Source code

001/*******************************************************************************
002 * Copyright 2017 The MIT Internet Trust Consortium
003 *
004 * Portions copyright 2011-2013 The MITRE Corporation
005 *
006 * Licensed under the Apache License, Version 2.0 (the "License");
007 * you may not use this file except in compliance with the License.
008 * You may obtain a copy of the License at
009 *
010 *   http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 *******************************************************************************/
018/**
019 *
020 */
021package org.mitre.openid.connect.view;
022
023import java.util.Set;
024
025import org.springframework.stereotype.Component;
026import org.springframework.validation.BeanPropertyBindingResult;
027
028import com.google.common.collect.ImmutableSet;
029import com.google.gson.ExclusionStrategy;
030import com.google.gson.FieldAttributes;
031
032/**
033 *
034 * View bean for field-limited view of client entity, for regular users.
035 *
036 * @see AbstractClientEntityView
037 * @see ClientEntityViewForAdmins
038 * @author jricher
039 *
040 */
041@Component(ClientEntityViewForUsers.VIEWNAME)
042public class ClientEntityViewForUsers extends AbstractClientEntityView {
043
044        private Set<String> whitelistedFields = ImmutableSet.of("clientName", "clientId", "id", "clientDescription", "scope", "logoUri");
045
046        public static final String VIEWNAME = "clientEntityViewUsers";
047
048        /* (non-Javadoc)
049         * @see org.mitre.openid.connect.view.AbstractClientEntityView#getExclusionStrategy()
050         */
051        @Override
052        protected ExclusionStrategy getExclusionStrategy() {
053                return new ExclusionStrategy() {
054
055                        @Override
056                        public boolean shouldSkipField(FieldAttributes f) {
057                                // whitelist the handful of fields that are good
058                                if (whitelistedFields.contains(f.getName())) {
059                                        return false;
060                                } else {
061                                        return true;
062                                }
063                        }
064
065                        @Override
066                        public boolean shouldSkipClass(Class<?> clazz) {
067                                // skip the JPA binding wrapper
068                                if (clazz.equals(BeanPropertyBindingResult.class)) {
069                                        return true;
070                                }
071                                return false;
072                        }
073
074                };
075        }
076
077}