Skip to content

Commit

Permalink
fix(jans-auth-server): wrong userinfo_encryption_enc_values_supported…
Browse files Browse the repository at this point in the history
… in OpenID Configuration #2725 (#2951)
  • Loading branch information
yuriyz authored Nov 10, 2022
1 parent ac92fa1 commit bc1a8ca
Show file tree
Hide file tree
Showing 3 changed files with 25 additions and 66 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -362,6 +362,9 @@ public static Map<String, Serializable> toSerializableMap(Map<String, Object> ma
}

public static void putArray(JSONObject jsonObj, List<String> list, String key) {
if (list == null || list.isEmpty()) {
return;
}
JSONArray jsonArray = new JSONArray();
for (String alg : list) {
jsonArray.put(alg);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,14 @@

public class UtilTest extends BaseTest {

@Test
public void putArray_whenListIsNull_shouldNotFail() {
JSONObject json = new JSONObject();
Util.putArray(json, null, "key");

assertNull(json.optJSONArray("key"));
}

@Test
public void putArray_whenListIsNotEmpty_shouldAddArray() {
JSONObject json = new JSONObject();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,7 @@
package io.jans.as.server.servlet;

import io.jans.as.common.service.AttributeService;
import io.jans.as.model.common.FeatureFlagType;
import io.jans.as.model.common.GrantType;
import io.jans.as.model.common.ResponseMode;
import io.jans.as.model.common.ResponseType;
import io.jans.as.model.common.ScopeType;
import io.jans.as.model.common.*;
import io.jans.as.model.configuration.AppConfiguration;
import io.jans.as.model.util.Util;
import io.jans.as.persistence.model.Scope;
Expand All @@ -25,16 +21,15 @@
import io.jans.as.server.service.external.ExternalDynamicScopeService;
import io.jans.as.server.util.ServerUtil;
import io.jans.model.GluuAttribute;
import org.apache.commons.lang.StringUtils;
import org.json.JSONArray;
import org.json.JSONObject;
import org.slf4j.Logger;

import jakarta.inject.Inject;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.json.JSONArray;
import org.json.JSONObject;
import org.slf4j.Logger;

import java.io.IOException;
import java.io.PrintWriter;
Expand Down Expand Up @@ -162,75 +157,32 @@ protected void processRequest(HttpServletRequest servletRequest, HttpServletResp
Util.putArray(jsonObj, listGrantTypesSupported, GRANT_TYPES_SUPPORTED);
}

JSONArray acrValuesSupported = new JSONArray();
for (String acr : externalAuthenticationService.getAcrValuesList()) {
acrValuesSupported.put(acr);
}
jsonObj.put(ACR_VALUES_SUPPORTED, acrValuesSupported);
jsonObj.put(AUTH_LEVEL_MAPPING, createAuthLevelMapping());

Util.putArray(jsonObj, appConfiguration.getSubjectTypesSupported(), SUBJECT_TYPES_SUPPORTED);

JSONArray authorizationSigningAlgValuesSupported = new JSONArray();
for (String authorizationSigningAlg : appConfiguration.getAuthorizationSigningAlgValuesSupported()) {
authorizationSigningAlgValuesSupported.put(authorizationSigningAlg);
}
if (!authorizationSigningAlgValuesSupported.isEmpty()) {
jsonObj.put(AUTHORIZATION_SIGNING_ALG_VALUES_SUPPORTED, authorizationSigningAlgValuesSupported);
}
Util.putArray(jsonObj, externalAuthenticationService.getAcrValuesList(), ACR_VALUES_SUPPORTED);

JSONArray authorizationEncryptionAlgValuesSupported = new JSONArray();
for (String authorizationEncryptionAlg : appConfiguration.getAuthorizationEncryptionAlgValuesSupported()) {
authorizationEncryptionAlgValuesSupported.put(authorizationEncryptionAlg);
}
if (!authorizationEncryptionAlgValuesSupported.isEmpty()) {
jsonObj.put(AUTHORIZATION_ENCRYPTION_ALG_VALUES_SUPPORTED, authorizationEncryptionAlgValuesSupported);
}
Util.putArray(jsonObj, appConfiguration.getSubjectTypesSupported(), SUBJECT_TYPES_SUPPORTED);

JSONArray authorizationEncryptionEncValuesSupported = new JSONArray();
for (String authorizationEncyptionEnc : appConfiguration.getAuthorizationEncryptionEncValuesSupported()) {
authorizationEncryptionEncValuesSupported.put(authorizationEncyptionEnc);
}
if (!authorizationEncryptionEncValuesSupported.isEmpty()) {
jsonObj.put(AUTHORIZATION_ENCRYPTION_ENC_VALUES_SUPPORTED, authorizationEncryptionEncValuesSupported);
}
Util.putArray(jsonObj, appConfiguration.getAuthorizationSigningAlgValuesSupported(), AUTHORIZATION_SIGNING_ALG_VALUES_SUPPORTED);
Util.putArray(jsonObj, appConfiguration.getAuthorizationEncryptionAlgValuesSupported(), AUTHORIZATION_ENCRYPTION_ALG_VALUES_SUPPORTED);
Util.putArray(jsonObj, appConfiguration.getAuthorizationEncryptionEncValuesSupported(), AUTHORIZATION_ENCRYPTION_ENC_VALUES_SUPPORTED);

Util.putArray(jsonObj, appConfiguration.getUserInfoSigningAlgValuesSupported(), USER_INFO_SIGNING_ALG_VALUES_SUPPORTED);

JSONArray userInfoEncryptionAlgValuesSupported = new JSONArray();
for (String userInfoEncryptionAlg : appConfiguration.getUserInfoEncryptionAlgValuesSupported()) {
userInfoEncryptionAlgValuesSupported.put(userInfoEncryptionAlg);
}
if (userInfoEncryptionAlgValuesSupported.length() > 0) {
jsonObj.put(USER_INFO_ENCRYPTION_ALG_VALUES_SUPPORTED, userInfoEncryptionAlgValuesSupported);
}

JSONArray userInfoEncryptionEncValuesSupported = new JSONArray();
for (String userInfoEncryptionEnc : appConfiguration.getUserInfoEncryptionEncValuesSupported()) {
userInfoEncryptionEncValuesSupported.put(userInfoEncryptionEnc);
}
if (userInfoEncryptionAlgValuesSupported.length() > 0) {
jsonObj.put(USER_INFO_ENCRYPTION_ENC_VALUES_SUPPORTED, userInfoEncryptionAlgValuesSupported);
}
Util.putArray(jsonObj, appConfiguration.getUserInfoEncryptionAlgValuesSupported(), USER_INFO_ENCRYPTION_ALG_VALUES_SUPPORTED);
Util.putArray(jsonObj, appConfiguration.getUserInfoEncryptionEncValuesSupported(), USER_INFO_ENCRYPTION_ENC_VALUES_SUPPORTED);

Util.putArray(jsonObj, appConfiguration.getIdTokenSigningAlgValuesSupported(), ID_TOKEN_SIGNING_ALG_VALUES_SUPPORTED);

Util.putArray(jsonObj, appConfiguration.getIdTokenEncryptionAlgValuesSupported(), ID_TOKEN_ENCRYPTION_ALG_VALUES_SUPPORTED);

Util.putArray(jsonObj, appConfiguration.getIdTokenEncryptionEncValuesSupported(), ID_TOKEN_ENCRYPTION_ENC_VALUES_SUPPORTED);

Util.putArray(jsonObj, appConfiguration.getAccessTokenSigningAlgValuesSupported(), ACCESS_TOKEN_SIGNING_ALG_VALUES_SUPPORTED);

Util.putArray(jsonObj, appConfiguration.getRequestObjectSigningAlgValuesSupported(), REQUEST_OBJECT_SIGNING_ALG_VALUES_SUPPORTED);

Util.putArray(jsonObj, appConfiguration.getRequestObjectEncryptionAlgValuesSupported(), REQUEST_OBJECT_ENCRYPTION_ALG_VALUES_SUPPORTED);

Util.putArray(jsonObj, appConfiguration.getRequestObjectEncryptionEncValuesSupported(), REQUEST_OBJECT_ENCRYPTION_ENC_VALUES_SUPPORTED);

Util.putArray(jsonObj, appConfiguration.getTokenEndpointAuthMethodsSupported(), TOKEN_ENDPOINT_AUTH_METHODS_SUPPORTED);

Util.putArray(jsonObj, appConfiguration
.getTokenEndpointAuthSigningAlgValuesSupported(), TOKEN_ENDPOINT_AUTH_SIGNING_ALG_VALUES_SUPPORTED);
Util.putArray(jsonObj, appConfiguration.getTokenEndpointAuthSigningAlgValuesSupported(), TOKEN_ENDPOINT_AUTH_SIGNING_ALG_VALUES_SUPPORTED);

Util.putArray(jsonObj, appConfiguration.getDpopSigningAlgValuesSupported(), DPOP_SIGNING_ALG_VALUES_SUPPORTED);

Expand All @@ -240,11 +192,7 @@ protected void processRequest(HttpServletRequest servletRequest, HttpServletResp

jsonObj.put(SERVICE_DOCUMENTATION, appConfiguration.getServiceDocumentation());

JSONArray idTokenTokenBindingCnfValuesSupported = new JSONArray();
for (String value : appConfiguration.getIdTokenTokenBindingCnfValuesSupported()) {
idTokenTokenBindingCnfValuesSupported.put(value);
}
jsonObj.put(ID_TOKEN_TOKEN_BINDING_CNF_VALUES_SUPPORTED, idTokenTokenBindingCnfValuesSupported);
Util.putArray(jsonObj, appConfiguration.getIdTokenTokenBindingCnfValuesSupported(), ID_TOKEN_TOKEN_BINDING_CNF_VALUES_SUPPORTED);

Util.putArray(jsonObj, appConfiguration.getClaimsLocalesSupported(), CLAIMS_LOCALES_SUPPORTED);

Expand Down

0 comments on commit bc1a8ca

Please sign in to comment.