mitreid-connect
公開メンバ関数 | 静的公開変数類 | 非公開メンバ関数 | 非公開変数類 | 静的非公開変数類 | 全メンバ一覧
org.mitre.openid.connect.web.ClientAPI クラス
org.mitre.openid.connect.web.ClientAPI 連携図
Collaboration graph

公開メンバ関数

String apiGetAllClients (Model model, Authentication auth)
 
String apiAddClient (@RequestBody String jsonString, Model m, Authentication auth)
 
String apiUpdateClient (@PathVariable("id") Long id, @RequestBody String jsonString, Model m, Authentication auth)
 
String apiDeleteClient (@PathVariable("id") Long id, ModelAndView modelAndView)
 
String apiShowClient (@PathVariable("id") Long id, Model model, Authentication auth)
 
ResponseEntity< byte[]> getClientLogo (@PathVariable("id") Long id, Model model)
 

静的公開変数類

static final String URL = RootController.API_URL + "/clients"
 

非公開メンバ関数

ClientDetailsEntity validateSoftwareStatement (ClientDetailsEntity newClient) throws ValidationException
 

非公開変数類

ClientDetailsEntityService clientService
 
ClientLogoLoadingService clientLogoLoadingService
 
AssertionValidator assertionValidator
 
JsonParser parser = new JsonParser()
 
Gson gson
 

静的非公開変数類

static final Logger logger = LoggerFactory.getLogger(ClientAPI.class)
 

詳解

著者
Michael Jett mjett.nosp@m.@mit.nosp@m.re.or.nosp@m.g

関数詳解

◆ apiAddClient()

String org.mitre.openid.connect.web.ClientAPI.apiAddClient ( @RequestBody String  jsonString,
Model  m,
Authentication  auth 
)
inline

Create a new client

引数
json
m
principal
戻り値
250  {
251 
252  JsonObject json = null;
253  ClientDetailsEntity client = null;
254 
255  try {
256  json = parser.parse(jsonString).getAsJsonObject();
257  client = gson.fromJson(json, ClientDetailsEntity.class);
258  client = validateSoftwareStatement(client);
259  } catch (JsonSyntaxException e) {
260  logger.error("apiAddClient failed due to JsonSyntaxException", e);
261  m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
262  m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Could not save new client. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
263  return JsonErrorView.VIEWNAME;
264  } catch (IllegalStateException e) {
265  logger.error("apiAddClient failed due to IllegalStateException", e);
266  m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
267  m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Could not save new client. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
268  return JsonErrorView.VIEWNAME;
269  } catch (ValidationException e) {
270  logger.error("apiUpdateClient failed due to ValidationException", e);
271  m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
272  m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Could not update client. The server encountered a ValidationException.");
273  return JsonErrorView.VIEWNAME;
274  }
275 
276  // if they leave the client identifier empty, force it to be generated
277  if (Strings.isNullOrEmpty(client.getClientId())) {
278  client = clientService.generateClientId(client);
279  }
280 
281  if (client.getTokenEndpointAuthMethod() == null ||
282  client.getTokenEndpointAuthMethod().equals(AuthMethod.NONE)) {
283  // we shouldn't have a secret for this client
284 
285  client.setClientSecret(null);
286 
287  } else if (client.getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_BASIC)
288  || client.getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_POST)
289  || client.getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_JWT)) {
290 
291  // if they've asked for us to generate a client secret (or they left it blank but require one), do so here
292  if (json.has("generateClientSecret") && json.get("generateClientSecret").getAsBoolean()
293  || Strings.isNullOrEmpty(client.getClientSecret())) {
294  client = clientService.generateClientSecret(client);
295  }
296 
297  } else if (client.getTokenEndpointAuthMethod().equals(AuthMethod.PRIVATE_KEY)) {
298 
299  if (Strings.isNullOrEmpty(client.getJwksUri()) && client.getJwks() == null) {
300  logger.error("tried to create client with private key auth but no private key");
301  m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
302  m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Can not create a client with private key authentication without registering a key via the JWK Set URI or JWK Set Value.");
303  return JsonErrorView.VIEWNAME;
304  }
305 
306  // otherwise we shouldn't have a secret for this client
307  client.setClientSecret(null);
308 
309  } else {
310 
311  logger.error("unknown auth method");
312  m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
313  m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Unknown auth method requested");
314  return JsonErrorView.VIEWNAME;
315 
316 
317  }
318 
319  client.setDynamicallyRegistered(false);
320 
321  try {
322  ClientDetailsEntity newClient = clientService.saveNewClient(client);
323  m.addAttribute(JsonEntityView.ENTITY, newClient);
324 
325  if (AuthenticationUtilities.isAdmin(auth)) {
326  return ClientEntityViewForAdmins.VIEWNAME;
327  } else {
328  return ClientEntityViewForUsers.VIEWNAME;
329  }
330  } catch (IllegalArgumentException e) {
331  logger.error("Unable to save client: {}", e.getMessage());
332  m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
333  m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Unable to save client: " + e.getMessage());
334  return JsonErrorView.VIEWNAME;
335  } catch (PersistenceException e) {
336  Throwable cause = e.getCause();
337  if (cause instanceof DatabaseException) {
338  Throwable databaseExceptionCause = cause.getCause();
339  if(databaseExceptionCause instanceof SQLIntegrityConstraintViolationException) {
340  logger.error("apiAddClient failed; duplicate client id entry found: {}", client.getClientId());
341  m.addAttribute(HttpCodeView.CODE, HttpStatus.CONFLICT);
342  m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Unable to save client. Duplicate client id entry found: " + client.getClientId());
343  return JsonErrorView.VIEWNAME;
344  }
345  }
346  throw e;
347  }
348  }
org.mitre.openid.connect.web.ClientAPI.validateSoftwareStatement
ClientDetailsEntity validateSoftwareStatement(ClientDetailsEntity newClient)
Definition: ClientAPI.java:534
org.mitre.oauth2.model.ClientDetailsEntity.setClientSecret
void setClientSecret(String clientSecret)
Definition: ClientDetailsEntity.java:425
org.mitre.oauth2.service.ClientDetailsEntityService.saveNewClient
ClientDetailsEntity saveNewClient(ClientDetailsEntity client)
org.mitre.oauth2.service.ClientDetailsEntityService.generateClientId
ClientDetailsEntity generateClientId(ClientDetailsEntity client)
org.mitre.openid.connect.web.ClientAPI.clientService
ClientDetailsEntityService clientService
Definition: ClientAPI.java:134
org.mitre.openid.connect.web.ClientAPI.parser
JsonParser parser
Definition: ClientAPI.java:143
org.mitre.openid.connect.web.ClientAPI.gson
Gson gson
Definition: ClientAPI.java:145
org.mitre.openid.connect.web.ClientAPI.logger
static final Logger logger
Definition: ClientAPI.java:221
org.mitre.oauth2.service.ClientDetailsEntityService.generateClientSecret
ClientDetailsEntity generateClientSecret(ClientDetailsEntity client)

◆ apiDeleteClient()

String org.mitre.openid.connect.web.ClientAPI.apiDeleteClient ( @PathVariable("id") Long  id,
ModelAndView  modelAndView 
)
inline

Delete a client

引数
id
modelAndView
戻り値
464  {
465 
466  ClientDetailsEntity client = clientService.getClientById(id);
467 
468  if (client == null) {
469  logger.error("apiDeleteClient failed; client with id " + id + " could not be found.");
470  modelAndView.getModelMap().put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
471  modelAndView.getModelMap().put(JsonErrorView.ERROR_MESSAGE, "Could not delete client. The requested client with id " + id + "could not be found.");
472  return JsonErrorView.VIEWNAME;
473  } else {
474  modelAndView.getModelMap().put(HttpCodeView.CODE, HttpStatus.OK);
475  clientService.deleteClient(client);
476  }
477 
478  return HttpCodeView.VIEWNAME;
479  }
org.mitre.openid.connect.web.ClientAPI.clientService
ClientDetailsEntityService clientService
Definition: ClientAPI.java:134
org.mitre.oauth2.service.ClientDetailsEntityService.deleteClient
void deleteClient(ClientDetailsEntity client)
org.mitre.openid.connect.web.ClientAPI.logger
static final Logger logger
Definition: ClientAPI.java:221

◆ apiGetAllClients()

String org.mitre.openid.connect.web.ClientAPI.apiGetAllClients ( Model  model,
Authentication  auth 
)
inline

Get a list of all clients

引数
modelAndView
戻り値
229  {
230 
231  Collection<ClientDetailsEntity> clients = clientService.getAllClients();
232  model.addAttribute(JsonEntityView.ENTITY, clients);
233 
234  if (AuthenticationUtilities.isAdmin(auth)) {
235  return ClientEntityViewForAdmins.VIEWNAME;
236  } else {
237  return ClientEntityViewForUsers.VIEWNAME;
238  }
239  }
org.mitre.oauth2.service.ClientDetailsEntityService.getAllClients
Collection< ClientDetailsEntity > getAllClients()
org.mitre.openid.connect.web.ClientAPI.clientService
ClientDetailsEntityService clientService
Definition: ClientAPI.java:134

◆ apiShowClient()

String org.mitre.openid.connect.web.ClientAPI.apiShowClient ( @PathVariable("id") Long  id,
Model  model,
Authentication  auth 
)
inline

Get an individual client

引数
id
modelAndView
戻り値
489  {
490 
491  ClientDetailsEntity client = clientService.getClientById(id);
492 
493  if (client == null) {
494  logger.error("apiShowClient failed; client with id " + id + " could not be found.");
495  model.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
496  model.addAttribute(JsonErrorView.ERROR_MESSAGE, "The requested client with id " + id + " could not be found.");
497  return JsonErrorView.VIEWNAME;
498  }
499 
500  model.addAttribute(JsonEntityView.ENTITY, client);
501 
502  if (AuthenticationUtilities.isAdmin(auth)) {
503  return ClientEntityViewForAdmins.VIEWNAME;
504  } else {
505  return ClientEntityViewForUsers.VIEWNAME;
506  }
507  }
org.mitre.openid.connect.web.ClientAPI.clientService
ClientDetailsEntityService clientService
Definition: ClientAPI.java:134
org.mitre.openid.connect.web.ClientAPI.logger
static final Logger logger
Definition: ClientAPI.java:221

◆ apiUpdateClient()

String org.mitre.openid.connect.web.ClientAPI.apiUpdateClient ( @PathVariable("id") Long  id,
@RequestBody String  jsonString,
Model  m,
Authentication  auth 
)
inline

Update an existing client

引数
id
jsonString
m
principal
戻り値
360  {
361 
362  JsonObject json = null;
363  ClientDetailsEntity client = null;
364 
365  try {
366  // parse the client passed in (from JSON) and fetch the old client from the store
367  json = parser.parse(jsonString).getAsJsonObject();
368  client = gson.fromJson(json, ClientDetailsEntity.class);
369  client = validateSoftwareStatement(client);
370  } catch (JsonSyntaxException e) {
371  logger.error("apiUpdateClient failed due to JsonSyntaxException", e);
372  m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
373  m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Could not update client. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
374  return JsonErrorView.VIEWNAME;
375  } catch (IllegalStateException e) {
376  logger.error("apiUpdateClient failed due to IllegalStateException", e);
377  m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
378  m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Could not update client. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
379  return JsonErrorView.VIEWNAME;
380  } catch (ValidationException e) {
381  logger.error("apiUpdateClient failed due to ValidationException", e);
382  m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
383  m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Could not update client. The server encountered a ValidationException.");
384  return JsonErrorView.VIEWNAME;
385  }
386 
387  ClientDetailsEntity oldClient = clientService.getClientById(id);
388 
389  if (oldClient == null) {
390  logger.error("apiUpdateClient failed; client with id " + id + " could not be found.");
391  m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
392  m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Could not update client. The requested client with id " + id + "could not be found.");
393  return JsonErrorView.VIEWNAME;
394  }
395 
396  // if they leave the client identifier empty, force it to be generated
397  if (Strings.isNullOrEmpty(client.getClientId())) {
398  client = clientService.generateClientId(client);
399  }
400 
401  if (client.getTokenEndpointAuthMethod() == null ||
402  client.getTokenEndpointAuthMethod().equals(AuthMethod.NONE)) {
403  // we shouldn't have a secret for this client
404 
405  client.setClientSecret(null);
406 
407  } else if (client.getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_BASIC)
408  || client.getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_POST)
409  || client.getTokenEndpointAuthMethod().equals(AuthMethod.SECRET_JWT)) {
410 
411  // if they've asked for us to generate a client secret (or they left it blank but require one), do so here
412  if (json.has("generateClientSecret") && json.get("generateClientSecret").getAsBoolean()
413  || Strings.isNullOrEmpty(client.getClientSecret())) {
414  client = clientService.generateClientSecret(client);
415  }
416 
417  } else if (client.getTokenEndpointAuthMethod().equals(AuthMethod.PRIVATE_KEY)) {
418 
419  if (Strings.isNullOrEmpty(client.getJwksUri()) && client.getJwks() == null) {
420  logger.error("tried to create client with private key auth but no private key");
421  m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
422  m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Can not create a client with private key authentication without registering a key via the JWK Set URI or JWK Set Value.");
423  return JsonErrorView.VIEWNAME;
424  }
425 
426  // otherwise we shouldn't have a secret for this client
427  client.setClientSecret(null);
428 
429  } else {
430 
431  logger.error("unknown auth method");
432  m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
433  m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Unknown auth method requested");
434  return JsonErrorView.VIEWNAME;
435 
436 
437  }
438 
439  try {
440  ClientDetailsEntity newClient = clientService.updateClient(oldClient, client);
441  m.addAttribute(JsonEntityView.ENTITY, newClient);
442 
443  if (AuthenticationUtilities.isAdmin(auth)) {
444  return ClientEntityViewForAdmins.VIEWNAME;
445  } else {
446  return ClientEntityViewForUsers.VIEWNAME;
447  }
448  } catch (IllegalArgumentException e) {
449  logger.error("Unable to save client: {}", e.getMessage());
450  m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
451  m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Unable to save client: " + e.getMessage());
452  return JsonErrorView.VIEWNAME;
453  }
454  }
org.mitre.openid.connect.web.ClientAPI.validateSoftwareStatement
ClientDetailsEntity validateSoftwareStatement(ClientDetailsEntity newClient)
Definition: ClientAPI.java:534
org.mitre.oauth2.model.ClientDetailsEntity.setClientSecret
void setClientSecret(String clientSecret)
Definition: ClientDetailsEntity.java:425
org.mitre.oauth2.service.ClientDetailsEntityService.generateClientId
ClientDetailsEntity generateClientId(ClientDetailsEntity client)
org.mitre.oauth2.service.ClientDetailsEntityService.updateClient
ClientDetailsEntity updateClient(ClientDetailsEntity oldClient, ClientDetailsEntity newClient)
org.mitre.openid.connect.web.ClientAPI.clientService
ClientDetailsEntityService clientService
Definition: ClientAPI.java:134
org.mitre.openid.connect.web.ClientAPI.parser
JsonParser parser
Definition: ClientAPI.java:143
org.mitre.openid.connect.web.ClientAPI.gson
Gson gson
Definition: ClientAPI.java:145
org.mitre.openid.connect.web.ClientAPI.logger
static final Logger logger
Definition: ClientAPI.java:221
org.mitre.oauth2.service.ClientDetailsEntityService.generateClientSecret
ClientDetailsEntity generateClientSecret(ClientDetailsEntity client)

◆ getClientLogo()

ResponseEntity<byte[]> org.mitre.openid.connect.web.ClientAPI.getClientLogo ( @PathVariable("id") Long  id,
Model  model 
)
inline

Get the logo image for a client

引数
id
514  {
515 
516  ClientDetailsEntity client = clientService.getClientById(id);
517 
518  if (client == null) {
519  return new ResponseEntity<>(HttpStatus.NOT_FOUND);
520  } else if (Strings.isNullOrEmpty(client.getLogoUri())) {
521  return new ResponseEntity<>(HttpStatus.NOT_FOUND);
522  } else {
523  // get the image from cache
524  CachedImage image = clientLogoLoadingService.getLogo(client);
525 
526  HttpHeaders headers = new HttpHeaders();
527  headers.setContentType(MediaType.parseMediaType(image.getContentType()));
528  headers.setContentLength(image.getLength());
529 
530  return new ResponseEntity<>(image.getData(), headers, HttpStatus.OK);
531  }
532  }
org.mitre.openid.connect.web.ClientAPI.clientLogoLoadingService
ClientLogoLoadingService clientLogoLoadingService
Definition: ClientAPI.java:137
org.mitre.openid.connect.web.ClientAPI.clientService
ClientDetailsEntityService clientService
Definition: ClientAPI.java:134
org.mitre.openid.connect.service.ClientLogoLoadingService.getLogo
CachedImage getLogo(ClientDetailsEntity client)

◆ validateSoftwareStatement()

ClientDetailsEntity org.mitre.openid.connect.web.ClientAPI.validateSoftwareStatement ( ClientDetailsEntity  newClient) throws ValidationException
inlineprivate
534  {
535  if (newClient.getSoftwareStatement() != null) {
536  if (assertionValidator.isValid(newClient.getSoftwareStatement())) {
537  // we have a software statement and its envelope passed all the checks from our validator
538 
539  // swap out all of the client's fields for the associated parts of the software statement
540  try {
541  JWTClaimsSet claimSet = newClient.getSoftwareStatement().getJWTClaimsSet();
542  for (String claim : claimSet.getClaims().keySet()) {
543  switch (claim) {
544  case SOFTWARE_STATEMENT:
545  throw new ValidationException("invalid_client_metadata", "Software statement can't include another software statement", HttpStatus.BAD_REQUEST);
546  case CLAIMS_REDIRECT_URIS:
547  newClient.setClaimsRedirectUris(Sets.newHashSet(claimSet.getStringListClaim(claim)));
548  break;
549  case CLIENT_SECRET_EXPIRES_AT:
550  throw new ValidationException("invalid_client_metadata", "Software statement can't include a client secret expiration time", HttpStatus.BAD_REQUEST);
551  case CLIENT_ID_ISSUED_AT:
552  throw new ValidationException("invalid_client_metadata", "Software statement can't include a client ID issuance time", HttpStatus.BAD_REQUEST);
553  case REGISTRATION_CLIENT_URI:
554  throw new ValidationException("invalid_client_metadata", "Software statement can't include a client configuration endpoint", HttpStatus.BAD_REQUEST);
555  case REGISTRATION_ACCESS_TOKEN:
556  throw new ValidationException("invalid_client_metadata", "Software statement can't include a client registration access token", HttpStatus.BAD_REQUEST);
557  case REQUEST_URIS:
558  newClient.setRequestUris(Sets.newHashSet(claimSet.getStringListClaim(claim)));
559  break;
560  case POST_LOGOUT_REDIRECT_URIS:
561  newClient.setPostLogoutRedirectUris(Sets.newHashSet(claimSet.getStringListClaim(claim)));
562  break;
563  case INITIATE_LOGIN_URI:
564  newClient.setInitiateLoginUri(claimSet.getStringClaim(claim));
565  break;
566  case DEFAULT_ACR_VALUES:
567  newClient.setDefaultACRvalues(Sets.newHashSet(claimSet.getStringListClaim(claim)));
568  break;
569  case REQUIRE_AUTH_TIME:
570  newClient.setRequireAuthTime(claimSet.getBooleanClaim(claim));
571  break;
572  case DEFAULT_MAX_AGE:
573  newClient.setDefaultMaxAge(claimSet.getIntegerClaim(claim));
574  break;
575  case TOKEN_ENDPOINT_AUTH_SIGNING_ALG:
576  newClient.setTokenEndpointAuthSigningAlg(JWSAlgorithm.parse(claimSet.getStringClaim(claim)));
577  break;
578  case ID_TOKEN_ENCRYPTED_RESPONSE_ENC:
579  newClient.setIdTokenEncryptedResponseEnc(EncryptionMethod.parse(claimSet.getStringClaim(claim)));
580  break;
581  case ID_TOKEN_ENCRYPTED_RESPONSE_ALG:
582  newClient.setIdTokenEncryptedResponseAlg(JWEAlgorithm.parse(claimSet.getStringClaim(claim)));
583  break;
584  case ID_TOKEN_SIGNED_RESPONSE_ALG:
585  newClient.setIdTokenSignedResponseAlg(JWSAlgorithm.parse(claimSet.getStringClaim(claim)));
586  break;
587  case USERINFO_ENCRYPTED_RESPONSE_ENC:
588  newClient.setUserInfoEncryptedResponseEnc(EncryptionMethod.parse(claimSet.getStringClaim(claim)));
589  break;
590  case USERINFO_ENCRYPTED_RESPONSE_ALG:
591  newClient.setUserInfoEncryptedResponseAlg(JWEAlgorithm.parse(claimSet.getStringClaim(claim)));
592  break;
593  case USERINFO_SIGNED_RESPONSE_ALG:
594  newClient.setUserInfoSignedResponseAlg(JWSAlgorithm.parse(claimSet.getStringClaim(claim)));
595  break;
596  case REQUEST_OBJECT_SIGNING_ALG:
597  newClient.setRequestObjectSigningAlg(JWSAlgorithm.parse(claimSet.getStringClaim(claim)));
598  break;
599  case SUBJECT_TYPE:
600  newClient.setSubjectType(SubjectType.getByValue(claimSet.getStringClaim(claim)));
601  break;
602  case SECTOR_IDENTIFIER_URI:
603  newClient.setSectorIdentifierUri(claimSet.getStringClaim(claim));
604  break;
605  case APPLICATION_TYPE:
606  newClient.setApplicationType(AppType.getByValue(claimSet.getStringClaim(claim)));
607  break;
608  case JWKS_URI:
609  newClient.setJwksUri(claimSet.getStringClaim(claim));
610  break;
611  case JWKS:
612  newClient.setJwks(JWKSet.parse(claimSet.getJSONObjectClaim(claim).toJSONString()));
613  break;
614  case POLICY_URI:
615  newClient.setPolicyUri(claimSet.getStringClaim(claim));
616  break;
617  case RESPONSE_TYPES:
618  newClient.setResponseTypes(Sets.newHashSet(claimSet.getStringListClaim(claim)));
619  break;
620  case GRANT_TYPES:
621  newClient.setGrantTypes(Sets.newHashSet(claimSet.getStringListClaim(claim)));
622  break;
623  case SCOPE:
624  newClient.setScope(OAuth2Utils.parseParameterList(claimSet.getStringClaim(claim)));
625  break;
626  case TOKEN_ENDPOINT_AUTH_METHOD:
627  newClient.setTokenEndpointAuthMethod(AuthMethod.getByValue(claimSet.getStringClaim(claim)));
628  break;
629  case TOS_URI:
630  newClient.setTosUri(claimSet.getStringClaim(claim));
631  break;
632  case CONTACTS:
633  newClient.setContacts(Sets.newHashSet(claimSet.getStringListClaim(claim)));
634  break;
635  case LOGO_URI:
636  newClient.setLogoUri(claimSet.getStringClaim(claim));
637  break;
638  case CLIENT_URI:
639  newClient.setClientUri(claimSet.getStringClaim(claim));
640  break;
641  case CLIENT_NAME:
642  newClient.setClientName(claimSet.getStringClaim(claim));
643  break;
644  case REDIRECT_URIS:
645  newClient.setRedirectUris(Sets.newHashSet(claimSet.getStringListClaim(claim)));
646  break;
647  case CLIENT_SECRET:
648  throw new ValidationException("invalid_client_metadata", "Software statement can't contain client secret", HttpStatus.BAD_REQUEST);
649  case CLIENT_ID:
650  throw new ValidationException("invalid_client_metadata", "Software statement can't contain client ID", HttpStatus.BAD_REQUEST);
651 
652  default:
653  logger.warn("Software statement contained unknown field: " + claim + " with value " + claimSet.getClaim(claim));
654  break;
655  }
656  }
657 
658  return newClient;
659  } catch (ParseException e) {
660  throw new ValidationException("invalid_client_metadata", "Software statement claims didn't parse", HttpStatus.BAD_REQUEST);
661  }
662  } else {
663  throw new ValidationException("invalid_client_metadata", "Software statement rejected by validator", HttpStatus.BAD_REQUEST);
664  }
665  } else {
666  // nothing to see here, carry on
667  return newClient;
668  }
669 
670  }
org.mitre.openid.connect.web.ClientAPI.assertionValidator
AssertionValidator assertionValidator
Definition: ClientAPI.java:141
org.mitre.openid.connect.web.ClientAPI.logger
static final Logger logger
Definition: ClientAPI.java:221

メンバ詳解

◆ assertionValidator

AssertionValidator org.mitre.openid.connect.web.ClientAPI.assertionValidator
private

◆ clientLogoLoadingService

ClientLogoLoadingService org.mitre.openid.connect.web.ClientAPI.clientLogoLoadingService
private

◆ clientService

ClientDetailsEntityService org.mitre.openid.connect.web.ClientAPI.clientService
private

◆ gson

Gson org.mitre.openid.connect.web.ClientAPI.gson
private

◆ logger

final Logger org.mitre.openid.connect.web.ClientAPI.logger = LoggerFactory.getLogger(ClientAPI.class)
staticprivate

Logger for this class

◆ parser

JsonParser org.mitre.openid.connect.web.ClientAPI.parser = new JsonParser()
private

◆ URL

final String org.mitre.openid.connect.web.ClientAPI.URL = RootController.API_URL + "/clients"
static
このクラス詳解は次のファイルから抽出されました:
2018年09月27日(木) 21時26分39秒作成 - mitreid-connect / 構成:   doxygen 1.8.13