[squash] added changed needed for community stability deployment support

wildfly-security · Mar 19, 2024 · 620fd0d · 620fd0d
1 parent f42da1e
commit 620fd0d
Show file tree

Hide file tree

Showing 4 changed files with 33 additions and 1 deletion.
diff --git a/http/oidc/src/main/java/org/wildfly/security/http/oidc/ElytronMessages.java b/http/oidc/src/main/java/org/wildfly/security/http/oidc/ElytronMessages.java
@@ -234,5 +234,8 @@ interface ElytronMessages extends BasicLogger {
     @Message(id = 23056, value = "No message entity")
     IOException noMessageEntity();
 
+    @Message(id = 23057, value = "Attribute '%s' is not supported")
+    IOException unsupportedAttribute(String error);
+
 }
 
diff --git a/http/oidc/src/main/java/org/wildfly/security/http/oidc/Oidc.java b/http/oidc/src/main/java/org/wildfly/security/http/oidc/Oidc.java
@@ -53,6 +53,7 @@ public class Oidc {
     public static final String DISCOVERY_PATH = ".well-known/openid-configuration";
     public static final String KEYCLOAK_REALMS_PATH = "realms/";
     public static final String JSON_CONFIG_CONTEXT_PARAM = "org.wildfly.security.http.oidc.json.config";
+    public static final String JSON_CONFIG_UNSUPPORTED_ATTRIBUTE_PARAM = "unsupported-attribute";
     static final String ACCOUNT_PATH = "account";
     public static final String CLIENTS_MANAGEMENT_REGISTER_NODE_PATH = "clients-managements/register-node";
     public static final String CLIENTS_MANAGEMENT_UNREGISTER_NODE_PATH = "clients-managements/unregister-node";

diff --git a/http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcClientConfigurationBuilder.java b/http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcClientConfigurationBuilder.java
@@ -19,6 +19,7 @@
 package org.wildfly.security.http.oidc;
 
 import static org.wildfly.security.http.oidc.ElytronMessages.log;
+import static org.wildfly.security.http.oidc.Oidc.SCOPE;
 import static org.wildfly.security.http.oidc.Oidc.SSLRequired;
 import static org.wildfly.security.http.oidc.Oidc.TokenStore;
 
@@ -176,6 +177,16 @@ public HttpClient call() {
         };
     }
 
+    public static OidcClientConfiguration buildWithoutUnsupportedAttributes(String unsupportedAttributesParam, InputStream is) {
+        OidcJsonConfiguration oidcJsonConfiguration = loadOidcJsonConfiguration(is);
+        try {
+            failIfUnsupportedAttribute(unsupportedAttributesParam, oidcJsonConfiguration);
+            return new OidcClientConfigurationBuilder().internalBuild(oidcJsonConfiguration);
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
     public static OidcClientConfiguration build(InputStream is) {
         OidcJsonConfiguration oidcJsonConfiguration = loadOidcJsonConfiguration(is);
         return new OidcClientConfigurationBuilder().internalBuild(oidcJsonConfiguration);
@@ -197,4 +208,20 @@ public static OidcJsonConfiguration loadOidcJsonConfiguration(InputStream is) {
     public static OidcClientConfiguration build(OidcJsonConfiguration oidcJsonConfiguration) {
         return new OidcClientConfigurationBuilder().internalBuild(oidcJsonConfiguration);
     }
+
+    private static void failIfUnsupportedAttribute(String unsupportedAttributesParameter, OidcJsonConfiguration config) throws IOException {
+        if (unsupportedAttributesParameter == null) {
+            return;
+        }
+        String[] unsupportedAttributes = unsupportedAttributesParameter.split(" ");
+        for (String attributeName : unsupportedAttributes) {
+            switch(attributeName) {
+                case SCOPE:
+                    if (config.getScope()!= null) {
+                        throw log.unsupportedAttribute(attributeName);
+                    }
+                    break;
+            }
+        }
+    }
 }
diff --git a/http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcConfigurationServletListener.java b/http/oidc/src/main/java/org/wildfly/security/http/oidc/OidcConfigurationServletListener.java
@@ -20,6 +20,7 @@
 
 import static org.wildfly.security.http.oidc.ElytronMessages.log;
 import static org.wildfly.security.http.oidc.Oidc.JSON_CONFIG_CONTEXT_PARAM;
+import static org.wildfly.security.http.oidc.Oidc.JSON_CONFIG_UNSUPPORTED_ATTRIBUTE_PARAM;
 import static org.wildfly.security.http.oidc.Oidc.OIDC_CLIENT_CONFIG_RESOLVER;
 import static org.wildfly.security.http.oidc.Oidc.OIDC_CLIENT_CONTEXT_KEY;
 import static org.wildfly.security.http.oidc.Oidc.OIDC_CONFIG_FILE_LOCATION;
@@ -66,7 +67,7 @@ public void contextInitialized(ServletContextEvent sce) {
                 if (is == null) {
                     oidcClientConfiguration = new OidcClientConfiguration();
                 } else {
-                    oidcClientConfiguration = OidcClientConfigurationBuilder.build(is);
+                    oidcClientConfiguration = OidcClientConfigurationBuilder.buildWithoutUnsupportedAttributes(servletContext.getInitParameter(JSON_CONFIG_UNSUPPORTED_ATTRIBUTE_PARAM), is);
                 }
                 clientContext = new OidcClientContext(oidcClientConfiguration);
             }