Added comments & updated code structure.
Change-Id: I2ff7adb2954b87e8345a6e0619b14614883c4200
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/constant/OAuth2ClientType.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/constant/OAuth2ClientType.java
index 60209be..dd1da81 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/constant/OAuth2ClientType.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/constant/OAuth2ClientType.java
@@ -1,20 +1,32 @@
package de.ids_mannheim.korap.oauth2.constant;
+/**
+ * Defines possible OAuth2 client types.
+ *
+ * Quoted from RFC 6749:
+ * <ul>
+ *
+ * <li> <b>Confidential clients</b> are clients capable of maintaining
+ * the confidentiality of their
+ * credentials (e.g., client implemented on a secure server with
+ * restricted access to the client credentials), or capable of secure
+ * client authentication using other means.
+ * </li>
+ *
+ * <li>
+ * <b>Public clients</b> are Clients incapable of maintaining the
+ * confidentiality of their credentials (e.g., clients executing on
+ * the device used by the resource owner, such as an installed
+ * native application or a web browser-based application), and
+ * incapable of secure client authentication via any other means.
+ * Mobile and Javascript apps are considered public clients.
+ * </li>
+ * </ul>
+ *
+ * @author margaretha
+ *
+ */
public enum OAuth2ClientType {
- // EM: from RFC 6749
-
-// Clients capable of maintaining the confidentiality of their
-// credentials (e.g., client implemented on a secure server with
-// restricted access to the client credentials), or capable of secure
-// client authentication using other means.
- CONFIDENTIAL,
-
-// Clients incapable of maintaining the confidentiality of their
-// credentials (e.g., clients executing on the device used by the
-// resource owner, such as an installed native application or a web
-// browser-based application), and incapable of secure client
-// authentication via any other means. Mobile and Javascript apps
-// are considered public clients.
- PUBLIC;
+ CONFIDENTIAL, PUBLIC;
}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/constant/OAuth2Error.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/constant/OAuth2Error.java
index fbdb5a7..4b76a26 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/constant/OAuth2Error.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/constant/OAuth2Error.java
@@ -1,12 +1,17 @@
package de.ids_mannheim.korap.oauth2.constant;
+/**
+ * Lists possible OAuth2 errors as described in RFC 6749 and 6750.
+ *
+ * @author margaretha
+ *
+ */
public class OAuth2Error {
public static final String ERROR = "error";
public static final String DESCRIPTION = "error_description";
public static final String URI = "error_uri";
-
/**
* The request is missing a required parameter, includes an
* invalid parameter value, includes a parameter more than
@@ -92,12 +97,22 @@
public static final String TEMPORARILY_UNAVAILABLE =
"temporarily_unavailable";
-
- // extensions
-
+ /**
+ * The request requires higher privileges than provided by the
+ * access token.
+ */
public static final String INSUFFICIENT_SCOPE = "insufficient_scope";
+ /**
+ * The access token provided is revoked, malformed, or
+ * invalid for other reasons.
+ */
public static final String INVALID_TOKEN = "invalid_token";
+ /**
+ * The access token provided is expired. This error is a
+ * specialization of invalid_token error and not part of
+ * the RFCs.
+ */
public static final String EXPIRED_TOKEN = "expired_token";
}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AccessScopeDao.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AccessScopeDao.java
index a714420..aeb1c92 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AccessScopeDao.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AccessScopeDao.java
@@ -16,6 +16,13 @@
import de.ids_mannheim.korap.constant.OAuth2Scope;
import de.ids_mannheim.korap.oauth2.entity.AccessScope;
+/**
+ * AccessScopeDao manages database queries and transactions regarding
+ * access scopes.
+ *
+ * @author margaretha
+ *
+ */
@Repository
@Transactional
public class AccessScopeDao {
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AccessTokenDao.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AccessTokenDao.java
index b5f4173..3a9b585 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AccessTokenDao.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AccessTokenDao.java
@@ -34,6 +34,12 @@
import de.ids_mannheim.korap.oauth2.entity.RefreshToken_;
import de.ids_mannheim.korap.utils.ParameterChecker;
+/**
+ * Manages database queries and transactions regarding access tokens.
+ *
+ * @author margaretha
+ *
+ */
@Repository
@Transactional
public class AccessTokenDao extends KustvaktCacheable {
@@ -129,7 +135,8 @@
CriteriaQuery<RefreshToken> query =
builder.createQuery(RefreshToken.class);
Root<RefreshToken> root = query.from(RefreshToken.class);
- Join<RefreshToken, OAuth2Client> client = root.join(RefreshToken_.client);
+ Join<RefreshToken, OAuth2Client> client =
+ root.join(RefreshToken_.client);
query.select(root);
query.where(builder.equal(client.get(OAuth2Client_.id), clientId));
TypedQuery<RefreshToken> q = entityManager.createQuery(query);
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationDao.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationDao.java
index aa05d5d..b145f44 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationDao.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationDao.java
@@ -8,17 +8,26 @@
import de.ids_mannheim.korap.oauth2.entity.AccessScope;
import de.ids_mannheim.korap.oauth2.entity.Authorization;
+/**
+ * AuthorizationDao is an interface describing methods for managing
+ * authorizations.
+ *
+ * @author margaretha
+ *
+ */
public interface AuthorizationDao {
public Authorization storeAuthorizationCode (String clientId, String userId,
String code, Set<AccessScope> scopes, String redirectURI,
- ZonedDateTime authenticationTime, String nonce) throws KustvaktException;
-
+ ZonedDateTime authenticationTime, String nonce)
+ throws KustvaktException;
+
public Authorization retrieveAuthorizationCode (String code)
throws KustvaktException;
-
+
public Authorization updateAuthorization (Authorization authorization)
throws KustvaktException;
- public List<Authorization> retrieveAuthorizationsByClientId (String clientId);
+ public List<Authorization> retrieveAuthorizationsByClientId (
+ String clientId);
}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationDaoImpl.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationDaoImpl.java
index 538c655..2cc570b 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationDaoImpl.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationDaoImpl.java
@@ -27,6 +27,13 @@
import de.ids_mannheim.korap.oauth2.entity.Authorization_;
import de.ids_mannheim.korap.utils.ParameterChecker;
+/**
+ * Implementations of {@link AuthorizationDao} managing database
+ * queries and transactions regarding OAuth2 authorizations.
+ *
+ * @author margaretha
+ *
+ */
@Transactional
@Repository
public class AuthorizationDaoImpl implements AuthorizationDao {
@@ -35,7 +42,7 @@
private EntityManager entityManager;
@Autowired
private FullConfiguration config;
-
+
public Authorization storeAuthorizationCode (String clientId, String userId,
String code, Set<AccessScope> scopes, String redirectURI,
ZonedDateTime authenticationTime, String nonce)
@@ -55,7 +62,7 @@
authorization.setRedirectURI(redirectURI);
authorization.setUserAuthenticationTime(authenticationTime);
authorization.setNonce(nonce);
-
+
ZonedDateTime now =
ZonedDateTime.now(ZoneId.of(Attributes.DEFAULT_TIME_ZONE));
authorization.setCreatedDate(now);
@@ -101,7 +108,8 @@
@SuppressWarnings("unchecked")
@Override
- public List<Authorization> retrieveAuthorizationsByClientId (String clientId) {
+ public List<Authorization> retrieveAuthorizationsByClientId (
+ String clientId) {
CriteriaBuilder builder = entityManager.getCriteriaBuilder();
CriteriaQuery<Authorization> query =
builder.createQuery(Authorization.class);
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/CachedAuthorizationDaoImpl.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/CachedAuthorizationDaoImpl.java
index ed848bc..9c807c2 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/CachedAuthorizationDaoImpl.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/CachedAuthorizationDaoImpl.java
@@ -20,6 +20,13 @@
import de.ids_mannheim.korap.utils.ParameterChecker;
import net.sf.ehcache.Element;
+/**
+ * Implementations of {@link AuthorizationDao} using a cache instead
+ * of a database.
+ *
+ * @author margaretha
+ *
+ */
public class CachedAuthorizationDaoImpl extends KustvaktCacheable
implements AuthorizationDao {
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/OAuth2ClientDao.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/OAuth2ClientDao.java
index 7bde510..a3507b7 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/OAuth2ClientDao.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/OAuth2ClientDao.java
@@ -29,6 +29,11 @@
import de.ids_mannheim.korap.oauth2.entity.RefreshToken_;
import de.ids_mannheim.korap.utils.ParameterChecker;
+/** Manages database queries and transactions regarding OAuth2 clients.
+ *
+ * @author margaretha
+ *
+ */
@Transactional
@Repository
public class OAuth2ClientDao {
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/RefreshTokenDao.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/RefreshTokenDao.java
index 8ee798b..87c7a6d 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/RefreshTokenDao.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/RefreshTokenDao.java
@@ -28,6 +28,12 @@
import de.ids_mannheim.korap.oauth2.entity.RefreshToken_;
import de.ids_mannheim.korap.utils.ParameterChecker;
+/**
+ * Manages database queries and transactions regarding refresh tokens.
+ *
+ * @author margaretha
+ *
+ */
@Repository
@Transactional
public class RefreshTokenDao {
@@ -71,7 +77,7 @@
builder.createQuery(RefreshToken.class);
Root<RefreshToken> root = query.from(RefreshToken.class);
root.fetch(RefreshToken_.client);
-
+
query.select(root);
query.where(builder.equal(root.get(RefreshToken_.token), token));
Query q = entityManager.createQuery(query);
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/dto/OAuth2ClientDto.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/dto/OAuth2ClientDto.java
index 3f6199b..fccffb8 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/dto/OAuth2ClientDto.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/dto/OAuth2ClientDto.java
@@ -3,6 +3,13 @@
import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.annotation.JsonInclude.Include;
+/**
+ * Describes the client_id and the client_secret of a client after
+ * client registration or reset secret.
+ *
+ * @author margaretha
+ *
+ */
@JsonInclude(Include.NON_EMPTY)
public class OAuth2ClientDto {
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/dto/OAuth2ClientInfoDto.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/dto/OAuth2ClientInfoDto.java
index 85003ae..3970c8d 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/dto/OAuth2ClientInfoDto.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/dto/OAuth2ClientInfoDto.java
@@ -6,6 +6,11 @@
import de.ids_mannheim.korap.oauth2.constant.OAuth2ClientType;
import de.ids_mannheim.korap.oauth2.entity.OAuth2Client;
+/** Describes information about an OAuth2 client.
+ *
+ * @author margaretha
+ *
+ */
@JsonInclude(Include.NON_EMPTY)
public class OAuth2ClientInfoDto {
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/dto/OAuth2UserClientDto.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/dto/OAuth2UserClientDto.java
index 02ab148..3fa44b5 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/dto/OAuth2UserClientDto.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/dto/OAuth2UserClientDto.java
@@ -1,5 +1,10 @@
package de.ids_mannheim.korap.oauth2.dto;
+/** Lists authorized OAuth2 clients of a user
+ *
+ * @author margaretha
+ *
+ */
public class OAuth2UserClientDto {
private String clientId;
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/AccessScope.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/AccessScope.java
index 15d9da5..5a8a498 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/AccessScope.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/AccessScope.java
@@ -15,11 +15,18 @@
import lombok.Getter;
import lombok.Setter;
+/**
+ * Defines the oauth2_access_scope database table mapping and access
+ * scope relations to Authorization, AccessToken and RefreshToken.
+ *
+ * @author margaretha
+ *
+ */
@Getter
@Setter
@Entity
@Table(name = "oauth2_access_scope")
-public class AccessScope implements Serializable{
+public class AccessScope implements Serializable {
private static final long serialVersionUID = -7356877266702636705L;
@@ -35,10 +42,10 @@
@ManyToMany(mappedBy = "scopes", fetch = FetchType.LAZY)
private List<Authorization> authorizations;
-
+
@ManyToMany(mappedBy = "scopes", fetch = FetchType.LAZY)
private List<AccessToken> accessTokens;
-
+
@ManyToMany(mappedBy = "scopes", fetch = FetchType.LAZY)
private List<RefreshToken> refreshTokens;
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/AccessToken.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/AccessToken.java
index ba381de..a94b081 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/AccessToken.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/AccessToken.java
@@ -20,6 +20,13 @@
import lombok.Getter;
import lombok.Setter;
+/**
+ * Defines oauth2_access_token database table mapping and access token
+ * relations to AccessScope and RefreshToken.
+ *
+ * @author margaretha
+ *
+ */
@Getter
@Setter
@Entity
@@ -59,7 +66,7 @@
columnNames = { "token_id", "scope_id" }))
private Set<AccessScope> scopes;
- @ManyToOne(fetch=FetchType.LAZY)
- @JoinColumn(name="refresh_token")
+ @ManyToOne(fetch = FetchType.LAZY)
+ @JoinColumn(name = "refresh_token")
private RefreshToken refreshToken;
}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/Authorization.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/Authorization.java
index bb38fb5..76813ff 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/Authorization.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/Authorization.java
@@ -18,6 +18,13 @@
import lombok.Getter;
import lombok.Setter;
+/**
+ * Describes oauth2_authorization database table mapping and
+ * authorization relations to AccessScope.
+ *
+ * @author margaretha
+ *
+ */
@Getter
@Setter
@Entity
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/OAuth2Client.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/OAuth2Client.java
index 8023e32..5e2c929 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/OAuth2Client.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/OAuth2Client.java
@@ -16,7 +16,8 @@
import de.ids_mannheim.korap.oauth2.constant.OAuth2ClientType;
-/**
+/** Describe oauth2_client database table mapping.
+ *
* @author margaretha
*
*/
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/OAuth2ClientUrl.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/OAuth2ClientUrl.java
index 3396d0b..0ab27c1 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/OAuth2ClientUrl.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/OAuth2ClientUrl.java
@@ -8,7 +8,8 @@
import lombok.Getter;
import lombok.Setter;
-/**
+/** Describes oauth2_client_url database table mapping
+ *
* @author margaretha
*
*/
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/RefreshToken.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/RefreshToken.java
index a60aef5..4830468 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/RefreshToken.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/entity/RefreshToken.java
@@ -17,6 +17,13 @@
import javax.persistence.Table;
import javax.persistence.UniqueConstraint;
+/**
+ * Describes oauth2_refresh_token database table mapping and refresh
+ * token relations to access scopes, access tokens, and oauth2 clients.
+ *
+ * @author margaretha
+ *
+ */
@Entity
@Table(name = "oauth2_refresh_token")
public class RefreshToken {
@@ -31,8 +38,8 @@
private ZonedDateTime expiryDate;
@Column(name = "user_id")
private String userId;
-// @Column(name = "client_id")
-// private String clientId;
+ // @Column(name = "client_id")
+ // private String clientId;
@Column(name = "user_auth_time", updatable = false)
private ZonedDateTime userAuthenticationTime;
@Column(name = "is_revoked")
@@ -40,9 +47,9 @@
@OneToMany(fetch = FetchType.EAGER, mappedBy = "refreshToken")
private Set<AccessToken> accessTokens;
-
- @ManyToOne(fetch=FetchType.LAZY)
- @JoinColumn(name="client")
+
+ @ManyToOne(fetch = FetchType.LAZY)
+ @JoinColumn(name = "client")
private OAuth2Client client;
@ManyToMany(fetch = FetchType.EAGER)
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/OAuth2RevokeTokenSuperRequest.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/OAuth2RevokeTokenSuperRequest.java
index 183d2a3..347a233 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/OAuth2RevokeTokenSuperRequest.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/OAuth2RevokeTokenSuperRequest.java
@@ -5,12 +5,20 @@
import javax.servlet.http.HttpServletRequest;
+import org.apache.oltu.oauth2.as.request.OAuthRequest;
import org.apache.oltu.oauth2.common.OAuth;
import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.oltu.oauth2.common.utils.OAuthUtils;
import org.apache.oltu.oauth2.common.validators.OAuthValidator;
+/**
+ * A custom request based on {@link OAuthRequest}. It defines token
+ * revocation request that should have been sent from a super client.
+ *
+ * @author margaretha
+ *
+ */
public class OAuth2RevokeTokenSuperRequest {
protected HttpServletRequest request;
protected OAuthValidator<HttpServletRequest> validator;
@@ -49,13 +57,13 @@
public String getClientId () {
return request.getParameter(OAuth.OAUTH_CLIENT_ID);
}
-
+
public String getSuperClientId () {
return request.getParameter(RevokeTokenSuperValidator.SUPER_CLIENT_ID);
}
-
+
public String getSuperClientSecret () {
- return request.getParameter(RevokeTokenSuperValidator.
- SUPER_CLIENT_SECRET);
+ return request
+ .getParameter(RevokeTokenSuperValidator.SUPER_CLIENT_SECRET);
}
}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/RevokeTokenSuperValidator.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/RevokeTokenSuperValidator.java
index 650e8a5..454f0e5 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/RevokeTokenSuperValidator.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/RevokeTokenSuperValidator.java
@@ -12,6 +12,13 @@
import de.ids_mannheim.korap.oauth2.constant.OAuth2Error;
+/**
+ * Defines required request parameters for
+ * OAuth2RevokeTokenSuperRequest and validates the request method.
+ *
+ * @author margaretha
+ *
+ */
public class RevokeTokenSuperValidator
extends AbstractValidator<HttpServletRequest> {
@@ -42,12 +49,10 @@
if (enforceClientAuthentication) {
Set<String> missingParameters = new HashSet<String>();
- if (OAuthUtils
- .isEmpty(request.getParameter(SUPER_CLIENT_ID))) {
+ if (OAuthUtils.isEmpty(request.getParameter(SUPER_CLIENT_ID))) {
missingParameters.add(SUPER_CLIENT_ID);
}
- if (OAuthUtils
- .isEmpty(request.getParameter(SUPER_CLIENT_SECRET))) {
+ if (OAuthUtils.isEmpty(request.getParameter(SUPER_CLIENT_SECRET))) {
missingParameters.add(SUPER_CLIENT_SECRET);
}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/service/OltuTokenService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/service/OltuTokenService.java
index a88355e..f7d6405 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/service/OltuTokenService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/oltu/service/OltuTokenService.java
@@ -34,6 +34,11 @@
import de.ids_mannheim.korap.oauth2.oltu.OAuth2RevokeTokenSuperRequest;
import de.ids_mannheim.korap.oauth2.service.OAuth2TokenService;
+/** Implementation of token service using Apache Oltu.
+ *
+ * @author margaretha
+ *
+ */
@Service
public class OltuTokenService extends OAuth2TokenService {
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/OpenIdHttpRequestWrapper.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/OpenIdHttpRequestWrapper.java
index 8f6d80b..a489ef6 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/OpenIdHttpRequestWrapper.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/OpenIdHttpRequestWrapper.java
@@ -9,6 +9,11 @@
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.http.HTTPRequest;
+/** A request wrapper based on HTTPRequest.
+ *
+ * @author margaretha
+ *
+ */
public class OpenIdHttpRequestWrapper extends HTTPRequest {
private Map<String, String> params;
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/service/JWKService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/service/JWKService.java
index c157662..df9fb17 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/service/JWKService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/service/JWKService.java
@@ -20,6 +20,11 @@
import de.ids_mannheim.korap.config.FullConfiguration;
+/** JWK services for generating key pair and key set.
+ *
+ * @author margaretha
+ *
+ */
@Service
public class JWKService {
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/service/OpenIdAuthorizationService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/service/OpenIdAuthorizationService.java
index 5997ca0..2d3ee33 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/service/OpenIdAuthorizationService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/service/OpenIdAuthorizationService.java
@@ -31,6 +31,11 @@
import de.ids_mannheim.korap.oauth2.entity.OAuth2Client;
import de.ids_mannheim.korap.oauth2.service.OAuth2AuthorizationService;
+/** Authorization service implementation using open id.
+ *
+ * @author margaretha
+ *
+ */
@Service
public class OpenIdAuthorizationService extends OAuth2AuthorizationService {
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/service/OpenIdConfigService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/service/OpenIdConfigService.java
index 0820f3f..bcec0fa 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/service/OpenIdConfigService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/service/OpenIdConfigService.java
@@ -6,6 +6,10 @@
import de.ids_mannheim.korap.config.FullConfiguration;
import de.ids_mannheim.korap.oauth2.openid.OpenIdConfiguration;
+/**
+ * @author margaretha
+ *
+ */
@Service
public class OpenIdConfigService {
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/service/OpenIdTokenService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/service/OpenIdTokenService.java
index 15570e1..3da8545 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/service/OpenIdTokenService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/openid/service/OpenIdTokenService.java
@@ -55,6 +55,8 @@
import de.ids_mannheim.korap.utils.TimeUtils;
/**
+ * Token service implementation using OpenId.
+ *
* ID Tokens MUST be signed using JWS and optionally both signed and
* then encrypted using JWS [JWS] and JWE [JWE] respectively.
*
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2AuthorizationService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2AuthorizationService.java
index 4fab78a..4a50c8a 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2AuthorizationService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2AuthorizationService.java
@@ -19,6 +19,11 @@
import de.ids_mannheim.korap.oauth2.entity.Authorization;
import de.ids_mannheim.korap.oauth2.entity.OAuth2Client;
+/** Describes business logic behind OAuth2 authorization requests.
+ *
+ * @author margaretha
+ *
+ */
@Service(value = "authorizationService")
public class OAuth2AuthorizationService {
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
index f1e4de0..dbe097c 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
@@ -35,6 +35,9 @@
import de.ids_mannheim.korap.web.input.OAuth2ClientJson;
/**
+ * Defines business logic related to OAuth2 client including
+ * client registration and client authentication.
+ *
* According to RFC 6749, an authorization server MUST:
* <ul>
* <li>
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ScopeServiceImpl.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ScopeServiceImpl.java
index 7632032..d2d59eb 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ScopeServiceImpl.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ScopeServiceImpl.java
@@ -19,9 +19,13 @@
import de.ids_mannheim.korap.oauth2.constant.OAuth2Error;
import de.ids_mannheim.korap.oauth2.dao.AccessScopeDao;
import de.ids_mannheim.korap.oauth2.entity.AccessScope;
-import de.ids_mannheim.korap.oauth2.entity.AccessScope;
import de.ids_mannheim.korap.security.context.TokenContext;
+/** Defines business logic related to OAuth2 scopes.
+ *
+ * @author margaretha
+ *
+ */
public class OAuth2ScopeServiceImpl implements OAuth2ScopeService {
@Autowired
@@ -46,15 +50,16 @@
int index;
OAuth2Scope oauth2Scope = null;
for (String scope : scopes) {
- try{
- oauth2Scope = Enum.valueOf(OAuth2Scope.class, scope.toUpperCase());
+ try {
+ oauth2Scope =
+ Enum.valueOf(OAuth2Scope.class, scope.toUpperCase());
}
catch (IllegalArgumentException e) {
throw new KustvaktException(StatusCodes.INVALID_SCOPE,
scope + " is an invalid scope",
OAuth2Error.INVALID_SCOPE);
}
-
+
index = definedScopes.indexOf(new AccessScope(oauth2Scope));
if (index == -1) {
throw new KustvaktException(StatusCodes.INVALID_SCOPE,