1. connect2id Avatar connect2id
  2. OAuth
  3. OAuth 2.0 SDK with OpenID Connect extensions
  4. Issues

OpenID Connect Federation 1.0: json objects as values of directives one_of / subset_of / superset_of

Issue #415 resolved
Pasquale Barbaro created an issue

Would it be possible to have json objects as values listed in directives one_of / subset_of / superset_of ?
As it is now, if we try to call MetadataPolicy.parse(metadataPolicy) with a policy object built like below,

{
    "claim1": {
        "one_of": [
            { "key1": "value1" },
            { "key2": "value2" },
            { "key3": "value3" }
        ]
    }
}

it throws a com.nimbusds.oauth2.sdk.ParseException with message “Item not a string”

Comments (4)

  2. Yavor Vasilev

    The OIDC Federation 1.0 spec doesn’t say the operand must be string. So a JSON object should be alright. The current JSONObject implementation handles comparison correctly, i.e. canonicalization will not be needed.

  3. Pasquale Barbaro reporter

    executing MetadataPolicy.parse(metadataPolicy) with the example I described and debugger enabled , I got to know that at a certain stage

    MetadataPolicyEntry.parse(parameterName, entrySpec, factory, combinationValidator)

    is called, and inside it there’s a call to

    op.parseConfiguration(entrySpec.get(opName))

    in wich op is the one_of PolicyOperation instance and entrySpec.get(opName) is the List of json objects i wrote in description.
    The parseConfiguration(final Object jsonEntity) method is implemented by AbstractSetBasedOperation class, and it consists of a call to JSONObjectUtils.toStringList(jsonEntity), which in turns throws the exception as you can see from the attached screenshots.

  5. Log in to comment
Assignee
Type
enhancement
Priority
major
Status
resolved
Milestone
Votes
0
Watchers
3
Jira: the preferred issue tracker for Bitbucket. Join the team!