feat: first add federation resolve endpoint in example

italia · Oct 28, 2023 · dd516ab · dd516ab
1 parent 44eeadc
commit dd516ab
Show file tree

Hide file tree

Showing 3 changed files with 77 additions and 2 deletions.
diff --git a/...java/it/spid/cie/oidc/spring/boot/relying/party/controller/EntityStatementController.java b/...java/it/spid/cie/oidc/spring/boot/relying/party/controller/EntityStatementController.java
@@ -0,0 +1,75 @@
+package it.spid.cie.oidc.spring.boot.relying.party.controller;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.json.JSONObject;
+import org.json.JSONArray;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import it.spid.cie.oidc.config.RelyingPartyOptions;
+import it.spid.cie.oidc.exception.OIDCException;
+import it.spid.cie.oidc.model.FederationEntity;
+import it.spid.cie.oidc.spring.boot.relying.party.RelyingPartyWrapper;
+import it.spid.cie.oidc.spring.boot.relying.party.config.OidcConfig;
+import it.spid.cie.oidc.spring.boot.relying.party.persistence.H2PersistenceImpl;
+import it.spid.cie.oidc.model.TrustChain;
+import it.spid.cie.oidc.helper.JWTHelper;
+
+@RestController
+@RequestMapping("/oidc/rp")
+public class EntityStatementController {
+    private static final Logger logger = LoggerFactory.getLogger(RelyingPartyWrapper.class);
+    @Autowired
+    private OidcConfig oidcConfig;
+    @Autowired
+    private H2PersistenceImpl persistenceImpl;
+
+    @GetMapping("/resolve")
+    public ResponseEntity<String> resolveEntityStatement(
+            @RequestParam String sub,
+            @RequestParam String anchor,
+            @RequestParam(defaultValue = "jose") String format
+    ) throws OIDCException {
+
+        if (sub == null || anchor == null) {
+            return new ResponseEntity<>("sub and anchor parameters are REQUIRED.", HttpStatus.NOT_FOUND);
+        }
+        String iss = oidcConfig.getRelyingParty().getClientId();
+
+        FederationEntity entityConfiguration = persistenceImpl.fetchFederationEntity(iss, true);
+
+        TrustChain entity = persistenceImpl.fetchTrustChain(sub, anchor);
+
+        if (entity == null) {
+            return new ResponseEntity<>("entity not found.", HttpStatus.NOT_FOUND);
+        }
+        JSONObject metadata = new JSONObject(entity.getMetadata());
+        JSONArray trust_chain = new JSONArray(entity.getChain());
+
+        JSONObject response = new JSONObject();
+        response.put("iss", iss);
+        response.put("sub", sub);
+        response.put("iat", entity.getIssuedAt());
+        response.put("exp", entity.getExpiresOn());
+        response.put("trust_marks", entity.getTrustMarks());
+        response.put("metadata", metadata);
+        response.put("trust_chain",trust_chain);
+
+        if ("json".equals(format)) {
+            logger.info("resolve endpoint for {}, {}", sub, anchor);
+            return ResponseEntity.ok()
+                    .contentType(MediaType.APPLICATION_JSON)
+                    .body(response.toString());
+        } else {
+            JWTHelper jws = new JWTHelper(new RelyingPartyOptions());
+            return new ResponseEntity<>(jws.createJWS(response, JWTHelper.getJWKSetFromJSON(entityConfiguration.getJwks())), HttpStatus.OK);
+        }
+    }
+}
diff --git a/...va/it/spid/cie/oidc/spring/boot/relying/party/persistence/model/TrustChainRepository.java b/...va/it/spid/cie/oidc/spring/boot/relying/party/persistence/model/TrustChainRepository.java
@@ -31,7 +31,7 @@ public interface TrustChainRepository extends CrudRepository<TrustChainModel, Lo
 			"SELECT tc.* FROM trust_chain tc " +
 			" INNER JOIN fetched_entity_statement fes ON (" +
 			" fes.id = tc.trust_anchor_id AND fes.sub = ?2)" +
-			" WHERE tc.sub = ?1 AND tc.type_ = ?3" +
+			" WHERE tc.sub = ?1 AND tc.type_ = ?3 AND tc.is_active = 1" +
 			" LIMIT 1",
 		nativeQuery = true
 	)

diff --git a/examples/relying-party-spring-boot/src/main/resources/application.yml b/examples/relying-party-spring-boot/src/main/resources/application.yml
@@ -66,7 +66,7 @@ oidc:
       userinfo-encrypted-response-alg: "RSA-OAEP"
       userinfo-encrypted-response-enc: "A128CBC-HS256"
 
-      federation-resolve-endpoint: "http://${oidc.hosts.relying-party}:8080/resolve/"
+      federation-resolve-endpoint: "http://${oidc.hosts.relying-party}:8080/resolve"
       organization-name: "PA OIDC Relying Party"
       homepage-uri: "http://${oidc.hosts.relying-party}:8080/oidc/rp/landing"
       policy-uri: "http://${oidc.hosts.relying-party}:8080/oidc/rp/policy"