Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Issue #12644 - use builder API to construct OpenIdConfiguration #12682

Merged
merged 4 commits into from
Jan 14, 2025
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -638,7 +638,7 @@ protected String getChallengeUri(Request request)
scopes.append(" ").append(s);
}

return _openIdConfiguration.getAuthEndpoint() +
return _openIdConfiguration.getAuthorizationEndpoint() +
"?client_id=" + UrlEncoded.encodeString(_openIdConfiguration.getClientId(), StandardCharsets.UTF_8) +
"&redirect_uri=" + UrlEncoded.encodeString(getRedirectUri(request), StandardCharsets.UTF_8) +
"&scope=openid" + UrlEncoded.encodeString(scopes.toString(), StandardCharsets.UTF_8) +
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@
import java.util.List;
import java.util.Map;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.function.Consumer;

import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServlet;
Expand Down Expand Up @@ -70,10 +69,10 @@ public class OpenIdAuthenticationTest

public void setup(LoginService loginService) throws Exception
{
setup(loginService, null);
setup(loginService, false);
}

public void setup(LoginService loginService, Consumer<OpenIdConfiguration> configure) throws Exception
public void setup(LoginService loginService, boolean logoutWhenIdTokenIsExpired) throws Exception
{
openIdProvider = new OpenIdProvider(CLIENT_ID, CLIENT_SECRET);
openIdProvider.start();
Expand Down Expand Up @@ -123,9 +122,9 @@ public void setup(LoginService loginService, Consumer<OpenIdConfiguration> confi
securityHandler.addConstraintMapping(adminMapping);

// Authentication using local OIDC Provider
OpenIdConfiguration openIdConfiguration = new OpenIdConfiguration(openIdProvider.getProvider(), CLIENT_ID, CLIENT_SECRET);
if (configure != null)
configure.accept(openIdConfiguration);
OpenIdConfiguration openIdConfiguration = new OpenIdConfiguration.Builder(openIdProvider.getProvider(), CLIENT_ID, CLIENT_SECRET)
.logoutWhenIdTokenIsExpired(logoutWhenIdTokenIsExpired)
.build();
server.addBean(openIdConfiguration);
securityHandler.setInitParameter(OpenIdAuthenticator.REDIRECT_PATH, "/redirect_path");
securityHandler.setInitParameter(OpenIdAuthenticator.ERROR_PAGE, "/error");
Expand Down Expand Up @@ -284,7 +283,7 @@ public boolean validate(UserIdentity user)
@Test
public void testExpiredIdToken() throws Exception
{
setup(null, config -> config.setLogoutWhenIdTokenIsExpired(true));
setup(null, true);
long idTokenExpiryTime = 2000;
openIdProvider.setIdTokenDuration(idTokenExpiryTime);
openIdProvider.setUser(new OpenIdProvider.User("123456789", "Alice"));
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://jetty.org/configure_9_3.dtd">
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "https://www.eclipse.org/jetty/configure_10_0.dtd">
<Configure id="Server" class="org.eclipse.jetty.server.Server">
<Get id="ThreadPool" name="threadPool"/>
<New id="HttpClient" class="org.eclipse.jetty.client.HttpClient">
Expand All @@ -20,35 +20,34 @@
</Arg>
<Set name="executor"><Ref refid="ThreadPool"/></Set>
</New>
<New class="org.eclipse.jetty.security.openid.OpenIdConfiguration$Builder">
<Arg name="issuer"><Property name="jetty.openid.provider"/></Arg>
<Arg name="clientId"><Property name="jetty.openid.clientId"/></Arg>
<Arg name="clientSecret"><Property name="jetty.openid.clientSecret"/></Arg>
<Set name="authorizationEndpoint" property="jetty.openid.provider.authorizationEndpoint"/>
<Set name="tokenEndpoint" property="jetty.openid.provider.tokenEndpoint"/>
<Set name="authenticationMethod" property="jetty.openid.authenticationMethod"/>
<Set name="httpClient"><Ref refid="HttpClient"/></Set>
<Set name="authenticateNewUsers" type="boolean" property="jetty.openid.authenticateNewUsers"/>
<Set name="logoutWhenIdTokenIsExpired" type="boolean" property="jetty.openid.logoutWhenIdTokenIsExpired"/>
<Call name="scopes">
<Arg>
<Call class="org.eclipse.jetty.util.StringUtil" name="csvSplit">
<Arg><Property name="jetty.openid.scopes"/></Arg>
</Call>
</Arg>
</Call>

<Call id="OpenIdConfiguration" name="build"/>
</New>
<Call name="addBean">
<Arg>
<Ref refid="BaseLoginService"/>
<Ref refid="OpenIdConfiguration"/>
</Arg>
</Call>
<Call name="addBean">
<Arg>
<New id="OpenIdConfiguration" class="org.eclipse.jetty.security.openid.OpenIdConfiguration">
<Arg name="issuer"><Property name="jetty.openid.provider" deprecated="jetty.openid.openIdProvider"/></Arg>
<Arg name="authorizationEndpoint"><Property name="jetty.openid.provider.authorizationEndpoint"/></Arg>
<Arg name="tokenEndpoint"><Property name="jetty.openid.provider.tokenEndpoint"/></Arg>
<Arg name="clientId"><Property name="jetty.openid.clientId"/></Arg>
<Arg name="clientSecret"><Property name="jetty.openid.clientSecret"/></Arg>
<Arg name="authenticationMethod"><Property name="jetty.openid.authenticationMethod" deprecated="jetty.openid.authMethod" default="client_secret_post"/></Arg>
<Arg name="httpClient"><Ref refid="HttpClient"/></Arg>
<Set name="authenticateNewUsers">
<Property name="jetty.openid.authenticateNewUsers" default="false"/>
</Set>
<Set name="logoutWhenIdTokenIsExpired">
<Property name="jetty.openid.logoutWhenIdTokenIsExpired" default="false"/>
</Set>
<Call name="addScopes">
<Arg>
<Call class="org.eclipse.jetty.util.StringUtil" name="csvSplit">
<Arg><Property name="jetty.openid.scopes"/></Arg>
</Call>
</Arg>
</Call>
</New>
<Ref refid="BaseLoginService"/>
</Arg>
</Call>
</Configure>
Original file line number Diff line number Diff line change
Expand Up @@ -687,7 +687,7 @@ protected String getChallengeUri(Request request)
scopes.append(" ").append(s);
}

return _openIdConfiguration.getAuthEndpoint() +
return _openIdConfiguration.getAuthorizationEndpoint() +
"?client_id=" + UrlEncoded.encodeString(_openIdConfiguration.getClientId(), StandardCharsets.UTF_8) +
"&redirect_uri=" + UrlEncoded.encodeString(getRedirectUri(request), StandardCharsets.UTF_8) +
"&scope=openid" + UrlEncoded.encodeString(scopes.toString(), StandardCharsets.UTF_8) +
Expand Down
Loading
Loading