From f125be9baeeadf96429879c85207e28573445ca9 Mon Sep 17 00:00:00 2001
From: jjg-123 <gaynor@illinois.edu>
Date: Wed, 6 Nov 2024 17:08:14 -0600
Subject: [PATCH] Fix for https://github.com/ncsa/oa4mp/issues/218. Changed
package and some class names related to virtual issuers.
---
client-installer/buildNumber.properties | 4 +-
oa4mp-server-oauth2/buildNumber.properties | 4 +-
.../src/main/webapp/WEB-INF/web.xml | 10 +++++
.../org/oa4mp/server/proxy/OA2ATServlet.java | 8 ++--
.../oa4mp/server/proxy/sas/CLISASServlet.java | 26 ++++++++++---
qdl/buildNumber.properties | 4 +-
.../server/qdl/storage/AdminClientStemMC.java | 2 +-
.../myproxy/oauth2/tools/OA2Commands.java | 26 +++++++------
.../myproxy/oauth2/tools/SASOA4MPCLI.java | 7 ++++
.../myproxy/oauth2/tools/VICommands.java | 6 +--
.../oauth2/tools/migrate/FSMigrater.java | 4 +-
.../src/main/resources/help/admin_help.xml | 2 +-
.../admin/adminClient/AdminClientKeys.java | 2 +-
server-installer/buildNumber.properties | 4 +-
.../org/oa4mp/server/loader/oauth2/OA2SE.java | 14 +++----
.../claims/AbstractAccessTokenHandler.java | 4 +-
.../loader/oauth2/claims/IDTokenHandler.java | 4 +-
.../oauth2/cm/oidc_cm/OIDCCMServlet.java | 4 +-
.../oauth2/loader/OA2ConfigurationLoader.java | 32 ++++++++--------
.../oauth2/servlet/BearerTokenServlet.java | 2 +-
.../servlet/OA2AuthorizedServletUtil.java | 19 ----------
.../oauth2/servlet/OA2DiscoveryServlet.java | 16 ++++----
.../loader/oauth2/servlet/OA2TokenUtils.java | 2 +-
.../server/loader/oauth2/servlet/RFC7662.java | 4 +-
.../state/ScriptRuntimeEngineFactory.java | 2 +-
.../oauth2/storage/clients/OA2Client.java | 2 +-
.../SQLVOStore.java => vi/SQLVIStore.java} | 6 +--
.../SQLVIStoreProvider.java} | 20 +++++-----
.../storage/{vo => vi}/VIConverter.java | 2 +-
.../VIFSProvider.java} | 10 ++---
.../storage/{vo => vi}/VIFileStore.java | 2 +-
.../storage/{vo => vi}/VIMemoryStore.java | 4 +-
.../VIMultiStoreProvider.java} | 14 +++----
.../VOProvider.java => vi/VIProvider.java} | 6 +--
.../{vo => vi}/VISerializationKeys.java | 8 +---
.../oauth2/storage/{vo => vi}/VIStore.java | 2 +-
.../{vo/VOTable.java => vi/VITable.java} | 6 +--
.../storage/{vo => vi}/VirtualIssuer.java | 2 +-
.../storage/{vo => vi}/package-info.java | 2 +-
.../loader/oauth2/tokens/UITokenUtils.java | 2 +-
server-test/buildNumber.properties | 4 +-
.../resources/flow-tests/auto/tests/all.qdl | 1 +
.../auto/tests/oauth-basic-introspection.qdl | 38 +++++++++++++++++++
.../server/test/OA2JSONPreprocessorTest.java | 14 +++----
.../org/oa4mp/server/test/ThingTester.java | 4 +-
.../src/site/xhtml/server/manuals/cli.xhtml | 2 +-
46 files changed, 207 insertions(+), 156 deletions(-)
create mode 100644 server-admin/src/main/java/org/oa4mp/server/admin/myproxy/oauth2/tools/SASOA4MPCLI.java
rename server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/{vo/SQLVOStore.java => vi/SQLVIStore.java} (93%)
rename server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/{vo/SQLVOStoreProvider.java => vi/SQLVIStoreProvider.java} (68%)
rename server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/{vo => vi}/VIConverter.java (98%)
rename server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/{vo/VOFSProvider.java => vi/VIFSProvider.java} (76%)
rename server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/{vo => vi}/VIFileStore.java (97%)
rename server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/{vo => vi}/VIMemoryStore.java (95%)
rename server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/{vo/VOMultiStoreProvider.java => vi/VIMultiStoreProvider.java} (74%)
rename server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/{vo/VOProvider.java => vi/VIProvider.java} (78%)
rename server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/{vo => vi}/VISerializationKeys.java (90%)
rename server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/{vo => vi}/VIStore.java (86%)
rename server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/{vo/VOTable.java => vi/VITable.java} (92%)
rename server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/{vo => vi}/VirtualIssuer.java (99%)
rename server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/{vo => vi}/package-info.java (65%)
create mode 100755 server-test/src/main/resources/flow-tests/auto/tests/oauth-basic-introspection.qdl
diff --git a/client-installer/buildNumber.properties b/client-installer/buildNumber.properties
index 0d875b4b3..3e9a81793 100644
--- a/client-installer/buildNumber.properties
+++ b/client-installer/buildNumber.properties
@@ -1,3 +1,3 @@
#maven.buildNumber.plugin properties file
-#Sun Nov 03 05:43:39 CST 2024
-buildNumber\\d*=553
+#Wed Nov 06 05:11:21 CST 2024
+buildNumber\\d*=559
diff --git a/oa4mp-server-oauth2/buildNumber.properties b/oa4mp-server-oauth2/buildNumber.properties
index 760f72f21..d9bdf241f 100644
--- a/oa4mp-server-oauth2/buildNumber.properties
+++ b/oa4mp-server-oauth2/buildNumber.properties
@@ -1,3 +1,3 @@
#maven.buildNumber.plugin properties file
-#Sun Nov 03 05:43:36 CST 2024
-buildNumber\\d*=12444
+#Wed Nov 06 05:11:18 CST 2024
+buildNumber\\d*=12448
diff --git a/oa4mp-server-oauth2/src/main/webapp/WEB-INF/web.xml b/oa4mp-server-oauth2/src/main/webapp/WEB-INF/web.xml
index 4b1f3be0e..693cb9701 100644
--- a/oa4mp-server-oauth2/src/main/webapp/WEB-INF/web.xml
+++ b/oa4mp-server-oauth2/src/main/webapp/WEB-INF/web.xml
@@ -124,6 +124,16 @@
<url-pattern>/register</url-pattern>
</servlet-mapping>
+ <servlet>
+ <servlet-name>sas</servlet-name>
+ <servlet-class>org.oa4mp.server.proxy.sas.CLISASServlet</servlet-class>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+ <servlet-mapping>
+ <servlet-name>sas</servlet-name>
+ <url-pattern>/sas/*</url-pattern>
+ </servlet-mapping>
+
<!-- <servlet>
<servlet-name>client</servlet-name>
<servlet-class>org.oa4mp.server.loader.oauth2.servlet.ClientServlet</servlet-class>
diff --git a/proxy/src/main/java/org/oa4mp/server/proxy/OA2ATServlet.java b/proxy/src/main/java/org/oa4mp/server/proxy/OA2ATServlet.java
index 57f04e728..c14c32fe8 100644
--- a/proxy/src/main/java/org/oa4mp/server/proxy/OA2ATServlet.java
+++ b/proxy/src/main/java/org/oa4mp/server/proxy/OA2ATServlet.java
@@ -12,7 +12,7 @@
import org.oa4mp.server.loader.oauth2.storage.transactions.OA2ServiceTransaction;
import org.oa4mp.server.loader.oauth2.storage.transactions.OA2TStoreInterface;
import org.oa4mp.server.loader.oauth2.storage.tx.TXRecord;
-import org.oa4mp.server.loader.oauth2.storage.vo.VirtualIssuer;
+import org.oa4mp.server.loader.oauth2.storage.vi.VirtualIssuer;
import org.oa4mp.server.loader.oauth2.tokens.UITokenUtils;
import org.oa4mp.server.api.admin.adminClient.AdminClient;
import org.oa4mp.server.api.admin.permissions.Permission;
@@ -700,7 +700,7 @@ Most of the machinery here is figuring out what type of token (JWT, default), lo
if (adminClient.getVirtualIssuer() == null) {
jsonWebKeys = oa2SE.getJsonWebKeys();
} else {
- VirtualIssuer vo = (VirtualIssuer) oa2SE.getVOStore().get(adminClient.getVirtualIssuer());
+ VirtualIssuer vo = (VirtualIssuer) oa2SE.getVIStore().get(adminClient.getVirtualIssuer());
if (vo == null) {
// Admin client is in a VO but no such VO is found. This implies an internal error
throw new NFWException("Virtual issuer \"" + adminClient.getVirtualIssuer() + "\"not found.");
@@ -2735,10 +2735,10 @@ protected void doRFC8628(OA2Client client, HttpServletRequest request, HttpServl
OA2SE oa2se = (OA2SE) MyProxyDelegationServlet.getServiceEnvironment();
VirtualIssuer vo = oa2se.getVI(transaction.getClient().getIdentifier());
if (vo == null) {
- debugger.trace(this, "no vo");
+ debugger.trace(this, "no vi");
((ATIResponse2) issuerTransactionState.getIssuerResponse()).setJsonWebKey((oa2se).getJsonWebKeys().getDefault());
} else {
- debugger.trace(this, "has vo");
+ debugger.trace(this, "has vi");
((ATIResponse2) issuerTransactionState.getIssuerResponse()).setJsonWebKey(vo.getJsonWebKeys().get(vo.getDefaultKeyID()));
}
debugger.trace(this, "writing AT response");
diff --git a/proxy/src/main/java/org/oa4mp/server/proxy/sas/CLISASServlet.java b/proxy/src/main/java/org/oa4mp/server/proxy/sas/CLISASServlet.java
index 7db434052..67386f1e1 100644
--- a/proxy/src/main/java/org/oa4mp/server/proxy/sas/CLISASServlet.java
+++ b/proxy/src/main/java/org/oa4mp/server/proxy/sas/CLISASServlet.java
@@ -1,12 +1,13 @@
package org.oa4mp.server.proxy.sas;
-import org.oa4mp.server.loader.oauth2.OA2SE;
-import org.oa4mp.server.api.storage.servlet.MyProxyDelegationServlet;
+import edu.uiuc.ncsa.sas.*;
+import edu.uiuc.ncsa.sas.loader.SASConfigurationLoader;
+import org.apache.commons.configuration.tree.ConfigurationNode;
import org.oa4mp.server.admin.myproxy.oauth2.tools.OA2Commands;
-import edu.uiuc.ncsa.sas.Executable;
-import edu.uiuc.ncsa.sas.SASCLIDriver;
-import edu.uiuc.ncsa.sas.SASServlet;
-import edu.uiuc.ncsa.sas.StringIO;
+import org.oa4mp.server.api.storage.servlet.MyProxyDelegationServlet;
+import org.oa4mp.server.loader.oauth2.OA2SE;
+
+import static edu.uiuc.ncsa.security.util.configuration.XMLConfigUtil.findConfiguration;
/**
* <p>Created by Jeff Gaynor<br>
@@ -15,11 +16,24 @@
public class CLISASServlet extends SASServlet {
@Override
public Executable createExecutable(String executableName) {
+
OA2SE oa2SE = (OA2SE) MyProxyDelegationServlet.getServiceEnvironment();
OA2Commands oa2Commands = new OA2Commands(oa2SE.getMyLogger());
+ oa2Commands.setEnvironment(oa2SE); // gives it the same runtime as the server.
StringIO stringIO = new StringIO("");
SASCLIDriver sascliDriver = new SASCLIDriver(stringIO);
sascliDriver.addCommands(oa2Commands);
return sascliDriver;
}
+
+ @Override
+ protected SASEnvironment getSASE() {
+ if(sase == null){
+ ConfigurationNode node = findConfiguration("/home/ncsa/dev/csd/config/sas/sat.xml", "oa4mp", "sas");
+ SASConfigurationLoader configurationLoader = new SASConfigurationLoader(node);
+ sase = configurationLoader.load();
+ System.out.println(getClass().getSimpleName() + ":\n" + sase.getClientStore());
+ }
+ return sase;
+ }
}
diff --git a/qdl/buildNumber.properties b/qdl/buildNumber.properties
index 644114d55..322b47070 100644
--- a/qdl/buildNumber.properties
+++ b/qdl/buildNumber.properties
@@ -1,3 +1,3 @@
#maven.buildNumber.plugin properties file
-#Sun Nov 03 05:43:39 CST 2024
-buildNumber\\d*=13489
+#Wed Nov 06 05:11:21 CST 2024
+buildNumber\\d*=13497
diff --git a/qdl/src/main/java/org/oa4mp/server/qdl/storage/AdminClientStemMC.java b/qdl/src/main/java/org/oa4mp/server/qdl/storage/AdminClientStemMC.java
index d728dd349..040b346f6 100644
--- a/qdl/src/main/java/org/oa4mp/server/qdl/storage/AdminClientStemMC.java
+++ b/qdl/src/main/java/org/oa4mp/server/qdl/storage/AdminClientStemMC.java
@@ -31,7 +31,7 @@ public V fromMap(QDLStem stem, V v) {
String issuer = "issuer";
String maxClients = "max_clients";
String notifyOnNewClientCreate="new_client_notify";
- String vo="vo";
+ String vi="vi";
String voURI="vo_uri";
*/
diff --git a/server-admin/src/main/java/org/oa4mp/server/admin/myproxy/oauth2/tools/OA2Commands.java b/server-admin/src/main/java/org/oa4mp/server/admin/myproxy/oauth2/tools/OA2Commands.java
index 267bc9765..71994e79a 100644
--- a/server-admin/src/main/java/org/oa4mp/server/admin/myproxy/oauth2/tools/OA2Commands.java
+++ b/server-admin/src/main/java/org/oa4mp/server/admin/myproxy/oauth2/tools/OA2Commands.java
@@ -1,13 +1,5 @@
package org.oa4mp.server.admin.myproxy.oauth2.tools;
-import org.oa4mp.server.loader.oauth2.OA2SE;
-import org.oa4mp.server.loader.oauth2.functor.claims.OA2FunctorFactory;
-import org.oa4mp.server.loader.oauth2.loader.OA2ConfigurationLoader;
-import org.oa4mp.server.admin.myproxy.oauth2.Banners;
-import org.oa4mp.server.admin.myproxy.oauth2.base.BaseCommands;
-import org.oa4mp.server.admin.myproxy.oauth2.base.ClientStoreCommands;
-import org.oa4mp.server.admin.myproxy.oauth2.base.CopyCommands;
-import org.oa4mp.delegation.common.OA4MPVersion;
import edu.uiuc.ncsa.sas.SASCLIDriver;
import edu.uiuc.ncsa.sas.StringIO;
import edu.uiuc.ncsa.sas.thing.response.LogonResponse;
@@ -20,9 +12,16 @@
import edu.uiuc.ncsa.security.util.configuration.XMLConfigUtil;
import org.apache.commons.configuration.tree.ConfigurationNode;
import org.apache.commons.lang.StringUtils;
+import org.oa4mp.delegation.common.OA4MPVersion;
+import org.oa4mp.server.admin.myproxy.oauth2.Banners;
+import org.oa4mp.server.admin.myproxy.oauth2.base.BaseCommands;
+import org.oa4mp.server.admin.myproxy.oauth2.base.ClientStoreCommands;
+import org.oa4mp.server.admin.myproxy.oauth2.base.CopyCommands;
+import org.oa4mp.server.loader.oauth2.OA2SE;
+import org.oa4mp.server.loader.oauth2.functor.claims.OA2FunctorFactory;
+import org.oa4mp.server.loader.oauth2.loader.OA2ConfigurationLoader;
-import java.util.HashMap;
-import java.util.LinkedList;
+import java.util.*;
/**
* <p>Created by Jeff Gaynor<br>
@@ -87,7 +86,10 @@ OA2SE getOA2SE() throws Exception {
public static void main(String[] args) {
try {
- InputLine inputLine = new InputLine(args);
+ ArrayList<String> aaa = new ArrayList<>();
+ aaa.add(OA2Commands.class.getSimpleName()); // dummy first argument
+ aaa.addAll(Arrays.asList(args));
+ InputLine inputLine = new InputLine(aaa);
if (inputLine.hasArg("-sas")) {
setupSAS(inputLine);
return;
@@ -200,7 +202,7 @@ protected CommonCommands getTokenCommands() throws Throwable {
protected VICommands getVOCommands() throws Throwable {
if (VICommands == null) {
- VICommands = new VICommands(getMyLogger(), " ", getOA2SE().getVOStore());
+ VICommands = new VICommands(getMyLogger(), " ", getOA2SE().getVIStore());
VICommands.setEnvironment(getOA2SE());
}
return VICommands;
diff --git a/server-admin/src/main/java/org/oa4mp/server/admin/myproxy/oauth2/tools/SASOA4MPCLI.java b/server-admin/src/main/java/org/oa4mp/server/admin/myproxy/oauth2/tools/SASOA4MPCLI.java
new file mode 100644
index 000000000..5c12b2bb8
--- /dev/null
+++ b/server-admin/src/main/java/org/oa4mp/server/admin/myproxy/oauth2/tools/SASOA4MPCLI.java
@@ -0,0 +1,7 @@
+package org.oa4mp.server.admin.myproxy.oauth2.tools;
+
+/**
+ * This is the command line version of the CLI to talk to a SAS instance.
+ */
+public class SASOA4MPCLI {
+}
diff --git a/server-admin/src/main/java/org/oa4mp/server/admin/myproxy/oauth2/tools/VICommands.java b/server-admin/src/main/java/org/oa4mp/server/admin/myproxy/oauth2/tools/VICommands.java
index f24e15a35..b4c64d859 100644
--- a/server-admin/src/main/java/org/oa4mp/server/admin/myproxy/oauth2/tools/VICommands.java
+++ b/server-admin/src/main/java/org/oa4mp/server/admin/myproxy/oauth2/tools/VICommands.java
@@ -3,9 +3,9 @@
import edu.uiuc.ncsa.security.core.Identifier;
import edu.uiuc.ncsa.security.core.util.BasicIdentifier;
import org.oa4mp.server.api.admin.adminClient.AdminClient;
-import org.oa4mp.server.loader.oauth2.storage.vo.VISerializationKeys;
-import org.oa4mp.server.loader.oauth2.storage.vo.VIStore;
-import org.oa4mp.server.loader.oauth2.storage.vo.VirtualIssuer;
+import org.oa4mp.server.loader.oauth2.storage.vi.VISerializationKeys;
+import org.oa4mp.server.loader.oauth2.storage.vi.VIStore;
+import org.oa4mp.server.loader.oauth2.storage.vi.VirtualIssuer;
import org.oa4mp.server.loader.qdl.util.SigningCommands;
import org.oa4mp.server.admin.myproxy.oauth2.base.StoreCommands2;
import edu.uiuc.ncsa.security.core.Identifiable;
diff --git a/server-admin/src/main/java/org/oa4mp/server/admin/myproxy/oauth2/tools/migrate/FSMigrater.java b/server-admin/src/main/java/org/oa4mp/server/admin/myproxy/oauth2/tools/migrate/FSMigrater.java
index 50939764f..6d92219a4 100644
--- a/server-admin/src/main/java/org/oa4mp/server/admin/myproxy/oauth2/tools/migrate/FSMigrater.java
+++ b/server-admin/src/main/java/org/oa4mp/server/admin/myproxy/oauth2/tools/migrate/FSMigrater.java
@@ -3,7 +3,7 @@
import org.oa4mp.server.loader.oauth2.OA2SE;
import org.oa4mp.server.loader.oauth2.storage.transactions.OA2TStoreInterface;
import org.oa4mp.server.loader.oauth2.storage.tx.TXStore;
-import org.oa4mp.server.loader.oauth2.storage.vo.VIStore;
+import org.oa4mp.server.loader.oauth2.storage.vi.VIStore;
import org.oa4mp.server.api.admin.adminClient.AdminClientStore;
import org.oa4mp.server.api.admin.permissions.Permission;
import org.oa4mp.server.api.admin.permissions.PermissionsStore;
@@ -364,7 +364,7 @@ public void migrate(OA2SE targetSE,
store = targetSE.getAdminClientStore();
}
if (name.equalsIgnoreCase(VIRTUAL_ORGANIZATION_STORE)) {
- store = targetSE.getVOStore();
+ store = targetSE.getVIStore();
}
if (name.equalsIgnoreCase(TOKEN_EXCHANGE_RECORD_STORE)) {
store = targetSE.getTxStore();
diff --git a/server-admin/src/main/resources/help/admin_help.xml b/server-admin/src/main/resources/help/admin_help.xml
index d37a38785..1cbbad01a 100644
--- a/server-admin/src/main/resources/help/admin_help.xml
+++ b/server-admin/src/main/resources/help/admin_help.xml
@@ -256,7 +256,7 @@ oa2>use admins
admin_id* debug_on last_modified_ts name vo_uri
allow_qdl description list_users new_client_notify
config email list_users_other_clients secret
-creation_ts issuer max_clients vo
+creation_ts issuer max_clients vi
admins>/commands
approve count_clients list_clients
approver_search list_ersatz
diff --git a/server-api/src/main/java/org/oa4mp/server/api/admin/adminClient/AdminClientKeys.java b/server-api/src/main/java/org/oa4mp/server/api/admin/adminClient/AdminClientKeys.java
index 90df7d9ce..bf0922047 100644
--- a/server-api/src/main/java/org/oa4mp/server/api/admin/adminClient/AdminClientKeys.java
+++ b/server-api/src/main/java/org/oa4mp/server/api/admin/adminClient/AdminClientKeys.java
@@ -25,7 +25,7 @@ public AdminClientKeys() {
String issuer = "issuer";
String maxClients = "max_clients";
String notifyOnNewClientCreate="new_client_notify";
- String vo="vo";
+ String vo="vi";
String voURI="vo_uri";
String listUsers = "list_users";
String listUsersInOtherClients = "list_users_other_clients";
diff --git a/server-installer/buildNumber.properties b/server-installer/buildNumber.properties
index bb94e7df2..57b0cf51f 100644
--- a/server-installer/buildNumber.properties
+++ b/server-installer/buildNumber.properties
@@ -1,3 +1,3 @@
#maven.buildNumber.plugin properties file
-#Sun Nov 03 05:43:39 CST 2024
-buildNumber\\d*=551
+#Wed Nov 06 05:11:21 CST 2024
+buildNumber\\d*=557
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/OA2SE.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/OA2SE.java
index d9212a8a4..be44ad3b1 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/OA2SE.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/OA2SE.java
@@ -5,8 +5,8 @@
import org.oa4mp.server.loader.oauth2.loader.OA2ConfigurationLoader;
import org.oa4mp.server.loader.oauth2.servlet.RFC8628ServletConfig;
import org.oa4mp.server.loader.oauth2.storage.tx.TXStore;
-import org.oa4mp.server.loader.oauth2.storage.vo.VIStore;
-import org.oa4mp.server.loader.oauth2.storage.vo.VirtualIssuer;
+import org.oa4mp.server.loader.oauth2.storage.vi.VIStore;
+import org.oa4mp.server.loader.oauth2.storage.vi.VirtualIssuer;
import org.oa4mp.server.loader.qdl.scripting.OA2QDLEnvironment;
import org.oa4mp.server.api.MyProxyFacadeProvider;
import org.oa4mp.server.api.ServiceEnvironmentImpl;
@@ -337,7 +337,7 @@ public long getMaxRTLifetime() {
VIStore VIStore;
- public VIStore getVOStore() {
+ public VIStore getVIStore() {
return VIStore;
}
@@ -629,8 +629,8 @@ public VirtualIssuer getVI(Identifier clientID) {
return null; // no VO set. Most common case.
}
DebugUtil.trace(this, "got admin client " + ac.getIdentifierString());
- VirtualIssuer vo = (VirtualIssuer) getVOStore().get(ac.getVirtualIssuer());
- DebugUtil.trace(this, "got vo " + (vo == null ? "(none)" : vo.getIdentifierString()));
+ VirtualIssuer vo = (VirtualIssuer) getVIStore().get(ac.getVirtualIssuer());
+ DebugUtil.trace(this, "got vi " + (vo == null ? "(none)" : vo.getIdentifierString()));
if (!vo.isValid()) {
throw new GeneralException("invalid virtual issuer \"" + vo.getIdentifierString() + "\"");
}
@@ -649,7 +649,7 @@ public VirtualIssuer getVI(Identifier clientID) {
public List<Store> listStores() {
List<Store> stores = super.listStores();
stores.add(getTxStore());
- stores.add(getVOStore());
+ stores.add(getVIStore());
return stores;
}
@@ -702,7 +702,7 @@ public List<Store> getAllStores() {
storeList.add(getClientStore());
storeList.add(getClientApprovalStore());
storeList.add(getPermissionStore());
- storeList.add(getVOStore());
+ storeList.add(getVIStore());
storeList.add(getTransactionStore());
storeList.add(getTxStore());
}
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/claims/AbstractAccessTokenHandler.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/claims/AbstractAccessTokenHandler.java
index 0a3f6e460..14ab34d3e 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/claims/AbstractAccessTokenHandler.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/claims/AbstractAccessTokenHandler.java
@@ -3,7 +3,7 @@
import org.oa4mp.server.loader.oauth2.servlet.ClientUtils;
import org.oa4mp.server.loader.oauth2.servlet.OA2DiscoveryServlet;
import org.oa4mp.server.loader.oauth2.storage.tx.TXRecord;
-import org.oa4mp.server.loader.oauth2.storage.vo.VirtualIssuer;
+import org.oa4mp.server.loader.oauth2.storage.vi.VirtualIssuer;
import org.oa4mp.server.loader.oauth2.tokens.AccessTokenConfig;
import org.oa4mp.server.loader.oauth2.tokens.AuthorizationPath;
import org.oa4mp.server.loader.oauth2.tokens.AuthorizationTemplate;
@@ -460,7 +460,7 @@ public void saveState(String execPhase) throws Throwable {
public void setAccountingInformation() {
JSONObject atData = getPayload();
// Figure out issuer. If in config, that wins. If not, if the client is
- // in a vo, use the designated at issuer. If that is not set, use the
+ // in a vi, use the designated at issuer. If that is not set, use the
// VO issuer. If that fails, get the server issuer from the discovery servlet.
//
String issuer = "";
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/claims/IDTokenHandler.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/claims/IDTokenHandler.java
index b6df2d7fb..7986b729b 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/claims/IDTokenHandler.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/claims/IDTokenHandler.java
@@ -5,7 +5,7 @@
import org.oa4mp.server.loader.oauth2.servlet.OA2HeaderUtils;
import org.oa4mp.server.loader.oauth2.storage.clients.OA2Client;
import org.oa4mp.server.loader.oauth2.storage.transactions.OA2ServiceTransaction;
-import org.oa4mp.server.loader.oauth2.storage.vo.VirtualIssuer;
+import org.oa4mp.server.loader.oauth2.storage.vi.VirtualIssuer;
import org.oa4mp.server.api.admin.adminClient.AdminClient;
import org.oa4mp.delegation.common.token.impl.IDTokenImpl;
import org.oa4mp.delegation.common.token.impl.TokenFactory;
@@ -75,7 +75,7 @@ protected void setIssuer(HttpServletRequest request) {
issuer = null;
// So in order
VirtualIssuer vo = oa2se.getVI(transaction.getClient().getIdentifier());
- DebugUtil.trace(this, "vo = " + vo);
+ DebugUtil.trace(this, "vi = " + vo);
if (vo != null) {
issuer = vo.getIssuer();
// if issuer set, return it.
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/cm/oidc_cm/OIDCCMServlet.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/cm/oidc_cm/OIDCCMServlet.java
index fb90b59eb..aa8827078 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/cm/oidc_cm/OIDCCMServlet.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/cm/oidc_cm/OIDCCMServlet.java
@@ -12,7 +12,7 @@
import org.oa4mp.server.loader.oauth2.storage.clients.OA2Client;
import org.oa4mp.server.loader.oauth2.storage.clients.OA2ClientConverter;
import org.oa4mp.server.loader.oauth2.storage.clients.OA2ClientKeys;
-import org.oa4mp.server.loader.oauth2.storage.vo.VirtualIssuer;
+import org.oa4mp.server.loader.oauth2.storage.vi.VirtualIssuer;
import org.oa4mp.server.api.admin.adminClient.AdminClient;
import org.oa4mp.server.api.admin.permissions.Permission;
import org.oa4mp.server.api.storage.servlet.EnvServlet;
@@ -332,7 +332,7 @@ private void handleServerQuery(AdminClient adminClient, List<String> queries, Ht
jsonObject.put("issuer", getOA2SE().getIssuer());
jsonObject.put("at_issuer", getOA2SE().getIssuer());
} else {
- VirtualIssuer vo = (VirtualIssuer) getOA2SE().getVOStore().get(adminClient.getVirtualIssuer());
+ VirtualIssuer vo = (VirtualIssuer) getOA2SE().getVIStore().get(adminClient.getVirtualIssuer());
jsonObject.put("issuer", vo.getIssuer());
jsonObject.put("at_issuer", vo.getAtIssuer());
}
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/loader/OA2ConfigurationLoader.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/loader/OA2ConfigurationLoader.java
index cf0abda54..c60c2d225 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/loader/OA2ConfigurationLoader.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/loader/OA2ConfigurationLoader.java
@@ -74,7 +74,7 @@
import org.oa4mp.server.loader.oauth2.storage.clients.OA2ClientSQLStoreProvider;
import org.oa4mp.server.loader.oauth2.storage.transactions.*;
import org.oa4mp.server.loader.oauth2.storage.tx.*;
-import org.oa4mp.server.loader.oauth2.storage.vo.*;
+import org.oa4mp.server.loader.oauth2.storage.vi.*;
import org.oa4mp.server.loader.qdl.scripting.OA2QDLConfigurationLoader;
import org.oa4mp.server.loader.qdl.scripting.OA2QDLEnvironment;
import org.qdl_lang.config.QDLConfigurationConstants;
@@ -1693,57 +1693,57 @@ protected SQLTXRStoreProvider createSQLTXRecordP(ConfigurationNode config,
}
- protected SQLVOStoreProvider createSQLVOP(ConfigurationNode config,
+ protected SQLVIStoreProvider createSQLVOP(ConfigurationNode config,
ConnectionPoolProvider<? extends ConnectionPool> cpp,
String type,
- VOProvider<? extends VirtualIssuer> tp,
+ VIProvider<? extends VirtualIssuer> tp,
Provider<TokenForge> tfp,
VIConverter converter) {
- return new SQLVOStoreProvider(config, cpp, type, converter, tp);
+ return new SQLVIStoreProvider(config, cpp, type, converter, tp);
}
Provider<VIStore> voStoreProvider;
protected Provider<VIStore> getVOStoreProvider() {
- VOProvider voProvider = new VOProvider(null, (OA2TokenForge) getTokenForgeProvider().get());
- VIConverter VIConverter = new VIConverter(new VISerializationKeys(), voProvider);
- return getVOStoreProvider(voProvider, VIConverter);
+ VIProvider VIProvider = new VIProvider(null, (OA2TokenForge) getTokenForgeProvider().get());
+ VIConverter VIConverter = new VIConverter(new VISerializationKeys(), VIProvider);
+ return getVOStoreProvider(VIProvider, VIConverter);
}
- protected Provider<VIStore> getVOStoreProvider(VOProvider voProvider,
+ protected Provider<VIStore> getVOStoreProvider(VIProvider VIProvider,
VIConverter<? extends VirtualIssuer> VIConverter) {
if (voStoreProvider == null) {
- VOMultiStoreProvider storeProvider = new VOMultiStoreProvider(cn,
+ VIMultiStoreProvider storeProvider = new VIMultiStoreProvider(cn,
isDefaultStoreDisabled(),
getMyLogger(),
null, null,
- voProvider, VIConverter);
+ VIProvider, VIConverter);
storeProvider.addListener(createSQLVOP(cn,
getMySQLConnectionPoolProvider(),
OA4MPConfigTags.MYSQL_STORE,
- voProvider,
+ VIProvider,
getTokenForgeProvider(),
VIConverter));
storeProvider.addListener(createSQLVOP(cn,
getMariaDBConnectionPoolProvider(),
OA4MPConfigTags.MARIADB_STORE,
- voProvider,
+ VIProvider,
getTokenForgeProvider(),
VIConverter));
storeProvider.addListener(createSQLVOP(cn,
getPgConnectionPoolProvider(),
OA4MPConfigTags.POSTGRESQL_STORE,
- voProvider,
+ VIProvider,
getTokenForgeProvider(),
VIConverter));
storeProvider.addListener(createSQLVOP(cn,
getDerbyConnectionPoolProvider(),
OA4MPConfigTags.DERBY_STORE,
- voProvider,
+ VIProvider,
getTokenForgeProvider(),
VIConverter));
- storeProvider.addListener(new VOFSProvider(cn, voProvider, VIConverter));
+ storeProvider.addListener(new VIFSProvider(cn, VIProvider, VIConverter));
storeProvider.addListener(new TypedProvider<VIStore>(cn, OA4MPConfigTags.MEMORY_STORE, OA4MPConfigTags.VIRTUAL_ORGANIZATION_STORE) {
@Override
public Object componentFound(CfgEvent configurationEvent) {
@@ -1755,7 +1755,7 @@ public Object componentFound(CfgEvent configurationEvent) {
@Override
public VIStore get() {
- return new VIMemoryStore(voProvider, VIConverter);
+ return new VIMemoryStore(VIProvider, VIConverter);
}
});
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/servlet/BearerTokenServlet.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/servlet/BearerTokenServlet.java
index 967a2868f..62af39eed 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/servlet/BearerTokenServlet.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/servlet/BearerTokenServlet.java
@@ -3,7 +3,7 @@
import org.oa4mp.server.loader.oauth2.OA2SE;
import org.oa4mp.server.loader.oauth2.storage.transactions.OA2ServiceTransaction;
import org.oa4mp.server.loader.oauth2.storage.tx.TXRecord;
-import org.oa4mp.server.loader.oauth2.storage.vo.VirtualIssuer;
+import org.oa4mp.server.loader.oauth2.storage.vi.VirtualIssuer;
import org.oa4mp.server.api.storage.servlet.MyProxyDelegationServlet;
import edu.uiuc.ncsa.security.core.util.BasicIdentifier;
import org.oa4mp.delegation.common.token.impl.AccessTokenImpl;
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/servlet/OA2AuthorizedServletUtil.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/servlet/OA2AuthorizedServletUtil.java
index 8cc8c569e..be2061394 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/servlet/OA2AuthorizedServletUtil.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/servlet/OA2AuthorizedServletUtil.java
@@ -127,25 +127,6 @@ Extended attribute support means that a client may send fully qualifies (FQ) req
String codeChallenge = req.getParameter(RFC7636Util.CODE_CHALLENGE);
String codeChallengeMethod = req.getParameter(RFC7636Util.CODE_CHALLENGE_METHOD);
setupPKCE(codeChallenge,codeChallengeMethod,oa2se,transaction,resolvedClient,debugger);
- /* if (StringUtils.isTrivial(codeChallenge)) {
- if (oa2se.isRfc7636Required() && resolvedClient.isPublicClient()) {
- throw new OA2RedirectableError(OA2Errors.ACCESS_DENIED,
- "access denied",
- HttpStatus.SC_UNAUTHORIZED,
- transaction.getRequestState(),
- transaction.getCallback());
-
- }
- } else {
- debugger.trace(this, "Setting code challenge to codeChallenge");
- transaction.setCodeChallenge(codeChallenge);
- if (StringUtils.isTrivial(codeChallengeMethod)) {
- transaction.setCodeChallengeMethod(RFC7636Util.METHOD_PLAIN);
- } else {
- transaction.setCodeChallengeMethod(codeChallengeMethod);
- }
- }*/
-
Map<String, String> params = agResponse.getParameters();
XMLMap backup = GenericStoreUtils.toXML(getServiceEnvironment().getTransactionStore(), transaction);
preprocess(new TransactionState(req, resp, params, transaction, backup));
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/servlet/OA2DiscoveryServlet.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/servlet/OA2DiscoveryServlet.java
index 8f06b3e98..cc3c10954 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/servlet/OA2DiscoveryServlet.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/servlet/OA2DiscoveryServlet.java
@@ -1,7 +1,7 @@
package org.oa4mp.server.loader.oauth2.servlet;
import org.oa4mp.server.loader.oauth2.OA2SE;
-import org.oa4mp.server.loader.oauth2.storage.vo.VirtualIssuer;
+import org.oa4mp.server.loader.oauth2.storage.vi.VirtualIssuer;
import org.oa4mp.server.api.storage.servlet.DiscoveryServlet;
import org.oa4mp.delegation.server.OA2Constants;
import org.oa4mp.delegation.server.OA2Errors;
@@ -52,7 +52,7 @@ protected VirtualIssuer getVI(HttpServletRequest req, String requestUri) {
if (st.hasMoreTokens()) {
String component = st.nextToken();
// Fix for CIL-976
- vo = getOA2SE().getVOStore().findByPath(host + DISCOVERY_PATH_SEPARATOR + component);
+ vo = getOA2SE().getVIStore().findByPath(host + DISCOVERY_PATH_SEPARATOR + component);
if (vo == null) {
// Then this is not recognized.
throw new OA2GeneralError(OA2Errors.INVALID_REQUEST,
@@ -77,12 +77,12 @@ protected VirtualIssuer getVI(HttpServletRequest req, String requestUri) {
// case 2: Check for default
String nextToken = st.nextToken();
if (x.equals(WELL_KNOWN_PATH) && nextToken.equals(OPENID_CONFIG_PATH) || nextToken.equals(OAUTH_AUTHZ_SERVER_PATH)) {
- return vo; // default case, no vo components.
+ return vo; // default case, no vi components.
}
- // case 3, vo component comes first
+ // case 3, vi component comes first
if (nextToken.equals(WELL_KNOWN_PATH) && st.nextToken().equals(OPENID_CONFIG_PATH) && !st.hasMoreTokens()) {
// Fix for CIL-976
- vo = getOA2SE().getVOStore().findByPath(host + DISCOVERY_PATH_SEPARATOR + x);
+ vo = getOA2SE().getVIStore().findByPath(host + DISCOVERY_PATH_SEPARATOR + x);
} else {
throw new OA2GeneralError(OA2Errors.INVALID_REQUEST,
"unsupported discovery url for \"" + x + "\"",
@@ -90,7 +90,7 @@ protected VirtualIssuer getVI(HttpServletRequest req, String requestUri) {
null);
}
- // default case, no special component, so return default vo.
+ // default case, no special component, so return default vi.
return vo;
}
@@ -122,14 +122,14 @@ protected void doIt(HttpServletRequest httpServletRequest, HttpServletResponse h
if (requestUri.endsWith(certPath)) {
requestUri = requestUri.substring(0, requestUri.length() - certPath.length()); // whack off certs part
} else {
- requestUri = requestUri.substring(requestUri.indexOf(certPath) + certPath.length()); // whack off leading certs part (vo suffix case)
+ requestUri = requestUri.substring(requestUri.indexOf(certPath) + certPath.length()); // whack off leading certs part (vi suffix case)
}
}
// normalize the uri
if (isCerts) {
String discoveryPath = requestUri.substring(1 + requestUri.lastIndexOf("/"));
// Fix for CIL-976
- VirtualIssuer vo = getOA2SE().getVOStore().findByPath(getOA2SE().getServiceAddress().getHost() + DISCOVERY_PATH_SEPARATOR + discoveryPath);
+ VirtualIssuer vo = getOA2SE().getVIStore().findByPath(getOA2SE().getServiceAddress().getHost() + DISCOVERY_PATH_SEPARATOR + discoveryPath);
JSONWebKeys publicKeys;
if (vo == null) {
publicKeys = JSONWebKeyUtil.makePublic(((OA2SE) getServiceEnvironment()).getJsonWebKeys());
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/servlet/OA2TokenUtils.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/servlet/OA2TokenUtils.java
index b29dd83ae..efbc0aed0 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/servlet/OA2TokenUtils.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/servlet/OA2TokenUtils.java
@@ -5,7 +5,7 @@
import org.oa4mp.server.loader.oauth2.storage.clients.OA2Client;
import org.oa4mp.server.loader.oauth2.storage.transactions.OA2ServiceTransaction;
import org.oa4mp.server.loader.oauth2.storage.tx.TXRecord;
-import org.oa4mp.server.loader.oauth2.storage.vo.VirtualIssuer;
+import org.oa4mp.server.loader.oauth2.storage.vi.VirtualIssuer;
import org.oa4mp.server.api.util.ClientDebugUtil;
import org.oa4mp.delegation.common.storage.clients.BaseClient;
import edu.uiuc.ncsa.security.core.exceptions.InvalidAlgorithmException;
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/servlet/RFC7662.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/servlet/RFC7662.java
index 53242896c..b83969a43 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/servlet/RFC7662.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/servlet/RFC7662.java
@@ -131,16 +131,18 @@ protected void populateResponse(State state, JSONObject json) {
OA2ServiceTransaction transaction = state.transaction;
long authTime = transaction.getAuthTime().getTime();
+ // Fix for https://github.com/ncsa/oa4mp/issues/218
if (state.isAT) {
json.put(OA2Claims.AUDIENCE, transaction.getAudience());
json.put(OA2Constants.SCOPE, transaction.getScopes());
json.put(OA2Claims.EXPIRATION, (authTime + transaction.getAccessTokenLifetime()) / 1000);
+ }else{
+ json.put(OA2Claims.EXPIRATION, (authTime + transaction.getRefreshTokenLifetime()) / 1000);
}
// In a standard OA4MP token (this case) there is no issuer outside of the service itself.
if (transaction.getUserMetaData().containsKey(OA2Claims.ISSUER)) {
json.put(OA2Claims.ISSUER, transaction.getUserMetaData().getString(OA2Claims.ISSUER));
}
- json.put(OA2Claims.EXPIRATION, token.getIssuedAt() / 1000);
json.put(OA2Claims.ISSUED_AT, authTime / 1000);
json.put(OA2Claims.NOT_VALID_BEFORE, token.getIssuedAt() / 1000);
json.put(OA2Claims.JWT_ID, token.getJti().toString());
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/state/ScriptRuntimeEngineFactory.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/state/ScriptRuntimeEngineFactory.java
index 75358af52..5e1507782 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/state/ScriptRuntimeEngineFactory.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/state/ScriptRuntimeEngineFactory.java
@@ -5,7 +5,7 @@
import org.oa4mp.server.loader.oauth2.storage.clients.OA2Client;
import org.oa4mp.server.loader.oauth2.storage.transactions.OA2ServiceTransaction;
import org.oa4mp.server.loader.oauth2.storage.tx.TXRecord;
-import org.oa4mp.server.loader.oauth2.storage.vo.VirtualIssuer;
+import org.oa4mp.server.loader.oauth2.storage.vi.VirtualIssuer;
import org.oa4mp.server.loader.qdl.scripting.OA2State;
import org.oa4mp.server.loader.qdl.scripting.QDLRuntimeEngine;
import org.qdl_lang.evaluate.MetaEvaluator;
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/clients/OA2Client.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/clients/OA2Client.java
index ff010237d..37a682ce6 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/clients/OA2Client.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/clients/OA2Client.java
@@ -309,7 +309,7 @@ public void setLdaps(Collection<LDAPConfiguration> ldaps) {
protected String xoauth_attributes = "xoauth_attributes";
protected String oa4mp_attributes = "oa4mp_attributes";
protected String oidc_cm_attributes = "oidc-cm_attributes";
- protected String TOKENS_KEY = "/tokens";
+ protected String TOKENS_KEY = "/tokens"; // Caveat, this is used to create the JSON Path searching in the cfg
protected String ACCESS_TOKENS_KEY = "access";
protected String REFRESH_TOKENS_KEY = "refresh";
protected String ID_TOKENS_KEY = "identity";
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/SQLVOStore.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/SQLVIStore.java
similarity index 93%
rename from server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/SQLVOStore.java
rename to server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/SQLVIStore.java
index d1f8be5d8..99acd1a85 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/SQLVOStore.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/SQLVIStore.java
@@ -1,4 +1,4 @@
-package org.oa4mp.server.loader.oauth2.storage.vo;
+package org.oa4mp.server.loader.oauth2.storage.vi;
import edu.uiuc.ncsa.security.core.exceptions.GeneralException;
import edu.uiuc.ncsa.security.storage.data.MapConverter;
@@ -19,8 +19,8 @@
* <p>Created by Jeff Gaynor<br>
* on 2/19/21 at 4:48 PM
*/
-public class SQLVOStore<V extends VirtualIssuer> extends MonitoredSQLStore<V> implements VIStore<V> {
- public SQLVOStore(ConnectionPool connectionPool, Table table, Provider<V> identifiableProvider, MapConverter<V> converter) {
+public class SQLVIStore<V extends VirtualIssuer> extends MonitoredSQLStore<V> implements VIStore<V> {
+ public SQLVIStore(ConnectionPool connectionPool, Table table, Provider<V> identifiableProvider, MapConverter<V> converter) {
super(connectionPool, table, identifiableProvider, converter);
}
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/SQLVOStoreProvider.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/SQLVIStoreProvider.java
similarity index 68%
rename from server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/SQLVOStoreProvider.java
rename to server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/SQLVIStoreProvider.java
index efbc6d2be..2f50e74ed 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/SQLVOStoreProvider.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/SQLVIStoreProvider.java
@@ -1,4 +1,4 @@
-package org.oa4mp.server.loader.oauth2.storage.vo;
+package org.oa4mp.server.loader.oauth2.storage.vi;
import org.oa4mp.server.api.OA4MPConfigTags;
import edu.uiuc.ncsa.security.storage.sql.ConnectionPool;
@@ -11,30 +11,30 @@
* <p>Created by Jeff Gaynor<br>
* on 12/14/20 at 11:27 AM
*/
-public class SQLVOStoreProvider<T extends SQLVOStore> extends SQLStoreProvider<T> implements OA4MPConfigTags {
+public class SQLVIStoreProvider<T extends SQLVIStore> extends SQLStoreProvider<T> implements OA4MPConfigTags {
public static final String DEFAULT_TABLENAME = "virtual_organizations";
- public SQLVOStoreProvider(ConfigurationNode config,
+ public SQLVIStoreProvider(ConfigurationNode config,
ConnectionPoolProvider<? extends ConnectionPool> cpp,
String type,
VIConverter converter,
- VOProvider VOProvider) {
+ VIProvider VIProvider) {
super(config, cpp, type, OA4MPConfigTags.VIRTUAL_ORGANIZATION_STORE,DEFAULT_TABLENAME , converter);
- this.VOProvider = VOProvider;
+ this.VIProvider = VIProvider;
}
- VOProvider VOProvider = null;
+ VIProvider VIProvider = null;
@Override
public T newInstance(Table table) {
- T t = (T) new SQLVOStore(getConnectionPool(),
- (VOTable) table,
- VOProvider, (VIConverter) converter);
+ T t = (T) new SQLVIStore(getConnectionPool(),
+ (VITable) table,
+ VIProvider, (VIConverter) converter);
t.setUpkeepConfiguration(getUpkeepConfiguration());
return t;
}
@Override
public T get() {
- return newInstance(new VOTable((VISerializationKeys)converter.keys,getSchema(),getPrefix(), getTablename()));
+ return newInstance(new VITable((VISerializationKeys)converter.keys,getSchema(),getPrefix(), getTablename()));
}
}
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VIConverter.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIConverter.java
similarity index 98%
rename from server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VIConverter.java
rename to server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIConverter.java
index f0e18c1a6..83602f846 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VIConverter.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIConverter.java
@@ -1,4 +1,4 @@
-package org.oa4mp.server.loader.oauth2.storage.vo;
+package org.oa4mp.server.loader.oauth2.storage.vi;
import edu.uiuc.ncsa.security.core.IdentifiableProvider;
import edu.uiuc.ncsa.security.core.util.DebugUtil;
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VOFSProvider.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIFSProvider.java
similarity index 76%
rename from server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VOFSProvider.java
rename to server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIFSProvider.java
index 815decaab..878d17fe4 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VOFSProvider.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIFSProvider.java
@@ -1,4 +1,4 @@
-package org.oa4mp.server.loader.oauth2.storage.vo;
+package org.oa4mp.server.loader.oauth2.storage.vi;
import org.oa4mp.server.api.OA4MPConfigTags;
import edu.uiuc.ncsa.security.storage.FSProvider;
@@ -10,15 +10,15 @@
* <p>Created by Jeff Gaynor<br>
* on 12/14/20 at 1:14 PM
*/
-public class VOFSProvider<T extends VIFileStore> extends FSProvider<T> implements OA4MPConfigTags {
- public VOFSProvider(ConfigurationNode config,
- VOProvider provider,
+public class VIFSProvider<T extends VIFileStore> extends FSProvider<T> implements OA4MPConfigTags {
+ public VIFSProvider(ConfigurationNode config,
+ VIProvider provider,
VIConverter converter) {
super(config, FILE_STORE, VIRTUAL_ORGANIZATION_STORE, converter);
this.provider = provider;
}
- VOProvider provider = null;
+ VIProvider provider = null;
@Override
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VIFileStore.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIFileStore.java
similarity index 97%
rename from server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VIFileStore.java
rename to server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIFileStore.java
index 497aed8a1..bf535e340 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VIFileStore.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIFileStore.java
@@ -1,4 +1,4 @@
-package org.oa4mp.server.loader.oauth2.storage.vo;
+package org.oa4mp.server.loader.oauth2.storage.vi;
import edu.uiuc.ncsa.security.core.IdentifiableProvider;
import edu.uiuc.ncsa.security.core.exceptions.GeneralException;
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VIMemoryStore.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIMemoryStore.java
similarity index 95%
rename from server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VIMemoryStore.java
rename to server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIMemoryStore.java
index fe4d28907..d529e508d 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VIMemoryStore.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIMemoryStore.java
@@ -1,4 +1,4 @@
-package org.oa4mp.server.loader.oauth2.storage.vo;
+package org.oa4mp.server.loader.oauth2.storage.vi;
import edu.uiuc.ncsa.security.core.XMLConverter;
import edu.uiuc.ncsa.security.core.util.StringUtils;
@@ -16,7 +16,7 @@
* on 12/14/20 at 10:37 AM
*/
public class VIMemoryStore<V extends VirtualIssuer> extends MonitoredMemoryStore<V> implements VIStore<V> {
- public VIMemoryStore(VOProvider<V> identifiableProvider,
+ public VIMemoryStore(VIProvider<V> identifiableProvider,
VIConverter<V> converter) {
super(identifiableProvider);
this.converter = converter;
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VOMultiStoreProvider.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIMultiStoreProvider.java
similarity index 74%
rename from server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VOMultiStoreProvider.java
rename to server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIMultiStoreProvider.java
index 47af96945..6edfcfeae 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VOMultiStoreProvider.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIMultiStoreProvider.java
@@ -1,4 +1,4 @@
-package org.oa4mp.server.loader.oauth2.storage.vo;
+package org.oa4mp.server.loader.oauth2.storage.vi;
import edu.uiuc.ncsa.security.core.exceptions.GeneralException;
import edu.uiuc.ncsa.security.core.util.MyLoggingFacade;
@@ -9,20 +9,20 @@
* <p>Created by Jeff Gaynor<br>
* on 12/17/20 at 10:02 AM
*/
-public class VOMultiStoreProvider<T extends VIStore<? extends VirtualIssuer>> extends MonitoredMultiTypeProvider<T> {
- public VOMultiStoreProvider(ConfigurationNode config,
+public class VIMultiStoreProvider<T extends VIStore<? extends VirtualIssuer>> extends MonitoredMultiTypeProvider<T> {
+ public VIMultiStoreProvider(ConfigurationNode config,
boolean disableDefaultStore,
MyLoggingFacade logger,
String type,
String target,
- VOProvider voProvider,
+ VIProvider VIProvider,
VIConverter VIConverter) {
super(config, disableDefaultStore, logger, type, target);
this.VIConverter = VIConverter;
- this.voProvider = voProvider;
+ this.VIProvider = VIProvider;
}
- VOProvider voProvider = null;
+ VIProvider VIProvider = null;
VIConverter VIConverter = null;
@Override
@@ -30,6 +30,6 @@ public T getDefaultStore() {
if (disableDefaultStore) {
throw new GeneralException("Error: default stores for this configuration have been disabled and none has been specified. Aborting...");
}
- return (T) new VIMemoryStore(voProvider, VIConverter);
+ return (T) new VIMemoryStore(VIProvider, VIConverter);
}
}
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VOProvider.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIProvider.java
similarity index 78%
rename from server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VOProvider.java
rename to server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIProvider.java
index 19ba8ffdf..02f000f5c 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VOProvider.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIProvider.java
@@ -1,4 +1,4 @@
-package org.oa4mp.server.loader.oauth2.storage.vo;
+package org.oa4mp.server.loader.oauth2.storage.vi;
import edu.uiuc.ncsa.security.core.Identifier;
import edu.uiuc.ncsa.security.core.util.BasicIdentifier;
@@ -11,8 +11,8 @@
* <p>Created by Jeff Gaynor<br>
* on 12/14/20 at 10:43 AM
*/
-public class VOProvider<V extends VirtualIssuer> extends IdentifiableProviderImpl<V> {
- public VOProvider(Provider<Identifier> idProvider, OA2TokenForge tokenForge) {
+public class VIProvider<V extends VirtualIssuer> extends IdentifiableProviderImpl<V> {
+ public VIProvider(Provider<Identifier> idProvider, OA2TokenForge tokenForge) {
super(idProvider);
this.tokenForge = tokenForge;
}
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VISerializationKeys.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VISerializationKeys.java
similarity index 90%
rename from server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VISerializationKeys.java
rename to server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VISerializationKeys.java
index 2d0c80ade..3f9df6096 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VISerializationKeys.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VISerializationKeys.java
@@ -1,4 +1,4 @@
-package org.oa4mp.server.loader.oauth2.storage.vo;
+package org.oa4mp.server.loader.oauth2.storage.vi;
import edu.uiuc.ncsa.security.storage.monitored.MonitoredKeys;
@@ -16,7 +16,7 @@
║organizations to virtual issuers or existing OA4MP ║
║installs will unrecoverably break! ║
║ ║
-║These have to remain as legacy artifacts. ║
+║This has to remain as a legacy artifact. ║
╚═════════════════════════════════════════════════════════════╝
*/
public class VISerializationKeys extends MonitoredKeys {
@@ -31,25 +31,21 @@ public VISerializationKeys() {
String atIssuer = "at_issuer";
- // String created = "created";
String defaultKeyID = "default_key_id";
String discoveryPath = "discovery_path";
String issuer = "issuer";
String jsonWebKeys = "json_web_keys";
- // String lastModified = "last_modified";
String title = "title";
String valid = "valid";
@Override
public List<String> allKeys() {
List<String> all = super.allKeys();
- // all.add(creationTS());
all.add(defaultKeyID());
all.add(discoveryPath());
all.add(issuer());
all.add(atIssuer());
all.add(jsonWebKeys());
- // all.add(lastModifiedTS());
all.add(title());
all.add(valid());
return all;
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VIStore.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIStore.java
similarity index 86%
rename from server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VIStore.java
rename to server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIStore.java
index 5a0a23e88..1a078ba3e 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VIStore.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VIStore.java
@@ -1,4 +1,4 @@
-package org.oa4mp.server.loader.oauth2.storage.vo;
+package org.oa4mp.server.loader.oauth2.storage.vi;
import edu.uiuc.ncsa.security.core.Store;
import edu.uiuc.ncsa.security.storage.data.MapConverter;
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VOTable.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VITable.java
similarity index 92%
rename from server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VOTable.java
rename to server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VITable.java
index ad8088957..c5ddcb369 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VOTable.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VITable.java
@@ -1,4 +1,4 @@
-package org.oa4mp.server.loader.oauth2.storage.vo;
+package org.oa4mp.server.loader.oauth2.storage.vi;
import edu.uiuc.ncsa.security.storage.data.SerializationKeys;
import edu.uiuc.ncsa.security.storage.sql.internals.ColumnDescriptorEntry;
@@ -10,8 +10,8 @@
* <p>Created by Jeff Gaynor<br>
* on 2/16/21 at 9:05 AM
*/
-public class VOTable extends Table {
- public VOTable(SerializationKeys keys, String schema, String tablenamePrefix, String tablename) {
+public class VITable extends Table {
+ public VITable(SerializationKeys keys, String schema, String tablenamePrefix, String tablename) {
super(keys, schema, tablenamePrefix, tablename);
}
protected VISerializationKeys vok(){return (VISerializationKeys) keys;}
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VirtualIssuer.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VirtualIssuer.java
similarity index 99%
rename from server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VirtualIssuer.java
rename to server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VirtualIssuer.java
index 93278562f..fc4474853 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/VirtualIssuer.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/VirtualIssuer.java
@@ -1,4 +1,4 @@
-package org.oa4mp.server.loader.oauth2.storage.vo;
+package org.oa4mp.server.loader.oauth2.storage.vi;
import org.qdl_lang.xml.XMLUtils;
import edu.uiuc.ncsa.security.core.Identifier;
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/package-info.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/package-info.java
similarity index 65%
rename from server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/package-info.java
rename to server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/package-info.java
index 45655c6f7..e3671b42d 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vo/package-info.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/storage/vi/package-info.java
@@ -3,4 +3,4 @@
* <p>Created by Jeff Gaynor<br>
* on 3/8/21 at 1:27 PM
*/
-package org.oa4mp.server.loader.oauth2.storage.vo;
\ No newline at end of file
+package org.oa4mp.server.loader.oauth2.storage.vi;
\ No newline at end of file
diff --git a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/tokens/UITokenUtils.java b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/tokens/UITokenUtils.java
index 0feabfca0..733196181 100644
--- a/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/tokens/UITokenUtils.java
+++ b/server-loader/src/main/java/org/oa4mp/server/loader/oauth2/tokens/UITokenUtils.java
@@ -8,7 +8,7 @@
import org.oa4mp.delegation.server.OA2GeneralError;
import org.apache.http.HttpStatus;
import org.oa4mp.server.loader.oauth2.servlet.UserInfoServlet;
-import org.oa4mp.server.loader.oauth2.storage.vo.VirtualIssuer;
+import org.oa4mp.server.loader.oauth2.storage.vi.VirtualIssuer;
import javax.servlet.http.HttpServletRequest;
diff --git a/server-test/buildNumber.properties b/server-test/buildNumber.properties
index a9a61d1a7..07ab9f163 100644
--- a/server-test/buildNumber.properties
+++ b/server-test/buildNumber.properties
@@ -1,3 +1,3 @@
#maven.buildNumber.plugin properties file
-#Sun Nov 03 05:43:39 CST 2024
-buildNumber\\d*=11479
+#Wed Nov 06 05:11:20 CST 2024
+buildNumber\\d*=11483
diff --git a/server-test/src/main/resources/flow-tests/auto/tests/all.qdl b/server-test/src/main/resources/flow-tests/auto/tests/all.qdl
index a4dfa8841..91d9a74fc 100755
--- a/server-test/src/main/resources/flow-tests/auto/tests/all.qdl
+++ b/server-test/src/main/resources/flow-tests/auto/tests/all.qdl
@@ -15,6 +15,7 @@ test.:= [
[path + 'auto/tests/' +'server-script.qdl', initialization],
[path + 'auto/tests/' +'oauth-with-refresh.qdl', initialization],
[path + 'auto/tests/' +'oauth-basic-no-refresh.qdl',initialization],
+ [path + 'auto/tests/' +'oauth-basic-introspection.qdl',initialization],
[path + 'auto/tests/' +'oauth-rfc9068.qdl',initialization],
[path + 'auto/tests/' +'oauth-rfc9068-no-scopes.qdl',initialization],
[path + 'auto/tests/' +'oidc-test-overrides.qdl',initialization],
diff --git a/server-test/src/main/resources/flow-tests/auto/tests/oauth-basic-introspection.qdl b/server-test/src/main/resources/flow-tests/auto/tests/oauth-basic-introspection.qdl
new file mode 100755
index 000000000..fbb69f0bf
--- /dev/null
+++ b/server-test/src/main/resources/flow-tests/auto/tests/oauth-basic-introspection.qdl
@@ -0,0 +1,38 @@
+#! /usr/bin/env -S qdl-run
+
+/*
+ Tests a basic client and the introspection endpoint.
+ Test for https://github.com/ncsa/oa4mp/issues/218.
+*/
+params. ≔ {'sub':'jeff'};
+test_id:= 'oauth.conf.basic';
+clc#init($$OA4MP_CLC_INI, test_id);
+
+initialization := size(args())==1⇒args().0:import(load('test#/auto/utils/initialization.mdl'));
+//checks:=initialization#checks();
+ini.:=initialization#get_client_ini(test_id);
+server_defaults.:=initialization# server_defaults();
+//cc.:=initializat:q!ion#get_client_config(test_id);
+
+tokens. := clc#rfc7523(params.);
+⊨ tokens.'access_token'.'lifetime' == 1000*server_defaults.'at_lifetime' : 'wrong access token lifetime';
+⊨ ∃tokens.'refresh_token' : 'did not got a refresh token.';
+⊨ tokens.'refresh_token'.'lifetime' == 1000*server_defaults.'rt_lifetime' : 'wrong refresh token lifetime';
+⊨ size(clc#claims()) == 0 : ' got claims where none should be';
+
+r. := clc#introspect('-at');
+⊨ r.'active' : 'token not active';
+⊨ r.'client_id' == 'auto-test:/oauth/conf';
+⊨ r.'nbf' < r.'exp' : 'incorrect expires. Must be less than not before';
+⊨ r.'exp' - r.'nbf' == server_defaults.'at_lifetime';
+⊨ r.'token_type' == 'urn:ietf:params:oauth:token-type:access_token' : 'incorrect token type';
+⊨ r.'username' == 'jeff' : 'wrong user name in access token info';
+
+s. := clc#introspect('-rt');
+⊨ s.'active' : 'token not active';
+⊨ s.'client_id' == 'auto-test:/oauth/conf';
+⊨ s.'nbf' < s.'exp' : 'incorrect expires. Must be less than not before';
+⊨ s.'exp' - s.'nbf' == server_defaults.'rt_lifetime';
+⊨ s.'token_type' == 'urn:ietf:params:oauth:token-type:refresh_token' : 'incorrect token type';
+⊨ s.'username' == 'jeff' : 'wrong user name in refresh token info';
+say('ok: OAuth confidential, introspection test');
diff --git a/server-test/src/test/java/org/oa4mp/server/test/OA2JSONPreprocessorTest.java b/server-test/src/test/java/org/oa4mp/server/test/OA2JSONPreprocessorTest.java
index 2e5ce100c..cee98177f 100644
--- a/server-test/src/test/java/org/oa4mp/server/test/OA2JSONPreprocessorTest.java
+++ b/server-test/src/test/java/org/oa4mp/server/test/OA2JSONPreprocessorTest.java
@@ -24,18 +24,18 @@ public class OA2JSONPreprocessorTest extends JSONPreprocessorTest {
" \"script\": [\n" +
" \"# Set some variables to keep the verbosity down. These are mostly the IDPs.\",\n" +
" \"# Note that this must run only before the first LDAP query.\",\n" +
- " \"setEnv('vo','voPersonExternalID');\",\n" +
+ " \"setEnv('vi','voPersonExternalID');\",\n" +
" \"setEnv('github','http://github.com/login/oauth/authorize');\",\n" +
" \"setEnv('google','http://google.com/accounts/o8/id');\",\n" +
" \"setEnv('orcid','http://orcid.org/oauth/authorize');\",\n" +
" \"setEnv('ncsa','https://idp.ncsa.illinois.edu/idp/shibboleth');\",\n" +
" \"# Now figure out which IDP was used and set voPersonExternalID so it may be searched for.\",\n" +
" \"xor{\",\n" +
- " \" if[equals(get('idp'),'${github}')]then[set('${vo}',concat(get('oidc'),'@github.com'))],\",\n" +
- " \" if[equals(get('idp'),'${google}')]then[set('${vo}',concat(get('oidc'),'@accounts.google.com'))],\",\n" +
- " \" if[equals(get('idp'),'${orcid}')]then[set('${vo}',replace(get('oidc'),'http://','https://'))],\",\n" +
- " \" if[hasClaim('eppn')]then[set('${vo}',get('eppn'))],\",\n" +
- " \" if[hasClaim('eptid')]then[set('${vo}',get('eptid'))]\",\n" +
+ " \" if[equals(get('idp'),'${github}')]then[set('${vi}',concat(get('oidc'),'@github.com'))],\",\n" +
+ " \" if[equals(get('idp'),'${google}')]then[set('${vi}',concat(get('oidc'),'@accounts.google.com'))],\",\n" +
+ " \" if[equals(get('idp'),'${orcid}')]then[set('${vi}',replace(get('oidc'),'http://','https://'))],\",\n" +
+ " \" if[hasClaim('eppn')]then[set('${vi}',get('eppn'))],\",\n" +
+ " \" if[hasClaim('eptid')]then[set('${vi}',get('eptid'))]\",\n" +
" \"};\"\n" +
" ],\n" +
" \"version\": \"1.0\"\n" +
@@ -61,7 +61,7 @@ protected void populateStore(JSONStore store) {
JSONArray caput = new JSONArray();
String[] head =
- {"setEnv('vo','voPersonExternalID');\n" ,
+ {"setEnv('vi','voPersonExternalID');\n" ,
"setEnv('github','http://github.com/login/oauth/authorize');\n" ,
"setEnv('google','http://google.com/accounts/o8/id');\n" ,
"setEnv('orcid','http://orcid.org/oauth/authorize');\n" ,
diff --git a/server-test/src/test/java/org/oa4mp/server/test/ThingTester.java b/server-test/src/test/java/org/oa4mp/server/test/ThingTester.java
index 07138689b..49e7b3567 100644
--- a/server-test/src/test/java/org/oa4mp/server/test/ThingTester.java
+++ b/server-test/src/test/java/org/oa4mp/server/test/ThingTester.java
@@ -235,7 +235,7 @@ public static JSONObject adminSetExample() {
actionItems.put("type", "attribute");
JSONObject contentItems = new JSONObject();
- contentItems.put("vo", "urn:vo/comanage/98627854/ae673b3f8d");
+ contentItems.put("vi", "urn:vi/comanage/98627854/ae673b3f8d");
contentItems.put("issuer", "http://bang.nova.edu");
JSONObject api = new JSONObject();
JSONObject apiItems = new JSONObject();
@@ -261,7 +261,7 @@ public static JSONObject adminGetExample() {
JSONArray contentItems = new JSONArray();
- contentItems.add("vo");
+ contentItems.add("vi");
contentItems.add("issuer");
JSONObject api = new JSONObject();
JSONObject apiItems = new JSONObject();
diff --git a/website/src/site/xhtml/server/manuals/cli.xhtml b/website/src/site/xhtml/server/manuals/cli.xhtml
index 43d0089e1..5494c5a21 100644
--- a/website/src/site/xhtml/server/manuals/cli.xhtml
+++ b/website/src/site/xhtml/server/manuals/cli.xhtml
@@ -64,7 +64,7 @@
7 : set_qdl_state
8 : show_qdl_state
9 : tokens
- vo:
+ vi:
0 : decode
1 : encode
2 : new_keys