From bc1a8ca8b2c7e3b286f2762d9e84205f402cce4a Mon Sep 17 00:00:00 2001 From: YuriyZ Date: Thu, 10 Nov 2022 12:49:00 +0200 Subject: [PATCH] fix(jans-auth-server): wrong userinfo_encryption_enc_values_supported in OpenID Configuration #2725 (#2951) --- .../main/java/io/jans/as/model/util/Util.java | 3 + .../java/io/jans/as/model/util/UtilTest.java | 8 ++ .../server/servlet/OpenIdConfiguration.java | 80 ++++--------------- 3 files changed, 25 insertions(+), 66 deletions(-) diff --git a/jans-auth-server/model/src/main/java/io/jans/as/model/util/Util.java b/jans-auth-server/model/src/main/java/io/jans/as/model/util/Util.java index 3b45fe8ecd8..a4eb27b3423 100644 --- a/jans-auth-server/model/src/main/java/io/jans/as/model/util/Util.java +++ b/jans-auth-server/model/src/main/java/io/jans/as/model/util/Util.java @@ -362,6 +362,9 @@ public static Map toSerializableMap(Map ma } public static void putArray(JSONObject jsonObj, List list, String key) { + if (list == null || list.isEmpty()) { + return; + } JSONArray jsonArray = new JSONArray(); for (String alg : list) { jsonArray.put(alg); diff --git a/jans-auth-server/model/src/test/java/io/jans/as/model/util/UtilTest.java b/jans-auth-server/model/src/test/java/io/jans/as/model/util/UtilTest.java index c62cf9dee10..f81929e1e9a 100644 --- a/jans-auth-server/model/src/test/java/io/jans/as/model/util/UtilTest.java +++ b/jans-auth-server/model/src/test/java/io/jans/as/model/util/UtilTest.java @@ -19,6 +19,14 @@ public class UtilTest extends BaseTest { + @Test + public void putArray_whenListIsNull_shouldNotFail() { + JSONObject json = new JSONObject(); + Util.putArray(json, null, "key"); + + assertNull(json.optJSONArray("key")); + } + @Test public void putArray_whenListIsNotEmpty_shouldAddArray() { JSONObject json = new JSONObject(); diff --git a/jans-auth-server/server/src/main/java/io/jans/as/server/servlet/OpenIdConfiguration.java b/jans-auth-server/server/src/main/java/io/jans/as/server/servlet/OpenIdConfiguration.java index 15805d59ab7..e55e38a7ffe 100644 --- a/jans-auth-server/server/src/main/java/io/jans/as/server/servlet/OpenIdConfiguration.java +++ b/jans-auth-server/server/src/main/java/io/jans/as/server/servlet/OpenIdConfiguration.java @@ -7,11 +7,7 @@ package io.jans.as.server.servlet; import io.jans.as.common.service.AttributeService; -import io.jans.as.model.common.FeatureFlagType; -import io.jans.as.model.common.GrantType; -import io.jans.as.model.common.ResponseMode; -import io.jans.as.model.common.ResponseType; -import io.jans.as.model.common.ScopeType; +import io.jans.as.model.common.*; import io.jans.as.model.configuration.AppConfiguration; import io.jans.as.model.util.Util; import io.jans.as.persistence.model.Scope; @@ -25,16 +21,15 @@ import io.jans.as.server.service.external.ExternalDynamicScopeService; import io.jans.as.server.util.ServerUtil; import io.jans.model.GluuAttribute; -import org.apache.commons.lang.StringUtils; -import org.json.JSONArray; -import org.json.JSONObject; -import org.slf4j.Logger; - import jakarta.inject.Inject; import jakarta.servlet.annotation.WebServlet; import jakarta.servlet.http.HttpServlet; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; +import org.apache.commons.lang.StringUtils; +import org.json.JSONArray; +import org.json.JSONObject; +import org.slf4j.Logger; import java.io.IOException; import java.io.PrintWriter; @@ -162,75 +157,32 @@ protected void processRequest(HttpServletRequest servletRequest, HttpServletResp Util.putArray(jsonObj, listGrantTypesSupported, GRANT_TYPES_SUPPORTED); } - JSONArray acrValuesSupported = new JSONArray(); - for (String acr : externalAuthenticationService.getAcrValuesList()) { - acrValuesSupported.put(acr); - } - jsonObj.put(ACR_VALUES_SUPPORTED, acrValuesSupported); jsonObj.put(AUTH_LEVEL_MAPPING, createAuthLevelMapping()); - Util.putArray(jsonObj, appConfiguration.getSubjectTypesSupported(), SUBJECT_TYPES_SUPPORTED); - - JSONArray authorizationSigningAlgValuesSupported = new JSONArray(); - for (String authorizationSigningAlg : appConfiguration.getAuthorizationSigningAlgValuesSupported()) { - authorizationSigningAlgValuesSupported.put(authorizationSigningAlg); - } - if (!authorizationSigningAlgValuesSupported.isEmpty()) { - jsonObj.put(AUTHORIZATION_SIGNING_ALG_VALUES_SUPPORTED, authorizationSigningAlgValuesSupported); - } + Util.putArray(jsonObj, externalAuthenticationService.getAcrValuesList(), ACR_VALUES_SUPPORTED); - JSONArray authorizationEncryptionAlgValuesSupported = new JSONArray(); - for (String authorizationEncryptionAlg : appConfiguration.getAuthorizationEncryptionAlgValuesSupported()) { - authorizationEncryptionAlgValuesSupported.put(authorizationEncryptionAlg); - } - if (!authorizationEncryptionAlgValuesSupported.isEmpty()) { - jsonObj.put(AUTHORIZATION_ENCRYPTION_ALG_VALUES_SUPPORTED, authorizationEncryptionAlgValuesSupported); - } + Util.putArray(jsonObj, appConfiguration.getSubjectTypesSupported(), SUBJECT_TYPES_SUPPORTED); - JSONArray authorizationEncryptionEncValuesSupported = new JSONArray(); - for (String authorizationEncyptionEnc : appConfiguration.getAuthorizationEncryptionEncValuesSupported()) { - authorizationEncryptionEncValuesSupported.put(authorizationEncyptionEnc); - } - if (!authorizationEncryptionEncValuesSupported.isEmpty()) { - jsonObj.put(AUTHORIZATION_ENCRYPTION_ENC_VALUES_SUPPORTED, authorizationEncryptionEncValuesSupported); - } + Util.putArray(jsonObj, appConfiguration.getAuthorizationSigningAlgValuesSupported(), AUTHORIZATION_SIGNING_ALG_VALUES_SUPPORTED); + Util.putArray(jsonObj, appConfiguration.getAuthorizationEncryptionAlgValuesSupported(), AUTHORIZATION_ENCRYPTION_ALG_VALUES_SUPPORTED); + Util.putArray(jsonObj, appConfiguration.getAuthorizationEncryptionEncValuesSupported(), AUTHORIZATION_ENCRYPTION_ENC_VALUES_SUPPORTED); Util.putArray(jsonObj, appConfiguration.getUserInfoSigningAlgValuesSupported(), USER_INFO_SIGNING_ALG_VALUES_SUPPORTED); - - JSONArray userInfoEncryptionAlgValuesSupported = new JSONArray(); - for (String userInfoEncryptionAlg : appConfiguration.getUserInfoEncryptionAlgValuesSupported()) { - userInfoEncryptionAlgValuesSupported.put(userInfoEncryptionAlg); - } - if (userInfoEncryptionAlgValuesSupported.length() > 0) { - jsonObj.put(USER_INFO_ENCRYPTION_ALG_VALUES_SUPPORTED, userInfoEncryptionAlgValuesSupported); - } - - JSONArray userInfoEncryptionEncValuesSupported = new JSONArray(); - for (String userInfoEncryptionEnc : appConfiguration.getUserInfoEncryptionEncValuesSupported()) { - userInfoEncryptionEncValuesSupported.put(userInfoEncryptionEnc); - } - if (userInfoEncryptionAlgValuesSupported.length() > 0) { - jsonObj.put(USER_INFO_ENCRYPTION_ENC_VALUES_SUPPORTED, userInfoEncryptionAlgValuesSupported); - } + Util.putArray(jsonObj, appConfiguration.getUserInfoEncryptionAlgValuesSupported(), USER_INFO_ENCRYPTION_ALG_VALUES_SUPPORTED); + Util.putArray(jsonObj, appConfiguration.getUserInfoEncryptionEncValuesSupported(), USER_INFO_ENCRYPTION_ENC_VALUES_SUPPORTED); Util.putArray(jsonObj, appConfiguration.getIdTokenSigningAlgValuesSupported(), ID_TOKEN_SIGNING_ALG_VALUES_SUPPORTED); - Util.putArray(jsonObj, appConfiguration.getIdTokenEncryptionAlgValuesSupported(), ID_TOKEN_ENCRYPTION_ALG_VALUES_SUPPORTED); - Util.putArray(jsonObj, appConfiguration.getIdTokenEncryptionEncValuesSupported(), ID_TOKEN_ENCRYPTION_ENC_VALUES_SUPPORTED); Util.putArray(jsonObj, appConfiguration.getAccessTokenSigningAlgValuesSupported(), ACCESS_TOKEN_SIGNING_ALG_VALUES_SUPPORTED); Util.putArray(jsonObj, appConfiguration.getRequestObjectSigningAlgValuesSupported(), REQUEST_OBJECT_SIGNING_ALG_VALUES_SUPPORTED); - Util.putArray(jsonObj, appConfiguration.getRequestObjectEncryptionAlgValuesSupported(), REQUEST_OBJECT_ENCRYPTION_ALG_VALUES_SUPPORTED); - Util.putArray(jsonObj, appConfiguration.getRequestObjectEncryptionEncValuesSupported(), REQUEST_OBJECT_ENCRYPTION_ENC_VALUES_SUPPORTED); Util.putArray(jsonObj, appConfiguration.getTokenEndpointAuthMethodsSupported(), TOKEN_ENDPOINT_AUTH_METHODS_SUPPORTED); - - Util.putArray(jsonObj, appConfiguration - .getTokenEndpointAuthSigningAlgValuesSupported(), TOKEN_ENDPOINT_AUTH_SIGNING_ALG_VALUES_SUPPORTED); + Util.putArray(jsonObj, appConfiguration.getTokenEndpointAuthSigningAlgValuesSupported(), TOKEN_ENDPOINT_AUTH_SIGNING_ALG_VALUES_SUPPORTED); Util.putArray(jsonObj, appConfiguration.getDpopSigningAlgValuesSupported(), DPOP_SIGNING_ALG_VALUES_SUPPORTED); @@ -240,11 +192,7 @@ protected void processRequest(HttpServletRequest servletRequest, HttpServletResp jsonObj.put(SERVICE_DOCUMENTATION, appConfiguration.getServiceDocumentation()); - JSONArray idTokenTokenBindingCnfValuesSupported = new JSONArray(); - for (String value : appConfiguration.getIdTokenTokenBindingCnfValuesSupported()) { - idTokenTokenBindingCnfValuesSupported.put(value); - } - jsonObj.put(ID_TOKEN_TOKEN_BINDING_CNF_VALUES_SUPPORTED, idTokenTokenBindingCnfValuesSupported); + Util.putArray(jsonObj, appConfiguration.getIdTokenTokenBindingCnfValuesSupported(), ID_TOKEN_TOKEN_BINDING_CNF_VALUES_SUPPORTED); Util.putArray(jsonObj, appConfiguration.getClaimsLocalesSupported(), CLAIMS_LOCALES_SUPPORTED);