org.xdi.oxauth.servlet.OpenIdConfiguration クラス

org.xdi.oxauth.servlet.OpenIdConfiguration の継承関係図

org.xdi.oxauth.servlet.OpenIdConfiguration 連携図

公開メンバ関数
String	getServletInfo ()

限定公開メンバ関数
void	processRequest (HttpServletRequest servletRequest, HttpServletResponse servletResponse) throws ServletException, IOException
void	doGet (HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
void	doPost (HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException

非公開メンバ関数
JSONArray	createScopeToClaimsMapping ()
JSONObject	createAuthLevelMapping ()

非公開変数類
Logger	log
AppConfiguration	appConfiguration
AttributeService	attributeService
ScopeService	scopeService
ExternalAuthenticationService	externalAuthenticationService
ExternalDynamicScopeService	externalDynamicScopeService

静的非公開変数類
static final long	serialVersionUID = -8224898157373678903L

詳解

著者

Javier Rojas Blum

Yuriy Movchan Date: 2016/04/26

バージョン

July 18, 2017

関数詳解

createAuthLevelMapping()

JSONObject org.xdi.oxauth.servlet.OpenIdConfiguration.createAuthLevelMapping ( )

inlineprivate

非推奨:

theses params:

• id_generation_endpoint
• introspection_endpoint
• auth_level_mapping
• scope_to_claims_mapping

will be moved from /.well-known/openid-configuration to /.well-known/gluu-configuration

                                                {
        final JSONObject mappings = new JSONObject();
        try {
            Map<Integer, Set<String>> map = externalAuthenticationService.levelToAcrMapping();
            for (Integer level : map.keySet())
                mappings.put(level.toString(), map.get(level));
        } catch (Exception e) {
            log.error(e.getMessage(), e);
        }
        return mappings;
    }

createScopeToClaimsMapping()

JSONArray org.xdi.oxauth.servlet.OpenIdConfiguration.createScopeToClaimsMapping ( )

inlineprivate

非推奨:

theses params:

• id_generation_endpoint
• introspection_endpoint
• auth_level_mapping
• scope_to_claims_mapping

will be moved from /.well-known/openid-configuration to /.well-known/gluu-configuration

                                                   {
        final JSONArray result = new JSONArray();
        try {
            for (Scope scope : scopeService.getAllScopesList()) {
                final JSONArray claimsList = new JSONArray();
                final JSONObject mapping = new JSONObject();
                mapping.put(scope.getDisplayName(), claimsList);

                result.put(mapping);

                if (ScopeType.DYNAMIC.equals(scope.getScopeType())) {
                    List<String> claimNames = externalDynamicScopeService.executeExternalGetSupportedClaimsMethods(Arrays.asList(scope));
                    for (String claimName : claimNames) {
                        if (StringUtils.isNotBlank(claimName)) {
                            claimsList.put(claimName);
                        }
                    }
                } else {
                    final List<String> claimIdList = scope.getOxAuthClaims();
                    if (claimIdList != null && !claimIdList.isEmpty()) {
                        for (String claimDn : claimIdList) {
                            final GluuAttribute attribute = attributeService.getAttributeByDn(claimDn);
                            final String claimName = attribute.getOxAuthClaimName();
                            if (StringUtils.isNotBlank(claimName)) {
                                claimsList.put(claimName);
                            }
                        }
                    }
                }
            }
        } catch (Exception e) {
            log.error(e.getMessage(), e);
        }
        return result;
    }

doGet()

void org.xdi.oxauth.servlet.OpenIdConfiguration.doGet ( HttpServletRequest  request, HttpServletResponse  response  ) throws ServletException, IOException

inlineprotected

Handles the HTTP GET method.

引数

request	servlet request
response	servlet response

例外

ServletException	if a servlet-specific error occurs
IOException	if an I/O error occurs

                                                 {
        processRequest(request, response);
    }

doPost()

void org.xdi.oxauth.servlet.OpenIdConfiguration.doPost ( HttpServletRequest  request, HttpServletResponse  response  ) throws ServletException, IOException

inlineprotected

Handles the HTTP POST method.

引数

request	servlet request
response	servlet response

例外

ServletException	if a servlet-specific error occurs
IOException	if an I/O error occurs

                                                 {
        processRequest(request, response);
    }

getServletInfo()

String org.xdi.oxauth.servlet.OpenIdConfiguration.getServletInfo ( )

inline

Returns a short description of the servlet.

戻り値

a String containing servlet description

                                   {
        return "OpenID Provider Configuration Information";
    }

processRequest()

void org.xdi.oxauth.servlet.OpenIdConfiguration.processRequest ( HttpServletRequest  servletRequest, HttpServletResponse  servletResponse  ) throws ServletException, IOException

inlineprotected

Processes requests for both HTTP GET and POST methods.

引数

servletRequest	servlet request
servletResponse	servlet response

例外

ServletException	if a servlet-specific error occurs
IOException	if an I/O error occurs

                                                 {
        final HttpServletRequest httpRequest = (HttpServletRequest) servletRequest;
        final HttpServletResponse httpResponse = (HttpServletResponse) servletResponse;

        httpResponse.setContentType("application/json");
        PrintWriter out = httpResponse.getWriter();
        try {
            JSONObject jsonObj = new JSONObject();

            jsonObj.put(ISSUER, appConfiguration.getIssuer());
            jsonObj.put(AUTHORIZATION_ENDPOINT, appConfiguration.getAuthorizationEndpoint());
            jsonObj.put(TOKEN_ENDPOINT, appConfiguration.getTokenEndpoint());
            jsonObj.put(USER_INFO_ENDPOINT, appConfiguration.getUserInfoEndpoint());
            jsonObj.put(CLIENT_INFO_ENDPOINT, appConfiguration.getClientInfoEndpoint());
            jsonObj.put(CHECK_SESSION_IFRAME, appConfiguration.getCheckSessionIFrame());
            jsonObj.put(END_SESSION_ENDPOINT, appConfiguration.getEndSessionEndpoint());
            jsonObj.put(JWKS_URI, appConfiguration.getJwksUri());
            jsonObj.put(REGISTRATION_ENDPOINT, appConfiguration.getRegistrationEndpoint());
            jsonObj.put(ID_GENERATION_ENDPOINT, appConfiguration.getIdGenerationEndpoint());
            jsonObj.put(INTROSPECTION_ENDPOINT, appConfiguration.getIntrospectionEndpoint());

            JSONArray scopesSupported = new JSONArray();
            for (Scope scope : scopeService.getAllScopesList()) {
                if (UmaScopeType.PROTECTION.getValue().equals(scope.getDisplayName())) {
                    continue;
                }
                scopesSupported.put(scope.getDisplayName());
            }
            if (scopesSupported.length() > 0) {
                jsonObj.put(SCOPES_SUPPORTED, scopesSupported);
            }

            JSONArray responseTypesSupported = new JSONArray();
            for (Set<ResponseType> responseTypes : appConfiguration.getResponseTypesSupported()) {
                responseTypesSupported.put(implode(responseTypes, " "));
            }
            if (responseTypesSupported.length() > 0) {
                jsonObj.put(RESPONSE_TYPES_SUPPORTED, responseTypesSupported);
            }

            JSONArray grantTypesSupported = new JSONArray();
            for (GrantType grantType : appConfiguration.getGrantTypesSupported()) {
                grantTypesSupported.put(grantType);
            }
            if (grantTypesSupported.length() > 0) {
                jsonObj.put(GRANT_TYPES_SUPPORTED, grantTypesSupported);
            }

            JSONArray acrValuesSupported = new JSONArray();
            for (String acr : externalAuthenticationService.getAcrValuesList()) {
                acrValuesSupported.put(acr);
            }
            jsonObj.put(ACR_VALUES_SUPPORTED, acrValuesSupported);
            jsonObj.put(AUTH_LEVEL_MAPPING, createAuthLevelMapping());

            JSONArray subjectTypesSupported = new JSONArray();
            for (String subjectType : appConfiguration.getSubjectTypesSupported()) {
                subjectTypesSupported.put(subjectType);
            }
            if (subjectTypesSupported.length() > 0) {
                jsonObj.put(SUBJECT_TYPES_SUPPORTED, subjectTypesSupported);
            }

            JSONArray userInfoSigningAlgValuesSupported = new JSONArray();
            for (String userInfoSigningAlg : appConfiguration.getUserInfoSigningAlgValuesSupported()) {
                userInfoSigningAlgValuesSupported.put(userInfoSigningAlg);
            }
            if (userInfoSigningAlgValuesSupported.length() > 0) {
                jsonObj.put(USER_INFO_SIGNING_ALG_VALUES_SUPPORTED, userInfoSigningAlgValuesSupported);
            }

            JSONArray userInfoEncryptionAlgValuesSupported = new JSONArray();
            for (String userInfoEncryptionAlg : appConfiguration.getUserInfoEncryptionAlgValuesSupported()) {
                userInfoEncryptionAlgValuesSupported.put(userInfoEncryptionAlg);
            }
            if (userInfoEncryptionAlgValuesSupported.length() > 0) {
                jsonObj.put(USER_INFO_ENCRYPTION_ALG_VALUES_SUPPORTED, userInfoEncryptionAlgValuesSupported);
            }

            JSONArray userInfoEncryptionEncValuesSupported = new JSONArray();
            for (String userInfoEncryptionEnc : appConfiguration.getUserInfoEncryptionEncValuesSupported()) {
                userInfoEncryptionEncValuesSupported.put(userInfoEncryptionEnc);
            }
            if (userInfoEncryptionAlgValuesSupported.length() > 0) {
                jsonObj.put(USER_INFO_ENCRYPTION_ENC_VALUES_SUPPORTED, userInfoEncryptionAlgValuesSupported);
            }

            JSONArray idTokenSigningAlgValuesSupported = new JSONArray();
            for (String idTokenSigningAlg : appConfiguration.getIdTokenSigningAlgValuesSupported()) {
                idTokenSigningAlgValuesSupported.put(idTokenSigningAlg);
            }
            if (idTokenSigningAlgValuesSupported.length() > 0) {
                jsonObj.put(ID_TOKEN_SIGNING_ALG_VALUES_SUPPORTED, idTokenSigningAlgValuesSupported);
            }

            JSONArray idTokenEncryptionAlgValuesSupported = new JSONArray();
            for (String idTokenEncryptionAlg : appConfiguration.getIdTokenEncryptionAlgValuesSupported()) {
                idTokenEncryptionAlgValuesSupported.put(idTokenEncryptionAlg);
            }
            if (idTokenEncryptionAlgValuesSupported.length() > 0) {
                jsonObj.put(ID_TOKEN_ENCRYPTION_ALG_VALUES_SUPPORTED, idTokenEncryptionAlgValuesSupported);
            }

            JSONArray idTokenEncryptionEncValuesSupported = new JSONArray();
            for (String idTokenEncryptionEnc : appConfiguration.getIdTokenEncryptionEncValuesSupported()) {
                idTokenEncryptionEncValuesSupported.put(idTokenEncryptionEnc);
            }
            if (idTokenEncryptionEncValuesSupported.length() > 0) {
                jsonObj.put(ID_TOKEN_ENCRYPTION_ENC_VALUES_SUPPORTED, idTokenEncryptionEncValuesSupported);
            }

            JSONArray requestObjectSigningAlgValuesSupported = new JSONArray();
            for (String requestObjectSigningAlg : appConfiguration.getRequestObjectSigningAlgValuesSupported()) {
                requestObjectSigningAlgValuesSupported.put(requestObjectSigningAlg);
            }
            if (requestObjectSigningAlgValuesSupported.length() > 0) {
                jsonObj.put(REQUEST_OBJECT_SIGNING_ALG_VALUES_SUPPORTED,
                        requestObjectSigningAlgValuesSupported);
            }

            JSONArray requestObjectEncryptionAlgValuesSupported = new JSONArray();
            for (String requestObjectEncryptionAlg : appConfiguration
                    .getRequestObjectEncryptionAlgValuesSupported()) {
                requestObjectEncryptionAlgValuesSupported.put(requestObjectEncryptionAlg);
            }
            if (requestObjectEncryptionAlgValuesSupported.length() > 0) {
                jsonObj.put(REQUEST_OBJECT_ENCRYPTION_ALG_VALUES_SUPPORTED,
                        requestObjectEncryptionAlgValuesSupported);
            }

            JSONArray requestObjectEncryptionEncValuesSupported = new JSONArray();
            for (String requestObjectEncryptionEnc : appConfiguration
                    .getRequestObjectEncryptionEncValuesSupported()) {
                requestObjectEncryptionEncValuesSupported.put(requestObjectEncryptionEnc);
            }
            if (requestObjectEncryptionEncValuesSupported.length() > 0) {
                jsonObj.put(REQUEST_OBJECT_ENCRYPTION_ENC_VALUES_SUPPORTED,
                        requestObjectEncryptionEncValuesSupported);
            }

            JSONArray tokenEndpointAuthMethodsSupported = new JSONArray();
            for (String tokenEndpointAuthMethod : appConfiguration.getTokenEndpointAuthMethodsSupported()) {
                tokenEndpointAuthMethodsSupported.put(tokenEndpointAuthMethod);
            }
            if (tokenEndpointAuthMethodsSupported.length() > 0) {
                jsonObj.put(TOKEN_ENDPOINT_AUTH_METHODS_SUPPORTED, tokenEndpointAuthMethodsSupported);
            }

            JSONArray tokenEndpointAuthSigningAlgValuesSupported = new JSONArray();
            for (String tokenEndpointAuthSigningAlg : appConfiguration
                    .getTokenEndpointAuthSigningAlgValuesSupported()) {
                tokenEndpointAuthSigningAlgValuesSupported.put(tokenEndpointAuthSigningAlg);
            }
            if (tokenEndpointAuthSigningAlgValuesSupported.length() > 0) {
                jsonObj.put(TOKEN_ENDPOINT_AUTH_SIGNING_ALG_VALUES_SUPPORTED,
                        tokenEndpointAuthSigningAlgValuesSupported);
            }

            JSONArray displayValuesSupported = new JSONArray();
            for (String display : appConfiguration.getDisplayValuesSupported()) {
                displayValuesSupported.put(display);
            }
            if (displayValuesSupported.length() > 0) {
                jsonObj.put(DISPLAY_VALUES_SUPPORTED, displayValuesSupported);
            }

            JSONArray claimTypesSupported = new JSONArray();
            for (String claimType : appConfiguration.getClaimTypesSupported()) {
                claimTypesSupported.put(claimType);
            }
            if (claimTypesSupported.length() > 0) {
                jsonObj.put(CLAIM_TYPES_SUPPORTED, claimTypesSupported);
            }

            JSONArray claimsSupported = new JSONArray();
            List<GluuAttribute> gluuAttributes = attributeService.getAllAttributes();

            // Preload all scopes to avoid sending request to LDAP per
            // claim
            List<org.xdi.oxauth.model.common.Scope> scopes = scopeService.getAllScopesList();

            for (GluuAttribute gluuAttribute : gluuAttributes) {
                if (GluuStatus.ACTIVE.equals(gluuAttribute.getStatus())) {
                    String claimName = gluuAttribute.getOxAuthClaimName();
                    if (StringUtils.isNotBlank(claimName)) {
                        List<org.xdi.oxauth.model.common.Scope> scopesByClaim = scopeService
                                .getScopesByClaim(scopes, gluuAttribute.getDn());
                        for (org.xdi.oxauth.model.common.Scope scope : scopesByClaim) {
                            if (ScopeType.OPENID.equals(scope.getScopeType())) {
                                claimsSupported.put(claimName);
                                break;
                            }
                        }
                    }
                }
            }

            if (claimsSupported.length() > 0) {
                jsonObj.put(CLAIMS_SUPPORTED, claimsSupported);
            }

            jsonObj.put(SERVICE_DOCUMENTATION, appConfiguration.getServiceDocumentation());

            JSONArray idTokenTokenBindingCnfValuesSupported = new JSONArray();
            for (String value : appConfiguration.getIdTokenTokenBindingCnfValuesSupported()) {
                idTokenTokenBindingCnfValuesSupported.put(value);
            }
            jsonObj.put(ID_TOKEN_TOKEN_BINDING_CNF_VALUES_SUPPORTED, idTokenTokenBindingCnfValuesSupported);

            JSONArray claimsLocalesSupported = new JSONArray();
            for (String claimLocale : appConfiguration.getClaimsLocalesSupported()) {
                claimsLocalesSupported.put(claimLocale);
            }
            if (claimsLocalesSupported.length() > 0) {
                jsonObj.put(CLAIMS_LOCALES_SUPPORTED, claimsLocalesSupported);
            }

            JSONArray uiLocalesSupported = new JSONArray();
            for (String uiLocale : appConfiguration.getUiLocalesSupported()) {
                uiLocalesSupported.put(uiLocale);
            }
            if (uiLocalesSupported.length() > 0) {
                jsonObj.put(UI_LOCALES_SUPPORTED, uiLocalesSupported);
            }

            jsonObj.put(SCOPE_TO_CLAIMS_MAPPING, createScopeToClaimsMapping());

            jsonObj.put(CLAIMS_PARAMETER_SUPPORTED, appConfiguration.getClaimsParameterSupported());
            jsonObj.put(REQUEST_PARAMETER_SUPPORTED, appConfiguration.getRequestParameterSupported());
            jsonObj.put(REQUEST_URI_PARAMETER_SUPPORTED, appConfiguration.getRequestUriParameterSupported());
            jsonObj.put(REQUIRE_REQUEST_URI_REGISTRATION, appConfiguration.getRequireRequestUriRegistration());
            jsonObj.put(OP_POLICY_URI, appConfiguration.getOpPolicyUri());
            jsonObj.put(OP_TOS_URI, appConfiguration.getOpTosUri());
            jsonObj.put(FRONTCHANNEL_LOGOUT_SUPPORTED, new Boolean(true));
            jsonObj.put(FRONTCHANNEL_LOGOUT_SESSION_SUPPORTED, new Boolean(true));
            jsonObj.put(FRONT_CHANNEL_LOGOUT_SESSION_SUPPORTED, appConfiguration.getFrontChannelLogoutSessionSupported());

            out.println(jsonObj.toString(4).replace("\\/", "/"));
        } catch (JSONException e) {
            log.error(e.getMessage(), e);
        } catch (Exception e) {
            log.error(e.getMessage(), e);
        } finally {
            out.close();
        }
    }

メンバ詳解

appConfiguration

AppConfiguration org.xdi.oxauth.servlet.OpenIdConfiguration.appConfiguration

private

attributeService

AttributeService org.xdi.oxauth.servlet.OpenIdConfiguration.attributeService

private

externalAuthenticationService

ExternalAuthenticationService org.xdi.oxauth.servlet.OpenIdConfiguration.externalAuthenticationService

private

externalDynamicScopeService

ExternalDynamicScopeService org.xdi.oxauth.servlet.OpenIdConfiguration.externalDynamicScopeService

private

log

Logger org.xdi.oxauth.servlet.OpenIdConfiguration.log

private

scopeService

ScopeService org.xdi.oxauth.servlet.OpenIdConfiguration.scopeService

private

serialVersionUID

final long org.xdi.oxauth.servlet.OpenIdConfiguration.serialVersionUID = -8224898157373678903L

staticprivate

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/OpenId/gluu/src/oxAuth/Server/src/main/java/org/xdi/oxauth/servlet/OpenIdConfiguration.java