bootstrap-5.1.2 update

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/AuthorizationRequest.java

@@ -109,6 +109,24 @@ public class AuthorizationRequest extends BaseRequest implements Serializable {
 	 * must be serializable.
 	 */
 	private Map<String, Serializable> extensions = new HashMap<String, Serializable>();
+	
+	//support oauth 2.1, PKCE
+	/**
+	 * A challenge derived from the code verifier that is sent in the
+     * authorization request, to be verified against later.
+	 */
+	private String codeChallenge;
+	
+	/**
+	 * A method that was used to derive code challenge.
+	 * 
+	 * plain
+     *      code_challenge = code_verifier
+     * 
+     * S256
+     *      code_challenge = BASE64URL-ENCODE(SHA256(ASCII(code_verifier)))
+	 */
+	private String codeChallengeMethod = "S256";
 
 	/**
 	 * Default constructor.
@@ -120,7 +138,7 @@ public class AuthorizationRequest extends BaseRequest implements Serializable {
 	 * Full constructor.
 	 */
 	public AuthorizationRequest(Map<String, String> authorizationParameters, Map<String, String> approvalParameters, String clientId, Set<String> scope, Set<String> resourceIds, Collection<? extends GrantedAuthority> authorities, boolean approved, String state, String redirectUri,
-	        Set<String> responseTypes) {
+	        Set<String> responseTypes,String codeChallenge,String codeChallengeMethod) {
 		setClientId(clientId);
 		setRequestParameters(authorizationParameters); // in case we need to
 													   // wrap the collection
@@ -138,6 +156,11 @@ public class AuthorizationRequest extends BaseRequest implements Serializable {
 			this.responseTypes = responseTypes;
 		}
 		this.state = state;
+		//add oauth 2.1 PKCE
+		this.codeChallenge = codeChallenge;
+		if (codeChallengeMethod != null) {
+		    this.codeChallengeMethod = codeChallengeMethod;
+		}
 	}
 
 	public OAuth2Request createOAuth2Request() {
@@ -278,7 +301,23 @@ public class AuthorizationRequest extends BaseRequest implements Serializable {
 		return redirectUri;
 	}
 
-	@Override
+	public String getCodeChallenge() {
+        return codeChallenge;
+    }
+
+    public void setCodeChallenge(String codeChallenge) {
+        this.codeChallenge = codeChallenge;
+    }
+
+    public String getCodeChallengeMethod() {
+        return codeChallengeMethod;
+    }
+
+    public void setCodeChallengeMethod(String codeChallengeMethod) {
+        this.codeChallengeMethod = codeChallengeMethod;
+    }
+
+    @Override
 	public int hashCode() {
 		final int prime = 31;
 		int result = super.hashCode();

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/OAuth2Request.java

@@ -74,6 +74,24 @@ public class OAuth2Request extends BaseRequest implements Serializable {
 	 * requested.
 	 */
 	private Set<String> responseTypes = new HashSet<String>();
+	
+	//support oauth 2.1, PKCE
+    /**
+     * A challenge derived from the code verifier that is sent in the
+     * authorization request, to be verified against later.
+     */
+    private String codeChallenge;
+    
+    /**
+     * A method that was used to derive code challenge.
+     * 
+     * plain
+     *      code_challenge = code_verifier
+     * 
+     * S256
+     *      code_challenge = BASE64URL-ENCODE(SHA256(ASCII(code_verifier)))
+     */
+    private String codeChallengeMethod = "S256";
 
 	/**
 	 * Extension point for custom processing classes which may wish to store additional information about the OAuth2
@@ -138,8 +156,17 @@ public class OAuth2Request extends BaseRequest implements Serializable {
 	public Set<String> getResourceIds() {
 		return resourceIds;
 	}
+	
 
-	public Map<String, Serializable> getExtensions() {
+	public String getCodeChallenge() {
+        return codeChallenge;
+    }
+
+    public String getCodeChallengeMethod() {
+        return codeChallengeMethod;
+    }
+
+    public Map<String, Serializable> getExtensions() {
 		return extensions;
 	}
 

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/request/DefaultOAuth2RequestFactory.java

@@ -17,6 +17,7 @@ import java.util.LinkedHashSet;
 import java.util.Map;
 import java.util.Set;
 
+import org.maxkey.authz.oauth2.common.OAuth2Constants;
 import org.maxkey.authz.oauth2.common.exceptions.InvalidClientException;
 import org.maxkey.authz.oauth2.common.util.OAuth2Utils;
 import org.maxkey.authz.oauth2.provider.AuthorizationRequest;
@@ -71,6 +72,9 @@ public class DefaultOAuth2RequestFactory implements OAuth2RequestFactory {
 		String clientId = authorizationParameters.get(OAuth2Utils.CLIENT_ID);
 		String state = authorizationParameters.get(OAuth2Utils.STATE);
 		String redirectUri = authorizationParameters.get(OAuth2Utils.REDIRECT_URI);
+		//oauth 2.1 PKCE
+		String codeChallenge = authorizationParameters.get(OAuth2Constants.PARAMETER.CODE_CHALLENGE);
+		String codeChallengeMethod = authorizationParameters.get(OAuth2Constants.PARAMETER.CODE_CHALLENGE_METHOD);
 		Set<String> responseTypes = OAuth2Utils.parseParameterList(authorizationParameters
 				.get(OAuth2Utils.RESPONSE_TYPE));
 
@@ -78,7 +82,7 @@ public class DefaultOAuth2RequestFactory implements OAuth2RequestFactory {
 		
 		AuthorizationRequest request = new AuthorizationRequest(authorizationParameters,
 				Collections.<String, String> emptyMap(), clientId, scopes, null, null, false, state, redirectUri,
-				responseTypes);
+				responseTypes,codeChallenge,codeChallengeMethod);
 
 		ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId);		
 		request.setResourceIdsAndAuthoritiesFromClientDetails(clientDetails);