gluu
公開メンバ関数 | 非公開メンバ関数 | 非公開変数類 | 全メンバ一覧
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl クラス
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl の継承関係図
Inheritance graph
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl 連携図
Collaboration graph

公開メンバ関数

Response requestRegister (String requestParams, String authorization, HttpServletRequest httpRequest, SecurityContext securityContext)
 
Response.ResponseBuilder internalErrorResponse ()
 
Response requestClientUpdate (String requestParams, String clientId, @HeaderParam("Authorization") String authorization, @Context HttpServletRequest httpRequest, @Context SecurityContext securityContext)
 
Response requestClientRead (String clientId, String authorization, HttpServletRequest httpRequest, SecurityContext securityContext)
 
Response requestRegister ( @ApiParam(value="Request parameters as JSON object with data described by Connect Client Registration Specification. ", required=true) String requestParams, @HeaderParam("Authorization") String authorization, @Context HttpServletRequest httpRequest, @Context SecurityContext securityContext)
 
Response requestClientUpdate ( @ApiParam(value="Request parameters as JSON object with data described by Connect Client Registration Specification. ", required=true) String requestParams, @QueryParam("client_id") @ApiParam(value="Client ID that identifies client that must be updated by this request.", required=true) String clientId, @HeaderParam("Authorization") String authorization, @Context HttpServletRequest httpRequest, @Context SecurityContext securityContext)
 
Response requestClientRead ( @QueryParam("client_id") @ApiParam(value="Client ID that identifies client.", required=true) String clientId, @HeaderParam("Authorization") String authorization, @Context HttpServletRequest httpRequest, @Context SecurityContext securityContext)
 

非公開メンバ関数

Response registerClientImpl (String requestParams, HttpServletRequest httpRequest, SecurityContext securityContext)
 
void updateClientFromRequestObject (Client p_client, RegisterRequest requestObject, boolean update) throws JSONException
 
String clientAsEntity (Client p_client) throws JSONException, StringEncrypter.EncryptionException
 
JSONObject getJSONObject (Client client, boolean authorizationRequestCustomAllowedParameters) throws JSONException, StringEncrypter.EncryptionException
 
void putCustomStuffIntoObject (Client p_client, JSONObject p_requestObject) throws JSONException
 
boolean processApplicationAttributes (Client p_client, String attr, final List< String > parameterValues)
 
String clientScopesToString (Client client)
 

非公開変数類

Logger log
 
ApplicationAuditLogger applicationAuditLogger
 
ErrorResponseFactory errorResponseFactory
 
ScopeService scopeService
 
AttributeService attributeService
 
InumService inumService
 
ClientService clientService
 
TokenService tokenService
 
MetricService metricService
 
ExternalDynamicClientRegistrationService externalDynamicClientRegistrationService
 
RegisterParamsValidator registerParamsValidator
 
AppConfiguration appConfiguration
 
StaticConfiguration staticConfiguration
 

詳解

Implementation for register REST web services.

著者
Javier Rojas Blum
Yuriy Zabrovarnyy
Yuriy Movchan
バージョン
August 2, 2018

関数詳解

◆ clientAsEntity()

String org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.clientAsEntity ( Client  p_client) throws JSONException, StringEncrypter.EncryptionException
inlineprivate
586  {
587  final JSONObject jsonObject = getJSONObject(p_client, appConfiguration.getLegacyDynamicRegistrationScopeParam());
588  return jsonObject.toString(4).replace("\\/", "/");
589  }
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.getJSONObject
JSONObject getJSONObject(Client client, boolean authorizationRequestCustomAllowedParameters)
Definition: RegisterRestWebServiceImpl.java:591
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.appConfiguration
AppConfiguration appConfiguration
Definition: RegisterRestWebServiceImpl.java:97
org.xdi.oxauth.model.configuration.AppConfiguration.getLegacyDynamicRegistrationScopeParam
Boolean getLegacyDynamicRegistrationScopeParam()
Definition: AppConfiguration.java:1385

◆ clientScopesToString()

String org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.clientScopesToString ( Client  client)
inlineprivate
731  {
732  String[] scopeDns = client.getScopes();
733  if (scopeDns != null) {
734  String[] scopeNames = new String[scopeDns.length];
735  for (int i = 0; i < scopeDns.length; i++) {
736  Scope scope = scopeService.getScopeByDn(scopeDns[i]);
737  scopeNames[i] = scope.getDisplayName();
738  }
739  return StringUtils.join(scopeNames, " ");
740  }
741  return null;
742  }
org.xdi.oxauth.service.ScopeService.getScopeByDn
org.xdi.oxauth.model.common.Scope getScopeByDn(String dn)
Definition: ScopeService.java:89
org.xdi.oxauth.model.common.Scope.getDisplayName
String getDisplayName()
Definition: Scope.java:72
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.scopeService
ScopeService scopeService
Definition: RegisterRestWebServiceImpl.java:75
org.xdi.oxauth.model.registration.Client.getScopes
String [] getScopes()
Definition: Client.java:1034
org.xdi.oxauth.model.common.Scope
Definition: Scope.java:23

◆ getJSONObject()

JSONObject org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.getJSONObject ( Client  client,
boolean  authorizationRequestCustomAllowedParameters 
) throws JSONException, StringEncrypter.EncryptionException
inlineprivate
591  {
592  JSONObject responseJsonObject = new JSONObject();
593 
594  Util.addToJSONObjectIfNotNull(responseJsonObject, RegisterResponseParam.CLIENT_ID.toString(), client.getClientId());
595  Util.addToJSONObjectIfNotNull(responseJsonObject, CLIENT_SECRET.toString(), clientService.decryptSecret(client.getClientSecret()));
596  Util.addToJSONObjectIfNotNull(responseJsonObject, RegisterResponseParam.REGISTRATION_ACCESS_TOKEN.toString(), client.getRegistrationAccessToken());
597  Util.addToJSONObjectIfNotNull(responseJsonObject, REGISTRATION_CLIENT_URI.toString(),
598  appConfiguration.getRegistrationEndpoint() + "?" +
599  RegisterResponseParam.CLIENT_ID.toString() + "=" + client.getClientId());
600  responseJsonObject.put(CLIENT_ID_ISSUED_AT.toString(), client.getClientIdIssuedAt().getTime() / 1000);
601  responseJsonObject.put(CLIENT_SECRET_EXPIRES_AT.toString(), client.getClientSecretExpiresAt() != null && client.getClientSecretExpiresAt().getTime() > 0 ?
602  client.getClientSecretExpiresAt().getTime() / 1000 : 0);
603 
604  Util.addToJSONObjectIfNotNull(responseJsonObject, REDIRECT_URIS.toString(), client.getRedirectUris());
605  Util.addToJSONObjectIfNotNull(responseJsonObject, CLAIMS_REDIRECT_URIS.toString(), client.getClaimRedirectUris());
606  Util.addToJSONObjectIfNotNull(responseJsonObject, RESPONSE_TYPES.toString(), ResponseType.toStringArray(client.getResponseTypes()));
607  Util.addToJSONObjectIfNotNull(responseJsonObject, GRANT_TYPES.toString(), GrantType.toStringArray(client.getGrantTypes()));
608  Util.addToJSONObjectIfNotNull(responseJsonObject, APPLICATION_TYPE.toString(), client.getApplicationType());
609  Util.addToJSONObjectIfNotNull(responseJsonObject, CONTACTS.toString(), client.getContacts());
610  Util.addToJSONObjectIfNotNull(responseJsonObject, CLIENT_NAME.toString(), client.getClientName());
611  Util.addToJSONObjectIfNotNull(responseJsonObject, LOGO_URI.toString(), client.getLogoUri());
612  Util.addToJSONObjectIfNotNull(responseJsonObject, CLIENT_URI.toString(), client.getClientUri());
613  Util.addToJSONObjectIfNotNull(responseJsonObject, POLICY_URI.toString(), client.getPolicyUri());
614  Util.addToJSONObjectIfNotNull(responseJsonObject, TOS_URI.toString(), client.getTosUri());
615  Util.addToJSONObjectIfNotNull(responseJsonObject, JWKS_URI.toString(), client.getJwksUri());
616  Util.addToJSONObjectIfNotNull(responseJsonObject, SECTOR_IDENTIFIER_URI.toString(), client.getSectorIdentifierUri());
617  Util.addToJSONObjectIfNotNull(responseJsonObject, SUBJECT_TYPE.toString(), client.getSubjectType());
618  Util.addToJSONObjectIfNotNull(responseJsonObject, ID_TOKEN_SIGNED_RESPONSE_ALG.toString(), client.getIdTokenSignedResponseAlg());
619  Util.addToJSONObjectIfNotNull(responseJsonObject, ID_TOKEN_ENCRYPTED_RESPONSE_ALG.toString(), client.getIdTokenEncryptedResponseAlg());
620  Util.addToJSONObjectIfNotNull(responseJsonObject, ID_TOKEN_ENCRYPTED_RESPONSE_ENC.toString(), client.getIdTokenEncryptedResponseEnc());
621  Util.addToJSONObjectIfNotNull(responseJsonObject, USERINFO_SIGNED_RESPONSE_ALG.toString(), client.getUserInfoSignedResponseAlg());
622  Util.addToJSONObjectIfNotNull(responseJsonObject, USERINFO_ENCRYPTED_RESPONSE_ALG.toString(), client.getUserInfoEncryptedResponseAlg());
623  Util.addToJSONObjectIfNotNull(responseJsonObject, USERINFO_ENCRYPTED_RESPONSE_ENC.toString(), client.getUserInfoEncryptedResponseEnc());
624  Util.addToJSONObjectIfNotNull(responseJsonObject, REQUEST_OBJECT_SIGNING_ALG.toString(), client.getRequestObjectSigningAlg());
625  Util.addToJSONObjectIfNotNull(responseJsonObject, REQUEST_OBJECT_ENCRYPTION_ALG.toString(), client.getRequestObjectEncryptionAlg());
626  Util.addToJSONObjectIfNotNull(responseJsonObject, REQUEST_OBJECT_ENCRYPTION_ENC.toString(), client.getRequestObjectEncryptionEnc());
627  Util.addToJSONObjectIfNotNull(responseJsonObject, TOKEN_ENDPOINT_AUTH_METHOD.toString(), client.getTokenEndpointAuthMethod());
628  Util.addToJSONObjectIfNotNull(responseJsonObject, TOKEN_ENDPOINT_AUTH_SIGNING_ALG.toString(), client.getTokenEndpointAuthSigningAlg());
629  Util.addToJSONObjectIfNotNull(responseJsonObject, DEFAULT_MAX_AGE.toString(), client.getDefaultMaxAge());
630  Util.addToJSONObjectIfNotNull(responseJsonObject, REQUIRE_AUTH_TIME.toString(), client.getRequireAuthTime());
631  Util.addToJSONObjectIfNotNull(responseJsonObject, DEFAULT_ACR_VALUES.toString(), client.getDefaultAcrValues());
632  Util.addToJSONObjectIfNotNull(responseJsonObject, INITIATE_LOGIN_URI.toString(), client.getInitiateLoginUri());
633  Util.addToJSONObjectIfNotNull(responseJsonObject, POST_LOGOUT_REDIRECT_URIS.toString(), client.getPostLogoutRedirectUris());
634  Util.addToJSONObjectIfNotNull(responseJsonObject, REQUEST_URIS.toString(), client.getRequestUris());
635  Util.addToJSONObjectIfNotNull(responseJsonObject, AUTHORIZED_ORIGINS.toString(), client.getAuthorizedOrigins());
636  if (!Util.isNullOrEmpty(client.getJwks())) {
637  Util.addToJSONObjectIfNotNull(responseJsonObject, JWKS.toString(), new JSONObject(client.getJwks()));
638  }
639 
640  // Logout params
641  Util.addToJSONObjectIfNotNull(responseJsonObject, FRONT_CHANNEL_LOGOUT_URI.toString(), client.getFrontChannelLogoutUri());
642  Util.addToJSONObjectIfNotNull(responseJsonObject, FRONT_CHANNEL_LOGOUT_SESSION_REQUIRED.toString(), client.getFrontChannelLogoutSessionRequired());
643 
644  // Custom Params
645  String[] scopeNames = null;
646  String[] scopeDns = client.getScopes();
647  if (scopeDns != null) {
648  scopeNames = new String[scopeDns.length];
649  for (int i = 0; i < scopeDns.length; i++) {
650  Scope scope = scopeService.getScopeByDn(scopeDns[i]);
651  scopeNames[i] = scope.getDisplayName();
652  }
653  }
654 
655  if (authorizationRequestCustomAllowedParameters) {
656  Util.addToJSONObjectIfNotNull(responseJsonObject, SCOPES.toString(), scopeNames);
657  } else {
658  Util.addToJSONObjectIfNotNull(responseJsonObject, SCOPE.toString(), implode(scopeNames, " "));
659  }
660 
661  String[] claimNames = null;
662  String[] claimDns = client.getClaims();
663  if (claimDns != null) {
664  claimNames = new String[claimDns.length];
665  for (int i = 0; i < claimDns.length; i++) {
666  GluuAttribute gluuAttribute = attributeService.getAttributeByDn(claimDns[i]);
667  claimNames[i] = gluuAttribute.getOxAuthClaimName();
668  }
669  }
670 
671  if (claimNames != null && claimNames.length > 0) {
672  Util.addToJSONObjectIfNotNull(responseJsonObject, CLAIMS.toString(), implode(claimNames, " "));
673  }
674 
675  return responseJsonObject;
676  }
org.xdi.oxauth.model.registration.Client.getFrontChannelLogoutUri
String [] getFrontChannelLogoutUri()
Definition: Client.java:257
org.xdi.oxauth.model.registration.Client.getClientSecretExpiresAt
Date getClientSecretExpiresAt()
Definition: Client.java:367
org.xdi.oxauth.model.registration.Client.getIdTokenEncryptedResponseAlg
String getIdTokenEncryptedResponseAlg()
Definition: Client.java:735
org.xdi.oxauth.service.ScopeService.getScopeByDn
org.xdi.oxauth.model.common.Scope getScopeByDn(String dn)
Definition: ScopeService.java:89
org.xdi.oxauth.model.registration.Client.getRedirectUris
String [] getRedirectUris()
Definition: Client.java:387
org.xdi.oxauth.model.registration.Client.getResponseTypes
ResponseType [] getResponseTypes()
Definition: Client.java:436
org.xdi.oxauth.service.AttributeService.getAttributeByDn
GluuAttribute getAttributeByDn(String dn)
Definition: AttributeService.java:47
org.xdi.oxauth.model.registration.Client.getApplicationType
String getApplicationType()
Definition: Client.java:479
org.xdi.oxauth.model.registration.Client.getClientId
String getClientId()
Definition: Client.java:275
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.attributeService
AttributeService attributeService
Definition: RegisterRestWebServiceImpl.java:78
org.xdi.oxauth.model.registration.Client.getRegistrationAccessToken
String getRegistrationAccessToken()
Definition: Client.java:330
org.xdi.oxauth.model.registration.Client.getUserInfoEncryptedResponseEnc
String getUserInfoEncryptedResponseEnc()
Definition: Client.java:807
org.xdi.oxauth.model.registration.Client.getGrantTypes
GrantType [] getGrantTypes()
Definition: Client.java:456
org.xdi.oxauth.model.util.Util.addToJSONObjectIfNotNull
static void addToJSONObjectIfNotNull(JSONObject p_jsonObject, String key, Object value)
Definition: Util.java:118
org.xdi.oxauth.model.registration.Client.getUserInfoSignedResponseAlg
String getUserInfoSignedResponseAlg()
Definition: Client.java:771
org.xdi.oxauth.model.registration.Client.getTokenEndpointAuthSigningAlg
String getTokenEndpointAuthSigningAlg()
Definition: Client.java:901
org.xdi.oxauth.model.common.GrantType
Definition: GrantType.java:23
org.xdi.oxauth.model.registration.Client.getAuthorizedOrigins
String [] getAuthorizedOrigins()
Definition: Client.java:1122
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.appConfiguration
AppConfiguration appConfiguration
Definition: RegisterRestWebServiceImpl.java:97
org.xdi.oxauth.model.registration.Client.getRequestObjectEncryptionEnc
String getRequestObjectEncryptionEnc()
Definition: Client.java:864
org.xdi.oxauth.model.util.Util.isNullOrEmpty
static boolean isNullOrEmpty(String string)
Definition: Util.java:245
org.xdi.oxauth.model.common.Scope.getDisplayName
String getDisplayName()
Definition: Scope.java:72
org.xdi.oxauth.model.registration.Client.getRequestObjectEncryptionAlg
String getRequestObjectEncryptionAlg()
Definition: Client.java:844
org.xdi.oxauth.model.registration.Client.getContacts
String [] getContacts()
Definition: Client.java:502
org.xdi.oxauth.model.registration.Client.getInitiateLoginUri
String getInitiateLoginUri()
Definition: Client.java:983
org.xdi.oxauth.model.registration.Client.getFrontChannelLogoutSessionRequired
Boolean getFrontChannelLogoutSessionRequired()
Definition: Client.java:239
org.xdi.oxauth.model.registration.Client.getDefaultMaxAge
Integer getDefaultMaxAge()
Definition: Client.java:921
org.xdi.oxauth.model.registration.Client.getJwksUri
String getJwksUri()
Definition: Client.java:629
org.xdi.oxauth.model.registration.Client.getPostLogoutRedirectUris
String [] getPostLogoutRedirectUris()
Definition: Client.java:1002
org.xdi.oxauth.model.registration.Client.getPolicyUri
String getPolicyUri()
Definition: Client.java:588
org.xdi.oxauth.model.registration.Client.getSectorIdentifierUri
String getSectorIdentifierUri()
Definition: Client.java:680
org.xdi.oxauth.model.registration.Client.getTokenEndpointAuthMethod
String getTokenEndpointAuthMethod()
Definition: Client.java:883
org.xdi.oxauth.model.registration.Client.getIdTokenSignedResponseAlg
String getIdTokenSignedResponseAlg()
Definition: Client.java:717
org.xdi.oxauth.model.registration.Client.getClaims
String [] getClaims()
Definition: Client.java:1042
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.scopeService
ScopeService scopeService
Definition: RegisterRestWebServiceImpl.java:75
org.xdi.oxauth.model.common.GrantType.toStringArray
static String [] toStringArray(GrantType[] grantTypes)
Definition: GrantType.java:133
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.clientService
ClientService clientService
Definition: RegisterRestWebServiceImpl.java:83
org.xdi.oxauth.model.registration.Client.getRequestUris
String [] getRequestUris()
Definition: Client.java:1021
org.xdi.oxauth.model.registration.Client.getRequireAuthTime
boolean getRequireAuthTime()
Definition: Client.java:942
org.xdi.oxauth.model.common.ResponseType.toStringArray
static String [] toStringArray(ResponseType[] responseTypes)
Definition: ResponseType.java:130
org.xdi.oxauth.model.registration.Client.getClientUri
String getClientUri()
Definition: Client.java:569
org.xdi.oxauth.model.registration.Client.getClientSecret
String getClientSecret()
Definition: Client.java:311
org.xdi.oxauth.model.registration.Client.getScopes
String [] getScopes()
Definition: Client.java:1034
org.xdi.oxauth.model.common.Scope
Definition: Scope.java:23
org.xdi.oxauth.model.registration.Client.getClientIdIssuedAt
Date getClientIdIssuedAt()
Definition: Client.java:349
org.xdi.oxauth.model.registration.Client.getClientName
String getClientName()
Definition: Client.java:521
org.xdi.oxauth.model.registration.Client.getJwks
String getJwks()
Definition: Client.java:655
org.xdi.oxauth.model.registration.Client.getLogoUri
String getLogoUri()
Definition: Client.java:551
org.xdi.oxauth.model.registration.Client.getSubjectType
String getSubjectType()
Definition: Client.java:699
org.xdi.oxauth.model.registration.Client.getUserInfoEncryptedResponseAlg
String getUserInfoEncryptedResponseAlg()
Definition: Client.java:789
org.xdi.oxauth.model.registration.Client.getRequestObjectSigningAlg
String getRequestObjectSigningAlg()
Definition: Client.java:825
org.xdi.oxauth.model.registration.Client.getTosUri
String getTosUri()
Definition: Client.java:608
org.xdi.oxauth.service.ClientService.decryptSecret
String decryptSecret(String encryptedClientSecret)
Definition: ClientService.java:390
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.model.util.Util
Definition: Util.java:40
org.xdi.oxauth.model.registration.Client.getIdTokenEncryptedResponseEnc
String getIdTokenEncryptedResponseEnc()
Definition: Client.java:753
org.xdi.oxauth.model.configuration.AppConfiguration.getRegistrationEndpoint
String getRegistrationEndpoint()
Definition: AppConfiguration.java:480
org.xdi.oxauth.model.registration.Client.getClaimRedirectUris
String [] getClaimRedirectUris()
Definition: Client.java:417
org.xdi.oxauth.model.registration.Client.getDefaultAcrValues
String [] getDefaultAcrValues()
Definition: Client.java:963

◆ internalErrorResponse()

Response.ResponseBuilder org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.internalErrorResponse ( )
inline
253  {
254  return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(
255  errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLIENT_METADATA));
256  }
org.xdi.oxauth.model.error.ErrorResponseFactory.getErrorAsJson
String getErrorAsJson(IErrorType p_type)
Definition: ErrorResponseFactory.java:86
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.errorResponseFactory
ErrorResponseFactory errorResponseFactory
Definition: RegisterRestWebServiceImpl.java:72

◆ processApplicationAttributes()

boolean org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.processApplicationAttributes ( Client  p_client,
String  attr,
final List< String >  parameterValues 
)
inlineprivate
715  {
716  if (StringHelper.equalsIgnoreCase("oxAuthTrustedClient", attr)) {
717  boolean trustedClient = StringHelper.toBoolean(parameterValues.get(0), false);
718  p_client.setTrustedClient(trustedClient);
719 
720  return true;
721  } else if (StringHelper.equalsIgnoreCase("oxIncludeClaimsInIdToken", attr)) {
722  boolean includeClaimsInIdToken = StringHelper.toBoolean(parameterValues.get(0), false);
723  p_client.setIncludeClaimsInIdToken(includeClaimsInIdToken);
724 
725  return true;
726  }
727 
728  return false;
729  }
org.xdi.oxauth.model.registration.Client.setIncludeClaimsInIdToken
void setIncludeClaimsInIdToken(boolean includeClaimsInIdToken)
Definition: Client.java:1086
org.xdi.oxauth.model.registration.Client.setTrustedClient
void setTrustedClient(boolean trustedClient)
Definition: Client.java:1054

◆ putCustomStuffIntoObject()

void org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.putCustomStuffIntoObject ( Client  p_client,
JSONObject  p_requestObject 
) throws JSONException
inlineprivate

Puts custom object class and custom attributes in client object for persistence.

引数
p_clientclient object
p_requestObjectrequest object
684  {
685  // custom object class
686  final String customOC = appConfiguration.getDynamicRegistrationCustomObjectClass();
687  if (StringUtils.isNotBlank(customOC)) {
688  p_client.setCustomObjectClasses(new String[]{customOC});
689  }
690 
691  // custom attributes (custom attributes must be in custom object class)
692  final List<String> attrList = appConfiguration.getDynamicRegistrationCustomAttributes();
693  if (attrList != null && !attrList.isEmpty()) {
694  for (String attr : attrList) {
695  if (p_requestObject.has(attr)) {
696  final JSONArray parameterValuesJsonArray = p_requestObject.optJSONArray(attr);
697  final List<String> parameterValues = parameterValuesJsonArray != null ?
698  toList(parameterValuesJsonArray) :
699  Arrays.asList(p_requestObject.getString(attr));
700  if (parameterValues != null && !parameterValues.isEmpty()) {
701  try {
702  boolean processed = processApplicationAttributes(p_client, attr, parameterValues);
703  if (!processed) {
704  p_client.getCustomAttributes().add(new CustomAttribute(attr, parameterValues));
705  }
706  } catch (Exception e) {
707  log.debug(e.getMessage(), e);
708  }
709  }
710  }
711  }
712  }
713  }
org.xdi.oxauth.model.registration.Client.getCustomAttributes
List< CustomAttribute > getCustomAttributes()
Definition: Client.java:1098
org.xdi.oxauth.model.registration.Client.setCustomObjectClasses
void setCustomObjectClasses(String[] p_customObjectClasses)
Definition: Client.java:1110
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.appConfiguration
AppConfiguration appConfiguration
Definition: RegisterRestWebServiceImpl.java:97
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.log
Logger log
Definition: RegisterRestWebServiceImpl.java:68
org.xdi.oxauth.model.configuration.AppConfiguration.getDynamicRegistrationCustomObjectClass
String getDynamicRegistrationCustomObjectClass()
Definition: AppConfiguration.java:960
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.processApplicationAttributes
boolean processApplicationAttributes(Client p_client, String attr, final List< String > parameterValues)
Definition: RegisterRestWebServiceImpl.java:715
org.xdi.oxauth.model.configuration.AppConfiguration.getDynamicRegistrationCustomAttributes
List< String > getDynamicRegistrationCustomAttributes()
Definition: AppConfiguration.java:661

◆ registerClientImpl()

Response org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.registerClientImpl ( String  requestParams,
HttpServletRequest  httpRequest,
SecurityContext  securityContext 
)
inlineprivate
112  {
113  Response.ResponseBuilder builder = Response.ok();
114  OAuth2AuditLog oAuth2AuditLog = new OAuth2AuditLog(ServerUtil.getIpAddress(httpRequest), Action.CLIENT_REGISTRATION);
115  try {
116  final RegisterRequest r = RegisterRequest.fromJson(requestParams, appConfiguration.getLegacyDynamicRegistrationScopeParam());
117 
118  log.info("Attempting to register client: applicationType = {}, clientName = {}, redirectUris = {}, isSecure = {}, sectorIdentifierUri = {}, defaultAcrValues = {}",
119  r.getApplicationType(), r.getClientName(), r.getRedirectUris(), securityContext.isSecure(), r.getSectorIdentifierUri(), r.getDefaultAcrValues());
120  log.trace("Registration request = {}", requestParams);
121 
122  if (appConfiguration.getDynamicRegistrationEnabled()) {
123 
124  if (r.getSubjectType() == null) {
125  SubjectType defaultSubjectType = SubjectType.fromString(appConfiguration.getDefaultSubjectType());
126  if (defaultSubjectType != null) {
127  r.setSubjectType(defaultSubjectType);
128  } else if (appConfiguration.getSubjectTypesSupported().contains(SubjectType.PUBLIC.toString())) {
129  r.setSubjectType(SubjectType.PUBLIC);
130  } else if (appConfiguration.getSubjectTypesSupported().contains(SubjectType.PAIRWISE.toString())) {
131  r.setSubjectType(SubjectType.PAIRWISE);
132  }
133  }
134 
135  if (r.getIdTokenSignedResponseAlg() == null) {
136  r.setIdTokenSignedResponseAlg(SignatureAlgorithm.fromString(appConfiguration.getDefaultSignatureAlgorithm()));
137  }
138  if (r.getAccessTokenSigningAlg() == null) {
139  r.setAccessTokenSigningAlg(SignatureAlgorithm.fromString(appConfiguration.getDefaultSignatureAlgorithm()));
140  }
141 
142  if (r.getClaimsRedirectUris() != null && !r.getClaimsRedirectUris().isEmpty()) {
143  if (!registerParamsValidator.validateRedirectUris(r.getApplicationType(), r.getSubjectType(), r.getClaimsRedirectUris(), r.getSectorIdentifierUri())) {
144  log.error("Value of one or more claims_redirect_uris is invalid, claims_redirect_uris: " + r.getClaimsRedirectUris());
145  throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST)
146  .entity(errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLAIMS_REDIRECT_URI))
147  .build());
148  }
149  }
150 
151  if (registerParamsValidator.validateParamsClientRegister(r.getApplicationType(), r.getSubjectType(),
152  r.getRedirectUris(), r.getSectorIdentifierUri())) {
153  if (!registerParamsValidator.validateRedirectUris(r.getApplicationType(), r.getSubjectType(),
154  r.getRedirectUris(), r.getSectorIdentifierUri())) {
155  builder = Response.status(Response.Status.BAD_REQUEST.getStatusCode());
156  builder.entity(errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_REDIRECT_URI));
157  } else {
158  registerParamsValidator.validateLogoutUri(r.getFrontChannelLogoutUris(), r.getRedirectUris(), errorResponseFactory);
159 
160  String clientsBaseDN = staticConfiguration.getBaseDn().getClients();
161 
162  String inum = inumService.generateClientInum();
163  String generatedClientSecret = UUID.randomUUID().toString();
164 
165  final Client client = new Client();
166  client.setDn("inum=" + inum + "," + clientsBaseDN);
167  client.setClientId(inum);
168  client.setClientSecret(clientService.encryptSecret(generatedClientSecret));
169  client.setRegistrationAccessToken(HandleTokenFactory.generateHandleToken());
170  client.setIdTokenTokenBindingCnf(r.getIdTokenTokenBindingCnf());
171 
172  final Calendar calendar = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
173  client.setClientIdIssuedAt(calendar.getTime());
174 
175  if (appConfiguration.getDynamicRegistrationExpirationTime() > 0) {
176  calendar.add(Calendar.SECOND, appConfiguration.getDynamicRegistrationExpirationTime());
177  client.setClientSecretExpiresAt(calendar.getTime());
178  }
179 
180  if (StringUtils.isBlank(r.getClientName()) && r.getRedirectUris() != null && !r.getRedirectUris().isEmpty()) {
181  try {
182  URI redUri = new URI(r.getRedirectUris().get(0));
183  client.setClientName(redUri.getHost());
184  } catch (Exception e) {
185  //ignore
186  log.error(e.getMessage(), e);
187  client.setClientName("Unknown");
188  }
189  }
190 
191  updateClientFromRequestObject(client, r, false);
192 
193  boolean registerClient = true;
194  if (externalDynamicClientRegistrationService.isEnabled()) {
195  registerClient = externalDynamicClientRegistrationService.executeExternalCreateClientMethods(r, client);
196  }
197 
198  if (registerClient) {
199  Date currentTime = Calendar.getInstance().getTime();
200  client.setLastAccessTime(currentTime);
201  client.setLastLogonTime(currentTime);
202 
203  Boolean persistClientAuthorizations = appConfiguration.getDynamicRegistrationPersistClientAuthorizations();
204  client.setPersistClientAuthorizations(persistClientAuthorizations != null ? persistClientAuthorizations : false);
205 
206  clientService.persist(client);
207 
208  JSONObject jsonObject = getJSONObject(client, appConfiguration.getLegacyDynamicRegistrationScopeParam());
209  builder.entity(jsonObject.toString(4).replace("\\/", "/"));
210 
211  log.info("Client registered: clientId = {}, applicationType = {}, clientName = {}, redirectUris = {}, sectorIdentifierUri = {}",
212  client.getClientId(), client.getApplicationType(), client.getClientName(), client.getRedirectUris(), client.getSectorIdentifierUri());
213 
214  oAuth2AuditLog.setClientId(client.getClientId());
215  oAuth2AuditLog.setScope(clientScopesToString(client));
216  oAuth2AuditLog.setSuccess(true);
217  } else {
218  log.trace("Client parameters are invalid, returns invalid_request error.");
219  builder = Response.status(Response.Status.BAD_REQUEST).
220  entity(errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLIENT_METADATA));
221  }
222  }
223  } else {
224  log.trace("Client parameters are invalid, returns invalid_request error.");
225  builder = Response.status(Response.Status.BAD_REQUEST).
226  entity(errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLIENT_METADATA));
227  }
228  } else {
229  log.info("Dynamic client registration is disabled.");
230  builder = Response.status(Response.Status.BAD_REQUEST).
231  entity(errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.ACCESS_DENIED));
232  }
233  } catch (StringEncrypter.EncryptionException e) {
234  builder = internalErrorResponse();
235  log.error(e.getMessage(), e);
236  } catch (JSONException e) {
237  builder = internalErrorResponse();
238  log.error(e.getMessage(), e);
239  } catch (WebApplicationException e) {
240  log.error(e.getMessage(), e);
241  throw e;
242  } catch (Exception e) {
243  builder = internalErrorResponse();
244  log.error(e.getMessage(), e);
245  }
246 
247  builder.cacheControl(ServerUtil.cacheControl(true, false));
248  builder.header("Pragma", "no-cache");
249  applicationAuditLogger.sendMessage(oAuth2AuditLog);
250  return builder.build();
251  }
org.xdi.oxauth.model.error.ErrorResponseFactory.getErrorAsJson
String getErrorAsJson(IErrorType p_type)
Definition: ErrorResponseFactory.java:86
org.xdi.oxauth.service.ClientService.persist
void persist(Client client)
Definition: ClientService.java:91
org.xdi.oxauth.model.configuration.AppConfiguration.getDynamicRegistrationExpirationTime
int getDynamicRegistrationExpirationTime()
Definition: AppConfiguration.java:896
org.xdi.oxauth.model.audit.OAuth2AuditLog.setClientId
void setClientId(String clientId)
Definition: OAuth2AuditLog.java:67
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.getJSONObject
JSONObject getJSONObject(Client client, boolean authorizationRequestCustomAllowedParameters)
Definition: RegisterRestWebServiceImpl.java:591
org.xdi.oxauth.model.common.SubjectType.PUBLIC
PUBLIC
Definition: SubjectType.java:15
org.xdi.oxauth.audit.ApplicationAuditLogger.sendMessage
void sendMessage(OAuth2AuditLog oAuth2AuditLog)
Definition: ApplicationAuditLogger.java:78
org.xdi.oxauth.model.registration.Client.setClientIdIssuedAt
void setClientIdIssuedAt(Date clientIdIssuedAt)
Definition: Client.java:358
org.xdi.oxauth.model.token.HandleTokenFactory
Definition: HandleTokenFactory.java:28
org.xdi.oxauth.model.registration.Client.getRedirectUris
String [] getRedirectUris()
Definition: Client.java:387
org.xdi.oxauth.model.common.SubjectType.PAIRWISE
PAIRWISE
Definition: SubjectType.java:14
org.xdi.oxauth.model.configuration.AppConfiguration.getDefaultSignatureAlgorithm
String getDefaultSignatureAlgorithm()
Definition: AppConfiguration.java:856
org.xdi.oxauth.model.registration.Client.setClientSecretExpiresAt
void setClientSecretExpiresAt(Date clientSecretExpiresAt)
Definition: Client.java:376
org.xdi.oxauth.model.registration.Client.getApplicationType
String getApplicationType()
Definition: Client.java:479
org.xdi.oxauth.model.registration.Client.getClientId
String getClientId()
Definition: Client.java:275
org.xdi.oxauth.model.registration.Client.setIdTokenTokenBindingCnf
void setIdTokenTokenBindingCnf(String idTokenTokenBindingCnf)
Definition: Client.java:538
org.xdi.oxauth.model.registration.Client.setClientId
void setClientId(String clientId)
Definition: Client.java:284
org.xdi.oxauth.model.registration.Client.setDn
void setDn(String dn)
Definition: Client.java:230
org.xdi.oxauth.service.InumService.generateClientInum
String generateClientInum()
Definition: InumService.java:37
org.xdi.oxauth.model.registration.RegisterParamsValidator.validateLogoutUri
void validateLogoutUri(List< String > logoutUris, List< String > redirectUris, ErrorResponseFactory errorResponseFactory)
Definition: RegisterParamsValidator.java:222
org.xdi.oxauth.service.ClientService.encryptSecret
String encryptSecret(String clientSecret)
Definition: ClientService.java:394
org.xdi.oxauth.model.configuration.AppConfiguration.getDefaultSubjectType
String getDefaultSubjectType()
Definition: AppConfiguration.java:565
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm
Definition: SignatureAlgorithm.java:20
org.xdi.oxauth.util.ServerUtil.getIpAddress
static String getIpAddress(HttpServletRequest httpRequest)
Definition: ServerUtil.java:188
org.xdi.oxauth.model.registration.Client.setRegistrationAccessToken
void setRegistrationAccessToken(String registrationAccessToken)
Definition: Client.java:340
org.xdi.oxauth.model.configuration.AppConfiguration.getSubjectTypesSupported
List< String > getSubjectTypesSupported()
Definition: AppConfiguration.java:557
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.appConfiguration
AppConfiguration appConfiguration
Definition: RegisterRestWebServiceImpl.java:97
org.xdi.oxauth.model.registration.Client.setLastAccessTime
void setLastAccessTime(Date lastAccessTime)
Definition: Client.java:1062
org.xdi.oxauth.model.registration.RegisterParamsValidator.validateParamsClientRegister
boolean validateParamsClientRegister(ApplicationType applicationType, SubjectType subjectType, List< String > redirectUris, String sectorIdentifierUrl)
Definition: RegisterParamsValidator.java:67
org.xdi.oxauth.model.registration.Client.setClientSecret
void setClientSecret(String clientSecret)
Definition: Client.java:320
org.xdi.oxauth.model.config.BaseDnConfiguration.getClients
String getClients()
Definition: BaseDnConfiguration.java:93
org.xdi.oxauth.model.token.HandleTokenFactory.generateHandleToken
static String generateHandleToken()
Definition: HandleTokenFactory.java:41
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.inumService
InumService inumService
Definition: RegisterRestWebServiceImpl.java:81
org.xdi.oxauth.model.common.SubjectType
Definition: SubjectType.java:12
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.registerParamsValidator
RegisterParamsValidator registerParamsValidator
Definition: RegisterRestWebServiceImpl.java:94
org.xdi.oxauth.model.registration.Client.getSectorIdentifierUri
String getSectorIdentifierUri()
Definition: Client.java:680
org.xdi.oxauth.model.common.SubjectType.fromString
static SubjectType fromString(String param)
Definition: SubjectType.java:30
org.xdi.oxauth.model.registration.Client.setClientName
void setClientName(String clientName)
Definition: Client.java:530
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.staticConfiguration
StaticConfiguration staticConfiguration
Definition: RegisterRestWebServiceImpl.java:100
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.log
Logger log
Definition: RegisterRestWebServiceImpl.java:68
org.xdi.oxauth.model.audit.OAuth2AuditLog
Definition: OAuth2AuditLog.java:10
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.clientService
ClientService clientService
Definition: RegisterRestWebServiceImpl.java:83
org.xdi.oxauth.model.registration.RegisterParamsValidator.validateRedirectUris
boolean validateRedirectUris(ApplicationType applicationType, SubjectType subjectType, List< String > redirectUris, String sectorIdentifierUrl)
Definition: RegisterParamsValidator.java:98
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.updateClientFromRequestObject
void updateClientFromRequestObject(Client p_client, RegisterRequest requestObject, boolean update)
Definition: RegisterRestWebServiceImpl.java:260
org.xdi.oxauth.model.audit.Action.CLIENT_REGISTRATION
CLIENT_REGISTRATION
Definition: Action.java:4
org.xdi.oxauth.model.registration.Client.setPersistClientAuthorizations
void setPersistClientAuthorizations(boolean persistClientAuthorizations)
Definition: Client.java:1078
org.xdi.oxauth.model.configuration.AppConfiguration.getLegacyDynamicRegistrationScopeParam
Boolean getLegacyDynamicRegistrationScopeParam()
Definition: AppConfiguration.java:1385
org.xdi.oxauth.model.registration.Client.getClientName
String getClientName()
Definition: Client.java:521
org.xdi.oxauth.util.ServerUtil
Definition: ServerUtil.java:50
org.xdi.oxauth.model.configuration.AppConfiguration.getDynamicRegistrationEnabled
Boolean getDynamicRegistrationEnabled()
Definition: AppConfiguration.java:888
org.xdi.oxauth.util.ServerUtil.cacheControl
static CacheControl cacheControl(boolean p_noStore)
Definition: ServerUtil.java:84
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.errorResponseFactory
ErrorResponseFactory errorResponseFactory
Definition: RegisterRestWebServiceImpl.java:72
org.xdi.oxauth.model.audit.OAuth2AuditLog.setSuccess
void setSuccess(boolean success)
Definition: OAuth2AuditLog.java:59
org.xdi.oxauth.service.external.ExternalDynamicClientRegistrationService.executeExternalCreateClientMethods
boolean executeExternalCreateClientMethods(RegisterRequest registerRequest, Client client)
Definition: ExternalDynamicClientRegistrationService.java:53
org.xdi.oxauth.model.audit.Action
Definition: Action.java:3
org.xdi.oxauth.model.audit.OAuth2AuditLog.setScope
void setScope(String scope)
Definition: OAuth2AuditLog.java:83
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.externalDynamicClientRegistrationService
ExternalDynamicClientRegistrationService externalDynamicClientRegistrationService
Definition: RegisterRestWebServiceImpl.java:91
org.xdi.oxauth.model.configuration.AppConfiguration.getDynamicRegistrationPersistClientAuthorizations
Boolean getDynamicRegistrationPersistClientAuthorizations()
Definition: AppConfiguration.java:904
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.internalErrorResponse
Response.ResponseBuilder internalErrorResponse()
Definition: RegisterRestWebServiceImpl.java:253
org.xdi.oxauth.model.config.StaticConfiguration.getBaseDn
BaseDnConfiguration getBaseDn()
Definition: StaticConfiguration.java:32
org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm.fromString
static List< SignatureAlgorithm > fromString(String[] params)
Definition: SignatureAlgorithm.java:83
org.xdi.oxauth.model.registration.Client.setLastLogonTime
void setLastLogonTime(Date lastLogonTime)
Definition: Client.java:1070
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.clientScopesToString
String clientScopesToString(Client client)
Definition: RegisterRestWebServiceImpl.java:731
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.applicationAuditLogger
ApplicationAuditLogger applicationAuditLogger
Definition: RegisterRestWebServiceImpl.java:70

◆ requestClientRead() [1/2]

Response org.xdi.oxauth.register.ws.rs.RegisterRestWebService.requestClientRead ( @QueryParam("client_id") @ApiParam(value="Client ID that identifies client.", required=true) String  clientId,
@HeaderParam("Authorization") String  authorization,
@Context HttpServletRequest  httpRequest,
@Context SecurityContext  securityContext 
)
inherited

This operation retrieves the Client Metadata for a previously registered client.

引数
clientIdUnique Client identifier.
securityContextAn injectable interface that provides access to security related information.
戻り値
response

◆ requestClientRead() [2/2]

Response org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.requestClientRead ( String  clientId,
String  authorization,
HttpServletRequest  httpRequest,
SecurityContext  securityContext 
)
inline
537  {
538  String accessToken = tokenService.getTokenFromAuthorizationParameter(authorization);
539  log.debug("Attempting to read client: clientId = {}, registrationAccessToken = {} isSecure = {}",
540  clientId, accessToken, securityContext.isSecure());
541  Response.ResponseBuilder builder = Response.ok();
542 
543  OAuth2AuditLog oAuth2AuditLog = new OAuth2AuditLog(ServerUtil.getIpAddress(httpRequest), Action.CLIENT_READ);
544  oAuth2AuditLog.setClientId(clientId);
545  try {
546  if (appConfiguration.getDynamicRegistrationEnabled()) {
547  if (registerParamsValidator.validateParamsClientRead(clientId, accessToken)) {
548  Client client = clientService.getClient(clientId, accessToken);
549  if (client != null) {
550  oAuth2AuditLog.setScope(clientScopesToString(client));
551  oAuth2AuditLog.setSuccess(true);
552  builder.entity(clientAsEntity(client));
553  } else {
554  log.trace("The Access Token is not valid for the Client ID, returns invalid_token error.");
555  builder = Response.status(Response.Status.BAD_REQUEST.getStatusCode());
556  builder.entity(errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_TOKEN));
557  }
558  } else {
559  log.trace("Client parameters are invalid.");
560  builder = Response.status(Response.Status.BAD_REQUEST);
561  builder.entity(errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLIENT_METADATA));
562  }
563  } else {
564  builder = Response.status(Response.Status.BAD_REQUEST);
565  builder.entity(errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.ACCESS_DENIED));
566  }
567  } catch (JSONException e) {
568  builder = Response.status(500);
569  builder.entity(errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLIENT_METADATA));
570  log.error(e.getMessage(), e);
571  } catch (StringEncrypter.EncryptionException e) {
572  builder = Response.status(500);
573  builder.entity(errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLIENT_METADATA));
574  log.error(e.getMessage(), e);
575  }
576 
577  CacheControl cacheControl = new CacheControl();
578  cacheControl.setNoTransform(false);
579  cacheControl.setNoStore(true);
580  builder.cacheControl(cacheControl);
581  builder.header("Pragma", "no-cache");
582  applicationAuditLogger.sendMessage(oAuth2AuditLog);
583  return builder.build();
584  }
org.xdi.oxauth.model.error.ErrorResponseFactory.getErrorAsJson
String getErrorAsJson(IErrorType p_type)
Definition: ErrorResponseFactory.java:86
org.xdi.oxauth.model.audit.OAuth2AuditLog.setClientId
void setClientId(String clientId)
Definition: OAuth2AuditLog.java:67
org.xdi.oxauth.audit.ApplicationAuditLogger.sendMessage
void sendMessage(OAuth2AuditLog oAuth2AuditLog)
Definition: ApplicationAuditLogger.java:78
org.xdi.oxauth.model.registration.RegisterParamsValidator.validateParamsClientRead
boolean validateParamsClientRead(String clientId, String accessToken)
Definition: RegisterParamsValidator.java:86
org.xdi.oxauth.util.ServerUtil.getIpAddress
static String getIpAddress(HttpServletRequest httpRequest)
Definition: ServerUtil.java:188
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.appConfiguration
AppConfiguration appConfiguration
Definition: RegisterRestWebServiceImpl.java:97
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.registerParamsValidator
RegisterParamsValidator registerParamsValidator
Definition: RegisterRestWebServiceImpl.java:94
org.xdi.oxauth.service.token.TokenService.getTokenFromAuthorizationParameter
String getTokenFromAuthorizationParameter(String authorizationParameter)
Definition: TokenService.java:30
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.log
Logger log
Definition: RegisterRestWebServiceImpl.java:68
org.xdi.oxauth.model.audit.OAuth2AuditLog
Definition: OAuth2AuditLog.java:10
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.clientService
ClientService clientService
Definition: RegisterRestWebServiceImpl.java:83
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.clientAsEntity
String clientAsEntity(Client p_client)
Definition: RegisterRestWebServiceImpl.java:586
org.xdi.oxauth.util.ServerUtil
Definition: ServerUtil.java:50
org.xdi.oxauth.model.configuration.AppConfiguration.getDynamicRegistrationEnabled
Boolean getDynamicRegistrationEnabled()
Definition: AppConfiguration.java:888
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.errorResponseFactory
ErrorResponseFactory errorResponseFactory
Definition: RegisterRestWebServiceImpl.java:72
org.xdi.oxauth.model.audit.OAuth2AuditLog.setSuccess
void setSuccess(boolean success)
Definition: OAuth2AuditLog.java:59
org.xdi.oxauth.service.ClientService.getClient
Set< Client > getClient(Collection< String > clientIds, boolean silent)
Definition: ClientService.java:123
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.tokenService
TokenService tokenService
Definition: RegisterRestWebServiceImpl.java:85
org.xdi.oxauth.model.audit.Action
Definition: Action.java:3
org.xdi.oxauth.model.audit.OAuth2AuditLog.setScope
void setScope(String scope)
Definition: OAuth2AuditLog.java:83
org.xdi.oxauth.model.audit.Action.CLIENT_READ
CLIENT_READ
Definition: Action.java:6
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.clientScopesToString
String clientScopesToString(Client client)
Definition: RegisterRestWebServiceImpl.java:731
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.applicationAuditLogger
ApplicationAuditLogger applicationAuditLogger
Definition: RegisterRestWebServiceImpl.java:70

◆ requestClientUpdate() [1/2]

Response org.xdi.oxauth.register.ws.rs.RegisterRestWebService.requestClientUpdate ( @ApiParam(value="Request parameters as JSON object with data described by Connect Client Registration Specification. ", required=true) String  requestParams,
@QueryParam("client_id") @ApiParam(value="Client ID that identifies client that must be updated by this request.", required=true) String  clientId,
@HeaderParam("Authorization") String  authorization,
@Context HttpServletRequest  httpRequest,
@Context SecurityContext  securityContext 
)
inherited

This operation updates the Client Metadata for a previously registered client.

引数
requestParamsrequest parameters
clientIdclient id
authorizationAccess Token that is used at the Client Configuration Endpoint
httpRequesthttp request object
securityContextAn injectable interface that provides access to security related information.
戻り値
response

◆ requestClientUpdate() [2/2]

Response org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.requestClientUpdate ( String  requestParams,
String  clientId,
@HeaderParam("Authorization") String  authorization,
@Context HttpServletRequest  httpRequest,
@Context SecurityContext  securityContext 
)
inline
465  {
466  OAuth2AuditLog oAuth2AuditLog = new OAuth2AuditLog(ServerUtil.getIpAddress(httpRequest), Action.CLIENT_UPDATE);
467  oAuth2AuditLog.setClientId(clientId);
468  try {
469  log.debug("Attempting to UPDATE client, client_id: {}, requestParams = {}, isSecure = {}",
470  clientId, requestParams, securityContext.isSecure());
471  final String accessToken = tokenService.getTokenFromAuthorizationParameter(authorization);
472 
473  if (StringUtils.isNotBlank(accessToken) && StringUtils.isNotBlank(clientId) && StringUtils.isNotBlank(requestParams)) {
474  final RegisterRequest request = RegisterRequest.fromJson(requestParams, appConfiguration.getLegacyDynamicRegistrationScopeParam());
475  if (request != null) {
476  boolean redirectUrisValidated = true;
477  if (request.getRedirectUris() != null && !request.getRedirectUris().isEmpty()) {
478  redirectUrisValidated = registerParamsValidator.validateRedirectUris(request.getApplicationType(), request.getSubjectType(),
479  request.getRedirectUris(), request.getSectorIdentifierUri());
480  }
481 
482  if (redirectUrisValidated) {
483  if (request.getSubjectType() != null
484  && !appConfiguration.getSubjectTypesSupported().contains(request.getSubjectType().toString())) {
485  log.debug("Client UPDATE : parameter subject_type is invalid. Returns BAD_REQUEST response.");
486  applicationAuditLogger.sendMessage(oAuth2AuditLog);
487  return Response.status(Response.Status.BAD_REQUEST).
488  entity(errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLIENT_METADATA)).build();
489  }
490 
491  final Client client = clientService.getClient(clientId, accessToken);
492  if (client != null) {
493  updateClientFromRequestObject(client, request, true);
494 
495  boolean updateClient = true;
496  if (externalDynamicClientRegistrationService.isEnabled()) {
497  updateClient = externalDynamicClientRegistrationService.executeExternalUpdateClientMethods(request, client);
498  }
499 
500  if (updateClient) {
501  clientService.merge(client);
502 
503  oAuth2AuditLog.setScope(clientScopesToString(client));
504  oAuth2AuditLog.setSuccess(true);
505  applicationAuditLogger.sendMessage(oAuth2AuditLog);
506  return Response.status(Response.Status.OK).entity(clientAsEntity(client)).build();
507  } else {
508  log.trace("The Access Token is not valid for the Client ID, returns invalid_token error.");
509  applicationAuditLogger.sendMessage(oAuth2AuditLog);
510  return Response.status(Response.Status.BAD_REQUEST).
511  entity(errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_TOKEN)).build();
512  }
513  } else {
514  log.trace("The Access Token is not valid for the Client ID, returns invalid_token error.");
515  applicationAuditLogger.sendMessage(oAuth2AuditLog);
516  return Response.status(Response.Status.BAD_REQUEST).
517  entity(errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_TOKEN)).build();
518  }
519  }
520  }
521  }
522 
523  log.debug("Client UPDATE : parameters are invalid. Returns BAD_REQUEST response.");
524  applicationAuditLogger.sendMessage(oAuth2AuditLog);
525  return Response.status(Response.Status.BAD_REQUEST).
526  entity(errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_CLIENT_METADATA)).build();
527 
528  } catch (Exception e) {
529  log.error(e.getMessage(), e);
530  }
531  applicationAuditLogger.sendMessage(oAuth2AuditLog);
532  return internalErrorResponse().build();
533  }
org.xdi.oxauth.model.error.ErrorResponseFactory.getErrorAsJson
String getErrorAsJson(IErrorType p_type)
Definition: ErrorResponseFactory.java:86
org.xdi.oxauth.model.audit.OAuth2AuditLog.setClientId
void setClientId(String clientId)
Definition: OAuth2AuditLog.java:67
org.xdi.oxauth.service.ClientService.merge
void merge(Client client)
Definition: ClientService.java:95
org.xdi.oxauth.audit.ApplicationAuditLogger.sendMessage
void sendMessage(OAuth2AuditLog oAuth2AuditLog)
Definition: ApplicationAuditLogger.java:78
org.xdi.oxauth.service.external.ExternalDynamicClientRegistrationService.executeExternalUpdateClientMethods
boolean executeExternalUpdateClientMethods(RegisterRequest registerRequest, Client client)
Definition: ExternalDynamicClientRegistrationService.java:81
org.xdi.oxauth.util.ServerUtil.getIpAddress
static String getIpAddress(HttpServletRequest httpRequest)
Definition: ServerUtil.java:188
org.xdi.oxauth.model.configuration.AppConfiguration.getSubjectTypesSupported
List< String > getSubjectTypesSupported()
Definition: AppConfiguration.java:557
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.appConfiguration
AppConfiguration appConfiguration
Definition: RegisterRestWebServiceImpl.java:97
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.registerParamsValidator
RegisterParamsValidator registerParamsValidator
Definition: RegisterRestWebServiceImpl.java:94
org.xdi.oxauth.service.token.TokenService.getTokenFromAuthorizationParameter
String getTokenFromAuthorizationParameter(String authorizationParameter)
Definition: TokenService.java:30
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.log
Logger log
Definition: RegisterRestWebServiceImpl.java:68
org.xdi.oxauth.model.audit.OAuth2AuditLog
Definition: OAuth2AuditLog.java:10
org.xdi.oxauth.model.audit.Action.CLIENT_UPDATE
CLIENT_UPDATE
Definition: Action.java:5
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.clientService
ClientService clientService
Definition: RegisterRestWebServiceImpl.java:83
org.xdi.oxauth.model.registration.RegisterParamsValidator.validateRedirectUris
boolean validateRedirectUris(ApplicationType applicationType, SubjectType subjectType, List< String > redirectUris, String sectorIdentifierUrl)
Definition: RegisterParamsValidator.java:98
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.updateClientFromRequestObject
void updateClientFromRequestObject(Client p_client, RegisterRequest requestObject, boolean update)
Definition: RegisterRestWebServiceImpl.java:260
org.xdi.oxauth.model.configuration.AppConfiguration.getLegacyDynamicRegistrationScopeParam
Boolean getLegacyDynamicRegistrationScopeParam()
Definition: AppConfiguration.java:1385
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.clientAsEntity
String clientAsEntity(Client p_client)
Definition: RegisterRestWebServiceImpl.java:586
org.xdi.oxauth.util.ServerUtil
Definition: ServerUtil.java:50
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.errorResponseFactory
ErrorResponseFactory errorResponseFactory
Definition: RegisterRestWebServiceImpl.java:72
org.xdi.oxauth.model.audit.OAuth2AuditLog.setSuccess
void setSuccess(boolean success)
Definition: OAuth2AuditLog.java:59
org.xdi.oxauth.service.ClientService.getClient
Set< Client > getClient(Collection< String > clientIds, boolean silent)
Definition: ClientService.java:123
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.tokenService
TokenService tokenService
Definition: RegisterRestWebServiceImpl.java:85
org.xdi.oxauth.model.audit.Action
Definition: Action.java:3
org.xdi.oxauth.model.audit.OAuth2AuditLog.setScope
void setScope(String scope)
Definition: OAuth2AuditLog.java:83
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.externalDynamicClientRegistrationService
ExternalDynamicClientRegistrationService externalDynamicClientRegistrationService
Definition: RegisterRestWebServiceImpl.java:91
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.internalErrorResponse
Response.ResponseBuilder internalErrorResponse()
Definition: RegisterRestWebServiceImpl.java:253
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.clientScopesToString
String clientScopesToString(Client client)
Definition: RegisterRestWebServiceImpl.java:731
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.applicationAuditLogger
ApplicationAuditLogger applicationAuditLogger
Definition: RegisterRestWebServiceImpl.java:70

◆ requestRegister() [1/2]

Response org.xdi.oxauth.register.ws.rs.RegisterRestWebService.requestRegister ( @ApiParam(value="Request parameters as JSON object with data described by Connect Client Registration Specification. ", required=true) String  requestParams,
@HeaderParam("Authorization") String  authorization,
@Context HttpServletRequest  httpRequest,
@Context SecurityContext  securityContext 
)
inherited

In order for an OpenID Connect client to utilize OpenID services for a user, the client needs to register with the OpenID Provider to acquire a client ID and shared secret.

引数
requestParamsrequest parameters
authorizationauthorization
httpRequesthttp request object
securityContextAn injectable interface that provides access to security related information.
戻り値
response

◆ requestRegister() [2/2]

Response org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.requestRegister ( String  requestParams,
String  authorization,
HttpServletRequest  httpRequest,
SecurityContext  securityContext 
)
inline
103  {
104  com.codahale.metrics.Timer.Context timerContext = metricService.getTimer(MetricType.DYNAMIC_CLIENT_REGISTRATION_RATE).time();
105  try {
106  return registerClientImpl(requestParams, httpRequest, securityContext);
107  } finally {
108  timerContext.stop();
109  }
110  }
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.metricService
MetricService metricService
Definition: RegisterRestWebServiceImpl.java:88
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.registerClientImpl
Response registerClientImpl(String requestParams, HttpServletRequest httpRequest, SecurityContext securityContext)
Definition: RegisterRestWebServiceImpl.java:112

◆ updateClientFromRequestObject()

void org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.updateClientFromRequestObject ( Client  p_client,
RegisterRequest  requestObject,
boolean  update 
) throws JSONException
inlineprivate
260  {
261  List<String> redirectUris = requestObject.getRedirectUris();
262  if (redirectUris != null && !redirectUris.isEmpty()) {
263  redirectUris = new ArrayList<String>(new HashSet<String>(redirectUris)); // Remove repeated elements
264  p_client.setRedirectUris(redirectUris.toArray(new String[redirectUris.size()]));
265  }
266  List<String> claimsRedirectUris = requestObject.getClaimsRedirectUris();
267  if (claimsRedirectUris != null && !claimsRedirectUris.isEmpty()) {
268  claimsRedirectUris = new ArrayList<String>(new HashSet<String>(claimsRedirectUris)); // Remove repeated elements
269  p_client.setClaimRedirectUris(claimsRedirectUris.toArray(new String[claimsRedirectUris.size()]));
270  }
271  if (requestObject.getApplicationType() != null) {
272  p_client.setApplicationType(requestObject.getApplicationType().toString());
273  }
274  if (StringUtils.isNotBlank(requestObject.getClientName())) {
275  p_client.setClientName(requestObject.getClientName());
276  }
277  if (StringUtils.isNotBlank(requestObject.getSectorIdentifierUri())) {
278  p_client.setSectorIdentifierUri(requestObject.getSectorIdentifierUri());
279  }
280 
281  Set<ResponseType> responseTypeSet = new HashSet<ResponseType>();
282  responseTypeSet.addAll(requestObject.getResponseTypes());
283 
284  Set<GrantType> grantTypeSet = new HashSet<GrantType>();
285  grantTypeSet.addAll(requestObject.getGrantTypes());
286 
287  if (responseTypeSet.size() == 0 && grantTypeSet.size() == 0) {
288  responseTypeSet.add(ResponseType.CODE);
289  }
290  if (responseTypeSet.contains(ResponseType.CODE)) {
291  grantTypeSet.add(GrantType.AUTHORIZATION_CODE);
292  grantTypeSet.add(GrantType.REFRESH_TOKEN);
293  }
294  if (responseTypeSet.contains(ResponseType.TOKEN) || responseTypeSet.contains(ResponseType.ID_TOKEN)) {
295  grantTypeSet.add(GrantType.IMPLICIT);
296  }
297  if (grantTypeSet.contains(GrantType.AUTHORIZATION_CODE)) {
298  responseTypeSet.add(ResponseType.CODE);
299  grantTypeSet.add(GrantType.REFRESH_TOKEN);
300  }
301  if (grantTypeSet.contains(GrantType.IMPLICIT)) {
302  responseTypeSet.add(ResponseType.TOKEN);
303  }
304 
305  Set<Set<ResponseType>> responseTypesSupported = appConfiguration.getResponseTypesSupported();
306  Set<GrantType> grantTypesSupported = appConfiguration.getGrantTypesSupported();
307 
308  if (!responseTypesSupported.contains(responseTypeSet)) {
309  responseTypeSet.clear();
310  }
311 
312  grantTypeSet.retainAll(grantTypesSupported);
313 
314  Set<GrantType> dynamicGrantTypeDefault = appConfiguration.getDynamicGrantTypeDefault();
315  grantTypeSet.retainAll(dynamicGrantTypeDefault);
316 
317  p_client.setResponseTypes(responseTypeSet.toArray(new ResponseType[responseTypeSet.size()]));
318  if (!update) {
319  p_client.setGrantTypes(grantTypeSet.toArray(new GrantType[grantTypeSet.size()]));
320  } else if (appConfiguration.getEnableClientGrantTypeUpdate()) {
321  p_client.setGrantTypes(grantTypeSet.toArray(new GrantType[grantTypeSet.size()]));
322  }
323 
324  List<String> contacts = requestObject.getContacts();
325  if (contacts != null && !contacts.isEmpty()) {
326  contacts = new ArrayList<String>(new HashSet<String>(contacts)); // Remove repeated elements
327  p_client.setContacts(contacts.toArray(new String[contacts.size()]));
328  }
329  if (StringUtils.isNotBlank(requestObject.getLogoUri())) {
330  p_client.setLogoUri(requestObject.getLogoUri());
331  }
332  if (StringUtils.isNotBlank(requestObject.getClientUri())) {
333  p_client.setClientUri(requestObject.getClientUri());
334  }
335  if (StringUtils.isNotBlank(requestObject.getPolicyUri())) {
336  p_client.setPolicyUri(requestObject.getPolicyUri());
337  }
338  if (StringUtils.isNotBlank(requestObject.getTosUri())) {
339  p_client.setTosUri(requestObject.getTosUri());
340  }
341  if (StringUtils.isNotBlank(requestObject.getJwksUri())) {
342  p_client.setJwksUri(requestObject.getJwksUri());
343  }
344  if (StringUtils.isNotBlank(requestObject.getJwks())) {
345  p_client.setJwks(requestObject.getJwks());
346  }
347  if (requestObject.getSubjectType() != null) {
348  p_client.setSubjectType(requestObject.getSubjectType().toString());
349  }
350  if (requestObject.getAccessTokenAsJwt() != null) {
351  p_client.setAccessTokenAsJwt(requestObject.getAccessTokenAsJwt());
352  }
353  if (requestObject.getAccessTokenSigningAlg() != null) {
354  p_client.setAccessTokenSigningAlg(requestObject.getAccessTokenSigningAlg().toString());
355  }
356  if (requestObject.getIdTokenSignedResponseAlg() != null) {
357  p_client.setIdTokenSignedResponseAlg(requestObject.getIdTokenSignedResponseAlg().toString());
358  }
359  if (requestObject.getIdTokenEncryptedResponseAlg() != null) {
360  p_client.setIdTokenEncryptedResponseAlg(requestObject.getIdTokenEncryptedResponseAlg().toString());
361  }
362  if (requestObject.getIdTokenEncryptedResponseEnc() != null) {
363  p_client.setIdTokenEncryptedResponseEnc(requestObject.getIdTokenEncryptedResponseEnc().toString());
364  }
365  if (requestObject.getUserInfoSignedResponseAlg() != null) {
366  p_client.setUserInfoSignedResponseAlg(requestObject.getUserInfoSignedResponseAlg().toString());
367  }
368  if (requestObject.getUserInfoEncryptedResponseAlg() != null) {
369  p_client.setUserInfoEncryptedResponseAlg(requestObject.getUserInfoEncryptedResponseAlg().toString());
370  }
371  if (requestObject.getUserInfoEncryptedResponseEnc() != null) {
372  p_client.setUserInfoEncryptedResponseEnc(requestObject.getUserInfoEncryptedResponseEnc().toString());
373  }
374  if (requestObject.getRequestObjectSigningAlg() != null) {
375  p_client.setRequestObjectSigningAlg(requestObject.getRequestObjectSigningAlg().toString());
376  }
377  if (requestObject.getRequestObjectEncryptionAlg() != null) {
378  p_client.setRequestObjectEncryptionAlg(requestObject.getRequestObjectEncryptionAlg().toString());
379  }
380  if (requestObject.getRequestObjectEncryptionEnc() != null) {
381  p_client.setRequestObjectEncryptionEnc(requestObject.getRequestObjectEncryptionEnc().toString());
382  }
383  if (requestObject.getTokenEndpointAuthMethod() != null) {
384  p_client.setTokenEndpointAuthMethod(requestObject.getTokenEndpointAuthMethod().toString());
385  } else { // If omitted, the default is client_secret_basic
386  p_client.setTokenEndpointAuthMethod(AuthenticationMethod.CLIENT_SECRET_BASIC.toString());
387  }
388  if (requestObject.getTokenEndpointAuthSigningAlg() != null) {
389  p_client.setTokenEndpointAuthSigningAlg(requestObject.getTokenEndpointAuthSigningAlg().toString());
390  }
391  if (requestObject.getDefaultMaxAge() != null) {
392  p_client.setDefaultMaxAge(requestObject.getDefaultMaxAge());
393  }
394  if (requestObject.getRequireAuthTime() != null) {
395  p_client.setRequireAuthTime(requestObject.getRequireAuthTime());
396  }
397  List<String> defaultAcrValues = requestObject.getDefaultAcrValues();
398  if (defaultAcrValues != null && !defaultAcrValues.isEmpty()) {
399  defaultAcrValues = new ArrayList<String>(new HashSet<String>(defaultAcrValues)); // Remove repeated elements
400  p_client.setDefaultAcrValues(defaultAcrValues.toArray(new String[defaultAcrValues.size()]));
401  }
402  if (StringUtils.isNotBlank(requestObject.getInitiateLoginUri())) {
403  p_client.setInitiateLoginUri(requestObject.getInitiateLoginUri());
404  }
405  List<String> postLogoutRedirectUris = requestObject.getPostLogoutRedirectUris();
406  if (postLogoutRedirectUris != null && !postLogoutRedirectUris.isEmpty()) {
407  postLogoutRedirectUris = new ArrayList<String>(new HashSet<String>(postLogoutRedirectUris)); // Remove repeated elements
408  p_client.setPostLogoutRedirectUris(postLogoutRedirectUris.toArray(new String[postLogoutRedirectUris.size()]));
409  }
410 
411  if (requestObject.getFrontChannelLogoutUris() != null && !requestObject.getFrontChannelLogoutUris().isEmpty()) {
412  p_client.setFrontChannelLogoutUri(requestObject.getFrontChannelLogoutUris().toArray(new String[requestObject.getFrontChannelLogoutUris().size()]));
413  }
414  p_client.setFrontChannelLogoutSessionRequired(requestObject.getFrontChannelLogoutSessionRequired());
415 
416  List<String> requestUris = requestObject.getRequestUris();
417  if (requestUris != null && !requestUris.isEmpty()) {
418  requestUris = new ArrayList<String>(new HashSet<String>(requestUris)); // Remove repeated elements
419  p_client.setRequestUris(requestUris.toArray(new String[requestUris.size()]));
420  }
421 
422  List<String> authorizedOrigins = requestObject.getAuthorizedOrigins();
423  if (authorizedOrigins != null && !authorizedOrigins.isEmpty()) {
424  authorizedOrigins = new ArrayList<String>(new HashSet<String>(authorizedOrigins)); // Remove repeated elements
425  p_client.setAuthorizedOrigins(authorizedOrigins.toArray(new String[authorizedOrigins.size()]));
426  }
427 
428  List<String> scopes = requestObject.getScope();
429  List<String> scopesDn;
430  if (scopes != null && !scopes.isEmpty()
431  && appConfiguration.getDynamicRegistrationScopesParamEnabled() != null
432  && appConfiguration.getDynamicRegistrationScopesParamEnabled()) {
433  List<String> defaultScopes = scopeService.getDefaultScopesDn();
434  List<String> requestedScopes = scopeService.getScopesDn(scopes);
435  if (defaultScopes.containsAll(requestedScopes)) {
436  scopesDn = requestedScopes;
437  p_client.setScopes(scopesDn.toArray(new String[scopesDn.size()]));
438  } else {
439  scopesDn = defaultScopes;
440  p_client.setScopes(scopesDn.toArray(new String[scopesDn.size()]));
441  }
442  } else {
443  scopesDn = scopeService.getDefaultScopesDn();
444  p_client.setScopes(scopesDn.toArray(new String[scopesDn.size()]));
445  }
446 
447  List<String> claims = requestObject.getClaims();
448  if (claims != null && !claims.isEmpty()) {
449  List<String> claimsDn = attributeService.getAttributesDn(claims);
450  p_client.setClaims(claimsDn.toArray(new String[claimsDn.size()]));
451  }
452 
453  Date clientSecretExpiresAt = requestObject.getClientSecretExpiresAt();
454  if (clientSecretExpiresAt != null) {
455  p_client.setClientSecretExpiresAt(clientSecretExpiresAt);
456  }
457 
458  if (requestObject.getJsonObject() != null) {
459  // Custom params
460  putCustomStuffIntoObject(p_client, requestObject.getJsonObject());
461  }
462  }
org.xdi.oxauth.model.common.ResponseType.ID_TOKEN
ID_TOKEN
Definition: ResponseType.java:47
org.xdi.oxauth.model.registration.Client.setResponseTypes
void setResponseTypes(ResponseType[] responseTypes)
Definition: Client.java:446
org.xdi.oxauth.model.common.ResponseType.CODE
CODE
Definition: ResponseType.java:39
org.xdi.oxauth.model.registration.Client.setClaims
void setClaims(String[] claims)
Definition: Client.java:1046
org.xdi.oxauth.model.configuration.AppConfiguration.getDynamicRegistrationScopesParamEnabled
Boolean getDynamicRegistrationScopesParamEnabled()
Definition: AppConfiguration.java:928
org.xdi.oxauth.model.common.AuthenticationMethod.CLIENT_SECRET_BASIC
CLIENT_SECRET_BASIC
Definition: AuthenticationMethod.java:18
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.putCustomStuffIntoObject
void putCustomStuffIntoObject(Client p_client, JSONObject p_requestObject)
Definition: RegisterRestWebServiceImpl.java:684
org.xdi.oxauth.model.registration.Client.setContacts
void setContacts(String[] contacts)
Definition: Client.java:512
org.xdi.oxauth.model.registration.Client.setClientSecretExpiresAt
void setClientSecretExpiresAt(Date clientSecretExpiresAt)
Definition: Client.java:376
org.xdi.oxauth.model.registration.Client.setUserInfoEncryptedResponseAlg
void setUserInfoEncryptedResponseAlg(String userInfoEncryptedResponseAlg)
Definition: Client.java:798
org.xdi.oxauth.model.registration.Client.setFrontChannelLogoutUri
void setFrontChannelLogoutUri(String[] frontChannelLogoutUri)
Definition: Client.java:266
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.attributeService
AttributeService attributeService
Definition: RegisterRestWebServiceImpl.java:78
org.xdi.oxauth.model.registration.Client.setJwks
void setJwks(String jwks)
Definition: Client.java:670
org.xdi.oxauth.model.registration.Client.setSubjectType
void setSubjectType(String subjectType)
Definition: Client.java:708
org.xdi.oxauth.model.registration.Client.setRequireAuthTime
void setRequireAuthTime(boolean requireAuthTime)
Definition: Client.java:952
org.xdi.oxauth.model.registration.Client.setFrontChannelLogoutSessionRequired
void setFrontChannelLogoutSessionRequired(Boolean frontChannelLogoutSessionRequired)
Definition: Client.java:248
org.xdi.oxauth.model.registration.Client.setClientUri
void setClientUri(String clientUri)
Definition: Client.java:578
org.xdi.oxauth.model.registration.Client.setPolicyUri
void setPolicyUri(String policyUri)
Definition: Client.java:598
org.xdi.oxauth.service.ScopeService.getScopesDn
List< String > getScopesDn(List< String > scopeNames)
Definition: ScopeService.java:71
org.xdi.oxauth.model.common.GrantType
Definition: GrantType.java:23
org.xdi.oxauth.model.registration.Client.setSectorIdentifierUri
void setSectorIdentifierUri(String sectorIdentifierUri)
Definition: Client.java:690
org.xdi.oxauth.model.registration.Client.setDefaultMaxAge
void setDefaultMaxAge(Integer defaultMaxAge)
Definition: Client.java:932
org.xdi.oxauth.model.registration.Client.setLogoUri
void setLogoUri(String logoUri)
Definition: Client.java:560
org.xdi.oxauth.model.registration.Client.setClaimRedirectUris
void setClaimRedirectUris(String[] claimRedirectUris)
Definition: Client.java:426
org.xdi.oxauth.model.registration.Client.setGrantTypes
void setGrantTypes(GrantType[] grantTypes)
Definition: Client.java:466
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.appConfiguration
AppConfiguration appConfiguration
Definition: RegisterRestWebServiceImpl.java:97
org.xdi.oxauth.model.registration.Client.setUserInfoSignedResponseAlg
void setUserInfoSignedResponseAlg(String userInfoSignedResponseAlg)
Definition: Client.java:780
org.xdi.oxauth.model.registration.Client.setRequestObjectEncryptionEnc
void setRequestObjectEncryptionEnc(String requestObjectEncryptionEnc)
Definition: Client.java:874
org.xdi.oxauth.model.registration.Client.setDefaultAcrValues
void setDefaultAcrValues(String[] defaultAcrValues)
Definition: Client.java:974
org.xdi.oxauth.model.registration.Client.setTosUri
void setTosUri(String tosUri)
Definition: Client.java:618
org.xdi.oxauth.service.ScopeService.getDefaultScopesDn
List< String > getDefaultScopesDn()
Definition: ScopeService.java:59
org.xdi.oxauth.model.registration.Client.setInitiateLoginUri
void setInitiateLoginUri(String initiateLoginUri)
Definition: Client.java:992
org.xdi.oxauth.model.registration.Client.setAccessTokenAsJwt
void setAccessTokenAsJwt(boolean accessTokenAsJwt)
Definition: Client.java:210
org.xdi.oxauth.model.registration.Client.setIdTokenEncryptedResponseEnc
void setIdTokenEncryptedResponseEnc(String idTokenEncryptedResponseEnc)
Definition: Client.java:762
org.xdi.oxauth.model.common.GrantType.REFRESH_TOKEN
REFRESH_TOKEN
Definition: GrantType.java:70
org.xdi.oxauth.model.common.GrantType.AUTHORIZATION_CODE
AUTHORIZATION_CODE
Definition: GrantType.java:33
org.xdi.oxauth.model.registration.Client.setClientName
void setClientName(String clientName)
Definition: Client.java:530
org.xdi.oxauth.model.registration.Client.setTokenEndpointAuthSigningAlg
void setTokenEndpointAuthSigningAlg(String tokenEndpointAuthSigningAlg)
Definition: Client.java:910
org.xdi.oxauth.model.configuration.AppConfiguration.getGrantTypesSupported
Set< GrantType > getGrantTypesSupported()
Definition: AppConfiguration.java:549
org.xdi.oxauth.model.registration.Client.setIdTokenEncryptedResponseAlg
void setIdTokenEncryptedResponseAlg(String idTokenEncryptedResponseAlg)
Definition: Client.java:744
org.xdi.oxauth.model.configuration.AppConfiguration.getDynamicGrantTypeDefault
Set< GrantType > getDynamicGrantTypeDefault()
Definition: AppConfiguration.java:1333
org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.scopeService
ScopeService scopeService
Definition: RegisterRestWebServiceImpl.java:75
org.xdi.oxauth.model.configuration.AppConfiguration.getEnableClientGrantTypeUpdate
Boolean getEnableClientGrantTypeUpdate()
Definition: AppConfiguration.java:1325
org.xdi.oxauth.model.registration.Client.setRequestObjectEncryptionAlg
void setRequestObjectEncryptionAlg(String requestObjectEncryptionAlg)
Definition: Client.java:854
org.xdi.oxauth.model.registration.Client.setApplicationType
void setApplicationType(String applicationType)
Definition: Client.java:492
org.xdi.oxauth.model.registration.Client.setIdTokenSignedResponseAlg
void setIdTokenSignedResponseAlg(String idTokenSignedResponseAlg)
Definition: Client.java:726
org.xdi.oxauth.model.registration.Client.setAuthorizedOrigins
void setAuthorizedOrigins(String[] authorizedOrigins)
Definition: Client.java:1126
org.xdi.oxauth.model.configuration.AppConfiguration.getResponseTypesSupported
Set< Set< ResponseType > > getResponseTypesSupported()
Definition: AppConfiguration.java:541
org.xdi.oxauth.model.registration.Client.setRedirectUris
void setRedirectUris(String[] redirectUris)
Definition: Client.java:398
org.xdi.oxauth.model.registration.Client.setRequestUris
void setRequestUris(String[] requestUris)
Definition: Client.java:1030
org.xdi.oxauth.model.registration.Client.setAccessTokenSigningAlg
void setAccessTokenSigningAlg(String accessTokenSigningAlg)
Definition: Client.java:218
org.xdi.oxauth.model.registration.Client.setTokenEndpointAuthMethod
void setTokenEndpointAuthMethod(String tokenEndpointAuthMethod)
Definition: Client.java:892
org.xdi.oxauth.model.registration.Client.setJwksUri
void setJwksUri(String jwksUri)
Definition: Client.java:640
org.xdi.oxauth.model.registration.Client.setScopes
void setScopes(String[] scopes)
Definition: Client.java:1038
org.xdi.oxauth.model.common.ResponseType.TOKEN
TOKEN
Definition: ResponseType.java:43
org.xdi.oxauth.service.AttributeService.getAttributesDn
List< String > getAttributesDn(List< String > claimNames)
Definition: AttributeService.java:99
org.xdi.oxauth.model.common.ResponseType
Definition: ResponseType.java:34
org.xdi.oxauth.model.registration.Client.setRequestObjectSigningAlg
void setRequestObjectSigningAlg(String requestObjectSigningAlg)
Definition: Client.java:834
org.xdi.oxauth.model.common.GrantType.IMPLICIT
IMPLICIT
Definition: GrantType.java:42
org.xdi.oxauth.model.common.AuthenticationMethod
Definition: AuthenticationMethod.java:12
org.xdi.oxauth.model.registration.Client.setUserInfoEncryptedResponseEnc
void setUserInfoEncryptedResponseEnc(String userInfoEncryptedResponseEnc)
Definition: Client.java:816
org.xdi.oxauth.model.registration.Client.setPostLogoutRedirectUris
void setPostLogoutRedirectUris(String[] postLogoutRedirectUris)
Definition: Client.java:1012

メンバ詳解

◆ appConfiguration

AppConfiguration org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.appConfiguration
private

◆ applicationAuditLogger

ApplicationAuditLogger org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.applicationAuditLogger
private

◆ attributeService

AttributeService org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.attributeService
private

◆ clientService

ClientService org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.clientService
private

◆ errorResponseFactory

ErrorResponseFactory org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.errorResponseFactory
private

◆ externalDynamicClientRegistrationService

ExternalDynamicClientRegistrationService org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.externalDynamicClientRegistrationService
private

◆ inumService

InumService org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.inumService
private

◆ log

Logger org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.log
private

◆ metricService

MetricService org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.metricService
private

◆ registerParamsValidator

RegisterParamsValidator org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.registerParamsValidator
private

◆ scopeService

ScopeService org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.scopeService
private

◆ staticConfiguration

StaticConfiguration org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.staticConfiguration
private

◆ tokenService

TokenService org.xdi.oxauth.register.ws.rs.RegisterRestWebServiceImpl.tokenService
private
このクラス詳解は次のファイルから抽出されました:
2018年09月30日(日) 14時46分21秒作成 - gluu / 構成:   doxygen 1.8.13