Revert "Add possibility to disable verification_uri_complete per client"

This reverts commit dae674a.

Author: jricher

openid-connect-common/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java

@@ -148,7 +148,6 @@ public class ClientDetailsEntity implements ClientDetails {
 private Date createdAt; // time the client was created
 private boolean clearAccessTokensOnRefresh = true; // do we clear access tokens on refresh?
 private Integer deviceCodeValiditySeconds; // timeout for device codes
-private boolean verificationUriCompleteEnabled = true; // device code optional feature
 
 /** fields for UMA */
 private Set<String> claimsRedirectUris;
@@ -1052,22 +1051,6 @@ public void setDeviceCodeValiditySeconds(Integer deviceCodeValiditySeconds) {
 this.deviceCodeValiditySeconds = deviceCodeValiditySeconds;
 }
 
-/**
- * @return true if verification uri complete in device code flow is enabled, false otherwise
- */
-@Basic
-@Column(name="verification_uri_complete_enabled")
-public boolean isVerificationUriCompleteEnabled() {
-return verificationUriCompleteEnabled;
-}
-
-/**
- * @param verificationUriCompleteEnabled true/false to enable/disable verification uri complete functionality in device code flow
- */
-public void setVerificationUriCompleteEnabled(boolean verificationUriCompleteEnabled) {
-this.verificationUriCompleteEnabled = verificationUriCompleteEnabled;
-}
-
 /**
  * @return the softwareId
  */

openid-connect-server-webapp/src/main/resources/db/hsql/hsql_database_tables.sql

@@ -132,7 +132,6 @@ CREATE TABLE IF NOT EXISTS client_details (
 allow_introspection BOOLEAN DEFAULT false NOT NULL,
 id_token_validity_seconds BIGINT DEFAULT 600 NOT NULL,
 device_code_validity_seconds BIGINT,
-verification_uri_complete_enabled BOOLEAN DEFAULT true NOT NULL,
 
 client_id VARCHAR(256),
 client_secret VARCHAR(2048),

openid-connect-server-webapp/src/main/resources/db/mysql/mysql_database_tables.sql

@@ -131,7 +131,6 @@ CREATE TABLE IF NOT EXISTS client_details (
 allow_introspection BOOLEAN DEFAULT false NOT NULL,
 id_token_validity_seconds BIGINT DEFAULT 600 NOT NULL,
 device_code_validity_seconds BIGINT,
-verification_uri_complete_enabled BOOLEAN DEFAULT true NOT NULL,
 
 client_id VARCHAR(256),
 client_secret VARCHAR(2048),

openid-connect-server-webapp/src/main/resources/db/oracle/oracle_database_tables.sql

@@ -147,7 +147,6 @@ CREATE TABLE client_details (
  access_token_validity_seconds NUMBER(19),
  refresh_token_validity_seconds NUMBER(19),
  device_code_validity_seconds NUMBER(19),
-verification_uri_complete_enabled NUMBER(1) DEFAULT 1 NOT NULL,
 
  application_type VARCHAR2(256),
  client_name VARCHAR2(256),

openid-connect-server-webapp/src/main/resources/db/psql/psql_database_tables.sql

@@ -132,7 +132,6 @@ CREATE TABLE IF NOT EXISTS client_details (
 allow_introspection BOOLEAN DEFAULT false NOT NULL,
 id_token_validity_seconds BIGINT DEFAULT 600 NOT NULL,
 device_code_validity_seconds BIGINT,
-verification_uri_complete_enabled BOOLEAN DEFAULT true NOT NULL,
 
 client_id VARCHAR(256),
 client_secret VARCHAR(2048),

openid-connect-server/src/main/java/org/mitre/oauth2/exception/CompleteVerificationUriDisabledException.java

@@ -24,11 +24,11 @@
 import java.util.LinkedHashSet;
 import java.util.Map;
 import java.util.Set;
+import java.util.UUID;
 
 import javax.servlet.http.HttpSession;
 
 import org.apache.http.client.utils.URIBuilder;
-import org.mitre.oauth2.exception.CompleteVerificationUriDisabledException;
 import org.mitre.oauth2.exception.DeviceCodeCreationException;
 import org.mitre.oauth2.model.ClientDetailsEntity;
 import org.mitre.oauth2.model.DeviceCode;
@@ -50,6 +50,7 @@
 import org.springframework.security.core.Authentication;
 import org.springframework.security.oauth2.common.exceptions.InvalidClientException;
 import org.springframework.security.oauth2.common.util.OAuth2Utils;
+import org.springframework.security.oauth2.common.util.RandomValueStringGenerator;
 import org.springframework.security.oauth2.provider.AuthorizationRequest;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
 import org.springframework.security.oauth2.provider.OAuth2Request;
@@ -137,16 +138,15 @@ public String requestDeviceCode(@RequestParam("client_id") String clientId, @Req
 try {
 DeviceCode dc = deviceCodeService.createNewDeviceCode(requestedScopes, client, parameters);
 
+URI verificationUriComplete = new URIBuilder(config.getIssuer() + USER_URL)
+.addParameter("user_code", dc.getUserCode())
+.build();
+
 Map<String, Object> response = new HashMap<>();
 response.put("device_code", dc.getDeviceCode());
 response.put("user_code", dc.getUserCode());
 response.put("verification_uri", config.getIssuer() + USER_URL);
-if (client.isVerificationUriCompleteEnabled()) {
-URI verificationUriComplete = new URIBuilder(config.getIssuer() + USER_URL)
-.addParameter("user_code", dc.getUserCode())
-.build();
-response.put("verification_uri_complete", verificationUriComplete);
-}
+response.put("verification_uri_complete", verificationUriComplete);
 if (client.getDeviceCodeValiditySeconds() != null) {
 response.put("expires_in", client.getDeviceCodeValiditySeconds());
 }
@@ -185,7 +185,6 @@ public String requestUserCode(@RequestParam(value = "user_code", required = fals
 // complete verification uri was used, we received user code directly
 // skip requesting code page
 // user must be logged in
-model.addAttribute("completeVerificationUriUsed", true);
 return readUserCode(userCode, model, session);
 }
 }
@@ -217,10 +216,6 @@ public String readUserCode(@RequestParam("user_code") String userCode, ModelMap
 
 ClientDetailsEntity client = clientService.loadClientByClientId(dc.getClientId());
 
-if (!client.isVerificationUriCompleteEnabled() && Boolean.TRUE.equals(model.get("completeVerificationUriUsed"))) {
-throw new CompleteVerificationUriDisabledException(client.getClientId());
-}
-
 model.put("client", client);
 model.put("dc", dc);