org.mitre.openid.connect.view.UserInfoJWTView の継承関係図

org.mitre.openid.connect.view.UserInfoJWTView 連携図

静的公開変数類
static final String	CLIENT = "client"

static final String	VIEWNAME = "userInfoJwtView"

static final String	JOSE_MEDIA_TYPE_VALUE = "application/jwt"

static final MediaType	JOSE_MEDIA_TYPE = new MediaType("application", "jwt")

static final String	REQUESTED_CLAIMS = "requestedClaims"

static final String	AUTHORIZED_CLAIMS = "authorizedClaims"

static final String	SCOPE = "scope"

static final String	USER_INFO = "userInfo"

限定公開メンバ関数
void	writeOut (JsonObject json, Map< String, Object > model, HttpServletRequest request, HttpServletResponse response)

void	renderMergedOutputModel (Map< String, Object > model, HttpServletRequest request, HttpServletResponse response)

限定公開変数類
Gson	gson

非公開変数類
JWTSigningAndValidationService	jwtService

ConfigurationPropertiesBean	config

ClientKeyCacheService	encrypters

SymmetricKeyJWTValidatorCacheService	symmetricCacheService

静的非公開変数類
static final Logger	logger = LoggerFactory.getLogger(UserInfoJWTView.class)

詳解

著者: jricher

関数詳解

◆ renderMergedOutputModel()

void org.mitre.openid.connect.view.UserInfoView.renderMergedOutputModel	(	Map< String, Object >	model,
		HttpServletRequest	request,
		HttpServletResponse	response
	)

inlineprotectedinherited

                                                                                                                                     {
 
                 UserInfo userInfo = (UserInfo) model.get(USER_INFO);
 
                 Set<String> scope = (Set<String>) model.get(SCOPE);
 
                 response.setContentType(MediaType.APPLICATION_JSON_VALUE);
                 response.setCharacterEncoding("UTF-8");
 
 
                 JsonObject authorizedClaims = null;
                 JsonObject requestedClaims = null;
                 if (model.get(AUTHORIZED_CLAIMS) != null) {
                         authorizedClaims = jsonParser.parse((String) model.get(AUTHORIZED_CLAIMS)).getAsJsonObject();
                 }
                 if (model.get(REQUESTED_CLAIMS) != null) {
                         requestedClaims = jsonParser.parse((String) model.get(REQUESTED_CLAIMS)).getAsJsonObject();
                 }
                 JsonObject json = toJsonFromRequestObj(userInfo, scope, authorizedClaims, requestedClaims);
 
                 writeOut(json, model, request, response);
         }

◆ writeOut()

void org.mitre.openid.connect.view.UserInfoJWTView.writeOut	(	JsonObject	json,
		Map< String, Object >	model,
		HttpServletRequest	request,
		HttpServletResponse	response
	)

inlineprotected

                                                                                   {
 
                 try {
                         ClientDetailsEntity client = (ClientDetailsEntity)model.get(CLIENT);
 
                         // use the parser to import the user claims into the object
                         StringWriter writer = new StringWriter();
                         gson.toJson(json, writer);
 
                         response.setContentType(JOSE_MEDIA_TYPE_VALUE);
 
                         JWTClaimsSet claims = new JWTClaimsSet.Builder(JWTClaimsSet.parse(writer.toString()))
                                         .audience(Lists.newArrayList(client.getClientId()))
                                         .issuer(config.getIssuer())
                                         .issueTime(new Date())
                                         .jwtID(UUID.randomUUID().toString()) // set a random NONCE in the middle of it
                                         .build();
 
 
                         if (client.getUserInfoEncryptedResponseAlg() != null && !client.getUserInfoEncryptedResponseAlg().equals(Algorithm.NONE)
                                         && client.getUserInfoEncryptedResponseEnc() != null && !client.getUserInfoEncryptedResponseEnc().equals(Algorithm.NONE)
                                         && (!Strings.isNullOrEmpty(client.getJwksUri()) || client.getJwks() != null)) {
 
                                 // encrypt it to the client's key
 
                                 JWTEncryptionAndDecryptionService encrypter = encrypters.getEncrypter(client);
 
                                 if (encrypter != null) {
 
                                         EncryptedJWT encrypted = new EncryptedJWT(new JWEHeader(client.getUserInfoEncryptedResponseAlg(), client.getUserInfoEncryptedResponseEnc()), claims);
 
                                         encrypter.encryptJwt(encrypted);
 
 
                                         Writer out = response.getWriter();
                                         out.write(encrypted.serialize());
 
                                 } else {
                                         logger.error("Couldn't find encrypter for client: " + client.getClientId());
                                 }
                         } else {
 
                                 JWSAlgorithm signingAlg = jwtService.getDefaultSigningAlgorithm(); // default to the server's preference
                                 if (client.getUserInfoSignedResponseAlg() != null) {
                                         signingAlg = client.getUserInfoSignedResponseAlg(); // override with the client's preference if available
                                 }
                                 JWSHeader header = new JWSHeader(signingAlg, null, null, null, null, null, null, null, null, null,
                                                 jwtService.getDefaultSignerKeyId(),
                                                 null, null);
                                 SignedJWT signed = new SignedJWT(header, claims);
 
                                 if (signingAlg.equals(JWSAlgorithm.HS256)
                                                 || signingAlg.equals(JWSAlgorithm.HS384)
                                                 || signingAlg.equals(JWSAlgorithm.HS512)) {
 
                                         // sign it with the client's secret
                                         JWTSigningAndValidationService signer = symmetricCacheService.getSymmetricValidtor(client);
                                         signer.signJwt(signed);
 
                                 } else {
                                         // sign it with the server's key
                                         jwtService.signJwt(signed);
                                 }
 
                                 Writer out = response.getWriter();
                                 out.write(signed.serialize());
                         }
                 } catch (IOException e) {
                         logger.error("IO Exception in UserInfoJwtView", e);
                 } catch (ParseException e) {
                         // TODO Auto-generated catch block
                         e.printStackTrace();
                 }
 
         }

メンバ詳解

◆ AUTHORIZED_CLAIMS

final String org.mitre.openid.connect.view.UserInfoView.AUTHORIZED_CLAIMS = "authorizedClaims"

staticinherited

◆ CLIENT

final String org.mitre.openid.connect.view.UserInfoJWTView.CLIENT = "client"

static

◆ config

ConfigurationPropertiesBean org.mitre.openid.connect.view.UserInfoJWTView.config

private

◆ encrypters

ClientKeyCacheService org.mitre.openid.connect.view.UserInfoJWTView.encrypters

private

◆ gson

Gson org.mitre.openid.connect.view.UserInfoView.gson

protectedinherited

初期値:

= new GsonBuilder().setExclusionStrategies(new ExclusionStrategy() {
                @Override
                public boolean shouldSkipField(FieldAttributes f) {
                        return false;
                }
                @Override
                public boolean shouldSkipClass(Class<?> clazz) {
                        
                        if (clazz.equals(BeanPropertyBindingResult.class)) {
                                return true;
                        }
                        return false;
                }
        }).create()

◆ JOSE_MEDIA_TYPE

final MediaType org.mitre.openid.connect.view.UserInfoJWTView.JOSE_MEDIA_TYPE = new MediaType("application", "jwt")

static

◆ JOSE_MEDIA_TYPE_VALUE

final String org.mitre.openid.connect.view.UserInfoJWTView.JOSE_MEDIA_TYPE_VALUE = "application/jwt"

static

◆ jwtService

JWTSigningAndValidationService org.mitre.openid.connect.view.UserInfoJWTView.jwtService

private

◆ logger

final Logger org.mitre.openid.connect.view.UserInfoJWTView.logger = LoggerFactory.getLogger(UserInfoJWTView.class)

staticprivate

Logger for this class

◆ REQUESTED_CLAIMS

final String org.mitre.openid.connect.view.UserInfoView.REQUESTED_CLAIMS = "requestedClaims"

staticinherited

◆ SCOPE

final String org.mitre.openid.connect.view.UserInfoView.SCOPE = "scope"

staticinherited

◆ symmetricCacheService

SymmetricKeyJWTValidatorCacheService org.mitre.openid.connect.view.UserInfoJWTView.symmetricCacheService

private

◆ USER_INFO

final String org.mitre.openid.connect.view.UserInfoView.USER_INFO = "userInfo"

staticinherited

◆ VIEWNAME

final String org.mitre.openid.connect.view.UserInfoJWTView.VIEWNAME = "userInfoJwtView"

static

このクラス詳解は次のファイルから抽出されました:

D:/AppData/OpenId/mitreid-connect/src/openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoJWTView.java

静的公開変数類

限定公開メンバ関数

限定公開変数類

非公開変数類

静的非公開変数類

詳解

関数詳解

◆ renderMergedOutputModel()

◆ writeOut()

メンバ詳解

◆ AUTHORIZED_CLAIMS

◆ CLIENT

◆ config

◆ encrypters

◆ gson

◆ JOSE_MEDIA_TYPE

◆ JOSE_MEDIA_TYPE_VALUE

◆ jwtService

◆ logger

◆ REQUESTED_CLAIMS

◆ SCOPE

◆ symmetricCacheService

◆ USER_INFO

◆ VIEWNAME