aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/main/java/org/traccar/MainModule.java12
-rw-r--r--src/main/java/org/traccar/config/Keys.java16
-rw-r--r--src/main/java/org/traccar/database/OpenIdProvider.java62
3 files changed, 41 insertions, 49 deletions
diff --git a/src/main/java/org/traccar/MainModule.java b/src/main/java/org/traccar/MainModule.java
index 51097511a..220798767 100644
--- a/src/main/java/org/traccar/MainModule.java
+++ b/src/main/java/org/traccar/MainModule.java
@@ -97,6 +97,7 @@ import javax.ws.rs.client.ClientBuilder;
import java.io.IOException;
import java.net.InetAddress;
import java.net.UnknownHostException;
+import java.net.http.HttpClient;
import java.util.Properties;
public class MainModule extends AbstractModule {
@@ -174,11 +175,12 @@ public class MainModule extends AbstractModule {
@Singleton
@Provides
- public static OpenIdProvider provideOpenIDProvider(Config config, LoginService loginService) {
- if (config.hasKey(Keys.OPENID_CLIENTID)) {
- return new OpenIdProvider(config, loginService);
- }
- return null;
+ public static OpenIdProvider provideOpenIDProvider(
+ Config config, LoginService loginService, ObjectMapper objectMapper) throws InterruptedException, IOException {
+ if (config.hasKey(Keys.OPENID_CLIENT_ID)) {
+ return new OpenIdProvider(config, loginService, HttpClient.newHttpClient(), objectMapper);
+ }
+ return null;
}
@Provides
diff --git a/src/main/java/org/traccar/config/Keys.java b/src/main/java/org/traccar/config/Keys.java
index 363d4a472..6c46ef390 100644
--- a/src/main/java/org/traccar/config/Keys.java
+++ b/src/main/java/org/traccar/config/Keys.java
@@ -623,7 +623,7 @@ public final class Keys {
* This is a unique ID assigned to each application you register with your identity provider.
* Required to enable SSO.
*/
- public static final ConfigKey<String> OPENID_CLIENTID = new StringConfigKey(
+ public static final ConfigKey<String> OPENID_CLIENT_ID = new StringConfigKey(
"openid.clientId",
List.of(KeyType.CONFIG));
@@ -632,7 +632,7 @@ public final class Keys {
* This is a secret assigned to each application you register with your identity provider.
* Required to enable SSO.
*/
- public static final ConfigKey<String> OPENID_CLIENTSECRET = new StringConfigKey(
+ public static final ConfigKey<String> OPENID_CLIENT_SECRET = new StringConfigKey(
"openid.clientSecret",
List.of(KeyType.CONFIG));
@@ -641,7 +641,7 @@ public final class Keys {
* This is used to automatically configure the authorization, token and user info URLs if
* they are not provided.
*/
- public static final ConfigKey<String> OPENID_ISSUERURL = new StringConfigKey(
+ public static final ConfigKey<String> OPENID_ISSUER_URL = new StringConfigKey(
"openid.issuerUrl",
List.of(KeyType.CONFIG));
@@ -651,7 +651,7 @@ public final class Keys {
* configuration endpoint, eg. https://auth.example.com//.well-known/openid-configuration
* Required to enable SSO if openid.issuerUrl is not set.
*/
- public static final ConfigKey<String> OPENID_AUTHURL = new StringConfigKey(
+ public static final ConfigKey<String> OPENID_AUTH_URL = new StringConfigKey(
"openid.authUrl",
List.of(KeyType.CONFIG));
/**
@@ -659,7 +659,7 @@ public final class Keys {
* This can be found in the same ways at openid.authUrl.
* Required to enable SSO if openid.issuerUrl is not set.
*/
- public static final ConfigKey<String> OPENID_TOKENURL = new StringConfigKey(
+ public static final ConfigKey<String> OPENID_TOKEN_URL = new StringConfigKey(
"openid.tokenUrl",
List.of(KeyType.CONFIG));
@@ -668,7 +668,7 @@ public final class Keys {
* This can be found in the same ways at openid.authUrl.
* Required to enable SSO if openid.issuerUrl is not set.
*/
- public static final ConfigKey<String> OPENID_USERINFOURL = new StringConfigKey(
+ public static final ConfigKey<String> OPENID_USERINFO_URL = new StringConfigKey(
"openid.userInfoUrl",
List.of(KeyType.CONFIG));
@@ -677,7 +677,7 @@ public final class Keys {
* If this is not provided, all OpenID users will have access to Traccar.
* This option will only work if your OpenID provider supports the groups scope.
*/
- public static final ConfigKey<String> OPENID_ALLOWGROUP = new StringConfigKey(
+ public static final ConfigKey<String> OPENID_ALLOW_GROUP = new StringConfigKey(
"openid.allowGroup",
List.of(KeyType.CONFIG));
@@ -686,7 +686,7 @@ public final class Keys {
* If this is not provided, no groups will be granted admin access.
* This option will only work if your OpenID provider supports the groups scope.
*/
- public static final ConfigKey<String> OPENID_ADMINGROUP = new StringConfigKey(
+ public static final ConfigKey<String> OPENID_ADMIN_GROUP = new StringConfigKey(
"openid.adminGroup",
List.of(KeyType.CONFIG));
diff --git a/src/main/java/org/traccar/database/OpenIdProvider.java b/src/main/java/org/traccar/database/OpenIdProvider.java
index 370876ed9..8b93feea7 100644
--- a/src/main/java/org/traccar/database/OpenIdProvider.java
+++ b/src/main/java/org/traccar/database/OpenIdProvider.java
@@ -82,56 +82,46 @@ public class OpenIdProvider {
private LoginService loginService;
@Inject
- public OpenIdProvider(Config config, LoginService loginService) {
- this.loginService = loginService;
-
- force = config.getBoolean(Keys.OPENID_FORCE);
- clientId = new ClientID(config.getString(Keys.OPENID_CLIENTID));
- clientAuth = new ClientSecretBasic(clientId, new Secret(config.getString(Keys.OPENID_CLIENTSECRET)));
-
- try {
- callbackUrl = new URI(config.getString(Keys.WEB_URL, "") + "/api/session/openid/callback");
- baseUrl = new URI(config.getString(Keys.WEB_URL, ""));
-
- if (
- config.hasKey(Keys.OPENID_ISSUERURL)
- && (
- !config.hasKey(Keys.OPENID_AUTHURL)
- || !config.hasKey(Keys.OPENID_TOKENURL)
- || !config.hasKey(Keys.OPENID_USERINFOURL))
- ) {
- HttpClient httpClient = HttpClient.newHttpClient();
+ public OpenIdProvider(
+ Config config, LoginService loginService, HttpClient httpClient, ObjectMapper objectMapper
+ ) throws InterruptedException, IOException {
+ this.loginService = loginService;
+ force = config.getBoolean(Keys.OPENID_FORCE);
+ clientId = new ClientID(config.getString(Keys.OPENID_CLIENT_ID));
+ clientAuth = new ClientSecretBasic(clientId, new Secret(config.getString(Keys.OPENID_CLIENT_SECRET)));
+
+ try {
+ callbackUrl = new URI(config.getString(Keys.WEB_URL, "") + "/api/session/openid/callback");
+ baseUrl = new URI(config.getString(Keys.WEB_URL, ""));
+
+ if (config.hasKey(Keys.OPENID_ISSUER_URL)) {
HttpRequest httpRequest = HttpRequest.newBuilder(
- URI.create(
- config.getString(Keys.OPENID_ISSUERURL) + "/.well-known/openid-configuration")
- )
- .header("accept", "application/json")
+ URI.create(config.getString(Keys.OPENID_ISSUER_URL) + "/.well-known/openid-configuration"))
+ .header("Accept", "application/json")
.build();
String httpResponse = httpClient.send(httpRequest, BodyHandlers.ofString()).body();
- Map<String, Object> discoveryMap = new ObjectMapper().readValue(
+ Map<String, Object> discoveryMap = objectMapper.readValue(
httpResponse, new TypeReference<Map<String, Object>>() { });
- authUrl = new URI(discoveryMap.get("authorization_endpoint").toString());
- tokenUrl = new URI(discoveryMap.get("token_endpoint").toString());
- userInfoUrl = new URI(discoveryMap.get("userinfo_endpoint").toString());
+ authUrl = new URI((String) discoveryMap.get("authorization_endpoint"));
+ tokenUrl = new URI((String) discoveryMap.get("token_endpoint"));
+ userInfoUrl = new URI((String) discoveryMap.get("userinfo_endpoint"));
LOGGER.info("OpenID Connect auto discovery successful");
- } else {
- authUrl = new URI(config.getString(Keys.OPENID_AUTHURL));
- tokenUrl = new URI(config.getString(Keys.OPENID_TOKENURL));
- userInfoUrl = new URI(config.getString(Keys.OPENID_USERINFOURL));
- }
+ } else {
+ authUrl = new URI(config.getString(Keys.OPENID_AUTH_URL));
+ tokenUrl = new URI(config.getString(Keys.OPENID_TOKEN_URL));
+ userInfoUrl = new URI(config.getString(Keys.OPENID_USERINFO_URL));
+ }
} catch (URISyntaxException error) {
LOGGER.error("Invalid URIs provided in OpenID configuration");
- } catch (InterruptedException | IOException error) {
- LOGGER.error("OpenID Connect auto discovery failed");
}
- adminGroup = config.getString(Keys.OPENID_ADMINGROUP);
- allowGroup = config.getString(Keys.OPENID_ALLOWGROUP);
+ adminGroup = config.getString(Keys.OPENID_ADMIN_GROUP);
+ allowGroup = config.getString(Keys.OPENID_ALLOW_GROUP);
}
public URI createAuthUri() {