org.xdi.oxd.server.op.RegisterSiteOperation の継承関係図

org.xdi.oxd.server.op.RegisterSiteOperation 連携図

公開メンバ関数
RegisterSiteResponse	execute_ (RegisterSiteParams params)

CommandResponse	execute (RegisterSiteParams params)

Class< T >	getParameterClass ()

T	getParams ()

Injector	getInjector ()

HttpService	getHttpService ()

IntrospectionService	getIntrospectionService ()

PublicOpKeyService	getKeyService ()

StateService	getStateService ()

LicenseService	getLicenseService ()

DiscoveryService	getDiscoveryService ()

UmaTokenService	getUmaTokenService ()

RpService	getRpService ()

ConfigurationService	getConfigurationService ()

OxAuthCryptoProvider	getCryptoProvider () throws Exception

Rp	getRp ()

ValidationService	getValidationService ()

Command	getCommand ()

CommandResponse	okResponse (IOpResponse p_data)

限定公開メンバ関数
	RegisterSiteOperation (Command command, final Injector injector)

関数
public< T > T	getInstance (Class< T > type)

非公開メンバ関数
void	validateAccessToken (String oxdId, RegisterSiteParams params)

void	validateParametersAndFallbackIfNeeded (RegisterSiteParams params)

void	persistRp (String siteId, RegisterSiteParams params)

boolean	hasClient (RegisterSiteParams params)

RegisterResponse	registerClient (RegisterSiteParams params)

RegisterRequest	createRegisterClientRequest (RegisterSiteParams params)

Rp	createRp (String siteId, RegisterSiteParams params)

非公開変数類
Rp	rp

静的非公開変数類
static final Logger	LOG = LoggerFactory.getLogger(RegisterSiteOperation.class)

詳解

著者: Yuriy Zabrovarnyy

バージョン: 0.9, 24/09/2015

構築子と解体子

◆ RegisterSiteOperation()

org.xdi.oxd.server.op.RegisterSiteOperation.RegisterSiteOperation	(	Command	command,
		final Injector	injector
	)

inlineprotected

Base constructor

引数

command command

                                                                               {
         super(command, injector, RegisterSiteParams.class);
     }

関数詳解

◆ createRegisterClientRequest()

RegisterRequest org.xdi.oxd.server.op.RegisterSiteOperation.createRegisterClientRequest ( RegisterSiteParams params )

inlineprivate

                                                                                    {
         List<ResponseType> responseTypes = Lists.newArrayList();
         for (String type : params.getResponseTypes()) {
             responseTypes.add(ResponseType.fromString(type));
         }
 
         String clientName = "oxD client for site: " + rp.getOxdId();
         if (!Strings.isNullOrEmpty(params.getClientName())) {
             clientName = params.getClientName();
             rp.setClientName(clientName);
         }
 
         final RegisterRequest request = new RegisterRequest(ApplicationType.WEB, clientName, params.getRedirectUris());
         request.setResponseTypes(responseTypes);
         request.setJwksUri(params.getClientJwksUri());
         request.setClaimsRedirectUris(params.getClaimsRedirectUri() != null ? params.getClaimsRedirectUri() : new ArrayList<String>());
         request.setPostLogoutRedirectUris(params.getPost_logout_redirect_uri() != null ? Lists.newArrayList(params.getPost_logout_redirect_uri()) : Lists.<String>newArrayList());
         request.setContacts(params.getContacts());
         request.setScopes(params.getScope());
         request.setDefaultAcrValues(params.getAcrValues());
 
         if (params.getTrustedClient() != null && params.getTrustedClient()) {
             request.addCustomAttribute("oxAuthTrustedClient", "true");
         }
 
         List<GrantType> grantTypes = Lists.newArrayList();
         for (String grantType : params.getGrantType()) {
             grantTypes.add(GrantType.fromString(grantType));
         }
         request.setGrantTypes(grantTypes);
 
         if (params.getClientFrontchannelLogoutUri() != null) {
             rp.setFrontChannelLogoutUri(params.getClientFrontchannelLogoutUri());
             request.setFrontChannelLogoutUris(Lists.newArrayList(params.getClientFrontchannelLogoutUri()));
         } else {
             if (rp.getFrontChannelLogoutUri() != null) {
                 request.setFrontChannelLogoutUris(rp.getFrontChannelLogoutUri());
             }
         }
 
         if (StringUtils.isNotBlank(params.getClientTokenEndpointAuthMethod())) {
             final AuthenticationMethod authenticationMethod = AuthenticationMethod.fromString(params.getClientTokenEndpointAuthMethod());
             if (authenticationMethod != null) {
                 request.setTokenEndpointAuthMethod(authenticationMethod);
             }
         }
 
         if (params.getClientRequestUris() != null && !params.getClientRequestUris().isEmpty()) {
             request.setRequestUris(params.getClientRequestUris());
         }
 
         if (!Strings.isNullOrEmpty(params.getClientSectorIdentifierUri())) {
             request.setSectorIdentifierUri(params.getClientSectorIdentifierUri());
         }
 
         rp.setResponseTypes(params.getResponseTypes());
         rp.setPostLogoutRedirectUri(params.getPost_logout_redirect_uri());
         rp.setContacts(params.getContacts());
         rp.setRedirectUris(Lists.newArrayList(params.getRedirectUris()));
         return request;
     }

◆ createRp()

Rp org.xdi.oxd.server.op.RegisterSiteOperation.createRp	(	String	siteId,
		RegisterSiteParams	params
	)

inlineprivate

                                                                   {
 
         Preconditions.checkState(!Strings.isNullOrEmpty(params.getOpHost()), "op_host contains blank value. Please specify valid OP public address.");
 
         final Rp rp = new Rp(getConfigurationService().defaultRp());
         rp.setOxdId(siteId);
         rp.setOpHost(params.getOpHost());
         rp.setOpDiscoveryPath(params.getOpDiscoveryPath());
         rp.setAuthorizationRedirectUri(params.getAuthorizationRedirectUri());
         rp.setRedirectUris(params.getRedirectUris());
         rp.setClaimsRedirectUri(params.getClaimsRedirectUri());
         rp.setApplicationType("web");
         rp.setOxdRpProgrammingLanguage(params.getOxdRpProgrammingLanguage());
         rp.setUmaProtectedResources(new ArrayList<UmaResource>());
         rp.setFrontChannelLogoutUri(params.getClientFrontchannelLogoutUri());
 
         if (!Strings.isNullOrEmpty(params.getPost_logout_redirect_uri())) {
             rp.setPostLogoutRedirectUri(params.getPost_logout_redirect_uri());
         }
 
         if (params.getAcrValues() != null && !params.getAcrValues().isEmpty()) {
             rp.setAcrValues(params.getAcrValues());
         }
 
         if (params.getClaimsLocales() != null && !params.getClaimsLocales().isEmpty()) {
             rp.setClaimsLocales(params.getClaimsLocales());
         }
 
         if (!Strings.isNullOrEmpty(params.getClientId()) && !Strings.isNullOrEmpty(params.getClientSecret())) {
             rp.setClientId(params.getClientId());
             rp.setClientSecret(params.getClientSecret());
             rp.setClientRegistrationAccessToken(params.getClientRegistrationAccessToken());
             rp.setClientRegistrationClientUri(params.getClientRegistrationClientUri());
         }
 
         if (params.getContacts() != null && !params.getContacts().isEmpty()) {
             rp.setContacts(params.getContacts());
         }
 
         rp.setGrantType(params.getGrantType());
         rp.setResponseTypes(params.getResponseTypes());
 
         if (params.getScope() != null && !params.getScope().isEmpty()) {
             rp.setScope(params.getScope());
         }
 
         if (params.getUiLocales() != null && !params.getUiLocales().isEmpty()) {
             rp.setUiLocales(params.getUiLocales());
         }
 
         return rp;
     }

◆ execute()

CommandResponse org.xdi.oxd.server.op.RegisterSiteOperation.execute ( RegisterSiteParams params )

inline

                                                               {
         try {
             return okResponse(execute_(params));
         } catch (ErrorResponseException e) {
             throw e;
         } catch (Exception e) {
             LOG.error(e.getMessage(), e);
         }
         return CommandResponse.INTERNAL_ERROR_RESPONSE;
     }

◆ execute_()

RegisterSiteResponse org.xdi.oxd.server.op.RegisterSiteOperation.execute_ ( RegisterSiteParams params )

inline

                                                                     {
         validateParametersAndFallbackIfNeeded(params);
 
         String oxdId = UUID.randomUUID().toString();
 
         LOG.info("Creating RP ...");
         persistRp(oxdId, params);
         validateAccessToken(oxdId, params);
 
         LOG.info("RP created: " + rp);
 
         RegisterSiteResponse opResponse = new RegisterSiteResponse();
         opResponse.setOxdId(oxdId);
         opResponse.setOpHost(params.getOpHost());
         return opResponse;
     }

◆ getCommand()

Command org.xdi.oxd.server.op.BaseOperation< T extends IParams >.getCommand ( )

inlineinherited

Returns command

戻り値: command

                                 {
         return command;
     }

◆ getConfigurationService()

ConfigurationService org.xdi.oxd.server.op.BaseOperation< T extends IParams >.getConfigurationService ( )

inlineinherited

                                                           {
         return getInstance(ConfigurationService.class);
     }

◆ getCryptoProvider()

OxAuthCryptoProvider org.xdi.oxd.server.op.BaseOperation< T extends IParams >.getCryptoProvider ( ) throws Exception

inlineinherited

                                                                      {
         OxdServerConfiguration conf = getConfigurationService().get();
         return new OxAuthCryptoProvider(conf.getCryptProviderKeyStorePath(), conf.getCryptProviderKeyStorePassword(), conf.getCryptProviderDnName());
     }

◆ getDiscoveryService()

DiscoveryService org.xdi.oxd.server.op.BaseOperation< T extends IParams >.getDiscoveryService ( )

inlineinherited

                                                   {
         return getInstance(DiscoveryService.class);
     }

◆ getHttpService()

HttpService org.xdi.oxd.server.op.BaseOperation< T extends IParams >.getHttpService ( )

inlineinherited

                                         {
         return getInstance(HttpService.class);
     }

◆ getInjector()

Injector org.xdi.oxd.server.op.BaseOperation< T extends IParams >.getInjector ( )

inlineinherited

Gets injector.

戻り値: injector

                                   {
         return injector;
     }

◆ getInstance()

public<T> T org.xdi.oxd.server.op.BaseOperation< T extends IParams >.getInstance ( Class< T > type )

inlinepackageinherited

                                             {
         return injector.getInstance(type);
     }

◆ getIntrospectionService()

IntrospectionService org.xdi.oxd.server.op.BaseOperation< T extends IParams >.getIntrospectionService ( )

inlineinherited

                                                           {
         return getInstance(IntrospectionService.class);
     }

◆ getKeyService()

PublicOpKeyService org.xdi.oxd.server.op.BaseOperation< T extends IParams >.getKeyService ( )

inlineinherited

                                               {
         return getInstance(PublicOpKeyService.class);
     }

◆ getLicenseService()

LicenseService org.xdi.oxd.server.op.BaseOperation< T extends IParams >.getLicenseService ( )

inlineinherited

                                               {
         return getInstance(LicenseService.class);
     }

◆ getParameterClass()

Class<T> org.xdi.oxd.server.op.BaseOperation< T extends IParams >.getParameterClass ( )

inlineinherited

                                         {
         return parameterClass;
     }

◆ getParams()

T org.xdi.oxd.server.op.BaseOperation< T extends IParams >.getParams ( )

inlineinherited

                          {
         return params;
     }

◆ getRp()

Rp org.xdi.oxd.server.op.BaseOperation< T extends IParams >.getRp ( )

inlineinherited

                       {
         if (params instanceof HasOxdIdParams) {
             getValidationService().validate((HasOxdIdParams) params);
             HasOxdIdParams hasOxdId = (HasOxdIdParams) params;
             return getRpService().getRp(hasOxdId.getOxdId());
         }
         throw new ErrorResponseException(ErrorResponseCode.BAD_REQUEST_NO_OXD_ID);
     }

◆ getRpService()

RpService org.xdi.oxd.server.op.BaseOperation< T extends IParams >.getRpService ( )

inlineinherited

                                     {
         return getInstance(RpService.class);
     }

◆ getStateService()

StateService org.xdi.oxd.server.op.BaseOperation< T extends IParams >.getStateService ( )

inlineinherited

                                           {
         return getInstance(StateService.class);
     }

◆ getUmaTokenService()

UmaTokenService org.xdi.oxd.server.op.BaseOperation< T extends IParams >.getUmaTokenService ( )

inlineinherited

                                                 {
         return getInstance(UmaTokenService.class);
     }

◆ getValidationService()

ValidationService org.xdi.oxd.server.op.BaseOperation< T extends IParams >.getValidationService ( )

inlineinherited

                                                     {
         return getInstance(ValidationService.class);
     }

◆ hasClient()

boolean org.xdi.oxd.server.op.RegisterSiteOperation.hasClient ( RegisterSiteParams params )

inlineprivate

                                                          {
         return !Strings.isNullOrEmpty(params.getClientId()) && !Strings.isNullOrEmpty(params.getClientSecret());
     }

◆ okResponse()

CommandResponse org.xdi.oxd.server.op.BaseOperation< T extends IParams >.okResponse ( IOpResponse p_data )

inlineinherited

Ok response for operation

引数

p_data response

戻り値: ok response with data

                                                           {
         if (p_data == null) {
             return CommandResponse.createInternalError();
         }
         return CommandResponse.ok().setData(new POJONode(p_data));
     }

◆ persistRp()

void org.xdi.oxd.server.op.RegisterSiteOperation.persistRp	(	String	siteId,
		RegisterSiteParams	params
	)

inlineprivate

                                                                      {
 
         try {
             rp = createRp(siteId, params);
 
             if (!hasClient(params)) {
                 final RegisterResponse registerResponse = registerClient(params);
                 rp.setClientId(registerResponse.getClientId());
                 rp.setClientSecret(registerResponse.getClientSecret());
                 rp.setClientRegistrationAccessToken(registerResponse.getRegistrationAccessToken());
                 rp.setClientRegistrationClientUri(registerResponse.getRegistrationClientUri());
                 rp.setClientIdIssuedAt(registerResponse.getClientIdIssuedAt());
                 rp.setClientSecretExpiresAt(registerResponse.getClientSecretExpiresAt());
             }
 
             getRpService().create(rp);
         } catch (IOException e) {
             LOG.error("Failed to persist site configuration, params: " + params, e);
             throw new RuntimeException(e);
         }
     }

◆ registerClient()

RegisterResponse org.xdi.oxd.server.op.RegisterSiteOperation.registerClient ( RegisterSiteParams params )

inlineprivate

                                                                        {
         final String registrationEndpoint = getDiscoveryService().getConnectDiscoveryResponse(params.getOpHost(), params.getOpDiscoveryPath()).getRegistrationEndpoint();
         if (Strings.isNullOrEmpty(registrationEndpoint)) {
             LOG.error("This OP (" + params.getOpHost() + ") does not provide registration_endpoint. It means that oxd is not able dynamically register client. " +
                     "Therefore it is required to obtain/register client manually on OP site and provide client_id and client_secret to oxd register_site command.");
             throw new ErrorResponseException(ErrorResponseCode.NO_UMA_RESOURCES_TO_PROTECT);
         }
 
         final RegisterClient registerClient = new RegisterClient(registrationEndpoint);
         registerClient.setRequest(createRegisterClientRequest(params));
         registerClient.setExecutor(getHttpService().getClientExecutor());
         final RegisterResponse response = registerClient.exec();
         if (response != null) {
             if (!Strings.isNullOrEmpty(response.getClientId()) && !Strings.isNullOrEmpty(response.getClientSecret())) {
                 LOG.trace("Registered client for site - client_id: " + response.getClientId() + ", claims: " + response.getClaims() + ", registration_client_uri:" + response.getRegistrationClientUri());
                 return response;
             } else {
                 LOG.error("ClientId: " + response.getClientId() + ", clientSecret: " + response.getClientSecret());
             }
         } else {
             LOG.error("RegisterClient response is null.");
         }
         if (response != null && !Strings.isNullOrEmpty(response.getErrorDescription())) {
             LOG.error(response.getErrorDescription());
         }
 
         throw new RuntimeException("Failed to register client for site. Details: " + (response != null ? response.getEntity() : "response is null"));
     }

◆ validateAccessToken()

void org.xdi.oxd.server.op.RegisterSiteOperation.validateAccessToken	(	String	oxdId,
		RegisterSiteParams	params
	)

inlineprivate

                                                                               {
         final OxdServerConfiguration conf = getConfigurationService().getConfiguration();
         if (conf.getProtectCommandsWithAccessToken() != null && !conf.getProtectCommandsWithAccessToken()) {
             if (StringUtils.isBlank(params.getProtectionAccessToken())) {
                 return; // skip validation since protectCommandsWithAccessToken=false
             } // otherwise if token is not blank then let it validate it
         }
         if (params instanceof SetupClientParams) {
             return;
         }
 
         final IntrospectionResponse response = getValidationService().introspect(params.getProtectionAccessToken(), oxdId);
 
         Rp setupRp = getRpService().getRpByClientId(response.getClientId());
         LOG.trace("introspection: " + response + ", setupRp: " + rp);
 
         rp.setSetupClientId(response.getClientId());
         rp.setSetupOxdId(setupRp != null ? setupRp.getOxdId() : oxdId);
         getRpService().updateSilently(rp);
     }

◆ validateParametersAndFallbackIfNeeded()

void org.xdi.oxd.server.op.RegisterSiteOperation.validateParametersAndFallbackIfNeeded ( RegisterSiteParams params )

inlineprivate

                                                                                   {
         Rp fallback = getConfigurationService().defaultRp();
 
         // op_host
         if (Strings.isNullOrEmpty(params.getOpHost())) {
             LOG.warn("'op_host' is not set for parameter: " + params + ". Look up at configuration file for fallback of 'op_host'");
             String fallbackOpHost = fallback.getOpHost();
             if (Strings.isNullOrEmpty(fallbackOpHost)) {
                 throw new ErrorResponseException(ErrorResponseCode.INVALID_OP_HOST);
             }
             LOG.warn("Fallback to op_host: " + fallbackOpHost + ", from configuration file.");
             params.setOpHost(fallbackOpHost);
         }
 
         // grant_type
         List<String> grantTypes = Lists.newArrayList();
 
         if (params.getGrantType() != null && !params.getGrantType().isEmpty()) {
             grantTypes.addAll(params.getGrantType());
         }
 
         if (grantTypes.isEmpty() && fallback.getGrantType() != null && !fallback.getGrantType().isEmpty()) {
             grantTypes.addAll(fallback.getGrantType());
         }
 
         if (grantTypes.isEmpty()) {
             grantTypes.add(GrantType.AUTHORIZATION_CODE.getValue());
         }
 
         params.setGrantType(grantTypes);
 
         // authorization_redirect_uri
         if (Strings.isNullOrEmpty(params.getAuthorizationRedirectUri())) {
             params.setAuthorizationRedirectUri(fallback.getAuthorizationRedirectUri());
         }
         if (!Utils.isValidUrl(params.getAuthorizationRedirectUri())) {
             throw new ErrorResponseException(ErrorResponseCode.INVALID_AUTHORIZATION_REDIRECT_URI);
         }
 
         //post_logout_redirect_uri
         if (Strings.isNullOrEmpty(params.getPost_logout_redirect_uri()) && !Strings.isNullOrEmpty(fallback.getPostLogoutRedirectUri())) {
             params.setPost_logout_redirect_uri(fallback.getPostLogoutRedirectUri());
         }
 
         // response_type
         List<String> responseTypes = Lists.newArrayList();
         if (params.getResponseTypes() != null && !params.getResponseTypes().isEmpty()) {
             responseTypes.addAll(params.getResponseTypes());
         }
         if (responseTypes.isEmpty() && fallback.getResponseTypes() != null && !fallback.getResponseTypes().isEmpty()) {
             responseTypes.addAll(fallback.getResponseTypes());
         }
         if (responseTypes.isEmpty()) {
             responseTypes.add("code");
         }
         params.setResponseTypes(responseTypes);
 
         // redirect_uris
         Set<String> redirectUris = Sets.newHashSet();
         redirectUris.add(params.getAuthorizationRedirectUri());
         if (params.getRedirectUris() != null && !params.getRedirectUris().isEmpty()) {
             redirectUris.addAll(params.getRedirectUris());
             if (!Strings.isNullOrEmpty(params.getPost_logout_redirect_uri())) {
                 redirectUris.add(params.getPost_logout_redirect_uri());
             }
         }
         final Boolean autoRegister = getConfigurationService().getConfiguration().getUma2AuthRegisterClaimsGatheringEndpointAsRedirectUriOfClient();
         if (autoRegister != null && autoRegister && !redirectUris.isEmpty()) {
             String first = redirectUris.iterator().next();
             if (first.contains(params.getOpHost())) {
                 final UmaMetadata discovery = getDiscoveryService().getUmaDiscovery(params.getOpHost(), params.getOpDiscoveryPath());
                 String autoRedirectUri = discovery.getClaimsInteractionEndpoint() + "?authentication=true";
 
                 LOG.trace("Register claims interaction endpoint as redirect_uri: " + autoRedirectUri);
                 redirectUris.add(autoRedirectUri);
             } else {
                 LOG.trace("Skip auto registration of claims interaction endpoint as redirect_uri because OP host for different uri's is different which will not pass AS redirect_uri's validation (same host must be present).");
             }
         }
         params.setRedirectUris(Lists.newArrayList(redirectUris));
 
         // claims_redirect_uri
         Set<String> claimsRedirectUris = Sets.newHashSet();
         if (params.getClaimsRedirectUri() != null && !params.getClaimsRedirectUri().isEmpty()) {
             claimsRedirectUris.addAll(params.getClaimsRedirectUri());
         }
         params.setClaimsRedirectUri(Lists.newArrayList(claimsRedirectUris));
 
         // scope
         if (params.getScope() == null || params.getScope().isEmpty()) {
             params.setScope(fallback.getScope());
         }
         if (params.getScope() == null || params.getScope().isEmpty()) {
             throw new ErrorResponseException(ErrorResponseCode.INVALID_SCOPE);
         }
 
         // acr_values
         if (params.getAcrValues() == null || params.getAcrValues().isEmpty()) {
             params.setAcrValues(fallback.getAcrValues());
         }
 
         // client_jwks_uri
         if (Strings.isNullOrEmpty(params.getClientJwksUri()) && !Strings.isNullOrEmpty(fallback.getClientJwksUri())) {
             params.setClientJwksUri(fallback.getClientJwksUri());
         }
 
         // contacts
         if (params.getContacts() == null || params.getContacts().isEmpty()) {
             params.setContacts(fallback.getContacts());
         }
 
         // ui_locales
         if (params.getUiLocales() == null || params.getUiLocales().isEmpty()) {
             params.setUiLocales(fallback.getUiLocales());
         }
 
         // claims_locales
         if (params.getClaimsLocales() == null || params.getClaimsLocales().isEmpty()) {
             params.setClaimsLocales(fallback.getClaimsLocales());
         }
     }

メンバ詳解

◆ LOG

final Logger org.xdi.oxd.server.op.RegisterSiteOperation.LOG = LoggerFactory.getLogger(RegisterSiteOperation.class)

staticprivate

◆ rp

Rp org.xdi.oxd.server.op.RegisterSiteOperation.rp

private

このクラス詳解は次のファイルから抽出されました:

D:/AppData/OpenId/gluu/src/oxd/oxd-server/src/main/java/org/xdi/oxd/server/op/RegisterSiteOperation.java

公開メンバ関数

限定公開メンバ関数

関数

非公開メンバ関数

非公開変数類

静的非公開変数類

詳解

構築子と解体子

◆ RegisterSiteOperation()

関数詳解

◆ createRegisterClientRequest()

◆ createRp()

◆ execute()

◆ execute_()

◆ getCommand()

◆ getConfigurationService()

◆ getCryptoProvider()

◆ getDiscoveryService()

◆ getHttpService()

◆ getInjector()

◆ getInstance()

◆ getIntrospectionService()

◆ getKeyService()

◆ getLicenseService()

◆ getParameterClass()

◆ getParams()

◆ getRp()

◆ getRpService()

◆ getStateService()

◆ getUmaTokenService()

◆ getValidationService()

◆ hasClient()

◆ okResponse()

◆ persistRp()

◆ registerClient()

◆ validateAccessToken()

◆ validateParametersAndFallbackIfNeeded()

メンバ詳解

◆ LOG

◆ rp