implemented locking-user-on-login-fail, needs to be tested
Signed-off-by: Stephan Richter <s.richter@srsoftware.de>
This commit is contained in:
@@ -195,7 +195,7 @@ public class UserController extends Controller {
|
||||
var password = body.has(PASSWORD) ? body.getString(PASSWORD) : null;
|
||||
var trust = body.has(TRUST) ? body.getBoolean(TRUST) : false;
|
||||
|
||||
Optional<User> user = users.load(username, password);
|
||||
Optional<User> user = users.login(username, password);
|
||||
if (user.isPresent()) return sendUserAndCookie(ex, sessions.createSession(user.get(), trust), user.get());
|
||||
return sendEmptyResponse(HTTP_UNAUTHORIZED, ex);
|
||||
}
|
||||
|
||||
@@ -5,6 +5,7 @@ package de.srsoftware.oidc.backend;
|
||||
import com.sun.net.httpserver.HttpExchange;
|
||||
import de.srsoftware.http.PathHandler;
|
||||
import java.io.IOException;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
public class WellKnownController extends PathHandler {
|
||||
@@ -19,6 +20,12 @@ public class WellKnownController extends PathHandler {
|
||||
|
||||
private boolean openidConfig(HttpExchange ex) throws IOException {
|
||||
var host = hostname(ex);
|
||||
return sendContent(ex, Map.of("token_endpoint", host + "/api/token", "authorization_endpoint", host + "/web/authorization.html", "userinfo_endpoint", host + "/api/user/info", "jwks_uri", host + "/api/jwks.json", "issuer", "https://lightoidc.srsoftware.de"));
|
||||
return sendContent(ex, Map.of("token_endpoint", host + "/api/token", //
|
||||
"authorization_endpoint", host + "/web/authorization.html", //
|
||||
"userinfo_endpoint", host + "/api/user/info", //
|
||||
"jwks_uri", host + "/api/jwks.json", //
|
||||
"issuer", "https://lightoidc.srsoftware.de", //
|
||||
"id_token_signing_alg_values_supported", List.of("RS256"), //
|
||||
"subject_types_supported", List.of("public", "pairwise")));
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user