remove changes from standard OIDC client registration, move constants

This commit is contained in:
Áron Bustya 2018-03-19 10:37:01 +01:00 committed by Marek Posolda
parent 57f57f5c75
commit 82ba2b1b0d
7 changed files with 9 additions and 50 deletions

View file

@ -86,8 +86,6 @@ public class OIDCClientRepresentation {
private String request_object_encryption_enc; private String request_object_encryption_enc;
private String request_object_required;
private Integer default_max_age; private Integer default_max_age;
private Boolean require_auth_time; private Boolean require_auth_time;
@ -339,14 +337,6 @@ public class OIDCClientRepresentation {
this.request_object_encryption_enc = request_object_encryption_enc; this.request_object_encryption_enc = request_object_encryption_enc;
} }
public String getRequestObjectRequired() {
return request_object_required;
}
public void setRequestObjectRequired(String request_object_required) {
this.request_object_required = request_object_required;
}
public Integer getDefaultMaxAge() { public Integer getDefaultMaxAge() {
return default_max_age; return default_max_age;
} }

View file

@ -33,6 +33,9 @@ public class OIDCAdvancedConfigWrapper {
private static final String REQUEST_OBJECT_SIGNATURE_ALG = "request.object.signature.alg"; private static final String REQUEST_OBJECT_SIGNATURE_ALG = "request.object.signature.alg";
private static final String REQUEST_OBJECT_REQUIRED = "request.object.required"; private static final String REQUEST_OBJECT_REQUIRED = "request.object.required";
public static final String REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI = "request or request_uri";
public static final String REQUEST_OBJECT_REQUIRED_REQUEST = "request only";
public static final String REQUEST_OBJECT_REQUIRED_REQUEST_URI = "request_uri only";
private static final String JWKS_URL = "jwks.url"; private static final String JWKS_URL = "jwks.url";

View file

@ -93,11 +93,6 @@ public class OIDCLoginProtocol implements LoginProtocol {
public static final String CLIENT_SECRET_JWT = "client_secret_jwt"; public static final String CLIENT_SECRET_JWT = "client_secret_jwt";
public static final String PRIVATE_KEY_JWT = "private_key_jwt"; public static final String PRIVATE_KEY_JWT = "private_key_jwt";
// Request object requirement options
public static final String REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI = "request or request_uri";
public static final String REQUEST_OBJECT_REQUIRED_REQUEST = "request only";
public static final String REQUEST_OBJECT_REQUIRED_REQUEST_URI = "request_uri only";
// https://tools.ietf.org/html/rfc7636#section-4.3 // https://tools.ietf.org/html/rfc7636#section-4.3
public static final String CODE_CHALLENGE_PARAM = "code_challenge"; public static final String CODE_CHALLENGE_PARAM = "code_challenge";
public static final String CODE_CHALLENGE_METHOD_PARAM = "code_challenge_method"; public static final String CODE_CHALLENGE_METHOD_PARAM = "code_challenge_method";

View file

@ -32,9 +32,9 @@ import org.keycloak.services.messages.Messages;
import javax.ws.rs.core.MultivaluedMap; import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response; import javax.ws.rs.core.Response;
import java.io.InputStream; import java.io.InputStream;
import static org.keycloak.protocol.oidc.OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI; import static org.keycloak.protocol.oidc.OIDCAdvancedConfigWrapper.REQUEST_OBJECT_REQUIRED_REQUEST;
import static org.keycloak.protocol.oidc.OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST; import static org.keycloak.protocol.oidc.OIDCAdvancedConfigWrapper.REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI;
import static org.keycloak.protocol.oidc.OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST_URI; import static org.keycloak.protocol.oidc.OIDCAdvancedConfigWrapper.REQUEST_OBJECT_REQUIRED_REQUEST_URI;
/** /**
* @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a> * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>

View file

@ -48,7 +48,6 @@ import java.io.IOException;
import java.net.URI; import java.net.URI;
import java.security.PublicKey; import java.security.PublicKey;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections; import java.util.Collections;
import java.util.List; import java.util.List;
import java.util.Set; import java.util.Set;
@ -116,17 +115,6 @@ public class DescriptionConverter {
configWrapper.setRequestObjectSignatureAlg(algorithm); configWrapper.setRequestObjectSignatureAlg(algorithm);
} }
if (clientOIDC.getRequestObjectRequired() != null) {
String requestObjectRequired = clientOIDC.getRequestObjectRequired();
if (Arrays.asList(
OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI,
OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST,
OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST_URI)
.contains(requestObjectRequired)) {
configWrapper.setRequestObjectRequired(requestObjectRequired);
}
}
return client; return client;
} }
@ -197,9 +185,6 @@ public class DescriptionConverter {
if (config.getRequestObjectSignatureAlg() != null) { if (config.getRequestObjectSignatureAlg() != null) {
response.setRequestObjectSigningAlg(config.getRequestObjectSignatureAlg().toString()); response.setRequestObjectSigningAlg(config.getRequestObjectSignatureAlg().toString());
} }
if (config.getRequestObjectRequired() != null) {
response.setRequestObjectRequired(config.getRequestObjectRequired());
}
if (config.isUseJwksUrl()) { if (config.isUseJwksUrl()) {
response.setJwksUri(config.getJwksUrl()); response.setJwksUri(config.getJwksUrl());
} }

View file

@ -201,20 +201,6 @@ public class OIDCClientRegistrationTest extends AbstractClientRegistrationTest {
Assert.assertEquals(config.getRequestObjectSignatureAlg(), Algorithm.RS256); Assert.assertEquals(config.getRequestObjectSignatureAlg(), Algorithm.RS256);
} }
@Test
public void testRequestObjectRequired() throws Exception {
OIDCClientRepresentation clientRep = createRep();
clientRep.setRequestObjectRequired(OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI);
OIDCClientRepresentation response = reg.oidc().create(clientRep);
Assert.assertEquals(OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI, response.getRequestObjectRequired());
// Test Keycloak representation
ClientRepresentation kcClient = getClient(response.getClientId());
OIDCAdvancedConfigWrapper config = OIDCAdvancedConfigWrapper.fromClientRepresentation(kcClient);
Assert.assertEquals(OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI, config.getRequestObjectRequired());
}
@Test @Test
public void createClientImplicitFlow() throws ClientRegistrationException { public void createClientImplicitFlow() throws ClientRegistrationException {
OIDCClientRepresentation clientRep = createRep(); OIDCClientRepresentation clientRep = createRep();

View file

@ -71,9 +71,9 @@ import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue; import static org.junit.Assert.assertTrue;
import static org.keycloak.protocol.oidc.OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI; import static org.keycloak.protocol.oidc.OIDCAdvancedConfigWrapper.REQUEST_OBJECT_REQUIRED_REQUEST;
import static org.keycloak.protocol.oidc.OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST; import static org.keycloak.protocol.oidc.OIDCAdvancedConfigWrapper.REQUEST_OBJECT_REQUIRED_REQUEST_OR_REQUEST_URI;
import static org.keycloak.protocol.oidc.OIDCLoginProtocol.REQUEST_OBJECT_REQUIRED_REQUEST_URI; import static org.keycloak.protocol.oidc.OIDCAdvancedConfigWrapper.REQUEST_OBJECT_REQUIRED_REQUEST_URI;
/** /**
* Test for supporting advanced parameters of OIDC specs (max_age, prompt, ...) * Test for supporting advanced parameters of OIDC specs (max_age, prompt, ...)