.validatePostLogoutRedirectUri	(	String	clientId,
		String	postLogoutRedirectUri
	)

inline

                                                                                                {
 
         boolean isBlank = Util.isNullOrEmpty(postLogoutRedirectUri);
 
         Client client = clientService.getClient(clientId);
 
         if (client != null) {
             String[] postLogoutRedirectUris = client.getPostLogoutRedirectUris();
 
             if (postLogoutRedirectUris != null && StringUtils.isNotBlank(postLogoutRedirectUri)) {
                 log.debug("Validating post logout redirect URI: clientId = {}, postLogoutRedirectUri = {}",
                         clientId, postLogoutRedirectUri);
 
                 for (String uri : postLogoutRedirectUris) {
                     log.debug("Comparing {} == {}", uri, postLogoutRedirectUri);
                     if (uri.equals(postLogoutRedirectUri)) {
                         return postLogoutRedirectUri;
                     }
                 }
             } else {
                 // Accept Request Without post_logout_redirect_uri when One Registered
                 if (postLogoutRedirectUris != null && postLogoutRedirectUris.length == 1) {
                     return postLogoutRedirectUris[0];
                 }
             }
         }
 
         if (!isBlank) {
             errorResponseFactory.throwBadRequestException(EndSessionErrorResponseType.POST_LOGOUT_URI_NOT_ASSOCIATED_WITH_CLIENT);
         }
 
         return null;
     }

◆ validatePostLogoutRedirectUri() [2/2]

String org.xdi.oxauth.service.RedirectionUriService.validatePostLogoutRedirectUri	(	SessionId	sessionId,
		String	postLogoutRedirectUri
	)

inline

                                                                                                        {
         if (sessionId == null) {
             errorResponseFactory.throwBadRequestException(EndSessionErrorResponseType.SESSION_NOT_PASSED);
             return null;
         }
         if (Strings.isNullOrEmpty(postLogoutRedirectUri)) {
             errorResponseFactory.throwBadRequestException(EndSessionErrorResponseType.POST_LOGOUT_URI_NOT_PASSED);
             return null;
         }
 
         final Set<Client> clientsByDns = sessionId.getPermissionGrantedMap() != null
                 ? clientService.getClient(sessionId.getPermissionGrantedMap().getClientIds(true), true)
                 : Sets.<Client>newHashSet();
 
         log.trace("Validating post logout redirect URI: postLogoutRedirectUri = {}", postLogoutRedirectUri);
 
         for (Client client : clientsByDns) {
             String[] postLogoutRedirectUris = client.getPostLogoutRedirectUris();
             if (postLogoutRedirectUris == null) {
                 continue;
             }
 
             for (String uri : postLogoutRedirectUris) {
                 log.debug("Comparing {} == {}, clientId: {}", uri, postLogoutRedirectUri, client.getClientId());
                 if (uri.equals(postLogoutRedirectUri)) {
                     return postLogoutRedirectUri;
                 }
             }
         }
 
         errorResponseFactory.throwBadRequestException(EndSessionErrorResponseType.POST_LOGOUT_URI_NOT_ASSOCIATED_WITH_CLIENT);
         return null;
     }

◆ validateRedirectionUri()

String org.xdi.oxauth.service.RedirectionUriService.validateRedirectionUri	(	String	clientIdentifier,
		String	redirectionUri
	)

inline

                                                                                          {
         try {
             Client client = clientService.getClient(clientIdentifier);
 
             if (client != null) {
                 String sectorIdentifierUri = client.getSectorIdentifierUri();
                 String[] redirectUris = client.getRedirectUris();
 
                 if (StringUtils.isNotBlank(sectorIdentifierUri)) {
                     ClientRequest clientRequest = new ClientRequest(sectorIdentifierUri);
                     clientRequest.setHttpMethod(HttpMethod.GET);
 
                     ClientResponse<String> clientResponse = clientRequest.get(String.class);
                     int status = clientResponse.getStatus();
 
                     if (status == 200) {
                         String entity = clientResponse.getEntity(String.class);
                         JSONArray sectorIdentifierJsonArray = new JSONArray(entity);
                         redirectUris = new String[sectorIdentifierJsonArray.length()];
                         for (int i = 0; i < sectorIdentifierJsonArray.length(); i++) {
                             redirectUris[i] = sectorIdentifierJsonArray.getString(i);
                         }
                     } else {
                         return null;
                     }
                 }
 
                 if (StringUtils.isNotBlank(redirectionUri) && redirectUris != null) {
                     log.debug("Validating redirection URI: clientIdentifier = {}, redirectionUri = {}, found = {}",
                             clientIdentifier, redirectionUri, redirectUris.length);
 
                     final String redirectUriWithoutParams = uriWithoutParams(redirectionUri);
 
                     for (String uri : redirectUris) {
                         log.debug("Comparing {} == {}", uri, redirectionUri);
                         if (uri.equals(redirectionUri)) { // compare complete uri
                             return redirectionUri;
                         }
 
                         String uriWithoutParams = uriWithoutParams(uri);
                         final Map<String, String> params = getParams(uri);
 
                         if ((uriWithoutParams.equals(redirectUriWithoutParams) && params.size() == 0 && getParams(redirectionUri).size() == 0) ||
                                 uriWithoutParams.equals(redirectUriWithoutParams) && params.size() > 0 && compareParams(redirectionUri, uri)) {
                             return redirectionUri;
                         }
                     }
                 } else {
                     // Accept Request Without redirect_uri when One Registered
                     if (redirectUris != null && redirectUris.length == 1) {
                         return redirectUris[0];
                     }
                 }
             }
         } catch (Exception e) {
             return null;
         }
 
         return null;
     }

メンバ詳解

◆ clientService

ClientService org.xdi.oxauth.service.RedirectionUriService.clientService

private

◆ errorResponseFactory

ErrorResponseFactory org.xdi.oxauth.service.RedirectionUriService.errorResponseFactory

private

◆ log

Logger org.xdi.oxauth.service.RedirectionUriService.log

private

このクラス詳解は次のファイルから抽出されました:

D:/AppData/OpenId/gluu/src/oxAuth/Server/src/main/java/org/xdi/oxauth/service/RedirectionUriService.java

公開メンバ関数

静的公開メンバ関数

非公開変数類

詳解

関数詳解

◆ compareParams()

◆ getParams()

◆ uriWithoutParams()

◆ validatePostLogoutRedirectUri() [1/2]

◆ validatePostLogoutRedirectUri() [2/2]

◆ validateRedirectionUri()

メンバ詳解

◆ clientService

◆ errorResponseFactory

◆ log