libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

remove changes from standard OIDC client registration, move constants

Browse source
This commit is contained in:
Áron Bustya 2018-03-19 10:37:01 +01:00 committed by Marek Posolda
parent 57f57f5c75
commit 82ba2b1b0d
7 changed files with 9 additions and 50 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
core/src/main/java/org/keycloak/representations/oidc/OIDCClientRepresentation.java
View file

@ -85,8 +85,6 @@ public class OIDCClientRepresentation {
private String request_object_encryption_alg;
private String request_object_encryption_enc;
private String request_object_required;
private Integer default_max_age;
@ -338,14 +336,6 @@ public class OIDCClientRepresentation {
public void setRequestObjectEncryptionEnc(String request_object_encryption_enc) {
this.request_object_encryption_enc = request_object_encryption_enc;
}
public String getRequestObjectRequired() {
return request_object_required;
}
public void setRequestObjectRequired(String request_object_required) {
this.request_object_required = request_object_required;
}
public Integer getDefaultMaxAge() {
return default_max_age;

3
services/src/main/java/org/keycloak/protocol/oidc/OIDCAdvancedConfigWrapper.java
View file

@ -33,6 +33,9 @@ public class OIDCAdvancedConfigWrapper {
private static final String REQUEST_OBJECT_SIGNATURE_ALG = "request.object.signature.alg";
private static final String REQUEST_OBJECT_REQUIRED = "request.object.required";
public static final String REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI = "request or request_uri";
public static final String REQUEST_OBJECT_REQUIRED_REQUEST = "request only";
public static final String REQUEST_OBJECT_REQUIRED_REQUEST_URI = "request_uri only";
private static final String JWKS_URL = "jwks.url";

5
services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocol.java
View file

@ -92,11 +92,6 @@ public class OIDCLoginProtocol implements LoginProtocol {
public static final String CLIENT_SECRET_POST = "client_secret_post";
public static final String CLIENT_SECRET_JWT = "client_secret_jwt";
public static final String PRIVATE_KEY_JWT = "private_key_jwt";
// Request object requirement options
public static final String REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI = "request or request_uri";
public static final String REQUEST_OBJECT_REQUIRED_REQUEST = "request only";
public static final String REQUEST_OBJECT_REQUIRED_REQUEST_URI = "request_uri only";
// https://tools.ietf.org/html/rfc7636#section-4.3
public static final String CODE_CHALLENGE_PARAM = "code_challenge";

6
services/src/main/java/org/keycloak/protocol/oidc/endpoints/request/AuthorizationEndpointRequestParserProcessor.java
View file

@ -32,9 +32,9 @@ import org.keycloak.services.messages.Messages;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import java.io.InputStream;
import static org.keycloak.protocol.oidc.OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI;
import static org.keycloak.protocol.oidc.OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST;
import static org.keycloak.protocol.oidc.OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST_URI;
import static org.keycloak.protocol.oidc.OIDCAdvancedConfigWrapper.REQUEST_OBJECT_REQUIRED_REQUEST;
import static org.keycloak.protocol.oidc.OIDCAdvancedConfigWrapper.REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI;
import static org.keycloak.protocol.oidc.OIDCAdvancedConfigWrapper.REQUEST_OBJECT_REQUIRED_REQUEST_URI;
/**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>

15
services/src/main/java/org/keycloak/services/clientregistration/oidc/DescriptionConverter.java
View file

@ -48,7 +48,6 @@ import java.io.IOException;
import java.net.URI;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Set;
@ -116,17 +115,6 @@ public class DescriptionConverter {
configWrapper.setRequestObjectSignatureAlg(algorithm);
}
if (clientOIDC.getRequestObjectRequired() != null) {
String requestObjectRequired = clientOIDC.getRequestObjectRequired();
if (Arrays.asList(
OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI,
OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST,
OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST_URI)
.contains(requestObjectRequired)) {
configWrapper.setRequestObjectRequired(requestObjectRequired);
}
}
return client;
}
@ -197,9 +185,6 @@ public class DescriptionConverter {
if (config.getRequestObjectSignatureAlg() != null) {
response.setRequestObjectSigningAlg(config.getRequestObjectSignatureAlg().toString());
}
if (config.getRequestObjectRequired() != null) {
response.setRequestObjectRequired(config.getRequestObjectRequired());
}
if (config.isUseJwksUrl()) {
response.setJwksUri(config.getJwksUrl());
}

14
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/OIDCClientRegistrationTest.java
View file

@ -200,20 +200,6 @@ public class OIDCClientRegistrationTest extends AbstractClientRegistrationTest {
Assert.assertEquals(config.getUserInfoSignedResponseAlg(), Algorithm.RS256);
Assert.assertEquals(config.getRequestObjectSignatureAlg(), Algorithm.RS256);
}
@Test
public void testRequestObjectRequired() throws Exception {
OIDCClientRepresentation clientRep = createRep();
clientRep.setRequestObjectRequired(OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI);
OIDCClientRepresentation response = reg.oidc().create(clientRep);
Assert.assertEquals(OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI, response.getRequestObjectRequired());
// Test Keycloak representation
ClientRepresentation kcClient = getClient(response.getClientId());
OIDCAdvancedConfigWrapper config = OIDCAdvancedConfigWrapper.fromClientRepresentation(kcClient);
Assert.assertEquals(OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI, config.getRequestObjectRequired());
}
@Test
public void createClientImplicitFlow() throws ClientRegistrationException {

6
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oidc/OIDCAdvancedRequestParamsTest.java
View file

@ -71,9 +71,9 @@ import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import static org.keycloak.protocol.oidc.OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI;
import static org.keycloak.protocol.oidc.OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST;
import static org.keycloak.protocol.oidc.OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST_URI;
import static org.keycloak.protocol.oidc.OIDCAdvancedConfigWrapper.REQUEST_OBJECT_REQUIRED_REQUEST;
import static org.keycloak.protocol.oidc.OIDCAdvancedConfigWrapper.REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI;
import static org.keycloak.protocol.oidc.OIDCAdvancedConfigWrapper.REQUEST_OBJECT_REQUIRED_REQUEST_URI;
/**
* Test for supporting advanced parameters of OIDC specs (max_age, prompt, ...)