org.mitre.uma.web.ClaimsCollectionEndpoint 連携図

公開メンバ関数
String	collectClaims (@RequestParam("client_id") String clientId, @RequestParam(value="redirect_uri", required=false) String redirectUri, @RequestParam("ticket") String ticketValue, @RequestParam(value="state", required=false) String state, Model m, OIDCAuthenticationToken auth)

静的公開変数類
static final String	URL = "rqp_claims"

非公開メンバ関数
Claim	mkClaim (String issuer, String name, JsonElement value)

非公開変数類
ClientDetailsEntityService	clientService

PermissionService	permissionService

静的非公開変数類
static final Logger	logger = LoggerFactory.getLogger(ClaimsCollectionEndpoint.class)

詳解

Collect claims interactively from the end user.

著者: jricher

関数詳解

◆ collectClaims()

String org.mitre.uma.web.ClaimsCollectionEndpoint.collectClaims	(	@RequestParam("client_id") String	clientId,
		@RequestParam(value="redirect_uri", required=false) String	redirectUri,
		@RequestParam("ticket") String	ticketValue,
		@RequestParam(value="state", required=false) String	state,
		Model	m,
		OIDCAuthenticationToken	auth
	)

inline

                                                                {
 
 
                 ClientDetailsEntity client = clientService.loadClientByClientId(clientId);
 
                 PermissionTicket ticket = permissionService.getByTicket(ticketValue);
 
                 if (client == null || ticket == null) {
                         logger.info("Client or ticket not found: " + clientId + " :: " + ticketValue);
                         m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
                         return HttpCodeView.VIEWNAME;
                 }
 
                 // we've got a client and ticket, let's attach the claims that we have from the token and userinfo
 
                 // subject
                 Set<Claim> claimsSupplied = Sets.newHashSet(ticket.getClaimsSupplied());
 
                 String issuer = auth.getIssuer();
                 UserInfo userInfo = auth.getUserInfo();
 
                 claimsSupplied.add(mkClaim(issuer, "sub", new JsonPrimitive(auth.getSub())));
                 if (userInfo.getEmail() != null) {
                         claimsSupplied.add(mkClaim(issuer, "email", new JsonPrimitive(userInfo.getEmail())));
                 }
                 if (userInfo.getEmailVerified() != null) {
                         claimsSupplied.add(mkClaim(issuer, "email_verified", new JsonPrimitive(userInfo.getEmailVerified())));
                 }
                 if (userInfo.getPhoneNumber() != null) {
                         claimsSupplied.add(mkClaim(issuer, "phone_number", new JsonPrimitive(auth.getUserInfo().getPhoneNumber())));
                 }
                 if (userInfo.getPhoneNumberVerified() != null) {
                         claimsSupplied.add(mkClaim(issuer, "phone_number_verified", new JsonPrimitive(auth.getUserInfo().getPhoneNumberVerified())));
                 }
                 if (userInfo.getPreferredUsername() != null) {
                         claimsSupplied.add(mkClaim(issuer, "preferred_username", new JsonPrimitive(auth.getUserInfo().getPreferredUsername())));
                 }
                 if (userInfo.getProfile() != null) {
                         claimsSupplied.add(mkClaim(issuer, "profile", new JsonPrimitive(auth.getUserInfo().getProfile())));
                 }
 
                 ticket.setClaimsSupplied(claimsSupplied);
                 
                 PermissionTicket updatedTicket = permissionService.updateTicket(ticket);
                 
                 if (Strings.isNullOrEmpty(redirectUri)) {
                         if (client.getClaimsRedirectUris().size() == 1) {
                                 redirectUri = client.getClaimsRedirectUris().iterator().next(); // get the first (and only) redirect URI to use here
                                 logger.info("No redirect URI passed in, using registered value: " + redirectUri);
                         } else {
                                 throw new RedirectMismatchException("Unable to find redirect URI and none passed in.");
                         }
                 } else {
                         if (!client.getClaimsRedirectUris().contains(redirectUri)) {
                                 throw new RedirectMismatchException("Claims redirect did not match the registered values.");
                         }
                 }
 
                 UriComponentsBuilder template = UriComponentsBuilder.fromUriString(redirectUri);
                 template.queryParam("authorization_state", "claims_submitted");
                 if (!Strings.isNullOrEmpty(state)) {
                         template.queryParam("state", state);
                 }
 
                 String uriString = template.toUriString();
                 logger.info("Redirecting to " + uriString);
 
                 return "redirect:" + uriString;
         }

◆ mkClaim()

Claim org.mitre.uma.web.ClaimsCollectionEndpoint.mkClaim	(	String	issuer,
		String	name,
		JsonElement	value
	)

inlineprivate

                                                                              {
                 Claim c = new Claim();
                 c.setIssuer(Sets.newHashSet(issuer));
                 c.setName(name);
                 c.setValue(value);
                 return c;
         }

メンバ詳解

◆ clientService

ClientDetailsEntityService org.mitre.uma.web.ClaimsCollectionEndpoint.clientService

private

◆ logger

final Logger org.mitre.uma.web.ClaimsCollectionEndpoint.logger = LoggerFactory.getLogger(ClaimsCollectionEndpoint.class)

staticprivate

◆ permissionService

PermissionService org.mitre.uma.web.ClaimsCollectionEndpoint.permissionService

private

◆ URL

final String org.mitre.uma.web.ClaimsCollectionEndpoint.URL = "rqp_claims"

static

このクラス詳解は次のファイルから抽出されました:

D:/AppData/OpenId/mitreid-connect/src/uma-server/src/main/java/org/mitre/uma/web/ClaimsCollectionEndpoint.java

公開メンバ関数

静的公開変数類

非公開メンバ関数

非公開変数類

静的非公開変数類

詳解