updated dependencies on srsoftware.de packages
Signed-off-by: Stephan Richter <s.richter@srsoftware.de>
This commit is contained in:
@@ -3,6 +3,7 @@ package de.srsoftware.oidc.backend;
|
||||
|
||||
import static de.srsoftware.oidc.api.Constants.*;
|
||||
import static de.srsoftware.oidc.api.data.Permission.MANAGE_CLIENTS;
|
||||
import static de.srsoftware.tools.Error.error;
|
||||
import static java.net.HttpURLConnection.*;
|
||||
|
||||
import com.sun.net.httpserver.HttpExchange;
|
||||
@@ -11,7 +12,6 @@ import de.srsoftware.oidc.api.data.AuthorizedScopes;
|
||||
import de.srsoftware.oidc.api.data.Client;
|
||||
import de.srsoftware.oidc.api.data.Session;
|
||||
import de.srsoftware.oidc.api.data.User;
|
||||
import de.srsoftware.tools.Error;
|
||||
import de.srsoftware.tools.Optionals;
|
||||
import java.io.IOException;
|
||||
import java.time.Duration;
|
||||
@@ -42,15 +42,15 @@ public class ClientController extends Controller {
|
||||
var user = optUser.get();
|
||||
var json = json(ex);
|
||||
var state = json.has(STATE) ? json.getString(STATE) : null;
|
||||
if (!json.has(CLIENT_ID)) return badRequest(ex, Error.of(ERROR_MISSING_PARAMETER).addData(PARAM, CLIENT_ID, STATE, state));
|
||||
if (!json.has(CLIENT_ID)) return badRequest(ex, error(ERROR_MISSING_PARAMETER).addData(PARAM, CLIENT_ID, STATE, state));
|
||||
var clientId = json.getString(CLIENT_ID);
|
||||
var optClient = clients.getClient(clientId);
|
||||
if (optClient.isEmpty()) return badRequest(ex, Error.of(ERROR_UNKNOWN_CLIENT).addData(CLIENT_ID, clientId, STATE, state));
|
||||
if (optClient.isEmpty()) return badRequest(ex, error(ERROR_UNKNOWN_CLIENT).addData(CLIENT_ID, clientId, STATE, state));
|
||||
for (String param : List.of(SCOPE, RESPONSE_TYPE, REDIRECT_URI)) {
|
||||
if (!json.has(param)) return badRequest(ex, Error.of(ERROR_MISSING_PARAMETER).addData(PARAM, param, STATE, state));
|
||||
if (!json.has(param)) return badRequest(ex, error(ERROR_MISSING_PARAMETER).addData(PARAM, param, STATE, state));
|
||||
}
|
||||
var scopes = toList(json, SCOPE);
|
||||
if (!scopes.contains(OPENID)) return badRequest(ex, Error.of(ERROR_MISSING_PARAMETER).addData(PARAM, "Scope: openid", STATE, state));
|
||||
if (!scopes.contains(OPENID)) return badRequest(ex, error(ERROR_MISSING_PARAMETER).addData(PARAM, "Scope: openid", STATE, state));
|
||||
var responseTypes = toList(json, RESPONSE_TYPE);
|
||||
var types = 0;
|
||||
for (var responseType : responseTypes) {
|
||||
@@ -60,15 +60,15 @@ public class ClientController extends Controller {
|
||||
types++;
|
||||
break;
|
||||
default:
|
||||
return badRequest(ex, Error.of(ERROR_UNSUPPORTED_RESPONSE_TYPE).addData(RESPONSE_TYPE, responseType, STATE, state));
|
||||
return badRequest(ex, error(ERROR_UNSUPPORTED_RESPONSE_TYPE).addData(RESPONSE_TYPE, responseType, STATE, state));
|
||||
}
|
||||
}
|
||||
if (types < 1) return badRequest(ex, Error.of(ERROR_MISSING_CODE_RESPONSE_TYPE).addData(STATE, state));
|
||||
if (types < 1) return badRequest(ex, error(ERROR_MISSING_CODE_RESPONSE_TYPE).addData(STATE, state));
|
||||
|
||||
var client = optClient.get();
|
||||
var redirect = json.getString(REDIRECT_URI);
|
||||
|
||||
if (!client.redirectUris().contains(redirect)) return badRequest(ex, Error.of(ERROR_INVALID_REDIRECT).addData(REDIRECT_URI, redirect, STATE, state));
|
||||
if (!client.redirectUris().contains(redirect)) return badRequest(ex, error(ERROR_INVALID_REDIRECT).addData(REDIRECT_URI, redirect, STATE, state));
|
||||
|
||||
if (json.has(AUTHORZED)) { // user did consent
|
||||
var authorized = json.getJSONObject(AUTHORZED);
|
||||
|
||||
@@ -14,9 +14,8 @@ import de.srsoftware.oidc.api.*;
|
||||
import de.srsoftware.oidc.api.data.Permission;
|
||||
import de.srsoftware.oidc.api.data.Session;
|
||||
import de.srsoftware.oidc.api.data.User;
|
||||
import de.srsoftware.tools.Payload;
|
||||
import de.srsoftware.tools.Result;
|
||||
import de.srsoftware.tools.SessionToken;
|
||||
import de.srsoftware.tools.result.*;
|
||||
import jakarta.mail.*;
|
||||
import jakarta.mail.internet.*;
|
||||
import java.io.IOException;
|
||||
@@ -228,7 +227,7 @@ public class UserController extends Controller {
|
||||
var user = optUser.get();
|
||||
users.updatePassword(user, newPass);
|
||||
var session = sessions.createSession(user, false);
|
||||
new SessionToken(session.id(), session.expiration(), session.trustBrowser()).addTo(ex);
|
||||
new SessionToken(session.id(), "/api", session.expiration(), session.trustBrowser()).addTo(ex);
|
||||
return sendRedirect(ex, "/");
|
||||
}
|
||||
|
||||
@@ -267,7 +266,7 @@ public class UserController extends Controller {
|
||||
}
|
||||
|
||||
private boolean sendUserAndCookie(HttpExchange ex, Session session, User user) throws IOException {
|
||||
new SessionToken(session.id(), session.expiration(), session.trustBrowser()).addTo(ex);
|
||||
new SessionToken(session.id(), "/api", session.expiration(), session.trustBrowser()).addTo(ex);
|
||||
return sendContent(ex, user.map(false));
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user