Skip to content

Commit

Permalink
add jwksUri and tokenEndpointAuthenticationMethod parameters for OIDC…
Browse files Browse the repository at this point in the history 
… client applications
  • Loading branch information
@SamuelGaro
SamuelGaro committed Nov 10, 2023
1 parent a56b3cb commit 6e6bc20
Show file tree
Hide file tree
Showing 12 changed files with 91 additions and 1 deletion.
12 changes: 12 additions & 0 deletions ...rc/main/java/org/apache/syncope/client/console/clientapps/ClientAppModalPanelBuilder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -359,6 +359,18 @@ protected Iterator<String> getChoices(final String input) {
jwks.setNewModel(new PropertyModel<>(clientAppTO, "jwks"));
}
fields.add(jwks);

AjaxTextFieldPanel jwksUri = new AjaxTextFieldPanel(
"field", "jwksUri", new PropertyModel<>(clientAppTO, "jwksUri"), false);
jwksUri.addValidator(new UrlValidator());
fields.add(jwksUri);

AjaxTextFieldPanel tokenEndpointAuthenticationMethod = new AjaxTextFieldPanel(
"field",
"tokenEndpointAuthenticationMethod",
new PropertyModel<>(clientAppTO, "tokenEndpointAuthenticationMethod"),
false);
fields.add(tokenEndpointAuthenticationMethod);
break;

case SAML2SP:
Expand Down
2 changes: 2 additions & 0 deletions ...resources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel.properties
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,3 +68,5 @@ ticketExpirationPolicy=Ticket Expiration Policy
auditHistory.title=Configuration history
logoutType=Logout Type
jwks=JWKS
jwksUri=JWKS URI
tokenEndpointAuthenticationMethod=Token Endpoint Authentication Method
2 changes: 2 additions & 0 deletions ...ces/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_fr_CA.properties
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,3 +68,5 @@ ticketExpirationPolicy=Ticket Expiration Policy
auditHistory.title=Historique de configuration
logoutType=Logout Type
jwks=JWKS
jwksUri=JWKS URI
tokenEndpointAuthenticationMethod=Token Endpoint Authentication Method
2 changes: 2 additions & 0 deletions ...ources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_it.properties
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,3 +68,5 @@ ticketExpirationPolicy=Politica Ticket Expiration
auditHistory.title=Storico delle configurazioni
logoutType=Tipo Logout
jwks=JWKS
jwksUri=JWKS URI
tokenEndpointAuthenticationMethod=Metodo di autenticazione dell'endpoint token
2 changes: 2 additions & 0 deletions ...ources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_ja.properties
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,3 +68,5 @@ ticketExpirationPolicy=Ticket Expiration Policy
auditHistory.title=\u8a2d\u5b9a\u5c65\u6b74
logoutType=Logout Type
jwks=JWKS
jwksUri=JWKS URI
tokenEndpointAuthenticationMethod=Token Endpoint Authentication Method
2 changes: 2 additions & 0 deletions ...ces/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_pt_BR.properties
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,3 +68,5 @@ ticketExpirationPolicy=Ticket Expiration Policy
auditHistory.title=Hist\u00f3rico de configura\u00e7\u00e3o
logoutType=Logout Type
jwks=JWKS
jwksUri=JWKS URI
tokenEndpointAuthenticationMethod=Token Endpoint Authentication Method
2 changes: 2 additions & 0 deletions ...ources/org/apache/syncope/client/console/clientapps/ClientAppDirectoryPanel_ru.properties
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,3 +69,5 @@ ticketExpirationPolicy=Ticket Expiration Policy
auditHistory.title=\u0418\u0441\u0442\u043e\u0440\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438
logoutType=Logout Type
jwks=JWKS
jwksUri=JWKS URI
tokenEndpointAuthenticationMethod=Token Endpoint Authentication Method
24 changes: 24 additions & 0 deletions common/am/lib/src/main/java/org/apache/syncope/common/lib/to/OIDCRPClientAppTO.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,10 @@ public class OIDCRPClientAppTO extends ClientAppTO {

private String jwks;

private String jwksUri;

private String tokenEndpointAuthenticationMethod = "client_secret_basic";

@JacksonXmlProperty(localName = "_class", isAttribute = true)
@JsonProperty("_class")
@Schema(name = "_class", requiredMode = Schema.RequiredMode.REQUIRED,
Expand Down Expand Up @@ -156,6 +160,22 @@ public void setJwks(final String jwks) {
this.jwks = jwks;
}

public String getJwksUri() {
return jwksUri;
}

public void setJwksUri(final String jwksUri) {
this.jwksUri = jwksUri;
}

public String getTokenEndpointAuthenticationMethod() {
return tokenEndpointAuthenticationMethod;
}

public void setTokenEndpointAuthenticationMethod(final String tokenEndpointAuthenticationMethod) {
this.tokenEndpointAuthenticationMethod = tokenEndpointAuthenticationMethod;
}

@Override
public boolean equals(final Object obj) {
if (obj == null) {
Expand All @@ -182,6 +202,8 @@ public boolean equals(final Object obj) {
.append(this.scopes, rhs.scopes)
.append(this.bypassApprovalPrompt, rhs.bypassApprovalPrompt)
.append(this.jwks, rhs.jwks)
.append(this.jwksUri, rhs.jwksUri)
.append(this.tokenEndpointAuthenticationMethod, rhs.tokenEndpointAuthenticationMethod)
.isEquals();
}

Expand All @@ -201,6 +223,8 @@ public int hashCode() {
.append(scopes)
.append(bypassApprovalPrompt)
.append(jwks)
.append(jwksUri)
.append(tokenEndpointAuthenticationMethod)
.toHashCode();
}
}
8 changes: 8 additions & 0 deletions ...-api/src/main/java/org/apache/syncope/core/persistence/api/entity/am/OIDCRPClientApp.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,4 +64,12 @@ public interface OIDCRPClientApp extends ClientApp {
String getJwks();

void setJwks(String jwks);

String getJwksUri();

void setJwksUri(String jwksUri);

String getTokenEndpointAuthenticationMethod();

void setTokenEndpointAuthenticationMethod(String tokenEndpointAuthenticationMethod);
}
24 changes: 24 additions & 0 deletions ...a/src/main/java/org/apache/syncope/core/persistence/jpa/entity/am/JPAOIDCRPClientApp.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,10 @@ public class JPAOIDCRPClientApp extends AbstractClientApp implements OIDCRPClien
@Lob
private String jwks;

private String jwksUri;

private String tokenEndpointAuthenticationMethod;

@Override
public Set<String> getRedirectUris() {
return redirectUrisSet;
Expand Down Expand Up @@ -205,6 +209,26 @@ public void setJwks(final String jwks) {
this.jwks = jwks;
}

@Override
public String getJwksUri() {
return jwksUri;
}

@Override
public void setJwksUri(final String jwksUri) {
this.jwksUri = jwksUri;
}

@Override
public String getTokenEndpointAuthenticationMethod() {
return tokenEndpointAuthenticationMethod;
}

@Override
public void setTokenEndpointAuthenticationMethod(final String tokenEndpointAuthenticationMethod) {
this.tokenEndpointAuthenticationMethod = tokenEndpointAuthenticationMethod;
}

protected void json2list(final boolean clearFirst) {
if (clearFirst) {
getRedirectUris().clear();
Expand Down
4 changes: 4 additions & 0 deletions ...src/main/java/org/apache/syncope/core/provisioning/java/data/ClientAppDataBinderImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -238,6 +238,8 @@ protected void doUpdate(final OIDCRPClientApp clientApp, final OIDCRPClientAppTO
clientApp.getScopes().addAll(clientAppTO.getScopes());
clientApp.setLogoutUri(clientAppTO.getLogoutUri());
clientApp.setJwks(clientAppTO.getJwks());
clientApp.setJwksUri(clientAppTO.getJwksUri());
clientApp.setTokenEndpointAuthenticationMethod(clientAppTO.getTokenEndpointAuthenticationMethod());
}

protected OIDCRPClientAppTO getOIDCClientAppTO(final OIDCRPClientApp clientApp) {
Expand All @@ -256,6 +258,8 @@ protected OIDCRPClientAppTO getOIDCClientAppTO(final OIDCRPClientApp clientApp)
clientAppTO.setJwtAccessToken(clientApp.isJwtAccessToken());
clientAppTO.setBypassApprovalPrompt(clientApp.isBypassApprovalPrompt());
clientAppTO.setJwks(clientApp.getJwks());
clientAppTO.setJwksUri(clientApp.getJwksUri());
clientAppTO.setTokenEndpointAuthenticationMethod(clientApp.getTokenEndpointAuthenticationMethod());

return clientAppTO;
}
Expand Down
8 changes: 7 additions & 1 deletion wa/starter/src/main/java/org/apache/syncope/wa/starter/mapping/OIDCRPClientAppTOMapper.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils;
import org.apache.syncope.common.lib.OIDCScopeConstants;
import org.apache.syncope.common.lib.to.ClientAppTO;
import org.apache.syncope.common.lib.to.OIDCRPClientAppTO;
Expand Down Expand Up @@ -83,13 +84,18 @@ public RegisteredService map(
}
service.setJwtAccessToken(rp.isJwtAccessToken());
service.setBypassApprovalPrompt(rp.isBypassApprovalPrompt());
service.setJwks(rp.getJwks());
if (StringUtils.isNotBlank(rp.getJwksUri())) {
service.setJwks(rp.getJwksUri());
} else {
service.setJwks(rp.getJwks());
}
service.setSupportedGrantTypes(rp.getSupportedGrantTypes().stream().
map(OIDCGrantType::name).collect(Collectors.toSet()));
service.setSupportedResponseTypes(rp.getSupportedResponseTypes().stream().
map(OIDCResponseType::getExternalForm).collect(Collectors.toSet()));
Optional.ofNullable(rp.getSubjectType()).ifPresent(st -> service.setSubjectType(st.name()));
service.setLogoutUrl(rp.getLogoutUri());
service.setTokenEndpointAuthenticationMethod(rp.getTokenEndpointAuthenticationMethod());

service.setScopes(new HashSet<>(rp.getScopes()));

Expand Down

0 comments on commit 6e6bc20

Please sign in to comment.