org.mitre.openid.connect.view.UserInfoView クラス

org.mitre.openid.connect.view.UserInfoView の継承関係図

org.mitre.openid.connect.view.UserInfoView 連携図

静的公開変数類
static final String	REQUESTED_CLAIMS = "requestedClaims"
static final String	AUTHORIZED_CLAIMS = "authorizedClaims"
static final String	SCOPE = "scope"
static final String	USER_INFO = "userInfo"
static final String	VIEWNAME = "userInfoView"

限定公開メンバ関数
void	renderMergedOutputModel (Map< String, Object > model, HttpServletRequest request, HttpServletResponse response)
void	writeOut (JsonObject json, Map< String, Object > model, HttpServletRequest request, HttpServletResponse response)

限定公開変数類
Gson	gson

非公開メンバ関数
JsonObject	toJsonFromRequestObj (UserInfo ui, Set< String > scope, JsonObject authorizedClaims, JsonObject requestedClaims)
Set< String >	extractUserInfoClaimsIntoSet (JsonObject claims)

非公開変数類
ScopeClaimTranslationService	translator

静的非公開変数類
static JsonParser	jsonParser = new JsonParser()
static final Logger	logger = LoggerFactory.getLogger(UserInfoView.class)

詳解

関数詳解

extractUserInfoClaimsIntoSet()

Set<String> org.mitre.openid.connect.view.UserInfoView.extractUserInfoClaimsIntoSet ( JsonObject  claims )

inlineprivate

Pull the claims that have been targeted into a set for processing. Returns an empty set if the input is null.

引数

claims

the claims request to process

                                                                            {
                Set<String> target = new HashSet<>();
                if (claims != null) {
                        JsonObject userinfoAuthorized = claims.getAsJsonObject("userinfo");
                        if (userinfoAuthorized != null) {
                                for (Entry<String, JsonElement> entry : userinfoAuthorized.entrySet()) {
                                        target.add(entry.getKey());
                                }
                        }
                }
                return target;
        }

renderMergedOutputModel()

void org.mitre.openid.connect.view.UserInfoView.renderMergedOutputModel ( Map< String, Object >  model, HttpServletRequest  request, HttpServletResponse  response  )

inlineprotected

                                                                                                                                    {

                UserInfo userInfo = (UserInfo) model.get(USER_INFO);

                Set<String> scope = (Set<String>) model.get(SCOPE);

                response.setContentType(MediaType.APPLICATION_JSON_VALUE);
                response.setCharacterEncoding("UTF-8");


                JsonObject authorizedClaims = null;
                JsonObject requestedClaims = null;
                if (model.get(AUTHORIZED_CLAIMS) != null) {
                        authorizedClaims = jsonParser.parse((String) model.get(AUTHORIZED_CLAIMS)).getAsJsonObject();
                }
                if (model.get(REQUESTED_CLAIMS) != null) {
                        requestedClaims = jsonParser.parse((String) model.get(REQUESTED_CLAIMS)).getAsJsonObject();
                }
                JsonObject json = toJsonFromRequestObj(userInfo, scope, authorizedClaims, requestedClaims);

                writeOut(json, model, request, response);
        }

toJsonFromRequestObj()

JsonObject org.mitre.openid.connect.view.UserInfoView.toJsonFromRequestObj ( UserInfo  ui, Set< String >  scope, JsonObject  authorizedClaims, JsonObject  requestedClaims  )

inlineprivate

Build a JSON response according to the request object received.

Claims requested in requestObj.userinfo.claims are added to any claims corresponding to requested scopes, if any.

引数

ui	the UserInfo to filter
scope	the allowed scopes to filter by
authorizedClaims	the claims authorized by the client or user
requestedClaims	the claims requested in the RequestObject

戻り値

the filtered JsonObject result

                                                                                                                                         {

                // get the base object
                JsonObject obj = ui.toJson();

                Set<String> allowedByScope = translator.getClaimsForScopeSet(scope);
                Set<String> authorizedByClaims = extractUserInfoClaimsIntoSet(authorizedClaims);
                Set<String> requestedByClaims = extractUserInfoClaimsIntoSet(requestedClaims);

                // Filter claims by performing a manual intersection of claims that are allowed by the given scope, requested, and authorized.
                // We cannot use Sets.intersection() or similar because Entry<> objects will evaluate to being unequal if their values are
                // different, whereas we are only interested in matching the Entry<>'s key values.
                JsonObject result = new JsonObject();
                for (Entry<String, JsonElement> entry : obj.entrySet()) {

                        if (allowedByScope.contains(entry.getKey())
                                        || authorizedByClaims.contains(entry.getKey())) {
                                // it's allowed either by scope or by the authorized claims (either way is fine with us)

                                if (requestedByClaims.isEmpty() || requestedByClaims.contains(entry.getKey())) {
                                        // the requested claims are empty (so we allow all), or they're not empty and this claim was specifically asked for
                                        result.add(entry.getKey(), entry.getValue());
                                } // otherwise there were specific claims requested and this wasn't one of them
                        }
                }

                return result;
        }

writeOut()

void org.mitre.openid.connect.view.UserInfoView.writeOut ( JsonObject  json, Map< String, Object >  model, HttpServletRequest  request, HttpServletResponse  response  )

inlineprotected

                                                                                                                                      {
                try {
                        Writer out = response.getWriter();
                        gson.toJson(json, out);
                } catch (IOException e) {

                        logger.error("IOException in UserInfoView.java: ", e);

                }

        }

メンバ詳解

AUTHORIZED_CLAIMS

final String org.mitre.openid.connect.view.UserInfoView.AUTHORIZED_CLAIMS = "authorizedClaims"

static

gson

Gson org.mitre.openid.connect.view.UserInfoView.gson

protected

初期値:

= new GsonBuilder().setExclusionStrategies(new ExclusionStrategy() {

                @Override
                public boolean shouldSkipField(FieldAttributes f) {

                        return false;
                }

                @Override
                public boolean shouldSkipClass(Class<?> clazz) {
                        
                        if (clazz.equals(BeanPropertyBindingResult.class)) {
                                return true;
                        }
                        return false;
                }

        }).create()

jsonParser

JsonParser org.mitre.openid.connect.view.UserInfoView.jsonParser = new JsonParser()

staticprivate

logger

final Logger org.mitre.openid.connect.view.UserInfoView.logger = LoggerFactory.getLogger(UserInfoView.class)

staticprivate

Logger for this class

REQUESTED_CLAIMS

final String org.mitre.openid.connect.view.UserInfoView.REQUESTED_CLAIMS = "requestedClaims"

static

SCOPE

final String org.mitre.openid.connect.view.UserInfoView.SCOPE = "scope"

static

translator

ScopeClaimTranslationService org.mitre.openid.connect.view.UserInfoView.translator

private

USER_INFO

final String org.mitre.openid.connect.view.UserInfoView.USER_INFO = "userInfo"

static

VIEWNAME

final String org.mitre.openid.connect.view.UserInfoView.VIEWNAME = "userInfoView"

static

---

このクラス詳解は次のファイルから抽出されました:

• D:/AppData/OpenId/mitreid-connect/src/openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java