added software statements to client API

Author: jricher

openid-connect-server-webapp/src/main/webapp/WEB-INF/assertion-config.xml

@@ -32,19 +32,20 @@
 <!-- validate incoming tokens for JWT assertions -->
 <bean id="jwtAssertionValidator" class="org.mitre.jwt.assertion.impl.NullAssertionValidator" />
 
+<!-- translate incoming assertions to token authorization objects -->
 <bean id="jwtAssertionTokenFactory" class="org.mitre.oauth2.assertion.impl.DirectCopyRequestFactory" />
 
 <!-- validate client software statements for dynamic registration -->
-<bean id="clientAssertionValidator" class="org.mitre.jwt.assertion.impl.NullAssertionValidator" />
+<!-- <bean id="clientAssertionValidator" class="org.mitre.jwt.assertion.impl.NullAssertionValidator" /> -->
 
 <!-- this class will pass assertions signed by the issuers and keys in the whitelist -->
-<!-- <bean id="clientAssertionValidator" class="org.mitre.jwt.assertion.impl.WhitelistedIssuerAssertionValidator"> -->
-<!-- <property name="whitelist"> -->
-<!-- <map> -->
-<!-- <entry key="http://artemesia.local" value="http://localhost:8080/openid-connect-server-webapp/jwk" /> -->
-<!-- </map> -->
-<!-- </property> -->
-<!-- </bean> -->
+<bean id="clientAssertionValidator" class="org.mitre.jwt.assertion.impl.WhitelistedIssuerAssertionValidator">
+<property name="whitelist">
+<map>
+<entry key="http://artemesia.local" value="http://localhost:8080/openid-connect-server-webapp/jwk" />
+</map>
+</property>
+</bean>
 
 
 </beans>

openid-connect-server-webapp/src/main/webapp/resources/js/client.js

@@ -936,6 +936,7 @@ var ClientFormView = Backbone.View.extend({
  jwksUri: jwksUri,
  jwks: jwks,
  subjectType: subjectType,
+ softwareStatement: $('#softwareStatement textarea').val(),
  tokenEndpointAuthMethod: tokenEndpointAuthMethod,
  responseTypes: responseTypes,
  sectorIdentifierUri: sectorIdentifierUri,

openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json

@@ -158,6 +158,9 @@
 "ps384": "RSASSA-PSS using SHA-384 and MGF1 with SHA-384",
 "ps512": "RSASSA-PSS using SHA-512 and MGF1 with SHA-512"
  },
+ "software-statement": "Software Statement",
+ "software-statement-placeholder": "eyj0...",
+ "software-statement-help": "A software statement is issued by a trusted third party and locks certain elements of a client's registration",
  "subject-type": "Subject Type",
  "terms": "Terms of Service",
  "terms-help": "URL for the Terms of Service of this client, will be displayed to the user",

openid-connect-server-webapp/src/main/webapp/resources/template/client.html

@@ -298,6 +298,16 @@ <h1 data-i18n="client.client-form.edit"></h1>
  <div class="controls">
  </div>
  </div>
+
+ <div class="control-group" id="softwareStatement">
+ <label class="control-label" data-i18n="client.client-form.software-statement">Software Statement</label>
+ <div class="controls">
+ <textarea class="input-xlarge" placeholder="ejy0..." maxlength="4096"
+ rows="3" data-i18n="[placeholder]client.client-form.software-statement-placeholder"><%-client.softwareStatement%></textarea>
+ <p class="help-block" data-i18n="client.client-form.software-statement-help">A software statement is issued by a trusted third party and locks certain elements of a client's registration</p>
+ </div>
+ </div>
+
 </div>
 
 <div class="tab-pane" id="client-access-tab">

openid-connect-server/src/main/java/org/mitre/openid/connect/view/AbstractClientEntityView.java

@@ -45,6 +45,7 @@
 import com.nimbusds.jose.JWEAlgorithm;
 import com.nimbusds.jose.JWSAlgorithm;
 import com.nimbusds.jose.jwk.JWKSet;
+import com.nimbusds.jwt.JWT;
 
 /**
  * 
@@ -106,6 +107,17 @@ public JsonElement serialize(JWKSet src, Type typeOfSrc, JsonSerializationContex
 }
 }
 })
+.registerTypeAdapter(JWT.class, new JsonSerializer<JWT>() {
+@Override
+public JsonElement serialize(JWT src, Type typeOfSrc, JsonSerializationContext context) {
+if (src != null) {
+return new JsonPrimitive(src.serialize());
+} else {
+return null;
+}
+}
+
+})
 .serializeNulls()
 .setDateFormat("yyyy-MM-dd'T'HH:mm:ssZ")
 .create();