-
Notifications
You must be signed in to change notification settings - Fork 827
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'develop' into feature/alias-id-and-alias-zid-for-users
- Loading branch information
Showing
627 changed files
with
25,465 additions
and
2,016 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
4 changes: 2 additions & 2 deletions
4
model/src/main/java/org/cloudfoundry/identity/uaa/client/InMemoryClientDetailsService.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
55 changes: 55 additions & 0 deletions
55
model/src/main/java/org/cloudfoundry/identity/uaa/constants/ClientAuthentication.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
package org.cloudfoundry.identity.uaa.constants; | ||
|
||
import java.util.List; | ||
import java.util.Objects; | ||
import java.util.Optional; | ||
|
||
/** | ||
* ClientAuthentication constants are defined in OIDC core and discovery standard, e.g. https://openid.net/specs/openid-connect-registration-1_0.html | ||
* OIDC possible values are: client_secret_post, client_secret_basic, client_secret_jwt, private_key_jwt, and none | ||
* UAA knows only: client_secret_post, client_secret_basic, private_key_jwt, and none | ||
* | ||
* Planned: tls_client_auth | ||
*/ | ||
public final class ClientAuthentication { | ||
|
||
private ClientAuthentication() {} | ||
|
||
public static final String CLIENT_SECRET_BASIC = "client_secret_basic"; | ||
public static final String CLIENT_SECRET_POST = "client_secret_post"; | ||
public static final String PRIVATE_KEY_JWT = "private_key_jwt"; | ||
public static final String NONE = "none"; | ||
|
||
public static final List<String> UAA_SUPPORTED_METHODS = List.of(CLIENT_SECRET_BASIC, CLIENT_SECRET_POST, NONE, PRIVATE_KEY_JWT); | ||
|
||
public static boolean secretNeeded(String method) { | ||
return method == null || CLIENT_SECRET_POST.equals(method) || CLIENT_SECRET_BASIC.equals(method); | ||
} | ||
|
||
public static boolean isMethodSupported(String method) { | ||
return Optional.ofNullable(method).map(UAA_SUPPORTED_METHODS::contains).orElse(true); | ||
} | ||
|
||
public static boolean isValidMethod(String method, boolean hasSecret, boolean hasKeyConfiguration) { | ||
return (isMethodSupported(method) && secretNeeded(method) && hasSecret && !hasKeyConfiguration || | ||
isMethodSupported(method) && !secretNeeded(method) && !hasSecret || | ||
(method == null && (!hasSecret || !hasKeyConfiguration))); | ||
} | ||
|
||
public static boolean isAuthMethodEqual(String method1, String method2) { | ||
return secretNeeded(method1) && secretNeeded(method2) || Objects.equals(method1, method2); | ||
} | ||
|
||
public static String getCalculatedMethod(String method, boolean hasSecret, boolean hasKeyConfiguration) { | ||
if (method != null && isMethodSupported(method)) { | ||
return method; | ||
} else { | ||
if (hasSecret) { | ||
return CLIENT_SECRET_BASIC; | ||
} else if (hasKeyConfiguration) { | ||
return PRIVATE_KEY_JWT; | ||
} else | ||
return NONE; | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
64 changes: 64 additions & 0 deletions
64
.../src/main/java/org/cloudfoundry/identity/uaa/oauth/client/DefaultOAuth2ClientContext.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
package org.cloudfoundry.identity.uaa.oauth.client; | ||
|
||
import org.cloudfoundry.identity.uaa.oauth.common.OAuth2AccessToken; | ||
import org.cloudfoundry.identity.uaa.oauth.token.AccessTokenRequest; | ||
import org.cloudfoundry.identity.uaa.oauth.token.DefaultAccessTokenRequest; | ||
|
||
import java.io.Serializable; | ||
import java.util.Map; | ||
import java.util.concurrent.ConcurrentHashMap; | ||
|
||
/** | ||
* Moved class implementation of from spring-security-oauth2 into UAA | ||
* | ||
* The class was taken over from the legacy project with minor refactorings | ||
* based on sonar. | ||
* | ||
* Scope: OAuth2 client | ||
*/ | ||
public class DefaultOAuth2ClientContext implements OAuth2ClientContext, Serializable { | ||
|
||
private static final long serialVersionUID = 7301862963115789109L; | ||
|
||
private transient OAuth2AccessToken accessToken; | ||
|
||
private transient AccessTokenRequest accessTokenRequest; | ||
|
||
private transient Map<String, Object> state = new ConcurrentHashMap<>(); | ||
|
||
public DefaultOAuth2ClientContext() { | ||
this(new DefaultAccessTokenRequest()); | ||
} | ||
|
||
public DefaultOAuth2ClientContext(AccessTokenRequest accessTokenRequest) { | ||
this.accessTokenRequest = accessTokenRequest; | ||
} | ||
|
||
public DefaultOAuth2ClientContext(OAuth2AccessToken accessToken) { | ||
this.accessToken = accessToken; | ||
this.accessTokenRequest = new DefaultAccessTokenRequest(); | ||
} | ||
|
||
public OAuth2AccessToken getAccessToken() { | ||
return accessToken; | ||
} | ||
|
||
public void setAccessToken(OAuth2AccessToken accessToken) { | ||
this.accessToken = accessToken; | ||
this.accessTokenRequest.setExistingToken(accessToken); | ||
} | ||
|
||
public AccessTokenRequest getAccessTokenRequest() { | ||
return accessTokenRequest; | ||
} | ||
|
||
public void setPreservedState(String stateKey, Object preservedState) { | ||
state.clear(); | ||
state.put(stateKey, preservedState); | ||
} | ||
|
||
public Object removePreservedState(String stateKey) { | ||
return state.remove(stateKey); | ||
} | ||
|
||
} |
Oops, something went wrong.