Projects >> OpenID-Connect-Java-Spring-Server >>856c0ea0b5c7812fadf7f14a611eb5fb9401f4c7

Chunk
Conflicting content 
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
<<<<<<< HEAD
import java.util.Set;
=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
Solution content 
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;

import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
File
IntrospectingTokenService.java
Developer's decision
Manual
Kind of conflict
Import
Chunk
Conflicting content 
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
<<<<<<< HEAD
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.util.OAuth2Utils;
=======
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.AuthorizationRequest;
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
Solution content 
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.util.OAuth2Utils;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
File
IntrospectingTokenService.java
Developer's decision
Combination
Kind of conflict
Import
Chunk
Conflicting content 
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;

<<<<<<< HEAD
public class IntrospectingTokenService implements ResourceServerTokenServices {


	private String clientId;
	private String clientSecret;
	private String introspectionUrl;
	// Inner class to store in the hash map
	private class TokenCacheObject { OAuth2AccessToken token; OAuth2Authentication auth;
	private TokenCacheObject(OAuth2AccessToken token, OAuth2Authentication auth) {
		this.token = token;
		this.auth = auth;
	}
	}
	private Map authCache = new HashMap();

	public String getIntrospectionUrl() {
		return introspectionUrl;
	}

	public void setIntrospectionUrl(String introspectionUrl) {
		this.introspectionUrl = introspectionUrl;
	}
=======
/**
 * This ResourceServerTokenServices implementation introspects incoming tokens at a
 * server's introspection endpoint URL and passes an Authentication object along
 * based on the response from the introspection endpoint.
 * @author jricher
 *
 */
public class IntrospectingTokenService implements ResourceServerTokenServices {

	private String clientId;
	private String clientSecret;
	private IntrospectionUrlProvider introspectionUrlProvider;
	private IntrospectionAuthorityGranter introspectionAuthorityGranter = new SimpleIntrospectionAuthorityGranter();

	// Inner class to store in the hash map
	private class TokenCacheObject {
		OAuth2AccessToken token;
		OAuth2Authentication auth;

		private TokenCacheObject(OAuth2AccessToken token, OAuth2Authentication auth) {
			this.token = token;
			this.auth = auth;
		}
	}

	private Map authCache = new HashMap();
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

	public String getClientId() {
		return clientId;
Solution content 
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;

/**
 * This ResourceServerTokenServices implementation introspects incoming tokens at a
 * server's introspection endpoint URL and passes an Authentication object along
 * based on the response from the introspection endpoint.
 * @author jricher
 *
 */
public class IntrospectingTokenService implements ResourceServerTokenServices {

	private String clientId;
	private String clientSecret;
	private IntrospectionUrlProvider introspectionUrlProvider;
	private IntrospectionAuthorityGranter introspectionAuthorityGranter = new SimpleIntrospectionAuthorityGranter();

	// Inner class to store in the hash map
	private class TokenCacheObject {
		OAuth2AccessToken token;
		OAuth2Authentication auth;

		private TokenCacheObject(OAuth2AccessToken token, OAuth2Authentication auth) {
			this.token = token;
			this.auth = auth;
		}
	}

	private Map authCache = new HashMap();

	public String getClientId() {
		return clientId;
File
IntrospectingTokenService.java
Developer's decision
Version 2
Kind of conflict
Attribute
Class declaration
Class signature
Comment
Method declaration
Method invocation
Chunk
Conflicting content 
		this.clientSecret = clientSecret;
	}

<<<<<<< HEAD
	// Check if there is a token and authentication in the cache
	//   and check if it is not expired.
	private TokenCacheObject checkCache(String key) {
		if(authCache.containsKey(key)) {
=======
	/**
	 * @return the introspectionUrlProvider
	 */
	public IntrospectionUrlProvider getIntrospectionUrlProvider() {
		return introspectionUrlProvider;
	}

	/**
	 * @param introspectionUrlProvider the introspectionUrlProvider to set
	 */
	public void setIntrospectionUrlProvider(IntrospectionUrlProvider introspectionUrlProvider) {
		this.introspectionUrlProvider = introspectionUrlProvider;
	}

	// Check if there is a token and authentication in the cache
	// and check if it is not expired.
	private TokenCacheObject checkCache(String key) {
		if (authCache.containsKey(key)) {
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			TokenCacheObject tco = authCache.get(key);
			if (tco.token.getExpiration().after(new Date())) {
				return tco;
Solution content 
		this.clientSecret = clientSecret;
	}

	/**
	 * @return the introspectionUrlProvider
	 */
	public IntrospectionUrlProvider getIntrospectionUrlProvider() {
		return introspectionUrlProvider;
	}

	/**
	 * @param introspectionUrlProvider the introspectionUrlProvider to set
	 */
	public void setIntrospectionUrlProvider(IntrospectionUrlProvider introspectionUrlProvider) {
		this.introspectionUrlProvider = introspectionUrlProvider;
	}

	// Check if there is a token and authentication in the cache
	// and check if it is not expired.
	private TokenCacheObject checkCache(String key) {
		if (authCache.containsKey(key)) {
			TokenCacheObject tco = authCache.get(key);
			if (tco.token.getExpiration().after(new Date())) {
				return tco;
File
IntrospectingTokenService.java
Developer's decision
Version 2
Kind of conflict
Comment
If statement
Method declaration
Method signature
Chunk
Conflicting content 
		return null;
	}

<<<<<<< HEAD
	private OAuth2Request createStoredRequest(final JsonObject token) {
		clientId = token.get("client_id").getAsString();
		Set scopes = new HashSet();
		for (JsonElement e : token.get("scope").getAsJsonArray()) {
			scopes.add(e.getAsString());
		}
		Map parameters = new HashMap();
		parameters.put("client_id", clientId);
		parameters.put("scope", OAuth2Utils.formatParameterList(scopes));
		OAuth2Request storedRequest = new OAuth2Request(parameters, clientId, null, true, scopes, null, null, null);
		return storedRequest;

	}

	// create a default authentication object with authority ROLE_API
	private Authentication createAuthentication(JsonObject token){
		// TODO: make role/authority configurable somehow
		return new PreAuthenticatedAuthenticationToken(token.get("subject").getAsString(), null, AuthorityUtils.createAuthorityList("ROLE_API"));
	}

	private OAuth2AccessToken createAccessToken(final JsonObject token, final String tokenString){
=======
	private AuthorizationRequest createAuthRequest(final JsonObject token) {
		AuthorizationRequest authReq = new AuthorizationRequestImpl(token);
		return authReq;
	}

	// create a default authentication object with authority ROLE_API
	private Authentication createAuthentication(JsonObject token) {
		// TODO: make role/authority configurable somehow
		return new PreAuthenticatedAuthenticationToken(token.get("sub").getAsString(), token, introspectionAuthorityGranter.getAuthorities(token));
	}

	private OAuth2AccessToken createAccessToken(final JsonObject token, final String tokenString) {
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		OAuth2AccessToken accessToken = new OAuth2AccessTokenImpl(token, tokenString);
		return accessToken;
	}
Solution content 
		return null;
	}

	private OAuth2Request createStoredRequest(final JsonObject token) {
		clientId = token.get("client_id").getAsString();
		Set scopes = new HashSet();
		for (JsonElement e : token.get("scope").getAsJsonArray()) {
			scopes.add(e.getAsString());
		}
		Map parameters = new HashMap();
		parameters.put("client_id", clientId);
		parameters.put("scope", OAuth2Utils.formatParameterList(scopes));
		OAuth2Request storedRequest = new OAuth2Request(parameters, clientId, null, true, scopes, null, null, null);
		return storedRequest;
	}

	private Authentication createAuthentication(JsonObject token) {
		return new PreAuthenticatedAuthenticationToken(token.get("sub").getAsString(), token, introspectionAuthorityGranter.getAuthorities(token));
	}

	private OAuth2AccessToken createAccessToken(final JsonObject token, final String tokenString) {
		OAuth2AccessToken accessToken = new OAuth2AccessTokenImpl(token, tokenString);
		return accessToken;
	}
File
IntrospectingTokenService.java
Developer's decision
Combination
Kind of conflict
Comment
Method declaration
Method signature
Chunk
Conflicting content 
	}

	// Validate a token string against the introspection endpoint,
<<<<<<< HEAD
	//   then parse it and store it in the local cache. Return true on
	//   sucess, false otherwise.
	private boolean parseToken(String accessToken) {
		String validatedToken = null;
		// Use the SpringFramework RestTemplate to send the request to the endpoint

		RestTemplate restTemplate = new RestTemplate();
		MultiValueMap form = new LinkedMultiValueMap();
		form.add("token",accessToken);
=======
	// then parse it and store it in the local cache. Return true on
	// sucess, false otherwise.
	private boolean parseToken(String accessToken) {

		// find out which URL to ask
		String introspectionUrl = introspectionUrlProvider.getIntrospectionUrl(accessToken);

		// Use the SpringFramework RestTemplate to send the request to the
		// endpoint
		String validatedToken = null;
		RestTemplate restTemplate = new RestTemplate();
		MultiValueMap form = new LinkedMultiValueMap();
		form.add("token", accessToken);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		form.add("client_id", this.clientId);
		form.add("client_secret", this.clientSecret);
Solution content 
	}

	// Validate a token string against the introspection endpoint,
	// then parse it and store it in the local cache. Return true on
	// sucess, false otherwise.
	private boolean parseToken(String accessToken) {

		// find out which URL to ask
		String introspectionUrl = introspectionUrlProvider.getIntrospectionUrl(accessToken);

		// Use the SpringFramework RestTemplate to send the request to the
		// endpoint
		String validatedToken = null;
		RestTemplate restTemplate = new RestTemplate();
		MultiValueMap form = new LinkedMultiValueMap();
		form.add("token", accessToken);
		form.add("client_id", this.clientId);
		form.add("client_secret", this.clientSecret);
File
IntrospectingTokenService.java
Developer's decision
Version 2
Kind of conflict
Comment
Method invocation
Method signature
Variable
Chunk
Conflicting content 
				return false;
			}

<<<<<<< HEAD
			if (!tokenResponse.get("valid").getAsBoolean()){
=======
			if (!tokenResponse.get("active").getAsBoolean()) {
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
				// non-valid token
				return false;
			}
Solution content 
				return false;
			}

			if (!tokenResponse.get("active").getAsBoolean()) {
				// non-valid token
				return false;
			}
File
IntrospectingTokenService.java
Developer's decision
Version 2
Kind of conflict
If statement
Chunk
Conflicting content 
				return false;
			}
			// create an OAuth2Authentication
<<<<<<< HEAD
			OAuth2Authentication auth = new OAuth2Authentication(createStoredRequest(tokenResponse), createAuthentication(tokenResponse));
			// create an OAuth2AccessToken
			OAuth2AccessToken token = createAccessToken(tokenResponse, accessToken);

			if (token.getExpiration().after(new Date())){
				// Store them in the cache
				authCache.put(accessToken, new TokenCacheObject(token,auth));
=======
			OAuth2Authentication auth = new OAuth2Authentication(createAuthRequest(tokenResponse), createAuthentication(tokenResponse));
			// create an OAuth2AccessToken
			OAuth2AccessToken token = createAccessToken(tokenResponse, accessToken);

			if (token.getExpiration().after(new Date())) {
				// Store them in the cache
				authCache.put(accessToken, new TokenCacheObject(token, auth));
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

				return true;
			}
Solution content 
				return false;
			}
			// create an OAuth2Authentication
			OAuth2Authentication auth = new OAuth2Authentication(createStoredRequest(tokenResponse), createAuthentication(tokenResponse));
			// create an OAuth2AccessToken
			OAuth2AccessToken token = createAccessToken(tokenResponse, accessToken);

			if (token.getExpiration().after(new Date())) {
				// Store them in the cache
				authCache.put(accessToken, new TokenCacheObject(token, auth));

				return true;
			}
File
IntrospectingTokenService.java
Developer's decision
Version 1
Kind of conflict
Comment
If statement
Method invocation
Variable
Chunk
Conflicting content 
	@Override
	public OAuth2Authentication loadAuthentication(String accessToken) throws AuthenticationException {
<<<<<<< HEAD
		// First check if the in memory cache has an Authentication object, and that it is still valid
=======
		// First check if the in memory cache has an Authentication object, and
		// that it is still valid
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		// If Valid, return it
		TokenCacheObject cacheAuth = checkCache(accessToken);
		if (cacheAuth != null) {
Solution content 
	@Override
	public OAuth2Authentication loadAuthentication(String accessToken) throws AuthenticationException {
		// First check if the in memory cache has an Authentication object, and
		// that it is still valid
		// If Valid, return it
		TokenCacheObject cacheAuth = checkCache(accessToken);
		if (cacheAuth != null) {
File
IntrospectingTokenService.java
Developer's decision
Version 2
Kind of conflict
Comment
Chunk
Conflicting content 
	@Override
	public OAuth2AccessToken readAccessToken(String accessToken) {
<<<<<<< HEAD
		// First check if the in memory cache has a Token object, and that it is still valid
=======
		// First check if the in memory cache has a Token object, and that it is
		// still valid
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		// If Valid, return it
		TokenCacheObject cacheAuth = checkCache(accessToken);
		if (cacheAuth != null) {
Solution content 
	@Override
	public OAuth2AccessToken readAccessToken(String accessToken) {
		// First check if the in memory cache has a Token object, and that it is
		// still valid
		// If Valid, return it
		TokenCacheObject cacheAuth = checkCache(accessToken);
		if (cacheAuth != null) {
File
IntrospectingTokenService.java
Developer's decision
Version 2
Kind of conflict
Comment
Chunk
Conflicting content 
	public List getAuthorities(JsonObject introspectionResponse);

<<<<<<< HEAD:openid-connect-server/src/main/java/org/mitre/openid/connect/exception/InvalidJwtIssuerException.java
	public InvalidJwtIssuerException(String message) {
		super(message);
	}

=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0:openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionAuthorityGranter.java
}
Solution content 
	public List getAuthorities(JsonObject introspectionResponse);

}
File
IntrospectionAuthorityGranter.java
Developer's decision
Version 2
Kind of conflict
Method declaration
Chunk
Conflicting content 
	 */
	public String getIntrospectionUrl(String accessToken);

<<<<<<< HEAD:openid-connect-server/src/main/java/org/mitre/openid/connect/exception/ExpiredTokenException.java
	public ExpiredTokenException(String message) {
		super(message);
	}

=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0:openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectionUrlProvider.java
}
Solution content 
	 */
	public String getIntrospectionUrl(String accessToken);

}
File
IntrospectionUrlProvider.java
Developer's decision
Version 2
Kind of conflict
Method declaration
Chunk
Conflicting content 
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

<<<<<<< HEAD
import org.apache.commons.lang.StringUtils;
=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
import org.apache.http.impl.client.DefaultHttpClient;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.jwt.signer.service.impl.JWKSetSigningAndValidationServiceCacheService;
Solution content 
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.http.impl.client.DefaultHttpClient;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.jwt.signer.service.impl.JWKSetSigningAndValidationServiceCacheService;
File
OIDCAuthenticationFilter.java
Developer's decision
Version 2
Kind of conflict
Import
Chunk
Conflicting content 
		IssuerServiceResponse issResp = issuerService.getIssuer(request);

<<<<<<< HEAD
=======
		if (issResp == null) {
			logger.error("Null issuer response returned from service.");
			throw new AuthenticationServiceException("No issuer found.");
		}

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		if (issResp.shouldRedirect()) {
			response.sendRedirect(issResp.getRedirectUrl());
		} else {
Solution content 
		IssuerServiceResponse issResp = issuerService.getIssuer(request);

		if (issResp == null) {
			logger.error("Null issuer response returned from service.");
			throw new AuthenticationServiceException("No issuer found.");
		}

		if (issResp.shouldRedirect()) {
			response.sendRedirect(issResp.getRedirectUrl());
		} else {
File
OIDCAuthenticationFilter.java
Developer's decision
Version 2
Kind of conflict
If statement
Chunk
Conflicting content 
			String redirectUri = null;
		} else {
			String issuer = issResp.getIssuer();

<<<<<<< HEAD
			session.setAttribute(ISSUER_SESSION_VARIABLE, issuer);

			ServerConfiguration serverConfig = servers.getServerConfiguration(issuer);
			ClientDetails clientConfig = clients.getClientConfiguration(issuer);

			// our redirect URI is this current URL, with no query parameters
			String redirectUri = request.getRequestURL().toString();
=======
			if (Strings.isNullOrEmpty(issuer)) {
				logger.error("No issuer found: " + issuer);
				throw new AuthenticationServiceException("No issuer found: " + issuer);
			}

			session.setAttribute(ISSUER_SESSION_VARIABLE, issuer);

			ServerConfiguration serverConfig = servers.getServerConfiguration(issuer);
			if (serverConfig == null) {
				logger.error("No server configuration found for issuer: " + issuer);
				throw new AuthenticationServiceException("No server configuration found for issuer: " + issuer);
			}


			RegisteredClient clientConfig = clients.getClientConfiguration(serverConfig);
			if (clientConfig == null) {
				logger.error("No client configuration found for issuer: " + issuer);
				throw new AuthenticationServiceException("No client configuration found for issuer: " + issuer);
			}
			if (clientConfig.getRegisteredRedirectUri() != null && clientConfig.getRegisteredRedirectUri().size() == 1) {
				// if there's a redirect uri configured (and only one), use that
				redirectUri = clientConfig.getRegisteredRedirectUri().toArray(new String[] {})[0];
			} else {
				// otherwise our redirect URI is this current URL, with no query parameters
				redirectUri = request.getRequestURL().toString();
			}
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			session.setAttribute(REDIRECT_URI_SESION_VARIABLE, redirectUri);

			// this value comes back in the id token and is checked there
Solution content 
		} else {
			String issuer = issResp.getIssuer();

			if (Strings.isNullOrEmpty(issuer)) {
				logger.error("No issuer found: " + issuer);
				throw new AuthenticationServiceException("No issuer found: " + issuer);
			}

			session.setAttribute(ISSUER_SESSION_VARIABLE, issuer);

			ServerConfiguration serverConfig = servers.getServerConfiguration(issuer);
			if (serverConfig == null) {
				logger.error("No server configuration found for issuer: " + issuer);
				throw new AuthenticationServiceException("No server configuration found for issuer: " + issuer);
			}


			RegisteredClient clientConfig = clients.getClientConfiguration(serverConfig);
			if (clientConfig == null) {
				logger.error("No client configuration found for issuer: " + issuer);
				throw new AuthenticationServiceException("No client configuration found for issuer: " + issuer);
			}

			String redirectUri = null;
			if (clientConfig.getRegisteredRedirectUri() != null && clientConfig.getRegisteredRedirectUri().size() == 1) {
				// if there's a redirect uri configured (and only one), use that
				redirectUri = clientConfig.getRegisteredRedirectUri().toArray(new String[] {})[0];
			} else {
				// otherwise our redirect URI is this current URL, with no query parameters
				redirectUri = request.getRequestURL().toString();
			}
			session.setAttribute(REDIRECT_URI_SESION_VARIABLE, redirectUri);

			// this value comes back in the id token and is checked there
File
OIDCAuthenticationFilter.java
Developer's decision
Version 2
Kind of conflict
Comment
If statement
Method invocation
Variable
Chunk
Conflicting content 
		// pull the configurations based on that issuer
		ServerConfiguration serverConfig = servers.getServerConfiguration(issuer);
<<<<<<< HEAD
		ClientDetails clientConfig = clients.getClientConfiguration(issuer);
=======
		final RegisteredClient clientConfig = clients.getClientConfiguration(serverConfig);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

		MultiValueMap form = new LinkedMultiValueMap();
		form.add("grant_type", "authorization_code");
Solution content 
		// pull the configurations based on that issuer
		ServerConfiguration serverConfig = servers.getServerConfiguration(issuer);
		final RegisteredClient clientConfig = clients.getClientConfiguration(serverConfig);

		MultiValueMap form = new LinkedMultiValueMap();
		form.add("grant_type", "authorization_code");
File
OIDCAuthenticationFilter.java
Developer's decision
Version 2
Kind of conflict
Method invocation
Variable
Chunk
Conflicting content 
		httpClient.getParams().setParameter("http.socket.timeout", new Integer(httpSocketTimeout));

<<<<<<< HEAD
		/* Use these for basic auth:
		 * 
		UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(clientConfig.getClientId(), clientConfig.getClientSecret());
		httpClient.getCredentialsProvider().setCredentials(AuthScope.ANY, credentials);
		 */
		/* Alternatively, use form-based auth:
		 */
		form.add("client_id", clientConfig.getClientId());
		form.add("client_secret", clientConfig.getClientSecret());
		/**/

=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(httpClient);

		RestTemplate restTemplate;
Solution content 
		httpClient.getParams().setParameter("http.socket.timeout", new Integer(httpSocketTimeout));

		HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(httpClient);

		RestTemplate restTemplate;
File
OIDCAuthenticationFilter.java
Developer's decision
Version 2
Kind of conflict
Comment
Method invocation
Chunk
Conflicting content 
				}

				// compare the nonce to our stored claim
<<<<<<< HEAD
				// FIXME: Nimbus claims as strings?
				String nonce = (String) idClaims.getCustomClaim("nonce");
				if (StringUtils.isBlank(nonce)) {
=======
				// would be nice to have a getClaimAsString() kind of method from nimbus..
				String nonce = (String) idClaims.getClaim("nonce");
				if (Strings.isNullOrEmpty(nonce)) {
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

					logger.error("ID token did not contain a nonce claim.");
Solution content 
				}

				// compare the nonce to our stored claim
				// would be nice to have a getClaimAsString() kind of method from nimbus..
				String nonce = (String) idClaims.getClaim("nonce");
				if (Strings.isNullOrEmpty(nonce)) {

					logger.error("ID token did not contain a nonce claim.");
File
OIDCAuthenticationFilter.java
Developer's decision
Version 2
Kind of conflict
Cast expression
Comment
If statement
Variable
Chunk
Conflicting content 
 * 
 */
public class OIDCAuthenticationProvider implements
<<<<<<< HEAD
AuthenticationProvider, InitializingBean {

	private UserInfoFetcher userInfoFetcher = new UserInfoFetcher();

	private GrantedAuthoritiesMapper authoritiesMapper = new NullAuthoritiesMapper();
=======
AuthenticationProvider {

	private UserInfoFetcher userInfoFetcher = new UserInfoFetcher();
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

	private GrantedAuthoritiesMapper authoritiesMapper = new NamedAdminAuthoritiesMapper();
Solution content 
 * 
 */
public class OIDCAuthenticationProvider implements AuthenticationProvider {

	private UserInfoFetcher userInfoFetcher = new UserInfoFetcher();

	private GrantedAuthoritiesMapper authoritiesMapper = new NamedAdminAuthoritiesMapper();
File
OIDCAuthenticationProvider.java
Developer's decision
Manual
Kind of conflict
Attribute
Method invocation
Chunk
Conflicting content 
		if (authentication instanceof OIDCAuthenticationToken) {

<<<<<<< HEAD
			// Default authorities set
			// TODO: let this be configured
			Collection authorities = Sets.newHashSet(new SimpleGrantedAuthority("ROLE_USER"));
=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

			OIDCAuthenticationToken token = (OIDCAuthenticationToken) authentication;
Solution content 
		if (authentication instanceof OIDCAuthenticationToken) {

			OIDCAuthenticationToken token = (OIDCAuthenticationToken) authentication;
File
OIDCAuthenticationProvider.java
Developer's decision
Version 2
Kind of conflict
Comment
Method invocation
Variable
Chunk
Conflicting content 
			if (userInfo == null) {
				// TODO: user Info not found -- error?
			} else {
<<<<<<< HEAD
				if (!Strings.isNullOrEmpty(userInfo.getSub()) && !userInfo.getSub().equals(token.getUserId())) {
=======
				if (!Strings.isNullOrEmpty(userInfo.getSub()) && !userInfo.getSub().equals(token.getSub())) {
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
					// the userinfo came back and the user_id fields don't match what was in the id_token
					throw new UsernameNotFoundException("user_id mismatch between id_token and user_info call: " + userInfo.getSub() + " / " + token.getSub());
				}
Solution content 
			if (userInfo == null) {
				// TODO: user Info not found -- error?
			} else {
				if (!Strings.isNullOrEmpty(userInfo.getSub()) && !userInfo.getSub().equals(token.getSub())) {
					// the userinfo came back and the user_id fields don't match what was in the id_token
					throw new UsernameNotFoundException("user_id mismatch between id_token and user_info call: " + userInfo.getSub() + " / " + token.getSub());
				}
File
OIDCAuthenticationProvider.java
Developer's decision
Version 2
Kind of conflict
If statement
Chunk
Conflicting content 
				}
			}

<<<<<<< HEAD
			return new OIDCAuthenticationToken(token.getUserId(),
=======
			return new OIDCAuthenticationToken(token.getSub(),
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
					token.getIssuer(),
					userInfo, authoritiesMapper.mapAuthorities(authorities),
					token.getIdTokenValue(), token.getAccessTokenValue(), token.getRefreshTokenValue());
Solution content 
				}
			}

			return new OIDCAuthenticationToken(token.getSub(),
					token.getIssuer(),
					userInfo, authoritiesMapper.mapAuthorities(authorities),
					token.getIdTokenValue(), token.getAccessTokenValue(), token.getRefreshTokenValue());
File
OIDCAuthenticationProvider.java
Developer's decision
Version 2
Kind of conflict
Method invocation
Return statement
Chunk
Conflicting content 
	private String jwkViewName = "jwkKeyList";

	/**
<<<<<<< HEAD
	 * If either the jwkPublishUrl or x509PublishUrl fields are set on this bean, set up a listener on that URL to publish keys.
=======
	 * If the jwkPublishUrl field is set on this bean, set up a listener on that URL to publish keys.
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	 */
	@Override
	public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException {
Solution content 
	private String jwkViewName = "jwkKeyList";

	/**
	 * If the jwkPublishUrl field is set on this bean, set up a listener on that URL to publish keys.
	 */
	@Override
	public void postProcessBeanFactory(ConfigurableListableBeanFactory beanFactory) throws BeansException {
File
ClientKeyPublisher.java
Developer's decision
Version 2
Kind of conflict
Comment
Chunk
Conflicting content 
		// map from key id to key
		Map keys = signingAndValidationService.getAllPublicKeys();

<<<<<<< HEAD
		// TODO: check if keys are empty, return a 404 here or just an empty list?

=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		return new ModelAndView(jwkViewName, "keys", keys);
	}
Solution content 
		// map from key id to key
		Map keys = signingAndValidationService.getAllPublicKeys();

		return new ModelAndView(jwkViewName, "keys", keys);
	}
File
ClientKeyPublisher.java
Developer's decision
Version 2
Kind of conflict
Comment
Chunk
Conflicting content 
public class ClientKeyPublisherMapping extends RequestMappingInfoHandlerMapping {

	private String jwkPublishUrl;
<<<<<<< HEAD
	private String x509PublishUrl;
=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

	/* (non-Javadoc)
	 * @see org.springframework.web.servlet.handler.AbstractHandlerMethodMapping#isHandler(java.lang.Class)
Solution content 
public class ClientKeyPublisherMapping extends RequestMappingInfoHandlerMapping {

	private String jwkPublishUrl;

	/* (non-Javadoc)
	 * @see org.springframework.web.servlet.handler.AbstractHandlerMethodMapping#isHandler(java.lang.Class)
File
ClientKeyPublisherMapping.java
Developer's decision
Version 2
Kind of conflict
Attribute
Chunk
Conflicting content 
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

	/**
	 * Map the "jwkKeyPublish" method to our jwkPublishUrl.
<<<<<<< HEAD
	 * Map the "x509KeyPublish" method to our x509PublishUrl.
	 */
	@Override
	protected RequestMappingInfo getMappingForMethod(Method method, Class handlerType) {

		if (method.getName().equals("publishClientJwk") && getJwkPublishUrl() != null) {
			return new RequestMappingInfo(
					new PatternsRequestCondition(new String[] {getJwkPublishUrl()}, getUrlPathHelper(), getPathMatcher(), false, false),
					null,
					null,
					null,
					null,
					null,
					null);
		} else if (method.getName().equals("publishClientx509") && getX509PublishUrl() != null) {
			return new RequestMappingInfo(
					new PatternsRequestCondition(new String[] {getX509PublishUrl()}, getUrlPathHelper(), getPathMatcher(), false, false),
					null,
					null,
					null,
					null,
					null,
					null);
		} else {
			return null;
		}

	}

	/**
	 * @return the jwkPublishUrl
	 */
	public String getJwkPublishUrl() {
		return jwkPublishUrl;
	}

	/**
	 * @param jwkPublishUrl the jwkPublishUrl to set
	 */
	public void setJwkPublishUrl(String jwkPublishUrl) {
		this.jwkPublishUrl = jwkPublishUrl;
	}

	/**
	 * @return the x509PublishUrl
	 */
	public String getX509PublishUrl() {
		return x509PublishUrl;
	}

	/**
	 * @param x509PublishUrl the x509PublishUrl to set
	 */
	public void setX509PublishUrl(String x509PublishUrl) {
		this.x509PublishUrl = x509PublishUrl;
=======
	 */
	@Override
	protected RequestMappingInfo getMappingForMethod(Method method, Class handlerType) {

		if (method.getName().equals("publishClientJwk") && getJwkPublishUrl() != null) {
			return new RequestMappingInfo(
					new PatternsRequestCondition(new String[] {getJwkPublishUrl()}, getUrlPathHelper(), getPathMatcher(), false, false),
					null,
					null,
					null,
					null,
					null,
					null);
		} else {
			return null;
		}

	}

	/**
	 * @return the jwkPublishUrl
	 */
	public String getJwkPublishUrl() {
		return jwkPublishUrl;
	}

	/**
	 * @param jwkPublishUrl the jwkPublishUrl to set
	 */
	public void setJwkPublishUrl(String jwkPublishUrl) {
		this.jwkPublishUrl = jwkPublishUrl;
	}

}
Solution content 
	/**
	 * Map the "jwkKeyPublish" method to our jwkPublishUrl.
	 */
	@Override
	protected RequestMappingInfo getMappingForMethod(Method method, Class handlerType) {

		if (method.getName().equals("publishClientJwk") && getJwkPublishUrl() != null) {
			return new RequestMappingInfo(
					new PatternsRequestCondition(new String[] {getJwkPublishUrl()}, getUrlPathHelper(), getPathMatcher(), false, false),
					null,
					null,
					null,
					null,
					null,
					null);
		} else {
			return null;
		}

	}

	/**
	 * @return the jwkPublishUrl
	 */
	public String getJwkPublishUrl() {
		return jwkPublishUrl;
	}

	/**
	 * @param jwkPublishUrl the jwkPublishUrl to set
	 */
	public void setJwkPublishUrl(String jwkPublishUrl) {
		this.jwkPublishUrl = jwkPublishUrl;
	}

}
File
ClientKeyPublisherMapping.java
Developer's decision
Version 2
Kind of conflict
Annotation
Attribute
Comment
Method declaration
Method signature
Chunk
Conflicting content 
	private String jwkViewName = "jwkKeyList";
	private View jwk;

<<<<<<< HEAD
	private String x509ViewName = "x509certs";
	private View x509;

=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	private int order = HIGHEST_PRECEDENCE; // highest precedence, most specific -- avoids hitting the catch-all view resolvers

	/**
Solution content 
	private String jwkViewName = "jwkKeyList";
	private View jwk;

	private int order = HIGHEST_PRECEDENCE; // highest precedence, most specific -- avoids hitting the catch-all view resolvers

	/**
File
JwkViewResolver.java
Developer's decision
Version 2
Kind of conflict
Attribute
Chunk
Conflicting content 
	}

	/**
<<<<<<< HEAD
	 * @return the x509
	 */
	public View getX509() {
		return x509;
	}

	/**
	 * @param x509 the x509 to set
	 */
	public void setX509(View x509) {
		this.x509 = x509;
	}

	/**
=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	 * @return the jwk
	 */
	public View getJwk() {
Solution content 
	}

	/**
	 * @return the jwk
	 */
	public View getJwk() {
File
JwkViewResolver.java
Developer's decision
Version 2
Kind of conflict
Comment
Method declaration
Chunk
Conflicting content 
	public View getJwk() {
		return jwk;
	}
<<<<<<< HEAD

	/**
	 * @param jwk the jwk to set
	 */
	public void setJwk(View jwk) {
		this.jwk = jwk;
	}

	/**
	 * @return the order
	 */
	@Override
	public int getOrder() {
		return order;
	}

	/**
	 * @param order the order to set
	 */
	public void setOrder(int order) {
		this.order = order;
	}

	/**
	 * @return the jwkViewName
	 */
	public String getJwkViewName() {
		return jwkViewName;
	}

	/**
	 * @param jwkViewName the jwkViewName to set
	 */
	public void setJwkViewName(String jwkViewName) {
		this.jwkViewName = jwkViewName;
	}

	/**
	 * @return the x509ViewName
	 */
	public String getX509ViewName() {
		return x509ViewName;
	}

	/**
	 * @param x509ViewName the x509ViewName to set
	 */
	public void setX509ViewName(String x509ViewName) {
		this.x509ViewName = x509ViewName;
=======

	/**
	 * @param jwk the jwk to set
	 */
	public void setJwk(View jwk) {
		this.jwk = jwk;
	}

	/**
	 * @return the order
	 */
	@Override
	public int getOrder() {
		return order;
	}

	/**
	 * @param order the order to set
	 */
	public void setOrder(int order) {
		this.order = order;
	}

	/**
	 * @return the jwkViewName
	 */
	public String getJwkViewName() {
		return jwkViewName;
	}

	/**
	 * @param jwkViewName the jwkViewName to set
	 */
	public void setJwkViewName(String jwkViewName) {
		this.jwkViewName = jwkViewName;
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	}

}
Solution content 
	public View getJwk() {
		return jwk;
	}

	/**
	 * @param jwk the jwk to set
	 */
	public void setJwk(View jwk) {
		this.jwk = jwk;
	}

	/**
	 * @return the order
	 */
	@Override
	public int getOrder() {
		return order;
	}

	/**
	 * @param order the order to set
	 */
	public void setOrder(int order) {
		this.order = order;
	}

	/**
	 * @return the jwkViewName
	 */
	public String getJwkViewName() {
		return jwkViewName;
	}

	/**
	 * @param jwkViewName the jwkViewName to set
	 */
	public void setJwkViewName(String jwkViewName) {
		this.jwkViewName = jwkViewName;
	}

}
File
JwkViewResolver.java
Developer's decision
Version 2
Kind of conflict
Annotation
Attribute
Comment
Method declaration
Method signature
Chunk
Conflicting content 
	 * @param state
	 * @return
	 */
<<<<<<< HEAD
	public String buildAuthRequestUrl(ServerConfiguration serverConfig, ClientDetails clientConfig, String redirectUri, String nonce, String state);
=======
	public String buildAuthRequestUrl(ServerConfiguration serverConfig, RegisteredClient clientConfig, String redirectUri, String nonce, String state);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

}
Solution content 
	 * @param state
	 * @return
	 */
	public String buildAuthRequestUrl(ServerConfiguration serverConfig, RegisteredClient clientConfig, String redirectUri, String nonce, String state);

}
File
AuthRequestUrlBuilder.java
Developer's decision
Version 2
Kind of conflict
Method interface
Chunk
Conflicting content 
 */
public interface ClientConfigurationService {

<<<<<<< HEAD
	public ClientDetails getClientConfiguration(String issuer);
=======
	public RegisteredClient getClientConfiguration(ServerConfiguration issuer);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

}
Solution content 
 */
public interface ClientConfigurationService {

	public RegisteredClient getClientConfiguration(ServerConfiguration issuer);

}
File
ClientConfigurationService.java
Developer's decision
Version 2
Kind of conflict
Method interface
Chunk
Conflicting content 
public class StaticClientConfigurationService implements ClientConfigurationService {

	// Map of issuer URL -> client configuration information
<<<<<<< HEAD
	private Map clients;
=======
	private Map clients;
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

	/**
	 * @return the clients
Solution content 
	 * @return the clients
public class StaticClientConfigurationService implements ClientConfigurationService {

	// Map of issuer URL -> client configuration information
	private Map clients;

	/**
File
StaticClientConfigurationService.java
Developer's decision
Version 2
Kind of conflict
Attribute
Chunk
Conflicting content 
	 * @see org.mitre.openid.connect.client.service.ClientConfigurationService#getClientConfiguration(java.lang.String)
	 */
	@Override
<<<<<<< HEAD
	public ClientDetails getClientConfiguration(String issuer) {

		return clients.get(issuer);
	}

	/* (non-Javadoc)
	 * @see org.springframework.beans.factory.InitializingBean#afterPropertiesSet()
	 */
	@Override
=======
	public RegisteredClient getClientConfiguration(ServerConfiguration issuer) {

		return clients.get(issuer.getIssuer());
	}

	@PostConstruct
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	public void afterPropertiesSet() throws Exception {
		if (clients == null || clients.isEmpty()) {
			throw new IllegalArgumentException("Clients map cannot be null or empty");
Solution content 
	 * @see org.mitre.openid.connect.client.service.ClientConfigurationService#getClientConfiguration(java.lang.String)
	 */
	@Override
	public RegisteredClient getClientConfiguration(ServerConfiguration issuer) {

		return clients.get(issuer.getIssuer());
	}

	@PostConstruct
	public void afterPropertiesSet() throws Exception {
		if (clients == null || clients.isEmpty()) {
			throw new IllegalArgumentException("Clients map cannot be null or empty");
File
StaticClientConfigurationService.java
Developer's decision
Version 2
Kind of conflict
Annotation
Comment
Method declaration
Chunk
Conflicting content 
		return servers.get(issuer);
	}

<<<<<<< HEAD
	/* (non-Javadoc)
	 * @see org.springframework.beans.factory.InitializingBean#afterPropertiesSet()
	 */
	@Override
=======
	@PostConstruct
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	public void afterPropertiesSet() throws Exception {
		if (servers == null || servers.isEmpty()) {
			throw new IllegalArgumentException("Servers map cannot be null or empty.");
Solution content 
		return servers.get(issuer);
	}

	@PostConstruct
	public void afterPropertiesSet() throws Exception {
		if (servers == null || servers.isEmpty()) {
			throw new IllegalArgumentException("Servers map cannot be null or empty.");
File
StaticServerConfigurationService.java
Developer's decision
Version 2
Kind of conflict
Annotation
Comment
Chunk
Conflicting content 
 * @author jricher
 *
 */
<<<<<<< HEAD
public class StaticSingleIssuerService implements IssuerService, InitializingBean {
=======
public class StaticSingleIssuerService implements IssuerService {
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

	private String issuer;
Solution content 
 * @author jricher
 *
 */
public class StaticSingleIssuerService implements IssuerService {

	private String issuer;
File
StaticSingleIssuerService.java
Developer's decision
Version 2
Kind of conflict
Class signature
Chunk
Conflicting content 
		return new IssuerServiceResponse(getIssuer(), null, null);
	}

<<<<<<< HEAD
	/* (non-Javadoc)
	 * @see org.springframework.beans.factory.InitializingBean#afterPropertiesSet()
	 */
	@Override
=======
	@PostConstruct
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	public void afterPropertiesSet() throws Exception {

		if (Strings.isNullOrEmpty(issuer)) {
Solution content 
		return new IssuerServiceResponse(getIssuer(), null, null);
	}

	@PostConstruct
	public void afterPropertiesSet() throws Exception {

		if (Strings.isNullOrEmpty(issuer)) {
File
StaticSingleIssuerService.java
Developer's decision
Version 2
Kind of conflict
Annotation
Comment
Chunk
Conflicting content 
	private String accountChooserUrl;

<<<<<<< HEAD
=======
	private Set whitelist = new HashSet();
	private Set blacklist = new HashSet();

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	/* (non-Javadoc)
	 * @see org.mitre.openid.connect.client.service.IssuerService#getIssuer(javax.servlet.http.HttpServletRequest)
	 */
Solution content 
	private String accountChooserUrl;

	private Set whitelist = new HashSet();
	private Set blacklist = new HashSet();

	/* (non-Javadoc)
	 * @see org.mitre.openid.connect.client.service.IssuerService#getIssuer(javax.servlet.http.HttpServletRequest)
	 */
File
ThirdPartyIssuerService.java
Developer's decision
Version 2
Kind of conflict
Attribute
Method invocation
Chunk
Conflicting content 
	/* (non-Javadoc)
	 * @see org.springframework.beans.factory.InitializingBean#afterPropertiesSet()
	 */
<<<<<<< HEAD
	@Override
=======
	@PostConstruct
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	public void afterPropertiesSet() throws Exception {
		if (Strings.isNullOrEmpty(this.accountChooserUrl)) {
			throw new IllegalArgumentException("Account Chooser URL cannot be null or empty");
Solution content 
	/* (non-Javadoc)
	 * @see org.springframework.beans.factory.InitializingBean#afterPropertiesSet()
	 */
	@PostConstruct
	public void afterPropertiesSet() throws Exception {
		if (Strings.isNullOrEmpty(this.accountChooserUrl)) {
			throw new IllegalArgumentException("Account Chooser URL cannot be null or empty");
File
ThirdPartyIssuerService.java
Developer's decision
Version 2
Kind of conflict
Annotation
Chunk
Conflicting content 
		this.jwkSet = jwkSet;
	}

<<<<<<< HEAD
	/* (non-Javadoc)
	 * @see org.springframework.beans.factory.InitializingBean#afterPropertiesSet()
	 */
	@Override
=======
	@PostConstruct
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	public void afterPropertiesSet() throws Exception {

		if (jwkSet == null) {
Solution content 
		this.jwkSet = jwkSet;
	}

	@PostConstruct
	public void afterPropertiesSet() throws Exception {

		if (jwkSet == null) {
File
JWKSetKeyStore.java
Developer's decision
Version 2
Kind of conflict
Annotation
Comment
Chunk
Conflicting content 
package org.mitre.jwt.signer.service;

import java.security.NoSuchAlgorithmException;
<<<<<<< HEAD
=======
import java.util.Collection;
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
import java.util.Map;

import com.nimbusds.jose.JWSAlgorithm;
Solution content 
package org.mitre.jwt.signer.service;

import java.security.NoSuchAlgorithmException;
import java.util.Collection;
import java.util.Map;

import com.nimbusds.jose.JWSAlgorithm;
File
JwtSigningAndValidationService.java
Developer's decision
Version 2
Kind of conflict
Import
Chunk
Conflicting content 
	 * @return
	 */
	public JWSAlgorithm getDefaultSigningAlgorithm();
<<<<<<< HEAD
=======

	/**
	 * Get the list of all signing algorithms supported by this service.
	 * @return
	 */
	public Collection getAllSigningAlgsSupported();
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

	/**
	 * Sign a jwt using the selected algorithm. The algorithm is selected using the String parameter values specified
Solution content 
	 * @return
	 */
	public JWSAlgorithm getDefaultSigningAlgorithm();

	/**
	 * Get the list of all signing algorithms supported by this service.
	 * @return
	 */
	public Collection getAllSigningAlgsSupported();

	/**
	 * Sign a jwt using the selected algorithm. The algorithm is selected using the String parameter values specified
File
JwtSigningAndValidationService.java
Developer's decision
Version 2
Kind of conflict
Comment
Method interface
Chunk
Conflicting content 
	 */
		buildSignersAndVerifiers();
	}

<<<<<<< HEAD
=======
	@PostConstruct
	public void afterPropertiesSet() throws NoSuchAlgorithmException, InvalidKeySpecException{

		if (keys == null) {
			throw new IllegalArgumentException("Signing and validation service must have at least one key configured.");
		}

		buildSignersAndVerifiers();

		logger.info("DefaultJwtSigningAndValidationService is ready: " + this.toString());
	}

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	/**
	 * @return the defaultSignerKeyId
Solution content 
		buildSignersAndVerifiers();
	}

	@PostConstruct
	public void afterPropertiesSet() throws NoSuchAlgorithmException, InvalidKeySpecException{

		if (keys == null) {
			throw new IllegalArgumentException("Signing and validation service must have at least one key configured.");
		}

		buildSignersAndVerifiers();

		logger.info("DefaultJwtSigningAndValidationService is ready: " + this.toString());
	}

	/**
	 * @return the defaultSignerKeyId
	 */
File
DefaultJwtSigningAndValidationService.java
Developer's decision
Version 2
Kind of conflict
Annotation
Method declaration
Chunk
Conflicting content 
	public JWSAlgorithm getDefaultSigningAlgorithm() {
		return defaultAlgorithm;
	}
<<<<<<< HEAD

	public void setDefaultSigningAlgorithmName(String algName) {
		defaultAlgorithm = JWSAlgorithm.parse(algName);
	}

	public String getDefaultSigningAlgorithmName() {
		if (defaultAlgorithm != null) {
			return defaultAlgorithm.getName();
		} else {
			return null;
		}
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * org.springframework.beans.factory.InitializingBean#afterPropertiesSet()
	 */
	@Override
	public void afterPropertiesSet() throws NoSuchAlgorithmException, InvalidKeySpecException{
=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

	public void setDefaultSigningAlgorithmName(String algName) {
		defaultAlgorithm = JWSAlgorithm.parse(algName);
Solution content 
	public JWSAlgorithm getDefaultSigningAlgorithm() {
		return defaultAlgorithm;
	}

	public void setDefaultSigningAlgorithmName(String algName) {
		defaultAlgorithm = JWSAlgorithm.parse(algName);
	}

	public String getDefaultSigningAlgorithmName() {
		if (defaultAlgorithm != null) {
			return defaultAlgorithm.getName();
		} else {
			return null;
		}
	}

	/**
	 * Build all of the signers and verifiers for this based on the key map.
	 * @throws InvalidKeySpecException If the keys in the JWKs are not valid
	 * @throws NoSuchAlgorithmException If there is no appropriate algorithm to tie the keys to.
	 */
	private void buildSignersAndVerifiers() throws NoSuchAlgorithmException, InvalidKeySpecException {
		for (Map.Entry jwkEntry : keys.entrySet()) {

			String id = jwkEntry.getKey();
			JWK jwk = jwkEntry.getValue();

			if (jwk instanceof RSAKey) {
				// build RSA signers & verifiers

				if (jwk.isPrivate()) { // only add the signer if there's a private key
					RSASSASigner signer = new RSASSASigner(((RSAKey) jwk).toRSAPrivateKey());
					signers.put(id, signer);
				}

				RSASSAVerifier verifier = new RSASSAVerifier(((RSAKey) jwk).toRSAPublicKey());
				verifiers.put(id, verifier);

			} else if (jwk instanceof ECKey) {
				// build EC signers & verifiers

				// TODO: add support for EC keys
				logger.warn("EC Keys are not yet supported.");

			} else if (jwk instanceof OctetSequenceKey) {
				// build HMAC signers & verifiers

				if (jwk.isPrivate()) { // technically redundant check because all HMAC keys are private
					MACSigner signer = new MACSigner(((OctetSequenceKey) jwk).toByteArray());
					signers.put(id, signer);
				}

				MACVerifier verifier = new MACVerifier(((OctetSequenceKey) jwk).toByteArray());
				verifiers.put(id, verifier);

			} else {
				logger.warn("Unknown key type: " + jwk);
			}
		}
	}

	/**
	 * Sign a jwt in place using the configured default signer.
	 */
	@Override
	public void signJwt(SignedJWT jwt) {
		if (getDefaultSignerKeyId() == null) {
			throw new IllegalStateException("Tried to call default signing with no default signer ID set");
		}

		JWSSigner signer = signers.get(getDefaultSignerKeyId());

		try {
			jwt.sign(signer);
		} catch (JOSEException e) {

			logger.error("Failed to sign JWT, error was: ", e);
		}

	}

	@Override
	public boolean validateSignature(SignedJWT jwt) {

		for (JWSVerifier verifier : verifiers.values()) {
			try {
				if (jwt.verify(verifier)) {
					return true;
				}
			} catch (JOSEException e) {

				logger.error("Failed to validate signature, error was: ", e);
			}
		}
		return false;
	}

	@Override
	public Map getAllPublicKeys() {
		Map pubKeys = new HashMap();

		// pull all keys out of the verifiers if we know how
		for (String keyId : keys.keySet()) {
			JWK key = keys.get(keyId);
			JWK pub = key.toPublicJWK();
			if (pub != null) {
				pubKeys.put(keyId, pub);
			}
		}

		return pubKeys;
	}

	/* (non-Javadoc)
	 * @see org.mitre.jwt.signer.service.JwtSigningAndValidationService#getAllSigningAlgsSupported()
	 */
	@Override
	public Collection getAllSigningAlgsSupported() {

		Set algs = new HashSet();

		for (JWSSigner signer : signers.values()) {
			algs.addAll(signer.supportedAlgorithms());
		}

		for (JWSVerifier verifier : verifiers.values()) {
			algs.addAll(verifier.supportedAlgorithms());
		}

		return algs;

	}
}
File
DefaultJwtSigningAndValidationService.java
Developer's decision
Manual
Kind of conflict
Annotation
Comment
Method declaration
Method signature
Chunk
Conflicting content 
		} else {
			return null;
		}
<<<<<<< HEAD

		buildSignersAndVerifiers();

		logger.info("DefaultJwtSigningAndValidationService is ready: " + this.toString());
=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	}

	/**
Solution content 
	 * @param keys
/*******************************************************************************
 * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
 * 
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 * 
 *   http://www.apache.org/licenses/LICENSE-2.0
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 ******************************************************************************/
package org.mitre.jwt.signer.service.impl;

import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;

import javax.annotation.PostConstruct;

import org.mitre.jose.keystore.JWKSetKeyStore;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.google.common.base.Strings;
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSSigner;
import com.nimbusds.jose.JWSVerifier;
import com.nimbusds.jose.crypto.MACSigner;
import com.nimbusds.jose.crypto.MACVerifier;
import com.nimbusds.jose.crypto.RSASSASigner;
import com.nimbusds.jose.crypto.RSASSAVerifier;
import com.nimbusds.jose.jwk.ECKey;
import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jose.jwk.OctetSequenceKey;
import com.nimbusds.jose.jwk.RSAKey;
import com.nimbusds.jwt.SignedJWT;

public class DefaultJwtSigningAndValidationService implements JwtSigningAndValidationService {

	// map of identifier to signer
	private Map signers = new HashMap();

	// map of identifier to verifier
	private Map verifiers = new HashMap();

	private static Logger logger = LoggerFactory.getLogger(DefaultJwtSigningAndValidationService.class);

	private String defaultSignerKeyId;

	private JWSAlgorithm defaultAlgorithm;

	// map of identifier to key
	private Map keys = new HashMap();

	/**
	 * Build this service based on the keys given. All public keys will be used
	 * to make verifiers, all private keys will be used to make signers.
	 * 
	 *            A map of key identifier to key
	 * 
	 * @throws InvalidKeySpecException
	 *             If the keys in the JWKs are not valid
	 * @throws NoSuchAlgorithmException
	 *             If there is no appropriate algorithm to tie the keys to.
	 */
	public DefaultJwtSigningAndValidationService(Map keys) throws NoSuchAlgorithmException, InvalidKeySpecException {
		this.keys = keys;
		buildSignersAndVerifiers();
	}

	/**
	 * Build this service based on the given keystore. All keys must have a key
	 * id ({@code kid}) field in order to be used.
	 * 
	 * @param keyStore
	 *            the keystore to load all keys from
	 * 
	 * @throws InvalidKeySpecException
	 *             If the keys in the JWKs are not valid
	 * @throws NoSuchAlgorithmException
	 *             If there is no appropriate algorithm to tie the keys to.
	 */
	public DefaultJwtSigningAndValidationService(JWKSetKeyStore keyStore) throws NoSuchAlgorithmException, InvalidKeySpecException {
		// convert all keys in the keystore to a map based on key id
		for (JWK key : keyStore.getKeys()) {
			if (!Strings.isNullOrEmpty(key.getKeyID())) {
				this.keys.put(key.getKeyID(), key);
			} else {
				throw new IllegalArgumentException("Tried to load a key from a keystore without a 'kid' field: " + key);
			}
		}
		buildSignersAndVerifiers();
	}

	@PostConstruct
	public void afterPropertiesSet() throws NoSuchAlgorithmException, InvalidKeySpecException{

		if (keys == null) {
			throw new IllegalArgumentException("Signing and validation service must have at least one key configured.");
		}

		buildSignersAndVerifiers();

		logger.info("DefaultJwtSigningAndValidationService is ready: " + this.toString());
	}

	/**
	 * @return the defaultSignerKeyId
	 */
	public String getDefaultSignerKeyId() {
		return defaultSignerKeyId;
	}

	/**
	 * @param defaultSignerKeyId the defaultSignerKeyId to set
	 */
	public void setDefaultSignerKeyId(String defaultSignerId) {
		this.defaultSignerKeyId = defaultSignerId;
	}

	/**
	 * @return
	 */
	@Override
	public JWSAlgorithm getDefaultSigningAlgorithm() {
		return defaultAlgorithm;
	}

	public void setDefaultSigningAlgorithmName(String algName) {
		defaultAlgorithm = JWSAlgorithm.parse(algName);
	}

	public String getDefaultSigningAlgorithmName() {
		if (defaultAlgorithm != null) {
			return defaultAlgorithm.getName();
		} else {
			return null;
		}
	}

	/**
File
DefaultJwtSigningAndValidationService.java
Developer's decision
Manual
Kind of conflict
Method invocation
Chunk
Conflicting content 
		try {
			jwt.sign(signer);
		} catch (JOSEException e) {
<<<<<<< HEAD
			// TODO Auto-generated catch block
			e.printStackTrace();
=======

			logger.error("Failed to sign JWT, error was: ", e);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		}

	}
Solution content 
		try {
			jwt.sign(signer);
		} catch (JOSEException e) {

			logger.error("Failed to sign JWT, error was: ", e);
		}

	}
File
DefaultJwtSigningAndValidationService.java
Developer's decision
Version 2
Kind of conflict
Comment
Method invocation
Chunk
Conflicting content 
					return true;
				}
			} catch (JOSEException e) {
<<<<<<< HEAD
				// TODO Auto-generated catch block
				e.printStackTrace();
=======

				logger.error("Failed to validate signature, error was: ", e);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			}
		}
		return false;
Solution content 
					return true;
				}
			} catch (JOSEException e) {

				logger.error("Failed to validate signature, error was: ", e);
			}
		}
		return false;
File
DefaultJwtSigningAndValidationService.java
Developer's decision
Version 2
Kind of conflict
Comment
Method invocation
Chunk
Conflicting content 
		return pubKeys;
	}

<<<<<<< HEAD
=======
	/* (non-Javadoc)
	 * @see org.mitre.jwt.signer.service.JwtSigningAndValidationService#getAllSigningAlgsSupported()
	 */
	@Override
	public Collection getAllSigningAlgsSupported() {

		Set algs = new HashSet();

		for (JWSSigner signer : signers.values()) {
			algs.addAll(signer.supportedAlgorithms());
		}

		for (JWSVerifier verifier : verifiers.values()) {
			algs.addAll(verifier.supportedAlgorithms());
		}

		return algs;

	}

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
}
Solution content 
		return pubKeys;
	}

	/* (non-Javadoc)
	 * @see org.mitre.jwt.signer.service.JwtSigningAndValidationService#getAllSigningAlgsSupported()
	 */
	@Override
	public Collection getAllSigningAlgsSupported() {

		Set algs = new HashSet();

		for (JWSSigner signer : signers.values()) {
			algs.addAll(signer.supportedAlgorithms());
		}

		for (JWSVerifier verifier : verifiers.values()) {
			algs.addAll(verifier.supportedAlgorithms());
		}

		return algs;

	}
}
File
DefaultJwtSigningAndValidationService.java
Developer's decision
Version 2
Kind of conflict
Annotation
Comment
Method declaration
Chunk
Conflicting content 
import com.google.common.cache.CacheBuilder;
import com.google.common.cache.CacheLoader;
<<<<<<< HEAD
=======
import com.google.common.cache.LoadingCache;
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
import com.nimbusds.jose.jwk.JWKSet;

/**
Solution content 
import com.google.common.cache.CacheBuilder;
import com.google.common.cache.CacheLoader;
import com.google.common.cache.LoadingCache;
import com.nimbusds.jose.jwk.JWKSet;

/**
File
JWKSetSigningAndValidationServiceCacheService.java
Developer's decision
Version 2
Kind of conflict
Import
Chunk
Conflicting content 
/**
 * 
<<<<<<< HEAD
 * Creates a
=======
 * Creates a caching map of JOSE signers and validators keyed on the JWK Set URI.
 * Dynamically loads JWK Sets to create the signing and validation services.
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
 * 
 * @author jricher
 *
Solution content 
/**
 * 
 * Creates a caching map of JOSE signers and validators keyed on the JWK Set URI.
 * Dynamically loads JWK Sets to create the signing and validation services.
 * 
 * @author jricher
 *
File
JWKSetSigningAndValidationServiceCacheService.java
Developer's decision
Version 2
Kind of conflict
Comment
Chunk
Conflicting content 
	 * @throws ExecutionException
	 * @see com.google.common.cache.Cache#get(java.lang.Object)
	 */
<<<<<<< HEAD
	public JwtSigningAndValidationService get(String key) {
		try {
			return cache.get(key);
		} catch (ExecutionException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
=======
	public JwtSigningAndValidationService get(String jwksUri) {
		try {
			return cache.get(jwksUri);
		} catch (ExecutionException e) {
			logger.warn("Couldn't load JWK Set from " + jwksUri, e);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			return null;
		}
	}
Solution content 
	 * @throws ExecutionException
	 * @see com.google.common.cache.Cache#get(java.lang.Object)
	 */
	public JwtSigningAndValidationService get(String jwksUri) {
		try {
			return cache.get(jwksUri);
		} catch (ExecutionException e) {
			logger.warn("Couldn't load JWK Set from " + jwksUri, e);
			return null;
		}
	}
File
JWKSetSigningAndValidationServiceCacheService.java
Developer's decision
Version 2
Kind of conflict
Catch clause
Comment
Method invocation
Method signature
Return statement
Try statement
Chunk
Conflicting content 
	private String code;

<<<<<<< HEAD
	private OAuth2Authentication authentication;
=======
	private AuthorizationRequestHolder authorizationRequestHolder;
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

	/**
	 * Default constructor.
Solution content 
	private String code;

	private OAuth2Authentication authentication;

	/**
	 * Default constructor.
File
AuthorizationCodeEntity.java
Developer's decision
Version 1
Kind of conflict
Attribute
Chunk
Conflicting content 
	 */
	@Id
	@GeneratedValue(strategy = GenerationType.IDENTITY)
<<<<<<< HEAD
=======
	@Column(name = "id")
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	public Long getId() {
		return id;
	}
Solution content 
	 */
	@Id
	@GeneratedValue(strategy = GenerationType.IDENTITY)
	@Column(name = "id")
	public Long getId() {
		return id;
	}
File
AuthorizationCodeEntity.java
Developer's decision
Version 2
Kind of conflict
Annotation
Chunk
Conflicting content 
	@ElementCollection(fetch = FetchType.EAGER)
	@CollectionTable(
			name="client_response_type",
<<<<<<< HEAD
			joinColumns=@JoinColumn(name="response_type")
=======
			joinColumns=@JoinColumn(name="owner_id")
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			)
	@Column(name="response_type")
	public Set getResponseTypes() {
Solution content 
	@ElementCollection(fetch = FetchType.EAGER)
	@CollectionTable(
			name="client_response_type",
			joinColumns=@JoinColumn(name="owner_id")
			)
	@Column(name="response_type")
	public Set getResponseTypes() {
File
ClientDetailsEntity.java
Developer's decision
Version 2
Kind of conflict
Annotation
Chunk
Conflicting content 
	public ClientDetailsEntity getClient() {
		return client;
	}
<<<<<<< HEAD

	/**
	 * @param client the client to set
	 */
	public void setClient(ClientDetailsEntity client) {
		this.client = client;
	}

	/**
	 * Get the string-encoded value of this access token.
	 */
	@Override
	@Basic
	@Column(name="token_value")
	public String getValue() {
		return jwtValue.serialize();
	}

	/**
=======

	/**
	 * @param client the client to set
	 */
	public void setClient(ClientDetailsEntity client) {
		this.client = client;
	}

	/**
	 * Get the string-encoded value of this access token.
	 */
	@Override
	@Basic
	@Column(name="token_value")
	public String getValue() {
		return jwtValue.serialize();
	}

	/**
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	 * Set the "value" of this Access Token
	 * 
	 * @param value the JWT string
Solution content 
	public ClientDetailsEntity getClient() {
		return client;
	}

	/**
	 * @param client the client to set
	 */
	public void setClient(ClientDetailsEntity client) {
		this.client = client;
	}

	/**
	 * Get the string-encoded value of this access token.
	 */
	@Override
	@Basic
	@Column(name="token_value")
	public String getValue() {
		return jwtValue.serialize();
	}

	/**
	 * Set the "value" of this Access Token
	 * 
	 * @param value the JWT string
File
OAuth2AccessTokenEntity.java
Developer's decision
Version 1
Kind of conflict
Annotation
Comment
Method declaration
Chunk
Conflicting content 
	@Override
	@Basic
	@Temporal(javax.persistence.TemporalType.TIMESTAMP)
<<<<<<< HEAD
=======
	@Column(name = "expiration")
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	public Date getExpiration() {
		return expiration;
	}
Solution content 
	@Override
	@Basic
	@Temporal(javax.persistence.TemporalType.TIMESTAMP)
	@Column(name = "expiration")
	public Date getExpiration() {
		return expiration;
	}
File
OAuth2AccessTokenEntity.java
Developer's decision
Version 2
Kind of conflict
Annotation
Chunk
Conflicting content 
	public void setRefreshToken(OAuth2RefreshToken refreshToken) {
		if (!(refreshToken instanceof OAuth2RefreshTokenEntity)) {
<<<<<<< HEAD
			// TODO: make a copy constructor instead....
=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			throw new IllegalArgumentException("Not a storable refresh token entity!");
		}
		// force a pass through to the entity version
Solution content 
	public void setRefreshToken(OAuth2RefreshToken refreshToken) {
		if (!(refreshToken instanceof OAuth2RefreshTokenEntity)) {
			throw new IllegalArgumentException("Not a storable refresh token entity!");
		}
		// force a pass through to the entity version
File
OAuth2AccessTokenEntity.java
Developer's decision
Version 2
Kind of conflict
Comment
Chunk
Conflicting content 
		}
	}

<<<<<<< HEAD

=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
}
Solution content 
		}
	}

}
File
OAuth2AccessTokenEntity.java
Developer's decision
Version 1
Kind of conflict
Blank
Chunk
Conflicting content 
	@Basic
	@Temporal(javax.persistence.TemporalType.TIMESTAMP)
<<<<<<< HEAD
=======
	@Column(name = "expiration")
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	public Date getExpiration() {
		return expiration;
	}
Solution content 
	@Basic
	@Temporal(javax.persistence.TemporalType.TIMESTAMP)
	@Column(name = "expiration")
	public Date getExpiration() {
		return expiration;
	}
File
OAuth2RefreshTokenEntity.java
Developer's decision
Version 2
Kind of conflict
Annotation
Chunk
Conflicting content 
		return true;
	}

<<<<<<< HEAD
=======
	@Override
	public String toString() {
		return "SystemScope [value=" + value + ", description=" + description + ", icon=" + icon + ", allowDynReg=" + allowDynReg + ", defaultScope=" + defaultScope + "]";
	}

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0


}
Solution content 
		return true;
	}

	@Override
	public String toString() {
		return "SystemScope [value=" + value + ", description=" + description + ", icon=" + icon + ", allowDynReg=" + allowDynReg + ", defaultScope=" + defaultScope + "]";
	}

}
File
SystemScope.java
Developer's decision
Combination
Kind of conflict
Annotation
Method declaration
Chunk
Conflicting content 
	 * @return							the authentication associated with the code
	 * @throws InvalidGrantException	if no AuthorizationCodeEntity is found with the given value
	 */
<<<<<<< HEAD
	public OAuth2Authentication consume(String code) throws InvalidGrantException;
=======
	public AuthorizationRequestHolder consume(String code) throws InvalidGrantException;
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

}
Solution content 
	 * @return							the authentication associated with the code
	 * @throws InvalidGrantException	if no AuthorizationCodeEntity is found with the given value
	 */
	public OAuth2Authentication consume(String code) throws InvalidGrantException;

}
File
AuthorizationCodeRepository.java
Developer's decision
Version 1
Kind of conflict
Method interface
Chunk
Conflicting content 
	 */
	public OAuth2AccessTokenEntity getAccessTokenForIdToken(OAuth2AccessTokenEntity idToken);

<<<<<<< HEAD
=======
	public Set getAllAccessTokens();

	public Set getAllRefreshTokens();

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
}
Solution content 
	 */
	public OAuth2AccessTokenEntity getAccessTokenForIdToken(OAuth2AccessTokenEntity idToken);

	public Set getAllAccessTokens();

	public Set getAllRefreshTokens();

}
File
OAuth2TokenRepository.java
Developer's decision
Version 2
Kind of conflict
Method interface
Chunk
Conflicting content 
	 */
	public OAuth2AccessTokenEntity getAccessTokenForIdToken(OAuth2AccessTokenEntity idToken);

<<<<<<< HEAD
=======
	public OAuth2AccessTokenEntity getAccessTokenById(Long id);

	public OAuth2RefreshTokenEntity getRefreshTokenById(Long id);

	public Set getAllAccessTokensForUser(String name);

	public Set getAllRefreshTokensForUser(String name);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
}
Solution content 
	 */
	public OAuth2AccessTokenEntity getAccessTokenForIdToken(OAuth2AccessTokenEntity idToken);

	public OAuth2AccessTokenEntity getAccessTokenById(Long id);

	public OAuth2RefreshTokenEntity getRefreshTokenById(Long id);

	public Set getAllAccessTokensForUser(String name);

	public Set getAllRefreshTokensForUser(String name);
}
File
OAuth2TokenEntityService.java
Developer's decision
Version 2
Kind of conflict
Method interface
Chunk
Conflicting content 
	}

<<<<<<< HEAD
=======
	/**
	 * Endpoints protected by TLS must have https scheme in the URI.
	 */
	@PostConstruct
	public void checkForHttps() {
		if (!StringUtils.startsWithIgnoreCase(issuer, "https")) {
			logger.warn("Configured issuer url is not using https scheme.");
		}
	}

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	/**
	 * @return the issuer baseUrl
	 */
Solution content 
	}

	/**
	 * Endpoints protected by TLS must have https scheme in the URI.
	 */
	@PostConstruct
	public void checkForHttps() {
		if (!StringUtils.startsWithIgnoreCase(issuer, "https")) {
			logger.warn("Configured issuer url is not using https scheme.");
		}
	}

	/**
	 * @return the issuer baseUrl
	 */
File
ConfigurationPropertiesBean.java
Developer's decision
Version 2
Kind of conflict
Annotation
Comment
Method declaration
Chunk
Conflicting content 
		this.userInfoUri = userInfoUri;
	}

<<<<<<< HEAD
}
=======
	/**
	 * @return the registrationEndpointUri
	 */
	public String getRegistrationEndpointUri() {
		return registrationEndpointUri;
	}

	/**
	 * @param registrationEndpointUri the registrationEndpointUri to set
	 */
	public void setRegistrationEndpointUri(String registrationEndpointUri) {
		this.registrationEndpointUri = registrationEndpointUri;
	}

	/**
		if (registrationEndpointUri == null) {
	 * @return the introspectionEndpointUri
	 */
	public String getIntrospectionEndpointUri() {
		return introspectionEndpointUri;
	}

	/**
	 * @param introspectionEndpointUri the introspectionEndpointUri to set
	 */
	public void setIntrospectionEndpointUri(String introspectionEndpointUri) {
		this.introspectionEndpointUri = introspectionEndpointUri;
	}

	/* (non-Javadoc)
	 * @see java.lang.Object#hashCode()
	 */
	@Override
	public int hashCode() {
		final int prime = 31;
		int result = 1;
		result = prime * result + ((authorizationEndpointUri == null) ? 0 : authorizationEndpointUri.hashCode());
		result = prime * result + ((introspectionEndpointUri == null) ? 0 : introspectionEndpointUri.hashCode());
		result = prime * result + ((issuer == null) ? 0 : issuer.hashCode());
		result = prime * result + ((jwksUri == null) ? 0 : jwksUri.hashCode());
		result = prime * result + ((registrationEndpointUri == null) ? 0 : registrationEndpointUri.hashCode());
		result = prime * result + ((tokenEndpointUri == null) ? 0 : tokenEndpointUri.hashCode());
		result = prime * result + ((userInfoUri == null) ? 0 : userInfoUri.hashCode());
		return result;
	}

	/* (non-Javadoc)
	 * @see java.lang.Object#equals(java.lang.Object)
	 */
	@Override
	public boolean equals(Object obj) {
		if (this == obj) {
			return true;
		}
		if (obj == null) {
			return false;
		}
		if (!(obj instanceof ServerConfiguration)) {
			return false;
		}
		ServerConfiguration other = (ServerConfiguration) obj;
		if (authorizationEndpointUri == null) {
			if (other.authorizationEndpointUri != null) {
				return false;
			}
		} else if (!authorizationEndpointUri.equals(other.authorizationEndpointUri)) {
			return false;
		}
		if (introspectionEndpointUri == null) {
			if (other.introspectionEndpointUri != null) {
				return false;
			}
		} else if (!introspectionEndpointUri.equals(other.introspectionEndpointUri)) {
			return false;
		}
		if (issuer == null) {
			if (other.issuer != null) {
				return false;
			}
		} else if (!issuer.equals(other.issuer)) {
			return false;
		}
		if (jwksUri == null) {
			if (other.jwksUri != null) {
				return false;
			}
		} else if (!jwksUri.equals(other.jwksUri)) {
			return false;
		}
			if (other.registrationEndpointUri != null) {
				return false;
			}
		} else if (!registrationEndpointUri.equals(other.registrationEndpointUri)) {
			return false;
		}
		if (tokenEndpointUri == null) {
			if (other.tokenEndpointUri != null) {
				return false;
			}
		} else if (!tokenEndpointUri.equals(other.tokenEndpointUri)) {
			return false;
		}
		if (userInfoUri == null) {
			if (other.userInfoUri != null) {
				return false;
			}
		} else if (!userInfoUri.equals(other.userInfoUri)) {
			return false;
		}
		return true;
	}


}
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
Solution content 
			}
			return false;
		}
		this.userInfoUri = userInfoUri;
	}

	/**
	 * @return the registrationEndpointUri
	 */
	public String getRegistrationEndpointUri() {
		return registrationEndpointUri;
	}

	/**
	 * @param registrationEndpointUri the registrationEndpointUri to set
	 */
	public void setRegistrationEndpointUri(String registrationEndpointUri) {
		this.registrationEndpointUri = registrationEndpointUri;
	}

	/**
	 * @return the introspectionEndpointUri
	 */
	public String getIntrospectionEndpointUri() {
		return introspectionEndpointUri;
	}

	/**
	 * @param introspectionEndpointUri the introspectionEndpointUri to set
	 */
	public void setIntrospectionEndpointUri(String introspectionEndpointUri) {
		this.introspectionEndpointUri = introspectionEndpointUri;
	}

	/* (non-Javadoc)
	 * @see java.lang.Object#hashCode()
	 */
	@Override
	public int hashCode() {
		final int prime = 31;
		int result = 1;
		result = prime * result + ((authorizationEndpointUri == null) ? 0 : authorizationEndpointUri.hashCode());
		result = prime * result + ((introspectionEndpointUri == null) ? 0 : introspectionEndpointUri.hashCode());
		result = prime * result + ((issuer == null) ? 0 : issuer.hashCode());
		result = prime * result + ((jwksUri == null) ? 0 : jwksUri.hashCode());
		result = prime * result + ((registrationEndpointUri == null) ? 0 : registrationEndpointUri.hashCode());
		result = prime * result + ((tokenEndpointUri == null) ? 0 : tokenEndpointUri.hashCode());
		result = prime * result + ((userInfoUri == null) ? 0 : userInfoUri.hashCode());
		return result;
	}

	/* (non-Javadoc)
	 * @see java.lang.Object#equals(java.lang.Object)
	 */
	@Override
	public boolean equals(Object obj) {
		if (this == obj) {
			return true;
		}
		if (obj == null) {
			return false;
		}
		if (!(obj instanceof ServerConfiguration)) {
		ServerConfiguration other = (ServerConfiguration) obj;
		if (authorizationEndpointUri == null) {
			if (other.authorizationEndpointUri != null) {
				return false;
			}
		} else if (!authorizationEndpointUri.equals(other.authorizationEndpointUri)) {
			return false;
		}
		if (introspectionEndpointUri == null) {
			if (other.introspectionEndpointUri != null) {
				return false;
			}
		} else if (!introspectionEndpointUri.equals(other.introspectionEndpointUri)) {
			return false;
		}
		if (issuer == null) {
			if (other.issuer != null) {
				return false;
			}
		} else if (!issuer.equals(other.issuer)) {
			return false;
		}
		if (jwksUri == null) {
			if (other.jwksUri != null) {
				return false;
			}
		} else if (!jwksUri.equals(other.jwksUri)) {
			return false;
		}
		if (registrationEndpointUri == null) {
			if (other.registrationEndpointUri != null) {
				return false;
		} else if (!registrationEndpointUri.equals(other.registrationEndpointUri)) {
			return false;
		}
		if (tokenEndpointUri == null) {
			if (other.tokenEndpointUri != null) {
				return false;
			}
		} else if (!tokenEndpointUri.equals(other.tokenEndpointUri)) {
			return false;
		}
		if (userInfoUri == null) {
			if (other.userInfoUri != null) {
				return false;
			}
		} else if (!userInfoUri.equals(other.userInfoUri)) {
			return false;
		}
		return true;
	}


}
File
ServerConfiguration.java
Developer's decision
Version 2
Kind of conflict
Annotation
Comment
Method declaration
Chunk
Conflicting content 
	// If this AP is a WS, link to the WS
	private WhitelistedSite whitelistedSite;

<<<<<<< HEAD
	//Link to any access tokens approved through this stored decision
	private Set approvedAccessTokens = Sets.newHashSet();
=======
	// TODO: should we store the OAuth2 tokens and IdTokens here?
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

	/**
	 * Empty constructor
Solution content 
	// If this AP is a WS, link to the WS
	private WhitelistedSite whitelistedSite;

	//Link to any access tokens approved through this stored decision
	private Set approvedAccessTokens = Sets.newHashSet();

	/**
	 * Empty constructor
File
ApprovedSite.java
Developer's decision
Version 1
Kind of conflict
Attribute
Comment
Method invocation
Chunk
Conflicting content 
	 */
	@Id
	@GeneratedValue(strategy = GenerationType.IDENTITY)
<<<<<<< HEAD
=======
	@Column(name = "id")
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	public Long getId() {
		return id;
	}
Solution content 
	 */
	@Id
	@GeneratedValue(strategy = GenerationType.IDENTITY)
	@Column(name = "id")
	public Long getId() {
		return id;
	}
File
ApprovedSite.java
Developer's decision
Version 2
Kind of conflict
Annotation
Chunk
Conflicting content 
		}
	}

<<<<<<< HEAD
	@OneToMany(cascade=CascadeType.ALL, fetch=FetchType.EAGER)
	@JoinColumn(name="approved_site_id")
	public Set getApprovedAccessTokens() {
		return approvedAccessTokens;
	}

	/**
	 * @param approvedAccessTokens the approvedAccessTokens to set
	 */
	public void setApprovedAccessTokens(Set approvedAccessTokens) {
		this.approvedAccessTokens = approvedAccessTokens;
	}

=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
}
Solution content 
		}
	}

	@OneToMany(cascade=CascadeType.ALL, fetch=FetchType.EAGER)
	@JoinColumn(name="approved_site_id")
	public Set getApprovedAccessTokens() {
		return approvedAccessTokens;
	}

	/**
	 * @param approvedAccessTokens the approvedAccessTokens to set
	 */
	public void setApprovedAccessTokens(Set approvedAccessTokens) {
		this.approvedAccessTokens = approvedAccessTokens;
	}
}
File
ApprovedSite.java
Developer's decision
Version 1
Kind of conflict
Annotation
Comment
Method declaration
Chunk
Conflicting content 
	 */
	@Id
	@GeneratedValue(strategy = GenerationType.IDENTITY)
<<<<<<< HEAD
=======
	@Column(name = "id")
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	public Long getId() {
		return id;
	}
Solution content 
	 */
	@Id
	@GeneratedValue(strategy = GenerationType.IDENTITY)
	@Column(name = "id")
	public Long getId() {
		return id;
	}
File
BlacklistedSite.java
Developer's decision
Version 2
Kind of conflict
Annotation
Chunk
Conflicting content 
	 */
	@Id
	@GeneratedValue(strategy=GenerationType.IDENTITY)
<<<<<<< HEAD
=======
	@Column(name = "id")
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	public Long getId() {
		return id;
	}
Solution content 
	 */
	@Id
	@GeneratedValue(strategy=GenerationType.IDENTITY)
	@Column(name = "id")
	public Long getId() {
		return id;
	}
File
Event.java
Developer's decision
Version 2
Kind of conflict
Annotation
Chunk
Conflicting content 
	 */
	@Basic
	@Temporal(javax.persistence.TemporalType.TIMESTAMP)
<<<<<<< HEAD
=======
	@Column(name = "timestamp")
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	public Date getTimestamp() {
		return timestamp;
	}
Solution content 
	 */
	@Basic
	@Temporal(javax.persistence.TemporalType.TIMESTAMP)
	@Column(name = "timestamp")
	public Date getTimestamp() {
		return timestamp;
	}
File
Event.java
Developer's decision
Version 2
Kind of conflict
Annotation
Chunk
Conflicting content 
	private static final long serialVersionUID = 22100073066377804L;

<<<<<<< HEAD:openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationToken.java
	private final Object principal;
=======
	private final ImmutableMap principal;
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0:openid-connect-common/src/main/java/org/mitre/openid/connect/model/OIDCAuthenticationToken.java
	private final String idTokenValue; // string representation of the id token
	private final String accessTokenValue; // string representation of the access token
	private final String refreshTokenValue; // string representation of the refresh token
Solution content 
	private static final long serialVersionUID = 22100073066377804L;

	private final ImmutableMap principal;
	private final String idTokenValue; // string representation of the id token
	private final String accessTokenValue; // string representation of the access token
	private final String refreshTokenValue; // string representation of the refresh token
File
OIDCAuthenticationToken.java
Developer's decision
Version 2
Kind of conflict
Attribute
Chunk
Conflicting content 
	 * @param principal
	 * @param idToken
	 */
<<<<<<< HEAD:openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationToken.java
	public OIDCAuthenticationToken(String userId, String issuer,
=======
	public OIDCAuthenticationToken(String subject, String issuer,
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0:openid-connect-common/src/main/java/org/mitre/openid/connect/model/OIDCAuthenticationToken.java
			UserInfo userInfo, Collection authorities,
			String idTokenValue, String accessTokenValue, String refreshTokenValue) {
Solution content 
	 * @param principal
	 * @param idToken
	 */
	public OIDCAuthenticationToken(String subject, String issuer,
			UserInfo userInfo, Collection authorities,
			String idTokenValue, String accessTokenValue, String refreshTokenValue) {
File
OIDCAuthenticationToken.java
Developer's decision
Version 2
Kind of conflict
Method signature
Chunk
Conflicting content 
	 * @param sub
	 * @param idToken
	 */
<<<<<<< HEAD:openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationToken.java
	public OIDCAuthenticationToken(String userId, String issuer,
=======
	public OIDCAuthenticationToken(String subject, String issuer,
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0:openid-connect-common/src/main/java/org/mitre/openid/connect/model/OIDCAuthenticationToken.java
			ServerConfiguration serverConfiguration,
			String idTokenValue, String accessTokenValue, String refreshTokenValue) {
Solution content 
	 * @param sub
	 * @param idToken
	 */
	public OIDCAuthenticationToken(String subject, String issuer,
			ServerConfiguration serverConfiguration,
			String idTokenValue, String accessTokenValue, String refreshTokenValue) {
File
OIDCAuthenticationToken.java
Developer's decision
Version 2
Kind of conflict
Method signature
Chunk
Conflicting content 
	}


<<<<<<< HEAD:openid-connect-client/src/main/java/org/mitre/openid/connect/client/OIDCAuthenticationToken.java
}
=======
}
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0:openid-connect-common/src/main/java/org/mitre/openid/connect/model/OIDCAuthenticationToken.java
Solution content 
	}


}
File
OIDCAuthenticationToken.java
Developer's decision
Version 1
Kind of conflict
Other
Chunk
Conflicting content 
	 */
	@Id
	@GeneratedValue(strategy = GenerationType.IDENTITY)
<<<<<<< HEAD
=======
	@Column(name = "id")
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	public Long getId() {
		return id;
	}
Solution content 
	 */
	@Id
	@GeneratedValue(strategy = GenerationType.IDENTITY)
	@Column(name = "id")
	public Long getId() {
		return id;
	}
File
WhitelistedSite.java
Developer's decision
Version 2
Kind of conflict
Annotation
Chunk
Conflicting content 
public class JpaUtil {
	public static  T getSingleResult(List list) {
		switch(list.size()) {
<<<<<<< HEAD
		case 0:
			return null;
		case 1:
			return list.get(0);
		default:
			throw new IncorrectResultSizeDataAccessException(1);
=======
			case 0:
				return null;
			case 1:
				return list.get(0);
			default:
				throw new IncorrectResultSizeDataAccessException(1);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		}
	}
Solution content 
				return list.get(0);
			default:
public class JpaUtil {
	public static  T getSingleResult(List list) {
		switch(list.size()) {
			case 0:
				return null;
			case 1:
				throw new IncorrectResultSizeDataAccessException(1);
		}
	}
File
JpaUtil.java
Developer's decision
Version 1
Kind of conflict
Case statement
Method invocation
Return statement
Throw statement
Chunk
Conflicting content 
	 */
	@Override
	@Transactional
<<<<<<< HEAD
	public OAuth2Authentication consume(String code) throws InvalidGrantException {
=======
	public AuthorizationRequestHolder consume(String code) throws InvalidGrantException {
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

		TypedQuery query = manager.createNamedQuery("AuthorizationCodeEntity.getByValue", AuthorizationCodeEntity.class);
		query.setParameter("code", code);
Solution content 
	 */
	@Override
	@Transactional
	public OAuth2Authentication consume(String code) throws InvalidGrantException {

		TypedQuery query = manager.createNamedQuery("AuthorizationCodeEntity.getByValue", AuthorizationCodeEntity.class);
		query.setParameter("code", code);
File
JpaAuthorizationCodeRepository.java
Developer's decision
Version 1
Kind of conflict
Method signature
Chunk
Conflicting content 
			throw new InvalidGrantException("JpaAuthorizationCodeRepository: no authorization code found for value " + code);
		}

<<<<<<< HEAD
		OAuth2Authentication authRequest = result.getAuthentication();
=======
		AuthorizationRequestHolder authRequest = result.getAuthorizationRequestHolder();
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

		manager.remove(result);
Solution content 
			throw new InvalidGrantException("JpaAuthorizationCodeRepository: no authorization code found for value " + code);
		}

		OAuth2Authentication authRequest = result.getAuthentication();

		manager.remove(result);
File
JpaAuthorizationCodeRepository.java
Developer's decision
Version 1
Kind of conflict
Method invocation
Variable
Chunk
Conflicting content 
	 * @throws 			InvalidGrantException, if an AuthorizationCodeEntity is not found with the given value
	 */
	@Override
<<<<<<< HEAD
	public OAuth2Authentication consumeAuthorizationCode(String code) throws InvalidGrantException {

		OAuth2Authentication auth = repository.consume(code);
=======
	public AuthorizationRequestHolder consumeAuthorizationCode(String code) throws InvalidGrantException {

		AuthorizationRequestHolder auth = repository.consume(code);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		return auth;
	}
Solution content 
	 * @throws 			InvalidGrantException, if an AuthorizationCodeEntity is not found with the given value
	 */
	@Override
	public OAuth2Authentication consumeAuthorizationCode(String code) throws InvalidGrantException {

		OAuth2Authentication auth = repository.consume(code);
		return auth;
	}
File
DefaultOAuth2AuthorizationCodeService.java
Developer's decision
Version 1
Kind of conflict
Method invocation
Method signature
Variable
Chunk
Conflicting content 
	@Autowired
	private BlacklistedSiteService blacklistedSiteService;

<<<<<<< HEAD
	public DefaultOAuth2ClientDetailsEntityService() {

	}

	public DefaultOAuth2ClientDetailsEntityService(OAuth2ClientRepository clientRepository,
			OAuth2TokenRepository tokenRepository) {
		this.clientRepository = clientRepository;
		this.tokenRepository = tokenRepository;
	}
=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

	@Override
	public ClientDetailsEntity saveNewClient(ClientDetailsEntity client) {
Solution content 
	@Autowired
	private BlacklistedSiteService blacklistedSiteService;

	@Override
	public ClientDetailsEntity saveNewClient(ClientDetailsEntity client) {
File
DefaultOAuth2ClientDetailsEntityService.java
Developer's decision
Version 2
Kind of conflict
Method declaration
Chunk
Conflicting content 
import org.mitre.oauth2.repository.OAuth2TokenRepository;
import org.mitre.oauth2.service.ClientDetailsEntityService;
import org.mitre.oauth2.service.OAuth2TokenEntityService;
<<<<<<< HEAD
import org.mitre.openid.connect.model.ApprovedSite;
import org.mitre.openid.connect.service.ApprovedSiteService;
=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
Solution content 
import org.mitre.oauth2.repository.OAuth2TokenRepository;
import org.mitre.oauth2.service.ClientDetailsEntityService;
import org.mitre.oauth2.service.OAuth2TokenEntityService;
import org.mitre.openid.connect.model.ApprovedSite;
import org.mitre.openid.connect.service.ApprovedSiteService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
File
DefaultOAuth2ProviderTokenService.java
Developer's decision
Version 1
Kind of conflict
Import
Chunk
Conflicting content 
	@Autowired
	private TokenEnhancer tokenEnhancer;

<<<<<<< HEAD
	@Autowired
	private ApprovedSiteService approvedSiteService;

	@Override
	public OAuth2AccessTokenEntity createAccessToken(OAuth2Authentication authentication) throws AuthenticationException, InvalidClientException {
		if (authentication != null && authentication.getOAuth2Request() != null) {
			// look up our client
			OAuth2Request clientAuth = authentication.getOAuth2Request();
=======
	@Override
	public Set getAllAccessTokensForUser(String id) {

		Set all = tokenRepository.getAllAccessTokens();
		Set results = Sets.newLinkedHashSet();

		for (OAuth2AccessTokenEntity token : all) {
			if (token.getAuthenticationHolder().getAuthentication().getName().equals(id)) {
				results.add(token);
			}
		}

		return results;
	}


	@Override
	public Set getAllRefreshTokensForUser(String id) {
		Set all = tokenRepository.getAllRefreshTokens();
		Set results = Sets.newLinkedHashSet();

		for (OAuth2RefreshTokenEntity token : all) {
			if (token.getAuthenticationHolder().getAuthentication().getName().equals(id)) {
				results.add(token);
			}
		}

		return results;
	}

	@Override
	public OAuth2AccessTokenEntity getAccessTokenById(Long id) {
		return tokenRepository.getAccessTokenById(id);
	}

	@Override
	public OAuth2RefreshTokenEntity getRefreshTokenById(Long id) {
		return tokenRepository.getRefreshTokenById(id);
	}

	@Override
	public OAuth2AccessTokenEntity createAccessToken(OAuth2Authentication authentication) throws AuthenticationException, InvalidClientException {
		if (authentication != null && authentication.getAuthorizationRequest() != null) {
			// look up our client
			AuthorizationRequest clientAuth = authentication.getAuthorizationRequest();
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

			ClientDetailsEntity client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());
Solution content 
			}
	@Autowired
	private TokenEnhancer tokenEnhancer;
	
	@Override
	public Set getAllAccessTokensForUser(String id) {

		Set all = tokenRepository.getAllAccessTokens();
		Set results = Sets.newLinkedHashSet();

		for (OAuth2AccessTokenEntity token : all) {
			if (token.getAuthenticationHolder().getAuthentication().getName().equals(id)) {
				results.add(token);
			}
		}

		return results;
	}


	@Override
	public Set getAllRefreshTokensForUser(String id) {
		Set all = tokenRepository.getAllRefreshTokens();
		Set results = Sets.newLinkedHashSet();

		for (OAuth2RefreshTokenEntity token : all) {
			if (token.getAuthenticationHolder().getAuthentication().getName().equals(id)) {
				results.add(token);
		}

		return results;
	}

	@Override
	public OAuth2AccessTokenEntity getAccessTokenById(Long id) {
		return tokenRepository.getAccessTokenById(id);
	}

	@Override
	public OAuth2RefreshTokenEntity getRefreshTokenById(Long id) {
		return tokenRepository.getRefreshTokenById(id);
	}

	@Autowired
	private ApprovedSiteService approvedSiteService;
	

	@Override
	public OAuth2AccessTokenEntity createAccessToken(OAuth2Authentication authentication) throws AuthenticationException, InvalidClientException {
		if (authentication != null && authentication.getOAuth2Request() != null) {
			// look up our client
			OAuth2Request clientAuth = authentication.getOAuth2Request();

			ClientDetailsEntity client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());
File
DefaultOAuth2ProviderTokenService.java
Developer's decision
Combination
Kind of conflict
Annotation
Attribute
Comment
If statement
Method declaration
Method invocation
Method signature
Variable
Chunk
Conflicting content 
			tokenRepository.saveAccessToken(token);

<<<<<<< HEAD
			//Add approved site reference, if any
			OAuth2Request originalAuthRequest = authHolder.getAuthentication().getOAuth2Request();

			if (originalAuthRequest.getExtensions() != null && originalAuthRequest.getExtensions().containsKey("approved_site")) {

				Long apId = (Long) originalAuthRequest.getExtensions().get("approved_site");
				ApprovedSite ap = approvedSiteService.getById(apId);
				Set apTokens = ap.getApprovedAccessTokens();
				apTokens.add(token);
				ap.setApprovedAccessTokens(apTokens);
				approvedSiteService.save(ap);

			}

=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			if (token.getRefreshToken() != null) {
				tokenRepository.saveRefreshToken(token.getRefreshToken()); // make sure we save any changes that might have been enhanced
			}
Solution content 
			tokenRepository.saveAccessToken(token);

			//Add approved site reference, if any
			OAuth2Request originalAuthRequest = authHolder.getAuthentication().getOAuth2Request();

			if (originalAuthRequest.getExtensions() != null && originalAuthRequest.getExtensions().containsKey("approved_site")) {

				Long apId = (Long) originalAuthRequest.getExtensions().get("approved_site");
				ApprovedSite ap = approvedSiteService.getById(apId);
				Set apTokens = ap.getApprovedAccessTokens();
				apTokens.add(token);
				ap.setApprovedAccessTokens(apTokens);
				approvedSiteService.save(ap);

			}

			if (token.getRefreshToken() != null) {
				tokenRepository.saveRefreshToken(token.getRefreshToken()); // make sure we save any changes that might have been enhanced
			}
File
DefaultOAuth2ProviderTokenService.java
Developer's decision
Version 1
Kind of conflict
Comment
If statement
Method invocation
Variable
Chunk
Conflicting content 
	}

	@Override
<<<<<<< HEAD
	public OAuth2AccessTokenEntity refreshAccessToken(String refreshTokenValue, TokenRequest authRequest) throws AuthenticationException {
=======
	public OAuth2AccessTokenEntity refreshAccessToken(String refreshTokenValue, AuthorizationRequest authRequest) throws AuthenticationException {
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

		OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenByValue(refreshTokenValue);
Solution content 
	}

	@Override
	public OAuth2AccessTokenEntity refreshAccessToken(String refreshTokenValue, TokenRequest authRequest) throws AuthenticationException {

		OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenByValue(refreshTokenValue);
File
DefaultOAuth2ProviderTokenService.java
Developer's decision
Version 1
Kind of conflict
Method signature
Chunk
Conflicting content 
		OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();

		// get the stored scopes from the authentication holder's authorization request; these are the scopes associated with the refresh token
<<<<<<< HEAD
		Set refreshScopes = new HashSet(refreshToken.getAuthenticationHolder().getAuthentication().getOAuth2Request().getScope());

		Set scope = new HashSet(authRequest.getScope());
=======
		Set refreshScopes = new HashSet(refreshToken.getAuthenticationHolder().getAuthentication().getAuthorizationRequest().getScope());

		Set scope = authRequest.getScope() == null ? new HashSet() : new HashSet(authRequest.getScope());
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		if (scope != null && !scope.isEmpty()) {
			// ensure a proper subset of scopes
			if (refreshScopes != null && refreshScopes.containsAll(scope)) {
Solution content 
		OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();

		// get the stored scopes from the authentication holder's authorization request; these are the scopes associated with the refresh token
		Set refreshScopes = new HashSet(refreshToken.getAuthenticationHolder().getAuthentication().getOAuth2Request().getScope());

		Set scope = authRequest.getScope() == null ? new HashSet() : new HashSet(authRequest.getScope());
		if (scope != null && !scope.isEmpty()) {
			// ensure a proper subset of scopes
			if (refreshScopes != null && refreshScopes.containsAll(scope)) {
File
DefaultOAuth2ProviderTokenService.java
Developer's decision
Combination
Kind of conflict
Method invocation
Variable
Chunk
Conflicting content 
	public void revokeAccessToken(OAuth2AccessTokenEntity accessToken) {
		tokenRepository.removeAccessToken(accessToken);
	}
<<<<<<< HEAD


	/* (non-Javadoc)
	 * @see org.mitre.oauth2.service.OAuth2TokenEntityService#getAccessTokensForClient(org.mitre.oauth2.model.ClientDetailsEntity)
	 */
	@Override
	public List getAccessTokensForClient(ClientDetailsEntity client) {
		return tokenRepository.getAccessTokensForClient(client);
	}

	/* (non-Javadoc)
	 * @see org.mitre.oauth2.service.OAuth2TokenEntityService#getRefreshTokensForClient(org.mitre.oauth2.model.ClientDetailsEntity)
	 */
	@Override
	public List getRefreshTokensForClient(ClientDetailsEntity client) {
		return tokenRepository.getRefreshTokensForClient(client);
	}

	@Override
	@Scheduled(fixedRate = 5 * 60 * 1000) // schedule this task every five minutes
	public void clearExpiredTokens() {
		logger.info("Cleaning out all expired tokens");

		List accessTokens = tokenRepository.getExpiredAccessTokens();
		logger.info("Found " + accessTokens.size() + " expired access tokens");
		for (OAuth2AccessTokenEntity oAuth2AccessTokenEntity : accessTokens) {
			revokeAccessToken(oAuth2AccessTokenEntity);
		}

		List refreshTokens = tokenRepository.getExpiredRefreshTokens();
		logger.info("Found " + refreshTokens.size() + " expired refresh tokens");
		for (OAuth2RefreshTokenEntity oAuth2RefreshTokenEntity : refreshTokens) {
			revokeRefreshToken(oAuth2RefreshTokenEntity);
		}
	}

	/**
	 * Get a builder object for this class (for tests)
	 * @return
=======


	/* (non-Javadoc)
	 * @see org.mitre.oauth2.service.OAuth2TokenEntityService#getAccessTokensForClient(org.mitre.oauth2.model.ClientDetailsEntity)
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	 */
	@Override
	public List getAccessTokensForClient(ClientDetailsEntity client) {
Solution content 
	public void revokeAccessToken(OAuth2AccessTokenEntity accessToken) {
		tokenRepository.removeAccessToken(accessToken);
	}


	/* (non-Javadoc)
	 * @see org.mitre.oauth2.service.OAuth2TokenEntityService#getAccessTokensForClient(org.mitre.oauth2.model.ClientDetailsEntity)
	 */
	@Override
	public List getAccessTokensForClient(ClientDetailsEntity client) {
		return tokenRepository.getAccessTokensForClient(client);
	}

	/* (non-Javadoc)
	 * @see org.mitre.oauth2.service.OAuth2TokenEntityService#getRefreshTokensForClient(org.mitre.oauth2.model.ClientDetailsEntity)
	 */
	@Override
	public List getRefreshTokensForClient(ClientDetailsEntity client) {
		return tokenRepository.getRefreshTokensForClient(client);
	}

	@Override
	public void clearExpiredTokens() {
		logger.info("Cleaning out all expired tokens");

		List accessTokens = tokenRepository.getExpiredAccessTokens();
		logger.info("Found " + accessTokens.size() + " expired access tokens");
		for (OAuth2AccessTokenEntity oAuth2AccessTokenEntity : accessTokens) {
			revokeAccessToken(oAuth2AccessTokenEntity);
		}

		List refreshTokens = tokenRepository.getExpiredRefreshTokens();
		logger.info("Found " + refreshTokens.size() + " expired refresh tokens");
		for (OAuth2RefreshTokenEntity oAuth2RefreshTokenEntity : refreshTokens) {
			revokeRefreshToken(oAuth2RefreshTokenEntity);
		}
	}

	/* (non-Javadoc)
	 * @see org.mitre.oauth2.service.OAuth2TokenEntityService#saveAccessToken(org.mitre.oauth2.model.OAuth2AccessTokenEntity)
	 */
	@Override
	public OAuth2AccessTokenEntity saveAccessToken(OAuth2AccessTokenEntity accessToken) {
		return tokenRepository.saveAccessToken(accessToken);
	}

	/* (non-Javadoc)
	 * @see org.mitre.oauth2.service.OAuth2TokenEntityService#saveRefreshToken(org.mitre.oauth2.model.OAuth2RefreshTokenEntity)
	 */
	@Override
	public OAuth2RefreshTokenEntity saveRefreshToken(OAuth2RefreshTokenEntity refreshToken) {
		return tokenRepository.saveRefreshToken(refreshToken);
	}

	/**
	 * @return the tokenEnhancer
	 */
	public TokenEnhancer getTokenEnhancer() {
		return tokenEnhancer;
	}

	/**
	 * @param tokenEnhancer the tokenEnhancer to set
	 */
	public void setTokenEnhancer(TokenEnhancer tokenEnhancer) {
		this.tokenEnhancer = tokenEnhancer;
	}

	/* (non-Javadoc)
	 * @see org.mitre.oauth2.service.OAuth2TokenEntityService#getAccessTokenForIdToken(org.mitre.oauth2.model.OAuth2AccessTokenEntity)
	 */
	@Override
	public OAuth2AccessTokenEntity getAccessTokenForIdToken(OAuth2AccessTokenEntity idToken) {
		return tokenRepository.getAccessTokenForIdToken(idToken);
	}

}
File
DefaultOAuth2ProviderTokenService.java
Developer's decision
Manual
Kind of conflict
Annotation
Comment
Method declaration
Chunk
Conflicting content 
		return tokenRepository.getAccessTokensForClient(client);
	}

<<<<<<< HEAD
	/**
	 * Builder class for test harnesses.
	 */
	public static class DefaultOAuth2ProviderTokenServicesBuilder {
		private DefaultOAuth2ProviderTokenService instance;

		private DefaultOAuth2ProviderTokenServicesBuilder() {
			instance = new DefaultOAuth2ProviderTokenService();
		}

		public DefaultOAuth2ProviderTokenServicesBuilder setTokenRepository(OAuth2TokenRepository tokenRepository) {
			instance.tokenRepository = tokenRepository;
			return this;
		}

		public DefaultOAuth2ProviderTokenServicesBuilder setClientDetailsService(ClientDetailsEntityService clientDetailsService) {
			instance.clientDetailsService = clientDetailsService;
			return this;
		}

		public DefaultOAuth2ProviderTokenServicesBuilder setTokenEnhancer(TokenEnhancer tokenEnhancer) {
			instance.tokenEnhancer = tokenEnhancer;
			return this;
		}

		public OAuth2TokenEntityService finish() {
			return instance;
=======
	/* (non-Javadoc)
	 * @see org.mitre.oauth2.service.OAuth2TokenEntityService#getRefreshTokensForClient(org.mitre.oauth2.model.ClientDetailsEntity)
	 */
	@Override
	public List getRefreshTokensForClient(ClientDetailsEntity client) {
		return tokenRepository.getRefreshTokensForClient(client);
	}

	@Override
	public void clearExpiredTokens() {
		logger.info("Cleaning out all expired tokens");

		List accessTokens = tokenRepository.getExpiredAccessTokens();
		logger.info("Found " + accessTokens.size() + " expired access tokens");
		for (OAuth2AccessTokenEntity oAuth2AccessTokenEntity : accessTokens) {
			revokeAccessToken(oAuth2AccessTokenEntity);
		}

		List refreshTokens = tokenRepository.getExpiredRefreshTokens();
		logger.info("Found " + refreshTokens.size() + " expired refresh tokens");
		for (OAuth2RefreshTokenEntity oAuth2RefreshTokenEntity : refreshTokens) {
			revokeRefreshToken(oAuth2RefreshTokenEntity);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		}
	}
Solution content 
/*******************************************************************************
 * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
 * 
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 * 
 *   http://www.apache.org/licenses/LICENSE-2.0
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 ******************************************************************************/
/**
 * 
 */
package org.mitre.oauth2.service.impl;

import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.UUID;

import org.mitre.oauth2.model.AuthenticationHolderEntity;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
import org.mitre.oauth2.model.OAuth2RefreshTokenEntity;
import org.mitre.oauth2.repository.AuthenticationHolderRepository;
import org.mitre.oauth2.repository.OAuth2TokenRepository;
import org.mitre.oauth2.service.ClientDetailsEntityService;
import org.mitre.oauth2.service.OAuth2TokenEntityService;
import org.mitre.openid.connect.model.ApprovedSite;
import org.mitre.openid.connect.service.ApprovedSiteService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.common.exceptions.InvalidClientException;
import org.springframework.security.oauth2.common.exceptions.InvalidScopeException;
import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.security.oauth2.provider.TokenRequest;
import org.springframework.security.oauth2.provider.token.TokenEnhancer;
import org.springframework.stereotype.Service;

import com.google.common.collect.Sets;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.PlainJWT;


/**
 * @author jricher
 * 
 */
@Service
public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityService {

	private static Logger logger = LoggerFactory.getLogger(DefaultOAuth2ProviderTokenService.class);

	@Autowired
	private OAuth2TokenRepository tokenRepository;

	@Autowired
	private AuthenticationHolderRepository authenticationHolderRepository;

	@Autowired
	private ClientDetailsEntityService clientDetailsService;

	@Autowired
	private TokenEnhancer tokenEnhancer;
	
	@Override
	public Set getAllAccessTokensForUser(String id) {

		Set all = tokenRepository.getAllAccessTokens();
		Set results = Sets.newLinkedHashSet();

		for (OAuth2AccessTokenEntity token : all) {
			if (token.getAuthenticationHolder().getAuthentication().getName().equals(id)) {
				results.add(token);
			}
		}

		return results;
	}


	@Override
	public Set getAllRefreshTokensForUser(String id) {
		Set all = tokenRepository.getAllRefreshTokens();
		Set results = Sets.newLinkedHashSet();

		for (OAuth2RefreshTokenEntity token : all) {
			if (token.getAuthenticationHolder().getAuthentication().getName().equals(id)) {
				results.add(token);
			}
		}

		return results;
	}

	@Override
	public OAuth2AccessTokenEntity getAccessTokenById(Long id) {
		return tokenRepository.getAccessTokenById(id);
	}

	@Override
	public OAuth2RefreshTokenEntity getRefreshTokenById(Long id) {
		return tokenRepository.getRefreshTokenById(id);
	}

	@Autowired
	private ApprovedSiteService approvedSiteService;
	

	@Override
	public OAuth2AccessTokenEntity createAccessToken(OAuth2Authentication authentication) throws AuthenticationException, InvalidClientException {
		if (authentication != null && authentication.getOAuth2Request() != null) {
			// look up our client
			OAuth2Request clientAuth = authentication.getOAuth2Request();

			ClientDetailsEntity client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());

			if (client == null) {
				throw new InvalidClientException("Client not found: " + clientAuth.getClientId());
			}

			OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();//accessTokenFactory.createNewAccessToken();

			// attach the client
			token.setClient(client);

			// inherit the scope from the auth, but make a new set so it is
			//not unmodifiable. Unmodifiables don't play nicely with Eclipselink, which
			//wants to use the clone operation.
			Set scopes = Sets.newHashSet(clientAuth.getScope());
			token.setScope(scopes);

			// make it expire if necessary
			if (client.getAccessTokenValiditySeconds() != null && client.getAccessTokenValiditySeconds() > 0) {
				Date expiration = new Date(System.currentTimeMillis() + (client.getAccessTokenValiditySeconds() * 1000L));
				token.setExpiration(expiration);
			}

			// attach the authorization so that we can look it up later
			AuthenticationHolderEntity authHolder = new AuthenticationHolderEntity();
			authHolder.setAuthentication(authentication);
			authHolder = authenticationHolderRepository.save(authHolder);

			token.setAuthenticationHolder(authHolder);

			// attach a refresh token, if this client is allowed to request them and the user gets the offline scope
			// TODO: tie this to some kind of scope service
			if (client.isAllowRefresh() && scopes.contains("offline_access")) {
				OAuth2RefreshTokenEntity refreshToken = new OAuth2RefreshTokenEntity(); //refreshTokenFactory.createNewRefreshToken();
				JWTClaimsSet refreshClaims = new JWTClaimsSet();


				// make it expire if necessary
				if (client.getRefreshTokenValiditySeconds() != null) {
					Date expiration = new Date(System.currentTimeMillis() + (client.getRefreshTokenValiditySeconds() * 1000L));
					refreshToken.setExpiration(expiration);
					refreshClaims.setExpirationTime(expiration);
				}

				// set a random identifier
				refreshClaims.setJWTID(UUID.randomUUID().toString());

				// TODO: add issuer fields, signature to JWT

				PlainJWT refreshJwt = new PlainJWT(refreshClaims);
				refreshToken.setJwt(refreshJwt);

				//Add the authentication
				refreshToken.setAuthenticationHolder(authHolder);
				refreshToken.setClient(client);



				// save the token first so that we can set it to a member of the access token (NOTE: is this step necessary?)
				tokenRepository.saveRefreshToken(refreshToken);

				token.setRefreshToken(refreshToken);
			}

			tokenEnhancer.enhance(token, authentication);

			tokenRepository.saveAccessToken(token);

			//Add approved site reference, if any
			OAuth2Request originalAuthRequest = authHolder.getAuthentication().getOAuth2Request();

			if (originalAuthRequest.getExtensions() != null && originalAuthRequest.getExtensions().containsKey("approved_site")) {

				Long apId = (Long) originalAuthRequest.getExtensions().get("approved_site");
				ApprovedSite ap = approvedSiteService.getById(apId);
				Set apTokens = ap.getApprovedAccessTokens();
				apTokens.add(token);
				ap.setApprovedAccessTokens(apTokens);
				approvedSiteService.save(ap);

			}

			if (token.getRefreshToken() != null) {
				tokenRepository.saveRefreshToken(token.getRefreshToken()); // make sure we save any changes that might have been enhanced
			}

			return token;
		}

		throw new AuthenticationCredentialsNotFoundException("No authentication credentials found");
	}

	@Override
	public OAuth2AccessTokenEntity refreshAccessToken(String refreshTokenValue, TokenRequest authRequest) throws AuthenticationException {

		OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenByValue(refreshTokenValue);

		if (refreshToken == null) {
			throw new InvalidTokenException("Invalid refresh token: " + refreshTokenValue);
		}

		ClientDetailsEntity client = refreshToken.getClient();

		AuthenticationHolderEntity authHolder = refreshToken.getAuthenticationHolder();

		//Make sure this client allows access token refreshing
		if (!client.isAllowRefresh()) {
			throw new InvalidClientException("Client does not allow refreshing access token!");
		}

		// clear out any access tokens
		// TODO: make this a configurable option
		tokenRepository.clearAccessTokensForRefreshToken(refreshToken);

		if (refreshToken.isExpired()) {
			tokenRepository.removeRefreshToken(refreshToken);
			throw new InvalidTokenException("Expired refresh token: " + refreshTokenValue);
		}

		// TODO: have the option to recycle the refresh token here, too
		// for now, we just reuse it as long as it's valid, which is the original intent

		OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();

		// get the stored scopes from the authentication holder's authorization request; these are the scopes associated with the refresh token
		Set refreshScopes = new HashSet(refreshToken.getAuthenticationHolder().getAuthentication().getOAuth2Request().getScope());

		Set scope = authRequest.getScope() == null ? new HashSet() : new HashSet(authRequest.getScope());
		if (scope != null && !scope.isEmpty()) {
			// ensure a proper subset of scopes
			if (refreshScopes != null && refreshScopes.containsAll(scope)) {
				// set the scope of the new access token if requested
				token.setScope(scope);
			} else {
				String errorMsg = "Up-scoping is not allowed.";
				logger.error(errorMsg);
				throw new InvalidScopeException(errorMsg);
			}
		} else {
			// otherwise inherit the scope of the refresh token (if it's there -- this can return a null scope set)
			token.setScope(refreshScopes);
		}

		token.setClient(client);

		if (client.getAccessTokenValiditySeconds() != null) {
			Date expiration = new Date(System.currentTimeMillis() + (client.getAccessTokenValiditySeconds() * 1000L));
			token.setExpiration(expiration);
		}

		token.setRefreshToken(refreshToken);

		token.setAuthenticationHolder(authHolder);

		tokenEnhancer.enhance(token, authHolder.getAuthentication());

		tokenRepository.saveAccessToken(token);

		return token;

	}

	@Override
	public OAuth2Authentication loadAuthentication(String accessTokenValue) throws AuthenticationException {

		OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenByValue(accessTokenValue);

		if (accessToken == null) {
			throw new InvalidTokenException("Invalid access token: " + accessTokenValue);
		}

		if (accessToken.isExpired()) {
			//tokenRepository.removeAccessToken(accessToken);
			revokeAccessToken(accessToken);
			throw new InvalidTokenException("Expired access token: " + accessTokenValue);
		}

		return accessToken.getAuthenticationHolder().getAuthentication();
	}


	/**
	 * Get an access token from its token value.
	 */
	@Override
	public OAuth2AccessTokenEntity readAccessToken(String accessTokenValue) throws AuthenticationException {
		OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenByValue(accessTokenValue);
		if (accessToken == null) {
			throw new InvalidTokenException("Access token for value " + accessTokenValue + " was not found");
		}
		else {
			return accessToken;
		}
	}

	/**
	 * Get an access token by its authentication object.
	 */
	@Override
	public OAuth2AccessTokenEntity getAccessToken(OAuth2Authentication authentication) {

		OAuth2AccessTokenEntity accessToken = tokenRepository.getByAuthentication(authentication);

		return accessToken;
	}

	/**
	 * Get a refresh token by its token value.
	 */
	@Override
	public OAuth2RefreshTokenEntity getRefreshToken(String refreshTokenValue) throws AuthenticationException {
		OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenByValue(refreshTokenValue);
		if (refreshToken == null) {
			throw new InvalidTokenException("Refresh token for value " + refreshTokenValue + " was not found");
		}
		else {
			return refreshToken;
		}
	}

	/**
	 * Revoke a refresh token and all access tokens issued to it.
	 */
	@Override
	public void revokeRefreshToken(OAuth2RefreshTokenEntity refreshToken) {
		tokenRepository.clearAccessTokensForRefreshToken(refreshToken);
		tokenRepository.removeRefreshToken(refreshToken);
	}

	/**
	 * Revoke an access token.
	 */
	@Override
	public void revokeAccessToken(OAuth2AccessTokenEntity accessToken) {
		tokenRepository.removeAccessToken(accessToken);
	}


	/* (non-Javadoc)
	 * @see org.mitre.oauth2.service.OAuth2TokenEntityService#getAccessTokensForClient(org.mitre.oauth2.model.ClientDetailsEntity)
	 */
	@Override
	public List getAccessTokensForClient(ClientDetailsEntity client) {
		return tokenRepository.getAccessTokensForClient(client);
	}

	/* (non-Javadoc)
	 * @see org.mitre.oauth2.service.OAuth2TokenEntityService#getRefreshTokensForClient(org.mitre.oauth2.model.ClientDetailsEntity)
	 */
	@Override
	public List getRefreshTokensForClient(ClientDetailsEntity client) {
		return tokenRepository.getRefreshTokensForClient(client);
	}

	@Override
	public void clearExpiredTokens() {
		logger.info("Cleaning out all expired tokens");

		List accessTokens = tokenRepository.getExpiredAccessTokens();
		logger.info("Found " + accessTokens.size() + " expired access tokens");
		for (OAuth2AccessTokenEntity oAuth2AccessTokenEntity : accessTokens) {
			revokeAccessToken(oAuth2AccessTokenEntity);
		}

		List refreshTokens = tokenRepository.getExpiredRefreshTokens();
		logger.info("Found " + refreshTokens.size() + " expired refresh tokens");
		for (OAuth2RefreshTokenEntity oAuth2RefreshTokenEntity : refreshTokens) {
			revokeRefreshToken(oAuth2RefreshTokenEntity);
		}
	}

	/* (non-Javadoc)
	 * @see org.mitre.oauth2.service.OAuth2TokenEntityService#saveAccessToken(org.mitre.oauth2.model.OAuth2AccessTokenEntity)
	 */
	@Override
	public OAuth2AccessTokenEntity saveAccessToken(OAuth2AccessTokenEntity accessToken) {
		return tokenRepository.saveAccessToken(accessToken);
	}

	/* (non-Javadoc)
	 * @see org.mitre.oauth2.service.OAuth2TokenEntityService#saveRefreshToken(org.mitre.oauth2.model.OAuth2RefreshTokenEntity)
	 */
	@Override
	public OAuth2RefreshTokenEntity saveRefreshToken(OAuth2RefreshTokenEntity refreshToken) {
		return tokenRepository.saveRefreshToken(refreshToken);
	}

	/**
	 * @return the tokenEnhancer
	 */
	public TokenEnhancer getTokenEnhancer() {
		return tokenEnhancer;
	}

	/**
	 * @param tokenEnhancer the tokenEnhancer to set
	 */
	public void setTokenEnhancer(TokenEnhancer tokenEnhancer) {
		this.tokenEnhancer = tokenEnhancer;
	}

	/* (non-Javadoc)
	 * @see org.mitre.oauth2.service.OAuth2TokenEntityService#getAccessTokenForIdToken(org.mitre.oauth2.model.OAuth2AccessTokenEntity)
	 */
	@Override
	public OAuth2AccessTokenEntity getAccessTokenForIdToken(OAuth2AccessTokenEntity idToken) {
		return tokenRepository.getAccessTokenForIdToken(idToken);
	}

}
File
DefaultOAuth2ProviderTokenService.java
Developer's decision
Manual
Kind of conflict
Annotation
Attribute
Class signature
Comment
For statement
Method declaration
Method invocation
Method signature
Return statement
Variable
Chunk
Conflicting content 
		return tokenRepository.getAccessTokenForIdToken(idToken);
	}

<<<<<<< HEAD
	@Override
	public OAuth2AccessTokenEntity getAccessTokenById(Long id) {
		return tokenRepository.getAccessTokenById(id);
	}

=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
}
Solution content 
		return tokenRepository.getAccessTokenForIdToken(idToken);
	}

}
File
DefaultOAuth2ProviderTokenService.java
Developer's decision
Version 2
Kind of conflict
Annotation
Method declaration
Chunk
Conflicting content 
	private Predicate isDefault = new Predicate() {
		@Override
<<<<<<< HEAD
		public boolean apply(@Nullable SystemScope input) {
=======
		public boolean apply(SystemScope input) {
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			return (input != null && input.isDefaultScope());
		}
	};
Solution content 
	private Predicate isDefault = new Predicate() {
		@Override
		public boolean apply(SystemScope input) {
			return (input != null && input.isDefaultScope());
		}
	};
File
DefaultSystemScopeService.java
Developer's decision
Version 2
Kind of conflict
Method signature
Chunk
Conflicting content 
	private Predicate isDynReg = new Predicate() {
		@Override
<<<<<<< HEAD
		public boolean apply(@Nullable SystemScope input) {
=======
		public boolean apply(SystemScope input) {
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			return (input != null && input.isAllowDynReg());
		}
	};
Solution content 
	private Predicate isDynReg = new Predicate() {
		@Override
		public boolean apply(SystemScope input) {
			return (input != null && input.isAllowDynReg());
		}
	};
File
DefaultSystemScopeService.java
Developer's decision
Version 2
Kind of conflict
Method signature
Chunk
Conflicting content 
	private Function stringToSystemScope = new Function() {
		@Override
<<<<<<< HEAD
		public SystemScope apply(@Nullable String input) {
=======
		public SystemScope apply(String input) {
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			if (input == null) {
				return null;
			} else {
Solution content 
	private Function stringToSystemScope = new Function() {
		@Override
		public SystemScope apply(String input) {
			if (input == null) {
				return null;
			} else {
File
DefaultSystemScopeService.java
Developer's decision
Version 2
Kind of conflict
Method signature
Chunk
Conflicting content 
	private Function systemScopeToString = new Function() {
		@Override
<<<<<<< HEAD
		public String apply(@Nullable SystemScope input) {
=======
		public String apply(SystemScope input) {
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			if (input == null) {
				return null;
			} else {
Solution content 
	private Function systemScopeToString = new Function() {
		@Override
		public String apply(SystemScope input) {
			if (input == null) {
				return null;
			} else {
File
DefaultSystemScopeService.java
Developer's decision
Version 2
Kind of conflict
Method signature
Chunk
Conflicting content 
	// keep down-cast versions so we can get to the right queries
	private OAuth2TokenEntityService tokenServices;

<<<<<<< HEAD


=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	/**
	 * @param tokenServices
	 * @param clientDetailsService
Solution content 
	// keep down-cast versions so we can get to the right queries
	private OAuth2TokenEntityService tokenServices;

	/**
	 * @param tokenServices
	 * @param clientDetailsService
File
ChainedTokenGranter.java
Developer's decision
Version 1
Kind of conflict
Blank
Chunk
Conflicting content 
	 * @see org.springframework.security.oauth2.provider.token.AbstractTokenGranter#getOAuth2Authentication(org.springframework.security.oauth2.provider.AuthorizationRequest)
	 */
	@Override
<<<<<<< HEAD
	protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) throws AuthenticationException, InvalidTokenException {
		// read and load up the existing token
		String incomingTokenValue = tokenRequest.getRequestParameters().get("token");
=======
	protected OAuth2Authentication getOAuth2Authentication(AuthorizationRequest authorizationRequest) throws AuthenticationException, InvalidTokenException {
		// read and load up the existing token
		String incomingTokenValue = authorizationRequest.getAuthorizationParameters().get("token");
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		OAuth2AccessTokenEntity incomingToken = tokenServices.readAccessToken(incomingTokenValue);

		// check for scoping in the request, can't up-scope with a chained request
Solution content 
	 * @see org.springframework.security.oauth2.provider.token.AbstractTokenGranter#getOAuth2Authentication(org.springframework.security.oauth2.provider.AuthorizationRequest)
	 */
	@Override
	protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) throws AuthenticationException, InvalidTokenException {
		// read and load up the existing token
		String incomingTokenValue = tokenRequest.getRequestParameters().get("token");
		OAuth2AccessTokenEntity incomingToken = tokenServices.readAccessToken(incomingTokenValue);

		// check for scoping in the request, can't up-scope with a chained request
File
ChainedTokenGranter.java
Developer's decision
Version 1
Kind of conflict
Comment
Method invocation
Method signature
Variable
Chunk
Conflicting content 
<<<<<<< HEAD

		// check for scoping in the request, can't up-scope with a chained request
		Set approvedScopes = incomingToken.getScope();
		Set requestedScopes = tokenRequest.getScope();
=======
		Set requestedScopes = authorizationRequest.getScope();
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

		if (requestedScopes == null) {
			requestedScopes = new HashSet();
Solution content 
		// check for scoping in the request, can't up-scope with a chained request
		Set approvedScopes = incomingToken.getScope();
		Set requestedScopes = tokenRequest.getScope();

		if (requestedScopes == null) {
			requestedScopes = new HashSet();
File
ChainedTokenGranter.java
Developer's decision
Version 1
Kind of conflict
Method invocation
Variable
Chunk
Conflicting content 
		}

		// do a check on the requested scopes -- if they exactly match the client scopes, they were probably shadowed by the token granter
<<<<<<< HEAD
=======
		// FIXME: bug in SECOAUTH functionality
		ClientDetailsEntity client = incomingToken.getClient();
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		if (client.getScope().equals(requestedScopes)) {
			requestedScopes = new HashSet();
		}
Solution content 
		}

		// do a check on the requested scopes -- if they exactly match the client scopes, they were probably shadowed by the token granter
		if (client.getScope().equals(requestedScopes)) {
			requestedScopes = new HashSet();
		}
File
ChainedTokenGranter.java
Developer's decision
Version 1
Kind of conflict
Comment
Method invocation
Variable
Chunk
Conflicting content 
		// if our scopes are a valid subset of what's allowed, we can continue
		if (approvedScopes.containsAll(requestedScopes)) {

<<<<<<< HEAD
			if (requestedScopes.isEmpty()) {
				// if there are no scopes, inherit the original scopes from the token
				tokenRequest.setScope(approvedScopes);
			} else {
				// if scopes were asked for, give only the subset of scopes requested
				// this allows safe downscoping
				tokenRequest.setScope(Sets.intersection(requestedScopes, approvedScopes));
=======
			// build an appropriate auth request to hand to the token services layer
			DefaultAuthorizationRequest outgoingAuthRequest = new DefaultAuthorizationRequest(authorizationRequest);
			outgoingAuthRequest.setApproved(true);
			if (requestedScopes.isEmpty()) {
				// if there are no scopes, inherit the original scopes from the token
				outgoingAuthRequest.setScope(approvedScopes);
			} else {
				// if scopes were asked for, give only the subset of scopes requested
				// this allows safe downscoping
				outgoingAuthRequest.setScope(Sets.intersection(requestedScopes, approvedScopes));
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			}

			// NOTE: don't revoke the existing access token
Solution content 
		// if our scopes are a valid subset of what's allowed, we can continue
		if (approvedScopes.containsAll(requestedScopes)) {

			if (requestedScopes.isEmpty()) {
				// if there are no scopes, inherit the original scopes from the token
				tokenRequest.setScope(approvedScopes);
			} else {
				// if scopes were asked for, give only the subset of scopes requested
				// this allows safe downscoping
				tokenRequest.setScope(Sets.intersection(requestedScopes, approvedScopes));
			}

			// NOTE: don't revoke the existing access token
File
ChainedTokenGranter.java
Developer's decision
Version 1
Kind of conflict
Comment
If statement
Method invocation
Variable
Chunk
Conflicting content 
			// NOTE: don't revoke the existing access token

			// create a new access token
<<<<<<< HEAD
			OAuth2Authentication authentication = new OAuth2Authentication(getRequestFactory().createOAuth2Request(client, tokenRequest), incomingToken.getAuthenticationHolder().getAuthentication().getUserAuthentication());
=======
			OAuth2Authentication authentication = new OAuth2Authentication(outgoingAuthRequest, incomingToken.getAuthenticationHolder().getAuthentication().getUserAuthentication());
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

			return authentication;
Solution content 
			// NOTE: don't revoke the existing access token

			// create a new access token
			OAuth2Authentication authentication = new OAuth2Authentication(getRequestFactory().createOAuth2Request(client, tokenRequest), incomingToken.getAuthenticationHolder().getAuthentication().getUserAuthentication());

			return authentication;
File
ChainedTokenGranter.java
Developer's decision
Version 1
Kind of conflict
Method invocation
Variable
Chunk
Conflicting content 
	private ConfigurationPropertiesBean config;

	@Autowired
<<<<<<< HEAD
	public JwtAssertionTokenGranter(OAuth2TokenEntityService tokenServices, ClientDetailsEntityService clientDetailsService, OAuth2RequestFactory requestFactory) {
		super(tokenServices, clientDetailsService, requestFactory, grantType);
=======
	public JwtAssertionTokenGranter(OAuth2TokenEntityService tokenServices, ClientDetailsEntityService clientDetailsService) {
		super(tokenServices, clientDetailsService, grantType);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		this.tokenServices = tokenServices;
	}
Solution content 
	private ConfigurationPropertiesBean config;

	@Autowired
	public JwtAssertionTokenGranter(OAuth2TokenEntityService tokenServices, ClientDetailsEntityService clientDetailsService, OAuth2RequestFactory requestFactory) {
		super(tokenServices, clientDetailsService, requestFactory, grantType);
		this.tokenServices = tokenServices;
	}
File
JwtAssertionTokenGranter.java
Developer's decision
Version 1
Kind of conflict
Method invocation
Method signature
Chunk
Conflicting content 
	 * @see org.springframework.security.oauth2.provider.token.AbstractTokenGranter#getOAuth2Authentication(org.springframework.security.oauth2.provider.AuthorizationRequest)
	 */
	@Override
<<<<<<< HEAD
	protected OAuth2AccessToken getAccessToken(ClientDetails client, TokenRequest tokenRequest) throws AuthenticationException, InvalidTokenException {
		// read and load up the existing token
		String incomingTokenValue = tokenRequest.getRequestParameters().get("assertion");
		OAuth2AccessTokenEntity incomingToken = tokenServices.readAccessToken(incomingTokenValue);

		if (incomingToken.getScope().contains(OAuth2AccessTokenEntity.ID_TOKEN_SCOPE)) {

			if (!client.getClientId().equals(tokenRequest.getClientId())) {
=======
	protected OAuth2AccessToken getAccessToken(AuthorizationRequest authorizationRequest) throws AuthenticationException, InvalidTokenException {
		// read and load up the existing token
		String incomingTokenValue = authorizationRequest.getAuthorizationParameters().get("assertion");
		OAuth2AccessTokenEntity incomingToken = tokenServices.readAccessToken(incomingTokenValue);

		ClientDetailsEntity client = incomingToken.getClient();


		if (incomingToken.getScope().contains(OAuth2AccessTokenEntity.ID_TOKEN_SCOPE)) {

			if (!client.getClientId().equals(authorizationRequest.getClientId())) {
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
				throw new InvalidClientException("Not the right client for this token");
			}
Solution content 
	 * @see org.springframework.security.oauth2.provider.token.AbstractTokenGranter#getOAuth2Authentication(org.springframework.security.oauth2.provider.AuthorizationRequest)
	 */
	@Override
	protected OAuth2AccessToken getAccessToken(ClientDetails client, TokenRequest tokenRequest) throws AuthenticationException, InvalidTokenException {
		// read and load up the existing token
		String incomingTokenValue = tokenRequest.getRequestParameters().get("assertion");
		OAuth2AccessTokenEntity incomingToken = tokenServices.readAccessToken(incomingTokenValue);

		if (incomingToken.getScope().contains(OAuth2AccessTokenEntity.ID_TOKEN_SCOPE)) {

			if (!client.getClientId().equals(tokenRequest.getClientId())) {
				throw new InvalidClientException("Not the right client for this token");
			}
File
JwtAssertionTokenGranter.java
Developer's decision
Version 1
Kind of conflict
Comment
If statement
Method invocation
Method signature
Variable
Chunk
Conflicting content 
					// copy over all existing claims
					JWTClaimsSet claims = new JWTClaimsSet(idToken.getJWTClaimsSet());

<<<<<<< HEAD
					if (client instanceof ClientDetailsEntity) {

						ClientDetailsEntity clientEntity = (ClientDetailsEntity) client;

						// update expiration and issued-at claims
						if (clientEntity.getIdTokenValiditySeconds() != null) {
							Date expiration = new Date(System.currentTimeMillis() + (clientEntity.getIdTokenValiditySeconds() * 1000L));
							claims.setExpirationTime(expiration);
							newIdTokenEntity.setExpiration(expiration);
						}
					} else {
						//TODO: What should happen in this case? Is this possible?
=======
					// update expiration and issued-at claims
					if (client.getIdTokenValiditySeconds() != null) {
						Date expiration = new Date(System.currentTimeMillis() + (client.getIdTokenValiditySeconds() * 1000L));
						claims.setExpirationTime(expiration);
						newIdTokenEntity.setExpiration(expiration);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
					}

					claims.setIssueTime(new Date());
Solution content 
					// copy over all existing claims
					JWTClaimsSet claims = new JWTClaimsSet(idToken.getJWTClaimsSet());

					if (client instanceof ClientDetailsEntity) {

						ClientDetailsEntity clientEntity = (ClientDetailsEntity) client;

						// update expiration and issued-at claims
						if (clientEntity.getIdTokenValiditySeconds() != null) {
							Date expiration = new Date(System.currentTimeMillis() + (clientEntity.getIdTokenValiditySeconds() * 1000L));
							claims.setExpirationTime(expiration);
							newIdTokenEntity.setExpiration(expiration);
						}

					} else {
						//TODO: What should happen in this case? Is this possible?
					}

					claims.setIssueTime(new Date());
File
JwtAssertionTokenGranter.java
Developer's decision
Version 1
Kind of conflict
Cast expression
Comment
If statement
Method invocation
Variable
Chunk
Conflicting content 
			public JsonElement serialize(OAuth2AccessTokenEntity src, Type typeOfSrc, JsonSerializationContext context) {
				JsonObject token = new JsonObject();

<<<<<<< HEAD
				token.addProperty("valid", true);

				JsonArray scopes = new JsonArray();
				for (String scope : src.getScope()) {
					scopes.add(new JsonPrimitive(scope));
				}
				token.add("scope", scopes);

				token.add("expires_at", context.serialize(src.getExpiration()));

				//token.addProperty("audience", src.getAuthenticationHolder().getAuthentication().getAuthorizationRequest().getClientId());

				token.addProperty("subject", src.getAuthenticationHolder().getAuthentication().getName());

				token.addProperty("client_id", src.getAuthenticationHolder().getAuthentication().getOAuth2Request().getClientId());
=======
				token.addProperty("active", true);

				token.addProperty("scope", Joiner.on(" ").join(src.getScope()));

				token.add("exp", context.serialize(src.getExpiration()));

				//token.addProperty("audience", src.getAuthenticationHolder().getAuthentication().getAuthorizationRequest().getClientId());

				token.addProperty("sub", src.getAuthenticationHolder().getAuthentication().getName());

				token.addProperty("client_id", src.getAuthenticationHolder().getAuthentication().getAuthorizationRequest().getClientId());

				token.addProperty("token_type", src.getTokenType());

				return token;
			}

		})
		.registerTypeAdapter(OAuth2RefreshTokenEntity.class, new JsonSerializer() {
			@Override
			public JsonElement serialize(OAuth2RefreshTokenEntity src, Type typeOfSrc, JsonSerializationContext context) {
				JsonObject token = new JsonObject();

				token.addProperty("active", true);

				token.addProperty("scope", Joiner.on(" ").join(src.getAuthenticationHolder().getAuthentication().getAuthorizationRequest().getScope()));

				token.add("exp", context.serialize(src.getExpiration()));

				//token.addProperty("audience", src.getAuthenticationHolder().getAuthentication().getAuthorizationRequest().getClientId());

				token.addProperty("sub", src.getAuthenticationHolder().getAuthentication().getName());

				token.addProperty("client_id", src.getAuthenticationHolder().getAuthentication().getAuthorizationRequest().getClientId());
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

				return token;
			}
Solution content 
			public JsonElement serialize(OAuth2AccessTokenEntity src, Type typeOfSrc, JsonSerializationContext context) {
				JsonObject token = new JsonObject();

				token.addProperty("active", true);

				token.addProperty("scope", Joiner.on(" ").join(src.getScope()));

				token.add("exp", context.serialize(src.getExpiration()));

				//token.addProperty("audience", src.getAuthenticationHolder().getAuthentication().getAuthorizationRequest().getClientId());

				token.addProperty("sub", src.getAuthenticationHolder().getAuthentication().getName());

				token.addProperty("client_id", src.getAuthenticationHolder().getAuthentication().getOAuth2Request().getClientId());

				token.addProperty("token_type", src.getTokenType());

				return token;
			}

		})
		.registerTypeAdapter(OAuth2RefreshTokenEntity.class, new JsonSerializer() {
			@Override
			public JsonElement serialize(OAuth2RefreshTokenEntity src, Type typeOfSrc, JsonSerializationContext context) {
				JsonObject token = new JsonObject();

				token.addProperty("active", true);

				token.addProperty("scope", Joiner.on(" ").join(src.getAuthenticationHolder().getAuthentication().getOAuth2Request().getScope()));

				token.add("exp", context.serialize(src.getExpiration()));

				//token.addProperty("audience", src.getAuthenticationHolder().getAuthentication().getAuthorizationRequest().getClientId());

				token.addProperty("sub", src.getAuthenticationHolder().getAuthentication().getName());

				token.addProperty("client_id", src.getAuthenticationHolder().getAuthentication().getOAuth2Request().getClientId());

				return token;
			}
File
TokenIntrospectionView.java
Developer's decision
Manual
Kind of conflict
Comment
For statement
Method invocation
Return statement
Variable
Chunk
Conflicting content 
		this.tokenServices = tokenServices;
	}

<<<<<<< HEAD
	@ExceptionHandler(InvalidTokenException.class)
	public ModelAndView tokenNotFound(InvalidTokenException ex) {
		Map e = ImmutableMap.of("valid", Boolean.FALSE);
		Map model = new HashMap();
		model.put("entity", e);

		logger.error("InvalidTokenException: ", ex);

		model.put("code", HttpStatus.BAD_REQUEST);

		return new ModelAndView("jsonEntityView", model);
	}

	@PreAuthorize("hasRole('ROLE_CLIENT')")
	@RequestMapping("/introspect")
	public ModelAndView verify(@RequestParam("token") String tokenValue, Principal p, ModelAndView modelAndView) {

		/*
		if (p != null && p instanceof OAuth2Authentication) {
			OAuth2Authentication auth = (OAuth2Authentication)p;

			if (auth.getDetails() != null && auth.getDetails() instanceof OAuth2AuthenticationDetails) {
				OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails)auth.getDetails();

				String tokenValue = details.getTokenValue();

				OAuth2AccessTokenEntity token = tokenServices.readAccessToken(tokenValue);

				if (token != null) {
					// if it's a valid token, we'll print out the scope and expiration
					modelAndView.setViewName("tokenIntrospection");
					modelAndView.addObject("entity", token);
				}
			}
		}*/
=======
	@PreAuthorize("hasRole('ROLE_CLIENT')")
	@RequestMapping("/introspect")
	public String verify(@RequestParam("token") String tokenValue,
			@RequestParam(value = "resource_id", required = false) String resourceId,
			@RequestParam(value = "token_type_hint", required = false) String tokenType,
			Principal p, Model model) {
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

		if (Strings.isNullOrEmpty(tokenValue)) {
			logger.error("Verify failed; token value is null");
Solution content 
		this.tokenServices = tokenServices;
	}

	@PreAuthorize("hasRole('ROLE_CLIENT')")
	@RequestMapping("/introspect")
	public String verify(@RequestParam("token") String tokenValue,
			@RequestParam(value = "resource_id", required = false) String resourceId,
			@RequestParam(value = "token_type_hint", required = false) String tokenType,
			Principal p, Model model) {

		if (Strings.isNullOrEmpty(tokenValue)) {
			logger.error("Verify failed; token value is null");
File
IntrospectionEndpoint.java
Developer's decision
Version 2
Kind of conflict
Annotation
Comment
Method declaration
Method signature
Chunk
Conflicting content 
			return "jsonEntityView";
		}

<<<<<<< HEAD
		OAuth2AccessTokenEntity token = null;

		try {
			token = tokenServices.readAccessToken(tokenValue);
		} catch (AuthenticationException e) {
			logger.error("Verify failed; AuthenticationException: ", e);
			modelAndView.addObject("code", HttpStatus.FORBIDDEN);
			modelAndView.setViewName("httpCodeView");
			return modelAndView;
		}

		ClientDetailsEntity tokenClient = token.getClient();
=======

		ClientDetailsEntity tokenClient = null;
		Set scopes = null;
		Object token = null;

		try {

			// check access tokens first (includes ID tokens)
			OAuth2AccessTokenEntity access = tokenServices.readAccessToken(tokenValue);

			tokenClient = access.getClient();
			scopes = access.getScope();

			token = access;

		} catch (InvalidTokenException e) {
			logger.error("Verify failed; Invalid access token. Checking refresh token.", e);
			try {

				// check refresh tokens next
				OAuth2RefreshTokenEntity refresh = tokenServices.getRefreshToken(tokenValue);

				tokenClient = refresh.getClient();
				scopes = refresh.getAuthenticationHolder().getAuthentication().getAuthorizationRequest().getScope();

				token = refresh;

			} catch (InvalidTokenException e2) {
				logger.error("Verify failed; Invalid refresh token", e2);
				Map entity = ImmutableMap.of("active", Boolean.FALSE);
				model.addAttribute("entity", entity);
				return "jsonEntityView";
			}
		}

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		// clientID is the principal name in the authentication
		String clientId = p.getName();
		ClientDetailsEntity authClient = clientService.loadClientByClientId(clientId);
Solution content 
			return "jsonEntityView";
		}


		ClientDetailsEntity tokenClient = null;
		Set scopes = null;
		Object token = null;

		try {

			// check access tokens first (includes ID tokens)
			OAuth2AccessTokenEntity access = tokenServices.readAccessToken(tokenValue);

			tokenClient = access.getClient();
			scopes = access.getScope();

			token = access;

		} catch (InvalidTokenException e) {
			logger.error("Verify failed; Invalid access token. Checking refresh token.", e);
			try {

				// check refresh tokens next
				OAuth2RefreshTokenEntity refresh = tokenServices.getRefreshToken(tokenValue);

				tokenClient = refresh.getClient();
				scopes = refresh.getAuthenticationHolder().getAuthentication().getOAuth2Request().getScope();

				token = refresh;

			} catch (InvalidTokenException e2) {
				logger.error("Verify failed; Invalid refresh token", e2);
				Map entity = ImmutableMap.of("active", Boolean.FALSE);
				model.addAttribute("entity", entity);
				return "jsonEntityView";
			}
		}

		// clientID is the principal name in the authentication
		String clientId = p.getName();
		ClientDetailsEntity authClient = clientService.loadClientByClientId(clientId);
File
IntrospectionEndpoint.java
Developer's decision
Manual
Kind of conflict
Method invocation
Try statement
Variable
Chunk
Conflicting content 
			if (authClient.isAllowIntrospection()) {

				// if it's the same client that the token was issued to, or it at least has all the scopes the token was issued with
<<<<<<< HEAD
				if (authClient.equals(tokenClient) || authClient.getScope().containsAll(token.getScope())) {
=======
				if (authClient.equals(tokenClient) || authClient.getScope().containsAll(scopes)) {
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

					// if it's a valid token, we'll print out information on it
					model.addAttribute("entity", token);
Solution content 
			if (authClient.isAllowIntrospection()) {

				// if it's the same client that the token was issued to, or it at least has all the scopes the token was issued with
				if (authClient.equals(tokenClient) || authClient.getScope().containsAll(scopes)) {

					// if it's a valid token, we'll print out information on it
					model.addAttribute("entity", token);
File
IntrospectionEndpoint.java
Developer's decision
Version 2
Kind of conflict
If statement
Chunk
Conflicting content 
		try {
			client = clientService.loadClientByClientId(clientAuth.getClientId());
		} catch (OAuth2Exception e) {
<<<<<<< HEAD
			logger.error("confirmAccess: OAuth2Exception was thrown when attempting to load client: "
					, e);
=======
			logger.error("confirmAccess: OAuth2Exception was thrown when attempting to load client", e);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			model.put("code", HttpStatus.BAD_REQUEST);
			return "httpCodeView";
		} catch (IllegalArgumentException e) {
Solution content 
		try {
			client = clientService.loadClientByClientId(clientAuth.getClientId());
		} catch (OAuth2Exception e) {
			logger.error("confirmAccess: OAuth2Exception was thrown when attempting to load client", e);
			model.put("code", HttpStatus.BAD_REQUEST);
			return "httpCodeView";
		} catch (IllegalArgumentException e) {
File
OAuthConfirmationController.java
Developer's decision
Version 2
Kind of conflict
Method invocation
Chunk
Conflicting content 
			model.put("code", HttpStatus.BAD_REQUEST);
			return "httpCodeView";
		} catch (IllegalArgumentException e) {
<<<<<<< HEAD
			logger.error("confirmAccess: IllegalArgumentException was thrown when attempting to load client: "
					, e);
=======
			logger.error("confirmAccess: IllegalArgumentException was thrown when attempting to load client", e);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			model.put("code", HttpStatus.BAD_REQUEST);
			return "httpCodeView";
		}
Solution content 
			model.put("code", HttpStatus.BAD_REQUEST);
			return "httpCodeView";
		} catch (IllegalArgumentException e) {
			logger.error("confirmAccess: IllegalArgumentException was thrown when attempting to load client", e);
			model.put("code", HttpStatus.BAD_REQUEST);
			return "httpCodeView";
		}
File
OAuthConfirmationController.java
Developer's decision
Version 2
Kind of conflict
Method invocation
Chunk
Conflicting content 
		model.put("auth_request", clientAuth);
		model.put("client", client);

<<<<<<< HEAD
		String redirect_uri = clientAuth.getRequestParameters().get("redirect_uri");

		model.put("redirect_uri", redirect_uri);


		/*
        Map scopes = new HashMap();
        for (String scope : clientAuth.getScope()) {
	        scopes.put(scope, Boolean.TRUE);
        }
		 */

=======
		String redirect_uri = clientAuth.getAuthorizationParameters().get("redirect_uri");

		model.put("redirect_uri", redirect_uri);

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		Set scopes = scopeService.fromStrings(clientAuth.getScope());

		Set sortedScopes = new LinkedHashSet(scopes.size());
Solution content 
		model.put("auth_request", clientAuth);
		model.put("client", client);

		String redirect_uri = clientAuth.getRedirectUri();

		model.put("redirect_uri", redirect_uri);

		Set scopes = scopeService.fromStrings(clientAuth.getScope());

		Set sortedScopes = new LinkedHashSet(scopes.size());
File
OAuthConfirmationController.java
Developer's decision
Manual
Kind of conflict
Comment
Method invocation
Variable
Chunk
Conflicting content 
		model.put("scopes", sortedScopes);

<<<<<<< HEAD
		return new ModelAndView("oauth/approve", model);
=======
		return "approve";
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	}

	/**
Solution content 
		model.put("scopes", sortedScopes);

		return "approve";
	}

	/**
File
OAuthConfirmationController.java
Developer's decision
Version 2
Kind of conflict
Method invocation
Return statement
Chunk
Conflicting content 
	private static Logger logger = LoggerFactory.getLogger(RevocationEndpoint.class);

<<<<<<< HEAD
	public RevocationEndpoint() {

	}

	public RevocationEndpoint(OAuth2TokenEntityService tokenServices) {
		this.tokenServices = tokenServices;
	}

	// TODO
=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_CLIENT')")
	@RequestMapping("/revoke")
	public String revoke(@RequestParam("token") String tokenValue, @RequestParam(value = "token_type_hint", required = false) String tokenType, Principal principal, Model model) {
Solution content 
	private static Logger logger = LoggerFactory.getLogger(RevocationEndpoint.class);

	@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_CLIENT')")
	@RequestMapping("/revoke")
	public String revoke(@RequestParam("token") String tokenValue, @RequestParam(value = "token_type_hint", required = false) String tokenType, Principal principal, Model model) {
File
RevocationEndpoint.java
Developer's decision
Version 2
Kind of conflict
Comment
Method declaration
Chunk
Conflicting content 
	@RequestMapping("/revoke")
	public String revoke(@RequestParam("token") String tokenValue, @RequestParam(value = "token_type_hint", required = false) String tokenType, Principal principal, Model model) {

<<<<<<< HEAD

		OAuth2RefreshTokenEntity refreshToken = null;
		OAuth2AccessTokenEntity accessToken = null;
		try {
			refreshToken = tokenServices.getRefreshToken(tokenValue);
		} catch (InvalidTokenException e) {
			// it's OK if either of these tokens are bad
			//TODO: Error Handling
		}

		try {
			accessToken = tokenServices.readAccessToken(tokenValue);
		} catch (InvalidTokenException e) {
			// it's OK if either of these tokens are bad
			//TODO: Error Handling
		} catch (AuthenticationException e) {
			//TODO: Error Handling
		}

		if (refreshToken == null && accessToken == null) {
			//TODO: Error Handling
			// TODO: this should throw a 400 with a JSON error code
			throw new InvalidTokenException("Invalid OAuth token: " + tokenValue);
		}

		if (principal instanceof OAuth2Authentication) {
			//TODO what is this variable for? It is unused. is it just a validation check?
			OAuth2AccessTokenEntity tok = tokenServices.getAccessToken((OAuth2Authentication) principal);

			// we've got a client acting on its own behalf, not an admin
			//ClientAuthentication clientAuth = (ClientAuthenticationToken) ((OAuth2Authentication) auth).getClientAuthentication();
			OAuth2Request clientAuth = ((OAuth2Authentication) principal).getOAuth2Request();

			if (refreshToken != null) {
				if (!refreshToken.getClient().getClientId().equals(clientAuth.getClientId())) {
					// trying to revoke a token we don't own, fail
					// TODO: this should throw a 403
					//TODO: Error Handling
					throw new PermissionDeniedException("Client tried to revoke a token it doesn't own");
				}
			} else {
				if (!accessToken.getClient().getClientId().equals(clientAuth.getClientId())) {
					// trying to revoke a token we don't own, fail
					// TODO: this should throw a 403
					//TODO: Error Handling
					throw new PermissionDeniedException("Client tried to revoke a token it doesn't own");
				}
			}
		}

		// if we got this far, we're allowed to do this
		if (refreshToken != null) {
			tokenServices.revokeRefreshToken(refreshToken);
		} else {
=======
		// This is the token as passed in from OAuth (in case we need it some day)
		//OAuth2AccessTokenEntity tok = tokenServices.getAccessToken((OAuth2Authentication) principal);

		AuthorizationRequest authRequest = null;
		if (principal instanceof OAuth2Authentication) {
			// if the client is acting on its own behalf (the common case), pull out the client authorization request
			authRequest = ((OAuth2Authentication) principal).getAuthorizationRequest();
		}

		try {
			// check and handle access tokens first

			OAuth2AccessTokenEntity accessToken = tokenServices.readAccessToken(tokenValue);
			if (authRequest != null) {
				// client acting on its own, make sure it owns the token
				if (!accessToken.getClient().getClientId().equals(authRequest.getClientId())) {
					// trying to revoke a token we don't own, throw a 403
					model.addAttribute("code", HttpStatus.FORBIDDEN);
					return "httpCodeView";
				}
			}

			// if we got this far, we're allowed to do this
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			tokenServices.revokeAccessToken(accessToken);
			model.addAttribute("code", HttpStatus.OK);
			return "httpCodeView";
Solution content 
	@RequestMapping("/revoke")
	public String revoke(@RequestParam("token") String tokenValue, @RequestParam(value = "token_type_hint", required = false) String tokenType, Principal principal, Model model) {

		// This is the token as passed in from OAuth (in case we need it some day)
		//OAuth2AccessTokenEntity tok = tokenServices.getAccessToken((OAuth2Authentication) principal);

		OAuth2Request authRequest = null;
		if (principal instanceof OAuth2Authentication) {
			// if the client is acting on its own behalf (the common case), pull out the client authorization request
			authRequest = ((OAuth2Authentication) principal).getOAuth2Request();
		}

		try {
			// check and handle access tokens first

			OAuth2AccessTokenEntity accessToken = tokenServices.readAccessToken(tokenValue);
			if (authRequest != null) {
				// client acting on its own, make sure it owns the token
				if (!accessToken.getClient().getClientId().equals(authRequest.getClientId())) {
					// trying to revoke a token we don't own, throw a 403
					model.addAttribute("code", HttpStatus.FORBIDDEN);
					return "httpCodeView";
				}
			}

			// if we got this far, we're allowed to do this
			tokenServices.revokeAccessToken(accessToken);
			model.addAttribute("code", HttpStatus.OK);
			return "httpCodeView";
File
RevocationEndpoint.java
Developer's decision
Manual
Kind of conflict
Comment
If statement
Method invocation
Try statement
Variable
Chunk
Conflicting content 
		return modelAndView;
=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
				return "httpCodeView";
			}
		}
<<<<<<< HEAD

		// TODO: throw a 200 back (no content?)
	}

}
Solution content 
				return "httpCodeView";
			}
		}
	}

}
File
RevocationEndpoint.java
Developer's decision
Version 2
Kind of conflict
Comment
Return statement
Variable
Chunk
Conflicting content 
@Component("oAuth2RequestFactory")
public class ConnectOAuth2RequestFactory extends DefaultOAuth2RequestFactory {

<<<<<<< HEAD:openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectOAuth2RequestFactory.java
	private static Logger logger = LoggerFactory.getLogger(ConnectOAuth2RequestFactory.class);

	//@Autowired
	private NonceService nonceService;

	//@Autowired
=======
	private static Logger logger = LoggerFactory.getLogger(ConnectAuthorizationRequestManager.class);

	@Autowired
	private NonceService nonceService;

	@Autowired
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0:openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectAuthorizationRequestManager.java
	private ClientDetailsEntityService clientDetailsService;

	@Autowired
Solution content 
@Component("oAuth2RequestFactory")
public class ConnectOAuth2RequestFactory extends DefaultOAuth2RequestFactory {

	private static Logger logger = LoggerFactory.getLogger(ConnectOAuth2RequestFactory.class);

	private NonceService nonceService;

	private ClientDetailsEntityService clientDetailsService;

	@Autowired
File
ConnectOAuth2RequestFactory.java
Developer's decision
Combination
Kind of conflict
Annotation
Attribute
Comment
Method invocation
Chunk
Conflicting content 
	/**
	 * Default empty constructor
	 */
<<<<<<< HEAD:openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectOAuth2RequestFactory.java
	public ConnectOAuth2RequestFactory() {
		super(null);
=======
	public ConnectAuthorizationRequestManager() {

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0:openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectAuthorizationRequestManager.java
	}

	@Override
Solution content 
/*******************************************************************************
 * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
 * 
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 * 
 *   http://www.apache.org/licenses/LICENSE-2.0
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 ******************************************************************************/
package org.mitre.openid.connect;

import java.text.ParseException;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;

import net.minidev.json.JSONObject;

import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.jwt.signer.service.impl.JWKSetSigningAndValidationServiceCacheService;
import org.mitre.oauth2.exception.NonceReuseException;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.service.ClientDetailsEntityService;
import org.mitre.openid.connect.model.Nonce;
import org.mitre.openid.connect.service.NonceService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.oauth2.common.exceptions.InvalidClientException;
import org.springframework.security.oauth2.common.util.OAuth2Utils;
import org.springframework.security.oauth2.provider.AuthorizationRequest;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.DefaultOAuth2RequestFactory;
import org.springframework.stereotype.Component;

import com.google.common.base.Strings;
import com.nimbusds.jose.util.JSONObjectUtils;
import com.nimbusds.jwt.SignedJWT;

@Component("oAuth2RequestFactory")
public class ConnectOAuth2RequestFactory extends DefaultOAuth2RequestFactory {

	private static Logger logger = LoggerFactory.getLogger(ConnectOAuth2RequestFactory.class);

	private NonceService nonceService;

	private ClientDetailsEntityService clientDetailsService;

	@Autowired
	private JWKSetSigningAndValidationServiceCacheService validators;

	/**
	 * Constructor with arguments
	 * 
	 * @param clientDetailsService
	 * @param nonceService
	 */
	@Autowired
	public ConnectOAuth2RequestFactory(ClientDetailsEntityService clientDetailsService, NonceService nonceService) {
		super(clientDetailsService);
		this.clientDetailsService = clientDetailsService;
		this.nonceService = nonceService;
	}

	@Override
File
ConnectOAuth2RequestFactory.java
Developer's decision
Manual
Kind of conflict
Method invocation
Method signature
Chunk
Conflicting content 
		if (clientId != null) {
			client = clientDetailsService.loadClientByClientId(clientId);
		}
<<<<<<< HEAD:openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectOAuth2RequestFactory.java

		String requestNonce = parameters.get("nonce");

		AuthorizationRequest request = new AuthorizationRequest(parameters, Collections. emptyMap(),
				parameters.get(OAuth2Utils.CLIENT_ID),
				OAuth2Utils.parseParameterList(parameters.get(OAuth2Utils.SCOPE)), null,
				null, false, parameters.get(OAuth2Utils.STATE),
				parameters.get(OAuth2Utils.REDIRECT_URI),
				OAuth2Utils.parseParameterList(parameters.get(OAuth2Utils.RESPONSE_TYPE)));

=======
		ClientDetails client = clientDetailsService.loadClientByClientId(clientId);

		String requestNonce = parameters.get("nonce");

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0:openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectAuthorizationRequestManager.java
		//Only process if the user is authenticated. If the user is not authenticated yet, this
		//code will be called a second time once the user is redirected from the login page back
		//to the auth endpoint.
Solution content 
		if (clientId != null) {
			client = clientDetailsService.loadClientByClientId(clientId);
		}

		String requestNonce = parameters.get("nonce");

		AuthorizationRequest request = new AuthorizationRequest(parameters, Collections. emptyMap(),
				parameters.get(OAuth2Utils.CLIENT_ID),
				OAuth2Utils.parseParameterList(parameters.get(OAuth2Utils.SCOPE)), null,
				null, false, parameters.get(OAuth2Utils.STATE),
				parameters.get(OAuth2Utils.REDIRECT_URI),
				OAuth2Utils.parseParameterList(parameters.get(OAuth2Utils.RESPONSE_TYPE)));

		//Only process if the user is authenticated. If the user is not authenticated yet, this
		//code will be called a second time once the user is redirected from the login page back
		//to the auth endpoint.
File
ConnectOAuth2RequestFactory.java
Developer's decision
Version 1
Kind of conflict
Method invocation
Variable
Chunk
Conflicting content 
		}

		Set scopes = OAuth2Utils.parseParameterList(parameters.get("scope"));
<<<<<<< HEAD:openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectOAuth2RequestFactory.java
		if ((scopes == null || scopes.isEmpty()) && client != null) {
			//TODO: do we want to allow default scoping at all?
			Set clientScopes = client.getScope();
			scopes = clientScopes;
		}
=======
		if ((scopes == null || scopes.isEmpty())) {
			// default scoping
			Set clientScopes = client.getScope();
			scopes = clientScopes;
		}


		// note that we have to inject the processed parameters in at this point so that SECOAUTH can find them later (and this object will get copy-constructored away anyway)
		DefaultAuthorizationRequest request = new DefaultAuthorizationRequest(parameters, Collections. emptyMap(), clientId, scopes);
		request.addClientDetails(client);
		return request;
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0:openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectAuthorizationRequestManager.java

		request.setScope(scopes);
Solution content 
		}

		Set scopes = OAuth2Utils.parseParameterList(parameters.get("scope"));
		if ((scopes == null || scopes.isEmpty()) && client != null) {
			Set clientScopes = client.getScope();
			scopes = clientScopes;
		}

		request.setScope(scopes);
File
ConnectOAuth2RequestFactory.java
Developer's decision
Combination
Kind of conflict
Comment
If statement
Method invocation
Return statement
Variable
Chunk
Conflicting content 
					parameters.put("scope", scope);
				}
			}
<<<<<<< HEAD:openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectOAuth2RequestFactory.java
=======

		} catch (ParseException e) {
			logger.error("Failed to process request object, error was: ", e);
		}
		return parameters;
	}
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0:openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectAuthorizationRequestManager.java

		} catch (ParseException e) {
			logger.error("ParseException while parsing RequestObject:", e);
Solution content 
					parameters.put("scope", scope);
				}
			}
		} catch (ParseException e) {
			logger.error("ParseException while parsing RequestObject:", e);
File
ConnectOAuth2RequestFactory.java
Developer's decision
Version 1
Kind of conflict
Catch clause
Return statement
Variable
Chunk
Conflicting content 
			// IFF we managed to get all the way down here, the token is valid
			return new JwtBearerAssertionAuthenticationToken(client.getClientId(), jwt, client.getAuthorities());

<<<<<<< HEAD
		} catch (ClientNotFoundException e) {
			throw new UsernameNotFoundException("Could not find client: " + jwtAuth.getClientId());
		} catch (ParseException e) {
			// TODO Auto-generated catch block
=======
		} catch (InvalidClientException e) {
			throw new UsernameNotFoundException("Could not find client: " + jwtAuth.getClientId());
		} catch (ParseException e) {

			logger.error("Failure during authentication, error was: ", e);

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			throw new AuthenticationServiceException("Invalid JWT format");
		}
	}
Solution content 
			// IFF we managed to get all the way down here, the token is valid
			return new JwtBearerAssertionAuthenticationToken(client.getClientId(), jwt, client.getAuthorities());

		} catch (InvalidClientException e) {
			throw new UsernameNotFoundException("Could not find client: " + jwtAuth.getClientId());
		} catch (ParseException e) {

			logger.error("Failure during authentication, error was: ", e);

			throw new AuthenticationServiceException("Invalid JWT format");
		}
	}
File
JwtBearerAuthenticationProvider.java
Developer's decision
Version 2
Kind of conflict
Catch clause
Comment
Method invocation
Chunk
Conflicting content 
	public JwtBearerClientAssertionTokenEndpointFilter() {
		super();
<<<<<<< HEAD
		// TODO Auto-generated constructor stub
=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	}

	public JwtBearerClientAssertionTokenEndpointFilter(String path) {
Solution content 
	public JwtBearerClientAssertionTokenEndpointFilter() {
		super();
	}

	public JwtBearerClientAssertionTokenEndpointFilter(String path) {
File
JwtBearerClientAssertionTokenEndpointFilter.java
Developer's decision
Version 2
Kind of conflict
Comment
Chunk
Conflicting content 
	public JwtBearerClientAssertionTokenEndpointFilter(String path) {
		super(path);
<<<<<<< HEAD
		// TODO Auto-generated constructor stub
=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	}

	/**
Solution content 
	public JwtBearerClientAssertionTokenEndpointFilter(String path) {
		super(path);
	}

	/**
File
JwtBearerClientAssertionTokenEndpointFilter.java
Developer's decision
Version 2
Kind of conflict
Comment
Chunk
Conflicting content 
		return query.getResultList();
	}
<<<<<<< HEAD
=======

	@Override
	@Transactional
	public Collection getExpired() {
		TypedQuery query = manager.createNamedQuery("ApprovedSite.getExpired", ApprovedSite.class);
		return query.getResultList();
	}
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
}
Solution content 
}

		return query.getResultList();
	}

	@Override
	@Transactional
	public Collection getExpired() {
		TypedQuery query = manager.createNamedQuery("ApprovedSite.getExpired", ApprovedSite.class);
		return query.getResultList();
	}
File
JpaApprovedSiteRepository.java
Developer's decision
Version 2
Kind of conflict
Annotation
Method declaration
Chunk
Conflicting content 
 ******************************************************************************/
package org.mitre.openid.connect.repository.impl;

<<<<<<< HEAD
import static org.mitre.util.jpa.JpaUtil.getSingleResult;
import static org.mitre.util.jpa.JpaUtil.saveOrUpdate;

=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
import java.util.Collection;

import javax.persistence.EntityManager;
Solution content 
 ******************************************************************************/
package org.mitre.openid.connect.repository.impl;

import java.util.Collection;

import javax.persistence.EntityManager;
File
JpaUserInfoRepository.java
Developer's decision
Version 2
Kind of conflict
Import
Chunk
Conflicting content 
import java.util.Date;
import java.util.Set;

<<<<<<< HEAD
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
import org.mitre.oauth2.repository.OAuth2TokenRepository;
=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
import org.mitre.openid.connect.model.ApprovedSite;
import org.mitre.openid.connect.model.WhitelistedSite;
import org.mitre.openid.connect.repository.ApprovedSiteRepository;
Solution content 
import java.util.Date;
import java.util.Set;

import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
import org.mitre.oauth2.repository.OAuth2TokenRepository;
import org.mitre.openid.connect.model.ApprovedSite;
import org.mitre.openid.connect.model.WhitelistedSite;
import org.mitre.openid.connect.repository.ApprovedSiteRepository;
File
DefaultApprovedSiteService.java
Developer's decision
Version 1
Kind of conflict
Import
Chunk
Conflicting content 
	@Autowired
	private ApprovedSiteRepository approvedSiteRepository;

<<<<<<< HEAD
	@Autowired
	private OAuth2TokenRepository tokenRepository;

	/**
	 * Default constructor
	 */
	public DefaultApprovedSiteService() {

	}

	/**
	 * Constructor for use in test harnesses.
	 * 
	 * @param repository
	 */
	public DefaultApprovedSiteService(ApprovedSiteRepository approvedSiteRepository) {
		this.approvedSiteRepository = approvedSiteRepository;
	}

=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	@Override
	public Collection getAll() {
		return approvedSiteRepository.getAll();
Solution content 
	@Autowired
	private ApprovedSiteRepository approvedSiteRepository;

	@Autowired
	private OAuth2TokenRepository tokenRepository;

	@Override
	public Collection getAll() {
		return approvedSiteRepository.getAll();
File
DefaultApprovedSiteService.java
Developer's decision
Combination
Kind of conflict
Annotation
Attribute
Comment
Method declaration
Chunk
Conflicting content 
			}
		}
	}
<<<<<<< HEAD
=======

	@Override
	public void clearExpiredSites() {

		logger.info("Clearing expired approved sites");

		Collection expiredSites = approvedSiteRepository.getExpired();
		if (expiredSites != null) {
			for (ApprovedSite expired : expiredSites) {
				approvedSiteRepository.remove(expired);
			}
		}
	}
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

}
Solution content 
			}
		}
	}

	@Override
	public void clearExpiredSites() {

		logger.info("Clearing expired approved sites");

		Collection expiredSites = approvedSiteRepository.getExpired();
		if (expiredSites != null) {
			for (ApprovedSite expired : expiredSites) {
				approvedSiteRepository.remove(expired);
			}
		}
	}

}
File
DefaultApprovedSiteService.java
Developer's decision
Version 2
Kind of conflict
Annotation
Method declaration
Chunk
Conflicting content 
	private static Logger logger = LoggerFactory.getLogger(NonceService.class);

<<<<<<< HEAD
	private static Logger logger = LoggerFactory.getLogger(NonceService.class);

=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	@Autowired
	private NonceRepository repository;
Solution content 
	private static Logger logger = LoggerFactory.getLogger(NonceService.class);

	@Autowired
	private NonceRepository repository;
File
DefaultNonceService.java
Developer's decision
Version 2
Kind of conflict
Attribute
Method invocation
Chunk
Conflicting content 
	/**
	 * Make sure that the nonce storage duration was set
	 */
<<<<<<< HEAD
	@Override
=======
	@PostConstruct
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	public void afterPropertiesSet() throws Exception {
		if (nonceStorageDuration == null) {
			logger.error("Nonce storage duration must be set!");
Solution content 
	/**
	 * Make sure that the nonce storage duration was set
	 */
	@PostConstruct
	public void afterPropertiesSet() throws Exception {
		if (nonceStorageDuration == null) {
			logger.error("Nonce storage duration must be set!");
File
DefaultNonceService.java
Developer's decision
Version 2
Kind of conflict
Annotation
Chunk
Conflicting content 
	@Autowired
	private ApprovedSiteService approvedSiteService;

<<<<<<< HEAD
=======
	@Autowired
	private ClientDetailsEntityService clientService;

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	@Override
	public Map calculateSummaryStats() {
		// get all approved sites
Solution content 
	@Autowired
	private ApprovedSiteService approvedSiteService;

	@Autowired
	private ClientDetailsEntityService clientService;

	@Override
	public Map calculateSummaryStats() {
		// get all approved sites
File
DefaultStatsService.java
Developer's decision
Version 2
Kind of conflict
Annotation
Attribute
Chunk
Conflicting content 
		e.put("clientCount", clientIds.size());
		return e;
	}
<<<<<<< HEAD
=======

	/* (non-Javadoc)
	 * @see org.mitre.openid.connect.service.StatsService#calculateByClientId()
	 */
	@Override
	public Map calculateByClientId() {
		// get all approved sites
		Collection allSites = approvedSiteService.getAll();

		Multiset clientIds = HashMultiset.create();
		for (ApprovedSite approvedSite : allSites) {
			clientIds.add(approvedSite.getClientId());
		}

		Map counts = getEmptyClientCountMap();
		for (String clientId : clientIds) {
			ClientDetailsEntity client = clientService.loadClientByClientId(clientId);
			counts.put(client.getId(), clientIds.count(clientId));
		}

		return counts;
	}

	/* (non-Javadoc)
	 * @see org.mitre.openid.connect.service.StatsService#countForClientId(java.lang.String)
	 */
	@Override
	public Integer countForClientId(Long id) {

		Map counts = calculateByClientId();
		return counts.get(id);

	}

	/**
	 * Create a new map of all client ids set to zero
	 * @return
	 */
	private Map getEmptyClientCountMap() {
		Map counts = new HashMap();
		Collection clients = clientService.getAllClients();
		for (ClientDetailsEntity client : clients) {
			counts.put(client.getId(), 0);
		}

		return counts;
	}
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

}
Solution content 
		e.put("clientCount", clientIds.size());
		return e;
	}

	/* (non-Javadoc)
	 * @see org.mitre.openid.connect.service.StatsService#calculateByClientId()
	 */
	@Override
	public Map calculateByClientId() {
		// get all approved sites
		Collection allSites = approvedSiteService.getAll();

		Multiset clientIds = HashMultiset.create();
		for (ApprovedSite approvedSite : allSites) {
			clientIds.add(approvedSite.getClientId());
		}

		Map counts = getEmptyClientCountMap();
		for (String clientId : clientIds) {
			ClientDetailsEntity client = clientService.loadClientByClientId(clientId);
			counts.put(client.getId(), clientIds.count(clientId));
		}

		return counts;
	}

	/* (non-Javadoc)
	 * @see org.mitre.openid.connect.service.StatsService#countForClientId(java.lang.String)
	 */
	@Override
	public Integer countForClientId(Long id) {

		Map counts = calculateByClientId();
		return counts.get(id);

	}

	/**
	 * Create a new map of all client ids set to zero
	 * @return
	 */
	private Map getEmptyClientCountMap() {
		Map counts = new HashMap();
		Collection clients = clientService.getAllClients();
		for (ClientDetailsEntity client : clients) {
			counts.put(client.getId(), 0);
		}

		return counts;
	}

}
File
DefaultStatsService.java
Developer's decision
Version 2
Kind of conflict
Annotation
Comment
Method declaration
Chunk
Conflicting content 
public class DefaultUserInfoUserDetailsService implements UserDetailsService {

	@Autowired
<<<<<<< HEAD
	UserInfoRepository repository;

	public static final GrantedAuthority ROLE_USER = new SimpleGrantedAuthority("ROLE_USER");
	public static final GrantedAuthority ROLE_ADMIN = new SimpleGrantedAuthority("ROLE_ADMIN");

	private List admins = new ArrayList();

=======
	private UserInfoRepository repository;

	public static final GrantedAuthority ROLE_USER = new SimpleGrantedAuthority("ROLE_USER");
	public static final GrantedAuthority ROLE_ADMIN = new SimpleGrantedAuthority("ROLE_ADMIN");

	private List admins = new ArrayList();

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	@Override
	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
		UserInfo userInfo = repository.getByUsername(username);
Solution content 
public class DefaultUserInfoUserDetailsService implements UserDetailsService {

	@Autowired
	private UserInfoRepository repository;

	public static final GrantedAuthority ROLE_USER = new SimpleGrantedAuthority("ROLE_USER");
	public static final GrantedAuthority ROLE_ADMIN = new SimpleGrantedAuthority("ROLE_ADMIN");

	private List admins = new ArrayList();

	@Override
	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
		UserInfo userInfo = repository.getByUsername(username);
File
DefaultUserInfoUserDetailsService.java
Developer's decision
Version 2
Kind of conflict
Attribute
Method invocation
Chunk
Conflicting content 
	@Autowired
	private WhitelistedSiteRepository repository;

<<<<<<< HEAD
	/**
	 * Default constructor
	 */
	public DefaultWhitelistedSiteService() {

	}

	/**
	 * Constructor for use in test harnesses.
	 * 
	 * @param repository
	 */
	public DefaultWhitelistedSiteService(WhitelistedSiteRepository whitelistedSiteRepository) {
		this.repository = whitelistedSiteRepository;
	}

=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	@Override
	public WhitelistedSite getById(Long id) {
		return repository.getById(id);
Solution content 
	@Autowired
	private WhitelistedSiteRepository repository;

	@Override
	public WhitelistedSite getById(Long id) {
		return repository.getById(id);
File
DefaultWhitelistedSiteService.java
Developer's decision
Version 2
Kind of conflict
Comment
Method declaration
Chunk
Conflicting content 
 ******************************************************************************/
package org.mitre.openid.connect.token;

<<<<<<< HEAD
=======
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
import java.util.Date;
import java.util.Set;
import java.util.UUID;
Solution content 
 ******************************************************************************/
package org.mitre.openid.connect.token;

import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Date;
import java.util.Set;
import java.util.UUID;
File
ConnectTokenEnhancer.java
Developer's decision
Version 2
Kind of conflict
Import
Chunk
Conflicting content 
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
import org.mitre.oauth2.service.ClientDetailsEntityService;
import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
<<<<<<< HEAD
import org.mitre.openid.connect.service.ApprovedSiteService;
=======
import org.mitre.openid.connect.web.AuthenticationTimeStamper;
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
Solution content 
import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
import org.mitre.oauth2.service.ClientDetailsEntityService;
import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
import org.mitre.openid.connect.service.ApprovedSiteService;
import org.mitre.openid.connect.web.AuthenticationTimeStamper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
File
ConnectTokenEnhancer.java
Developer's decision
Concatenation
Kind of conflict
Import
Chunk
Conflicting content 
	@Autowired
	private ClientDetailsEntityService clientService;

<<<<<<< HEAD
	@Autowired
	private ApprovedSiteService approvedSiteService;

=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	@Override
	public OAuth2AccessToken enhance(OAuth2AccessToken accessToken,	OAuth2Authentication authentication) {
Solution content 
	@Autowired
	private ClientDetailsEntityService clientService;

	@Autowired
	private ApprovedSiteService approvedSiteService;

	@Override
	public OAuth2AccessToken enhance(OAuth2AccessToken accessToken,	OAuth2Authentication authentication) {
File
ConnectTokenEnhancer.java
Developer's decision
Version 1
Kind of conflict
Annotation
Attribute
Chunk
Conflicting content 
	public OAuth2AccessToken enhance(OAuth2AccessToken accessToken,	OAuth2Authentication authentication) {

		OAuth2AccessTokenEntity token = (OAuth2AccessTokenEntity) accessToken;
<<<<<<< HEAD
		OAuth2Request originalAuthRequest = authentication.getOAuth2Request();

		String clientId = originalAuthRequest.getClientId();
=======

		String clientId = authentication.getAuthorizationRequest().getClientId();
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		ClientDetailsEntity client = clientService.loadClientByClientId(clientId);

		JWTClaimsSet claims = new JWTClaimsSet();
Solution content 
	public OAuth2AccessToken enhance(OAuth2AccessToken accessToken,	OAuth2Authentication authentication) {

		OAuth2AccessTokenEntity token = (OAuth2AccessTokenEntity) accessToken;
		OAuth2Request originalAuthRequest = authentication.getOAuth2Request();

		String clientId = originalAuthRequest.getClientId();
		ClientDetailsEntity client = clientService.loadClientByClientId(clientId);

		JWTClaimsSet claims = new JWTClaimsSet();
File
ConnectTokenEnhancer.java
Developer's decision
Version 1
Kind of conflict
Method invocation
Variable
Chunk
Conflicting content 
		// TODO: use client's default signing algorithm

<<<<<<< HEAD
		SignedJWT signed = new SignedJWT(new JWSHeader(jwtService.getDefaultSigningAlgorithm()), claims);
=======
		JWSAlgorithm signingAlg = jwtService.getDefaultSigningAlgorithm();
		SignedJWT signed = new SignedJWT(new JWSHeader(signingAlg), claims);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

		jwtService.signJwt(signed);
Solution content 
		// TODO: use client's default signing algorithm

		JWSAlgorithm signingAlg = jwtService.getDefaultSigningAlgorithm();
		SignedJWT signed = new SignedJWT(new JWSHeader(signingAlg), claims);

		jwtService.signJwt(signed);
File
ConnectTokenEnhancer.java
Developer's decision
Version 2
Kind of conflict
Method invocation
Variable
Chunk
Conflicting content 
			JWTClaimsSet idClaims = new JWTClaimsSet();


<<<<<<< HEAD
			idClaims.setCustomClaim("auth_time", new Date().getTime());

			idClaims.setIssueTime(new Date());
=======
			//
			// FIXME: storing the auth time in the session doesn't actually work, because we need access to it from the token endpoint when the user isn't present
			//

			// get the auth time from the session
			ServletRequestAttributes attr = (ServletRequestAttributes) RequestContextHolder.currentRequestAttributes();
			if (attr != null) {
				HttpSession session = attr.getRequest().getSession();
				if (session != null) {
					Date authTime = (Date) session.getAttribute(AuthenticationTimeStamper.AUTH_TIMESTAMP);
					if (authTime != null) {
						idClaims.setClaim("auth_time", authTime.getTime() / 1000);
					}
				}
			}

			idClaims.setIssueTime(claims.getIssueTime());
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

			if (client.getIdTokenValiditySeconds() != null) {
				Date expiration = new Date(System.currentTimeMillis() + (client.getIdTokenValiditySeconds() * 1000L));
Solution content 
			JWTClaimsSet idClaims = new JWTClaimsSet();


			//
			// FIXME: storing the auth time in the session doesn't actually work, because we need access to it from the token endpoint when the user isn't present
			//

			// get the auth time from the session
			ServletRequestAttributes attr = (ServletRequestAttributes) RequestContextHolder.currentRequestAttributes();
			if (attr != null) {
				HttpSession session = attr.getRequest().getSession();
				if (session != null) {
					Date authTime = (Date) session.getAttribute(AuthenticationTimeStamper.AUTH_TIMESTAMP);
					if (authTime != null) {
						idClaims.setClaim("auth_time", authTime.getTime() / 1000);
					}
				}
			}

			idClaims.setIssueTime(claims.getIssueTime());

			if (client.getIdTokenValiditySeconds() != null) {
				Date expiration = new Date(System.currentTimeMillis() + (client.getIdTokenValiditySeconds() * 1000L));
File
ConnectTokenEnhancer.java
Developer's decision
Version 2
Kind of conflict
Cast expression
Comment
If statement
Method invocation
Variable
Chunk
Conflicting content 
			idClaims.setAudience(Lists.newArrayList(clientId));


<<<<<<< HEAD
			String nonce = originalAuthRequest.getRequestParameters().get("nonce");
=======
			String nonce = authentication.getAuthorizationRequest().getAuthorizationParameters().get("nonce");
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			if (!Strings.isNullOrEmpty(nonce)) {
				idClaims.setCustomClaim("nonce", nonce);
			}
Solution content 
			idClaims.setAudience(Lists.newArrayList(clientId));


			// TODO: issue #450
			String nonce = originalAuthRequest.getRequestParameters().get("nonce");
			if (!Strings.isNullOrEmpty(nonce)) {
				idClaims.setCustomClaim("nonce", nonce);
			}
File
ConnectTokenEnhancer.java
Developer's decision
Manual
Kind of conflict
Method invocation
Variable
Chunk
Conflicting content 
			idTokenEntity.setJwt(idToken);

<<<<<<< HEAD
			// TODO: might want to create a specialty authentication object here instead of copying
=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			idTokenEntity.setAuthenticationHolder(token.getAuthenticationHolder());

			// create a scope set with just the special "id-token" scope
Solution content 
			idTokenEntity.setJwt(idToken);

			idTokenEntity.setAuthenticationHolder(token.getAuthenticationHolder());

			// create a scope set with just the special "id-token" scope
File
ConnectTokenEnhancer.java
Developer's decision
Version 2
Kind of conflict
Comment
Chunk
Conflicting content 
	private ClientDetailsService clientDetailsService;


<<<<<<< HEAD

=======
	/**
	 * Check if the user has already stored a positive approval decision for this site; or if the
	 * site is whitelisted, approve it automatically.
	 * 
	 * Otherwise, return false so that the user will see the approval page and can make their own decision.
	 * 
	 * @param authorizationRequest	the incoming authorization request
	 * @param userAuthentication	the Principal representing the currently-logged-in user
	 * 
	 * @return 						true if the site is approved, false otherwise
	 */
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	@Override
	public boolean isApproved(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
Solution content 
	private ClientDetailsService clientDetailsService;


	/**
	 * Check if the user has already stored a positive approval decision for this site; or if the
	 * site is whitelisted, approve it automatically.
	 * 
	 * Otherwise, return false so that the user will see the approval page and can make their own decision.
	 * 
	 * @param authorizationRequest	the incoming authorization request
	 * @param userAuthentication	the Principal representing the currently-logged-in user
	 * 
	 * @return 						true if the site is approved, false otherwise
	 */
	@Override
	public boolean isApproved(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
File
TofuUserApprovalHandler.java
Developer's decision
Version 2
Kind of conflict
Comment
Chunk
Conflicting content 
		}

	}
<<<<<<< HEAD
=======

	/**
	 * Check whether the requested scope set is a proper subset of the allowed scopes.
	 * 
	 * @param requestedScopes
	 * @param allowedScopes
	 * @return
	 */
	private boolean scopesMatch(Set requestedScopes, Set allowedScopes) {

		for (String scope : requestedScopes) {

			if (!allowedScopes.contains(scope)) {
				return false; //throw new InvalidScopeException("Invalid scope: " + scope, allowedScopes);
			}
		}

		return true;
	}
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

	/**
	 * Check if the user has already stored a positive approval decision for this site; or if the
Solution content 
	/**
		}

	}

	 * Check if the user has already stored a positive approval decision for this site; or if the
File
TofuUserApprovalHandler.java
Developer's decision
Version 1
Kind of conflict
Comment
Method declaration
Chunk
Conflicting content 
	 * @return 						the updated AuthorizationRequest
	 */
	@Override
<<<<<<< HEAD
	public AuthorizationRequest checkForPreApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {

		//First, check database to see if the user identified by the userAuthentication has stored an approval decision

		//getName may not be filled in? TODO: investigate
=======
	public AuthorizationRequest updateBeforeApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
		//First, check database to see if the user identified by the userAuthentication has stored an approval decision
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		String userId = userAuthentication.getName();
		String clientId = authorizationRequest.getClientId();
Solution content 
	 * @return 						the updated AuthorizationRequest
	 */
	@Override
	public AuthorizationRequest checkForPreApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {

		//First, check database to see if the user identified by the userAuthentication has stored an approval decision

		String userId = userAuthentication.getName();
		String clientId = authorizationRequest.getClientId();
File
TofuUserApprovalHandler.java
Developer's decision
Combination
Kind of conflict
Comment
Method signature
Chunk
Conflicting content 
			// otherwise, we need to check them below
		String userId = userAuthentication.getName();
		String clientId = authorizationRequest.getClientId();

<<<<<<< HEAD
		//lookup ApprovedSites by userId and clientId
		boolean alreadyApproved = false;
		Collection aps = approvedSiteService.getByClientIdAndUserId(clientId, userId);
		for (ApprovedSite ap : aps) {

			if (!ap.isExpired()) {

				// if we find one that fits...
				if (scopesMatch(authorizationRequest.getScope(), ap.getAllowedScopes())) {

					//We have a match; update the access date on the AP entry and return true.
					ap.setAccessDate(new Date());
					approvedSiteService.save(ap);

					authorizationRequest.getExtensions().put("approved_site", ap.getId());
					authorizationRequest.setApproved(true);
					alreadyApproved = true;
				}
			}
		}

		if (!alreadyApproved) {
			WhitelistedSite ws = whitelistedSiteService.getByClientId(clientId);
			if (ws != null && scopesMatch(authorizationRequest.getScope(), ws.getAllowedScopes())) {

				//Create an approved site
				ApprovedSite newSite = approvedSiteService.createApprovedSite(clientId, userId, null, ws.getAllowedScopes(), ws);
				authorizationRequest.getExtensions().put("approved_site", newSite.getId());
				authorizationRequest.setApproved(true);
			}
		}

		return authorizationRequest;

	}


	@Override
	public AuthorizationRequest updateAfterApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {

		String userId = userAuthentication.getName();
		String clientId = authorizationRequest.getClientId();
		ClientDetails client = clientDetailsService.loadClientByClientId(clientId);

		// This must be re-parsed here because SECOAUTH forces us to call things in a strange order
		boolean approved = Boolean.parseBoolean(authorizationRequest.getApprovalParameters().get("user_oauth_approval"));

		if (approved) {

			authorizationRequest.setApproved(true);

			// process scopes from user input
			Set allowedScopes = Sets.newHashSet();
			Map approvalParams = authorizationRequest.getApprovalParameters();
=======
		// find out if we're supposed to force a prompt on the user or not
		String prompt = authorizationRequest.getAuthorizationParameters().get("prompt");
		if (!"consent".equals(prompt)) {
			// if the prompt parameter is set to "consent" then we can't use approved sites or whitelisted sites


			//lookup ApprovedSites by userId and clientId
			Collection aps = approvedSiteService.getByClientIdAndUserId(clientId, userId);
			for (ApprovedSite ap : aps) {

				if (!ap.isExpired()) {

					// if we find one that fits...
					if (scopesMatch(authorizationRequest.getScope(), ap.getAllowedScopes())) {

						//We have a match; update the access date on the AP entry and return true.
						ap.setAccessDate(new Date());
						approvedSiteService.save(ap);

						// TODO: WHY DAVE WHY
						DefaultAuthorizationRequest ar = new DefaultAuthorizationRequest(authorizationRequest);
						ar.setApproved(true);

						return ar;
					}
				}
			}

			WhitelistedSite ws = whitelistedSiteService.getByClientId(clientId);
			if (ws != null && scopesMatch(authorizationRequest.getScope(), ws.getAllowedScopes())) {

				//Create an approved site
				approvedSiteService.createApprovedSite(clientId, userId, null, ws.getAllowedScopes(), ws);

				// TODO: WHY DAVE WHY
				DefaultAuthorizationRequest ar = new DefaultAuthorizationRequest(authorizationRequest);
				ar.setApproved(true);

				return ar;
			}
		}

		// This must be re-parsed here because SECOAUTH forces us to call things in a strange order
		boolean approved = Boolean.parseBoolean(authorizationRequest.getApprovalParameters().get("user_oauth_approval"));

		if (approved && !authorizationRequest.getApprovalParameters().isEmpty()) {

			// TODO: Get SECOAUTH to stop breaking polymorphism and start using real objects, SRSLY
			DefaultAuthorizationRequest ar = new DefaultAuthorizationRequest(authorizationRequest);

			// process scopes from user input
			Set allowedScopes = Sets.newHashSet();
			Map approvalParams = ar.getApprovalParameters();
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

			Set keys = approvalParams.keySet();
Solution content 
		String userId = userAuthentication.getName();
		String clientId = authorizationRequest.getClientId();

		//lookup ApprovedSites by userId and clientId
		boolean alreadyApproved = false;

		// find out if we're supposed to force a prompt on the user or not
		// TODO (issue #450)
		String prompt = authorizationRequest.getRequestParameters().get("prompt");
		if (!"consent".equals(prompt)) {
			// if the prompt parameter is set to "consent" then we can't use approved sites or whitelisted sites
			// otherwise, we need to check them below

			Collection aps = approvedSiteService.getByClientIdAndUserId(clientId, userId);
			for (ApprovedSite ap : aps) {
	
				if (!ap.isExpired()) {
	
					// if we find one that fits...
					if (scopesMatch(authorizationRequest.getScope(), ap.getAllowedScopes())) {
	
						//We have a match; update the access date on the AP entry and return true.
						ap.setAccessDate(new Date());
						approvedSiteService.save(ap);
	
						authorizationRequest.getExtensions().put("approved_site", ap.getId());
						authorizationRequest.setApproved(true);
						alreadyApproved = true;
					}
				}
			}
	
			if (!alreadyApproved) {
				WhitelistedSite ws = whitelistedSiteService.getByClientId(clientId);
				if (ws != null && scopesMatch(authorizationRequest.getScope(), ws.getAllowedScopes())) {
	
					//Create an approved site
					ApprovedSite newSite = approvedSiteService.createApprovedSite(clientId, userId, null, ws.getAllowedScopes(), ws);
					authorizationRequest.getExtensions().put("approved_site", newSite.getId());
					authorizationRequest.setApproved(true);
				}
			}
		}
		
		return authorizationRequest;

	}


	@Override
	public AuthorizationRequest updateAfterApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {

		String userId = userAuthentication.getName();
		String clientId = authorizationRequest.getClientId();
		ClientDetails client = clientDetailsService.loadClientByClientId(clientId);

		// This must be re-parsed here because SECOAUTH forces us to call things in a strange order
		boolean approved = Boolean.parseBoolean(authorizationRequest.getApprovalParameters().get("user_oauth_approval"));

		if (approved) {

			authorizationRequest.setApproved(true);

			// process scopes from user input
			Set allowedScopes = Sets.newHashSet();
			Map approvalParams = authorizationRequest.getApprovalParameters();

			Set keys = approvalParams.keySet();
File
TofuUserApprovalHandler.java
Developer's decision
Manual
Kind of conflict
Annotation
Comment
For statement
If statement
Method invocation
Method signature
Return statement
Variable
Chunk
Conflicting content 
			}

			// inject the user-allowed scopes into the auth request
<<<<<<< HEAD
			// TODO: for the moment this allows both upscoping and downscoping.
			authorizationRequest.setScope(allowedScopes);
=======
			ar.setScope(allowedScopes);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

			//Only store an ApprovedSite if the user has checked "remember this decision":
			String remember = authorizationRequest.getApprovalParameters().get("remember");
Solution content 
			}

			// inject the user-allowed scopes into the auth request
			authorizationRequest.setScope(allowedScopes);

			//Only store an ApprovedSite if the user has checked "remember this decision":
			String remember = authorizationRequest.getApprovalParameters().get("remember");
File
TofuUserApprovalHandler.java
Developer's decision
Combination
Kind of conflict
Comment
Method invocation
Chunk
Conflicting content 
					timeout = cal.getTime();
				}

<<<<<<< HEAD
				ApprovedSite newSite = approvedSiteService.createApprovedSite(clientId, userId, timeout, allowedScopes, null);
				authorizationRequest.getExtensions().put("approved_site", newSite.getId());
			}

=======
				approvedSiteService.createApprovedSite(clientId, userId, timeout, allowedScopes, null);
			}

			return ar;
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		}

		return authorizationRequest;
Solution content 
					timeout = cal.getTime();
				}

				ApprovedSite newSite = approvedSiteService.createApprovedSite(clientId, userId, timeout, allowedScopes, null);
				authorizationRequest.getExtensions().put("approved_site", newSite.getId());
			}

		}

		return authorizationRequest;
File
TofuUserApprovalHandler.java
Developer's decision
Version 1
Kind of conflict
Method invocation
Return statement
Variable
Chunk
Conflicting content 
		return authorizationRequest;
	}

<<<<<<< HEAD
	/**
	 * Check whether the requested scope set is a proper subset of the allowed scopes.
	 * 
	 * @param requestedScopes
	 * @param allowedScopes
	 * @return
	 */
	private boolean scopesMatch(Set requestedScopes, Set allowedScopes) {

		for (String scope : requestedScopes) {

			if (!allowedScopes.contains(scope)) {
				return false; //throw new InvalidScopeException("Invalid scope: " + scope, allowedScopes);
			}
		}

		return true;
	}

=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
}
Solution content 
		return authorizationRequest;
	}

	/**
	 * Check whether the requested scope set is a proper subset of the allowed scopes.
	 * 
	 * @param requestedScopes
	 * @param allowedScopes
	 * @return
	 */
	private boolean scopesMatch(Set requestedScopes, Set allowedScopes) {

		for (String scope : requestedScopes) {

			if (!allowedScopes.contains(scope)) {
				return false; //throw new InvalidScopeException("Invalid scope: " + scope, allowedScopes);
			}
		}

		return true;
	}
}
File
TofuUserApprovalHandler.java
Developer's decision
Version 1
Kind of conflict
Comment
Method declaration
Chunk
Conflicting content 
	/**
	 * @return
	 */
<<<<<<< HEAD
	 protected abstract ExclusionStrategy getExclusionStrategy();


	 @Override
	 protected void renderMergedOutputModel(Map model, HttpServletRequest request, HttpServletResponse response) {

		 response.setContentType("application/json");


		 HttpStatus code = (HttpStatus) model.get("code");
		 if (code == null) {
			 code = HttpStatus.OK; // default to 200
		 }

		 response.setStatus(code.value());

		 try {

			 Writer out = response.getWriter();
			 Object obj = model.get("entity");
			 gson.toJson(obj, out);

		 } catch (IOException e) {

			 logger.error("IOException in JsonEntityView.java: ", e);

		 }
	 }
=======
	protected abstract ExclusionStrategy getExclusionStrategy();


	@Override
	protected void renderMergedOutputModel(Map model, HttpServletRequest request, HttpServletResponse response) {

		response.setContentType("application/json");


		HttpStatus code = (HttpStatus) model.get("code");
		if (code == null) {
			code = HttpStatus.OK; // default to 200
		}

		response.setStatus(code.value());

		try {

			Writer out = response.getWriter();
			Object obj = model.get("entity");
			gson.toJson(obj, out);

		} catch (IOException e) {

			logger.error("IOException in JsonEntityView.java: ", e);

		}
	}
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

}
Solution content 
	/**
	 * @return
	 */
	protected abstract ExclusionStrategy getExclusionStrategy();


	@Override
	protected void renderMergedOutputModel(Map model, HttpServletRequest request, HttpServletResponse response) {

		response.setContentType("application/json");


		HttpStatus code = (HttpStatus) model.get("code");
		if (code == null) {
			code = HttpStatus.OK; // default to 200
		}

		response.setStatus(code.value());

		try {

			Writer out = response.getWriter();
			Object obj = model.get("entity");
			gson.toJson(obj, out);

		} catch (IOException e) {

			logger.error("IOException in JsonEntityView.java: ", e);

		}
	}

}
File
AbstractClientEntityView.java
Developer's decision
Version 1
Kind of conflict
Annotation
Method declaration
Method interface
Chunk
Conflicting content 
		response.setContentType("application/json");

<<<<<<< HEAD
		ClientDetailsEntity c = (ClientDetailsEntity) model.get("client");
		OAuth2AccessTokenEntity token = (OAuth2AccessTokenEntity) model.get("token");
=======
		RegisteredClient c = (RegisteredClient) model.get("client");
		//OAuth2AccessTokenEntity token = (OAuth2AccessTokenEntity) model.get("token");
		//String uri = (String)model.get("uri"); //request.getRequestURL() + "/" + c.getClientId();

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		HttpStatus code = (HttpStatus) model.get("code");
		if (code == null) {
			code = HttpStatus.OK;
Solution content 
		response.setContentType("application/json");

		RegisteredClient c = (RegisteredClient) model.get("client");
		//OAuth2AccessTokenEntity token = (OAuth2AccessTokenEntity) model.get("token");
		//String uri = (String)model.get("uri"); //request.getRequestURL() + "/" + c.getClientId();

		HttpStatus code = (HttpStatus) model.get("code");
		if (code == null) {
			code = HttpStatus.OK;
File
ClientInformationResponseView.java
Developer's decision
Version 2
Kind of conflict
Cast expression
Comment
Variable
Chunk
Conflicting content 
		if (code == null) {
			code = HttpStatus.OK;
		}
<<<<<<< HEAD

		JsonObject o = new JsonObject();

		o.addProperty("client_id", c.getClientId());
		if (c.getClientSecret() != null) {
			o.addProperty("client_secret", c.getClientSecret());
			o.addProperty("expires_at", 0); // TODO: do we want to let secrets expire?
		}

		if (c.getCreatedAt() != null) {
			o.addProperty("issued_at", c.getCreatedAt().getTime());
		}

		o.addProperty("registration_access_token", token.getValue());

		// TODO: urlencode the client id for safety?
		String uri = request.getRequestURL() + "/" + c.getClientId();
		o.addProperty("registration_client_uri", uri);


		// add in all other client properties

		// OAuth DynReg
		o.add("redirect_uris", getAsArray(c.getRedirectUris()));
		o.addProperty("client_name", c.getClientName());
		o.addProperty("client_uri", c.getClientUri());
		o.addProperty("logo_uri", c.getLogoUri());
		o.add("contacts", getAsArray(c.getContacts()));
		o.addProperty("tos_uri", c.getTosUri());
		o.addProperty("token_endpoint_auth_method", c.getTokenEndpointAuthMethod() != null ? c.getTokenEndpointAuthMethod().getValue() : null);
		o.addProperty("scope", c.getScope() != null ? Joiner.on(" ").join(c.getScope()) : null);
		o.add("grant_types", getAsArray(c.getGrantTypes()));
		o.addProperty("policy_uri", c.getPolicyUri());
		o.addProperty("jwks_uri", c.getJwksUri());

		// OIDC Registration
		o.addProperty("application_type", c.getApplicationType() != null ? c.getApplicationType().getValue() : null);
		o.addProperty("sector_identifier_uri", c.getSectorIdentifierUri());
		o.addProperty("subject_type", c.getSubjectType() != null ? c.getSubjectType().getValue() : null);
		o.addProperty("request_object_signing_alg", c.getRequestObjectSigningAlg() != null ? c.getRequestObjectSigningAlg().getAlgorithmName() : null);
		o.addProperty("userinfo_signed_response_alg", c.getUserInfoSignedResponseAlg() != null ? c.getUserInfoSignedResponseAlg().getAlgorithmName() : null);
		o.addProperty("userinfo_encrypted_response_alg", c.getUserInfoEncryptedResponseAlg() != null ? c.getUserInfoEncryptedResponseAlg().getAlgorithmName() : null);
		o.addProperty("userinfo_encrypted_response_enc", c.getUserInfoEncryptedResponseEnc() != null ? c.getUserInfoEncryptedResponseEnc().getAlgorithmName() : null);
		o.addProperty("id_token_signed_response_alg", c.getIdTokenSignedResponseAlg() != null ? c.getIdTokenSignedResponseAlg().getAlgorithmName() : null);
		o.addProperty("id_token_encrypted_response_alg", c.getIdTokenEncryptedResponseAlg() != null ? c.getIdTokenEncryptedResponseAlg().getAlgorithmName() : null);
		o.addProperty("id_token_encrypted_response_enc", c.getIdTokenEncryptedResponseEnc() != null ? c.getIdTokenEncryptedResponseEnc().getAlgorithmName() : null);
		o.addProperty("default_max_age", c.getDefaultMaxAge());
		o.addProperty("require_auth_time", c.getRequireAuthTime());
		o.add("default_acr_values", getAsArray(c.getDefaultACRvalues()));
		o.addProperty("initiate_login_uri", c.getInitiateLoginUri());
		o.addProperty("post_logout_redirect_uri", c.getPostLogoutRedirectUri());
		o.add("request_uris", getAsArray(c.getRequestUris()));
=======

		JsonObject o = ClientDetailsEntityJsonProcessor.serialize(c);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

		try {
			Writer out = response.getWriter();
Solution content 
		if (code == null) {
			code = HttpStatus.OK;
		}

		JsonObject o = ClientDetailsEntityJsonProcessor.serialize(c);

		try {
			Writer out = response.getWriter();
File
ClientInformationResponseView.java
Developer's decision
Version 2
Kind of conflict
Comment
If statement
Method invocation
Variable
Chunk
Conflicting content 
			Writer out = response.getWriter();
			gson.toJson(o, out);
		} catch (JsonIOException e) {
<<<<<<< HEAD
			// TODO Auto-generated catch block
			e.printStackTrace();
		} catch (IOException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}

	}

	private JsonElement getAsArray(Set value) {
		return gson.toJsonTree(value, new TypeToken>(){}.getType());
=======

			logger.error("JsonIOException in ClientInformationResponseView.java: ", e);

		} catch (IOException e) {

			logger.error("IOException in ClientInformationResponseView.java: ", e);

		}

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	}

}
Solution content 
			Writer out = response.getWriter();
			gson.toJson(o, out);
		} catch (JsonIOException e) {

			logger.error("JsonIOException in ClientInformationResponseView.java: ", e);

		} catch (IOException e) {

			logger.error("IOException in ClientInformationResponseView.java: ", e);

		}

	}

}
File
ClientInformationResponseView.java
Developer's decision
Version 2
Kind of conflict
Catch clause
Comment
Method invocation
Method signature
Return statement
Chunk
Conflicting content 
=======


	private Gson gson = new GsonBuilder()
	.setExclusionStrategies(new ExclusionStrategy() {
<<<<<<< HEAD

		@Override
		public boolean shouldSkipField(FieldAttributes f) {

			return false;
		}

		@Override
		public boolean shouldSkipClass(Class clazz) {
			// skip the JPA binding wrapper
			if (clazz.equals(BeanPropertyBindingResult.class)) {
				return true;
			}
			return false;
		}
		@Override
		public boolean shouldSkipField(FieldAttributes f) {

			return false;
		}

		@Override
		public boolean shouldSkipClass(Class clazz) {
			// skip the JPA binding wrapper
			if (clazz.equals(BeanPropertyBindingResult.class)) {
				return true;
			}
			return false;
		}

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	})
	.serializeNulls()
	.setDateFormat("yyyy-MM-dd'T'HH:mm:ssZ")
Solution content 
	private Gson gson = new GsonBuilder()
	.setExclusionStrategies(new ExclusionStrategy() {

		@Override
		public boolean shouldSkipField(FieldAttributes f) {

			return false;
		}

		@Override
		public boolean shouldSkipClass(Class clazz) {
			// skip the JPA binding wrapper
			if (clazz.equals(BeanPropertyBindingResult.class)) {
				return true;
			}
			return false;
		}

	})
	.serializeNulls()
	.setDateFormat("yyyy-MM-dd'T'HH:mm:ssZ")
File
JsonEntityView.java
Developer's decision
Version 1
Kind of conflict
Annotation
Method declaration
Chunk
Conflicting content 
		} catch (IOException e) {

<<<<<<< HEAD
			//TODO: Error Handling
=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			logger.error("IOException in JsonEntityView.java: ", e);

		}
Solution content 
		} catch (IOException e) {

			logger.error("IOException in JsonEntityView.java: ", e);

		}
File
JsonEntityView.java
Developer's decision
Version 2
Kind of conflict
Comment
Chunk
Conflicting content 
		} catch (IOException e) {

<<<<<<< HEAD
			//TODO: Error Handling
=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			logger.error("IOException in JsonErrorView.java: ", e);

		}
Solution content 
		} catch (IOException e) {

			logger.error("IOException in JsonErrorView.java: ", e);

		}
File
JsonErrorView.java
Developer's decision
Version 2
Kind of conflict
Comment
Chunk
Conflicting content 
import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.JWTParser;

<<<<<<< HEAD:openid-connect-server/src/main/java/org/mitre/openid/connect/view/JSONUserInfoView.java
@Component("jsonUserInfoView")
public class JSONUserInfoView extends AbstractView {

	private static Logger logger = LoggerFactory.getLogger(JSONUserInfoView.class);
=======
@Component("userInfoView")
public class UserInfoView extends AbstractView {

	private static Logger logger = LoggerFactory.getLogger(UserInfoView.class);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0:openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java

	/* (non-Javadoc)
	 * @see org.springframework.web.servlet.view.AbstractView#renderMergedOutputModel(java.util.Map, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
Solution content 
import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.JWTParser;

@Component("userInfoView")
public class UserInfoView extends AbstractView {

	private static Logger logger = LoggerFactory.getLogger(UserInfoView.class);

	/* (non-Javadoc)
	 * @see org.springframework.web.servlet.view.AbstractView#renderMergedOutputModel(java.util.Map, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
File
UserInfoView.java
Developer's decision
Version 2
Kind of conflict
Annotation
Attribute
Class signature
Method invocation
Chunk
Conflicting content 
					gson.toJson(toJsonFromRequestObj(userInfo, scope, obj), out);
				} catch (JsonSyntaxException e) {
<<<<<<< HEAD:openid-connect-server/src/main/java/org/mitre/openid/connect/view/JSONUserInfoView.java
					// TODO Auto-generated catch block
					e.printStackTrace();
				} catch (JsonIOException e) {
					// TODO Auto-generated catch block
					e.printStackTrace();
				} catch (ParseException e) {
					// TODO Auto-generated catch block
					e.printStackTrace();
=======
					logger.error("JsonSyntaxException in UserInfoView.java: ", e);
				} catch (JsonIOException e) {
					logger.error("JsonIOException in UserInfoView.java: ", e);
				} catch (ParseException e) {
					logger.error("ParseException in UserInfoView.java: ", e);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0:openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java
				}

			} else {
Solution content 
					gson.toJson(toJsonFromRequestObj(userInfo, scope, obj), out);
				} catch (JsonSyntaxException e) {
					logger.error("JsonSyntaxException in UserInfoView.java: ", e);
				} catch (JsonIOException e) {
					logger.error("JsonIOException in UserInfoView.java: ", e);
				} catch (ParseException e) {
					logger.error("ParseException in UserInfoView.java: ", e);
				}

			} else {
File
UserInfoView.java
Developer's decision
Version 2
Kind of conflict
Catch clause
Comment
Method invocation
Chunk
Conflicting content 
		} catch (IOException e) {

<<<<<<< HEAD:openid-connect-server/src/main/java/org/mitre/openid/connect/view/JSONUserInfoView.java
			logger.error("IOException in JSONUserInfoView.java: ", e);
=======
			logger.error("IOException in UserInfoView.java: ", e);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0:openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java

		}
Solution content 
		} catch (IOException e) {

			logger.error("IOException in UserInfoView.java: ", e);

		}
File
UserInfoView.java
Developer's decision
Version 2
Kind of conflict
Method invocation
Chunk
Conflicting content 
	}

	/**
<<<<<<< HEAD:openid-connect-server/src/main/java/org/mitre/openid/connect/view/JSONUserInfoView.java
	 * Build a JSON response according to the request object recieved.
=======
	 * Build a JSON response according to the request object received.
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0:openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java
	 * 
	 * Claims requested in requestObj.userinfo.claims are added to any
	 * claims corresponding to requested scopes, if any.
Solution content 
	}

	/**
	 * Build a JSON response according to the request object received.
	 * 
	 * Claims requested in requestObj.userinfo.claims are added to any
	 * claims corresponding to requested scopes, if any.
File
UserInfoView.java
Developer's decision
Version 2
Kind of conflict
Comment
Chunk
Conflicting content 
			return obj;
		}

<<<<<<< HEAD:openid-connect-server/src/main/java/org/mitre/openid/connect/view/JSONUserInfoView.java
=======
		// TODO: this method is likely to be fragile if the data model changes at all

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0:openid-connect-server/src/main/java/org/mitre/openid/connect/view/UserInfoView.java
		//For each claim found, add it if not already present
		for (Entry i : claims.getAsJsonObject().entrySet()) {
			String claimName = i.getKey();
Solution content 
			return obj;
		}

		// TODO: this method is likely to be fragile if the data model changes at all

		//For each claim found, add it if not already present
		for (Entry i : claims.getAsJsonObject().entrySet()) {
			String claimName = i.getKey();
File
UserInfoView.java
Developer's decision
Version 2
Kind of conflict
Comment
Chunk
Conflicting content 
	@Autowired
	private ApprovedSiteService approvedSiteService;

<<<<<<< HEAD
	@Autowired
	OAuth2TokenEntityService tokenServices;

=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	private static Logger logger = LoggerFactory.getLogger(ApprovedSiteAPI.class);

	/**
Solution content 
	@Autowired
	private ApprovedSiteService approvedSiteService;

	@Autowired
	OAuth2TokenEntityService tokenServices;

	private static Logger logger = LoggerFactory.getLogger(ApprovedSiteAPI.class);

	/**
File
ApprovedSiteAPI.java
Developer's decision
Version 1
Kind of conflict
Annotation
Attribute
Chunk
Conflicting content 
		m.put("entity", all);

<<<<<<< HEAD
		return "jsonApprovedSiteView";
=======
		return "jsonEntityView";
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	}

	/**
Solution content 
		m.put("entity", all);

		return "jsonEntityView";
	}

	/**
File
ApprovedSiteAPI.java
Developer's decision
Version 2
Kind of conflict
Return statement
Chunk
Conflicting content 
		}
		catch (JsonSyntaxException e) {
<<<<<<< HEAD
			logger.error("addNewBlacklistedSite failed due to JsonSyntaxException: " , e);
=======
			logger.error("addNewBlacklistedSite failed due to JsonSyntaxException: ", e);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			m.put("code", HttpStatus.BAD_REQUEST);
			m.put("errorMessage", "Could not save new blacklisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
Solution content 
		}
		catch (JsonSyntaxException e) {
			logger.error("addNewBlacklistedSite failed due to JsonSyntaxException: ", e);
			m.put("code", HttpStatus.BAD_REQUEST);
			m.put("errorMessage", "Could not save new blacklisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
File
BlacklistAPI.java
Developer's decision
Version 1
Kind of conflict
Method invocation
Chunk
Conflicting content 
			m.put("errorMessage", "Could not save new blacklisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
		} catch (IllegalStateException e) {
<<<<<<< HEAD
			logger.error("addNewBlacklistedSite failed due to IllegalStateException: " , e);
=======
			logger.error("addNewBlacklistedSite failed due to IllegalStateException", e);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			m.put("code", HttpStatus.BAD_REQUEST);
			m.put("errorMessage", "Could not save new blacklisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
			return "jsonErrorView";
Solution content 
			m.put("errorMessage", "Could not save new blacklisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
		} catch (IllegalStateException e) {
			logger.error("addNewBlacklistedSite failed due to IllegalStateException", e);
			m.put("code", HttpStatus.BAD_REQUEST);
			m.put("errorMessage", "Could not save new blacklisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
			return "jsonErrorView";
File
BlacklistAPI.java
Developer's decision
Version 2
Kind of conflict
Method invocation
Chunk
Conflicting content 
		}
		catch (JsonSyntaxException e) {
<<<<<<< HEAD
			logger.error("updateBlacklistedSite failed due to JsonSyntaxException: " , e);
=======
			logger.error("updateBlacklistedSite failed due to JsonSyntaxException", e);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			m.put("code", HttpStatus.BAD_REQUEST);
			m.put("errorMessage", "Could not update blacklisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
Solution content 
		}
		catch (JsonSyntaxException e) {
			logger.error("updateBlacklistedSite failed due to JsonSyntaxException", e);
			m.put("code", HttpStatus.BAD_REQUEST);
			m.put("errorMessage", "Could not update blacklisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
File
BlacklistAPI.java
Developer's decision
Version 2
Kind of conflict
Method invocation
Chunk
Conflicting content 
			m.put("errorMessage", "Could not update blacklisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
		} catch (IllegalStateException e) {
<<<<<<< HEAD
			logger.error("updateBlacklistedSite failed due to IllegalStateException: " , e);
=======
			logger.error("updateBlacklistedSite failed due to IllegalStateException", e);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			m.put("code", HttpStatus.BAD_REQUEST);
			m.put("errorMessage", "Could not update blacklisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
			return "jsonErrorView";
Solution content 
			m.put("errorMessage", "Could not update blacklisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
		} catch (IllegalStateException e) {
			logger.error("updateBlacklistedSite failed due to IllegalStateException", e);
			m.put("code", HttpStatus.BAD_REQUEST);
			m.put("errorMessage", "Could not update blacklisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
			return "jsonErrorView";
File
BlacklistAPI.java
Developer's decision
Version 2
Kind of conflict
Method invocation
Chunk
Conflicting content 
			client = gson.fromJson(json, ClientDetailsEntity.class);
		}
		catch (JsonSyntaxException e) {
<<<<<<< HEAD
			logger.error("apiAddClient failed due to JsonSyntaxException: " , e);
=======
			logger.error("apiAddClient failed due to JsonSyntaxException", e);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			m.addAttribute("code", HttpStatus.BAD_REQUEST);
			m.addAttribute("errorMessage", "Could not save new client. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
Solution content 
			client = gson.fromJson(json, ClientDetailsEntity.class);
		}
		catch (JsonSyntaxException e) {
			logger.error("apiAddClient failed due to JsonSyntaxException", e);
			m.addAttribute("code", HttpStatus.BAD_REQUEST);
			m.addAttribute("errorMessage", "Could not save new client. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
File
ClientAPI.java
Developer's decision
Version 2
Kind of conflict
Method invocation
Chunk
Conflicting content 
			m.addAttribute("errorMessage", "Could not save new client. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
		} catch (IllegalStateException e) {
<<<<<<< HEAD
			logger.error("apiAddClient failed due to IllegalStateException: " , e);
=======
			logger.error("apiAddClient failed due to IllegalStateException", e);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			m.addAttribute("code", HttpStatus.BAD_REQUEST);
			m.addAttribute("errorMessage", "Could not save new client. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
			return "jsonErrorView";
Solution content 
			m.addAttribute("errorMessage", "Could not save new client. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
		} catch (IllegalStateException e) {
			logger.error("apiAddClient failed due to IllegalStateException", e);
			m.addAttribute("code", HttpStatus.BAD_REQUEST);
			m.addAttribute("errorMessage", "Could not save new client. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
			return "jsonErrorView";
File
ClientAPI.java
Developer's decision
Version 2
Kind of conflict
Method invocation
Chunk
Conflicting content 
			return "jsonErrorView";
		}

<<<<<<< HEAD
		// if they leave the client secret empty, force it to be generated
=======
		// if they leave the client identifier empty, force it to be generated
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		if (Strings.isNullOrEmpty(client.getClientId())) {
			client = clientService.generateClientId(client);
		}
Solution content 
			return "jsonErrorView";
		}

		// if they leave the client identifier empty, force it to be generated
		if (Strings.isNullOrEmpty(client.getClientId())) {
			client = clientService.generateClientId(client);
		}
File
ClientAPI.java
Developer's decision
Version 2
Kind of conflict
Comment
Chunk
Conflicting content 
			client = gson.fromJson(json, ClientDetailsEntity.class);
		}
		catch (JsonSyntaxException e) {
<<<<<<< HEAD
			logger.error("apiUpdateClient failed due to JsonSyntaxException: " , e);
=======
			logger.error("apiUpdateClient failed due to JsonSyntaxException", e);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			m.addAttribute("code", HttpStatus.BAD_REQUEST);
			m.addAttribute("errorMessage", "Could not update client. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
Solution content 
			client = gson.fromJson(json, ClientDetailsEntity.class);
		}
		catch (JsonSyntaxException e) {
			logger.error("apiUpdateClient failed due to JsonSyntaxException", e);
			m.addAttribute("code", HttpStatus.BAD_REQUEST);
			m.addAttribute("errorMessage", "Could not update client. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
File
ClientAPI.java
Developer's decision
Version 2
Kind of conflict
Method invocation
Chunk
Conflicting content 
			m.addAttribute("errorMessage", "Could not update client. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
		} catch (IllegalStateException e) {
<<<<<<< HEAD
			logger.error("apiUpdateClient failed due to IllegalStateException: " , e);
=======
			logger.error("apiUpdateClient failed due to IllegalStateException", e);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			m.addAttribute("code", HttpStatus.BAD_REQUEST);
			m.addAttribute("errorMessage", "Could not update client. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
			return "jsonErrorView";
Solution content 
			m.addAttribute("errorMessage", "Could not update client. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
		} catch (IllegalStateException e) {
			logger.error("apiUpdateClient failed due to IllegalStateException", e);
			m.addAttribute("code", HttpStatus.BAD_REQUEST);
			m.addAttribute("errorMessage", "Could not update client. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
			return "jsonErrorView";
File
ClientAPI.java
Developer's decision
Version 2
Kind of conflict
Method invocation
Chunk
Conflicting content 
			return "jsonErrorView";
		}

<<<<<<< HEAD
		// if they leave the client secret empty, force it to be generated
=======
		// if they leave the client identifier empty, force it to be generated
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		if (Strings.isNullOrEmpty(client.getClientId())) {
			client = clientService.generateClientId(client);
		}
Solution content 
			return "jsonErrorView";
		}

		// if they leave the client identifier empty, force it to be generated
		if (Strings.isNullOrEmpty(client.getClientId())) {
			client = clientService.generateClientId(client);
		}
File
ClientAPI.java
Developer's decision
Version 2
Kind of conflict
Comment
Chunk
Conflicting content 
			OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails();
			OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue());

<<<<<<< HEAD
=======
			// TODO: urlencode the client id for safety?
			RegisteredClient registered = new RegisteredClient(client, token.getValue(), config.getIssuer() + "register/" + client.getClientId());

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			// send it all out to the view
			m.addAttribute("client", registered);
			m.addAttribute("code", HttpStatus.OK); // http 200
Solution content 
			OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails();
			OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue());

			// TODO: urlencode the client id for safety?
			RegisteredClient registered = new RegisteredClient(client, token.getValue(), config.getIssuer() + "register/" + client.getClientId());

			// send it all out to the view
			m.addAttribute("client", registered);
			m.addAttribute("code", HttpStatus.OK); // http 200
File
ClientDynamicRegistrationEndpoint.java
Developer's decision
Version 2
Kind of conflict
Comment
Method invocation
Variable
Chunk
Conflicting content 
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

<<<<<<< HEAD
import com.google.common.base.Splitter;
import com.google.common.collect.Maps;
=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
import com.google.common.collect.Sets;

@Controller
Solution content 
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import com.google.common.collect.Maps;
import com.google.common.collect.Sets;

@Controller
File
ClientDynamicRegistrationEndpoint.java
Developer's decision
Combination
Kind of conflict
Import
Chunk
Conflicting content 
	private SystemScopeService scopeService;

	@Autowired
<<<<<<< HEAD
	private OAuth2RequestFactory oAuth2RequestFactory;

	private static Logger logger = LoggerFactory.getLogger(ClientDynamicRegistrationEndpoint.class);
	private JsonParser parser = new JsonParser();
	private Gson gson = new Gson();
=======
	private ConfigurationPropertiesBean config;

	private static Logger logger = LoggerFactory.getLogger(ClientDynamicRegistrationEndpoint.class);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

	/**
	 * Create a new Client, issue a client ID, and create a registration access token.
Solution content 
	/**
	private SystemScopeService scopeService;

	@Autowired
	private ConfigurationPropertiesBean config;

	private static Logger logger = LoggerFactory.getLogger(ClientDynamicRegistrationEndpoint.class);
	 * Create a new Client, issue a client ID, and create a registration access token.
File
ClientDynamicRegistrationEndpoint.java
Developer's decision
Version 2
Kind of conflict
Attribute
Method invocation
Chunk
Conflicting content 
	@RequestMapping(method = RequestMethod.POST, consumes = "application/json", produces = "application/json")
	public String registerNewClient(@RequestBody String jsonString, Model m) {

<<<<<<< HEAD
		ClientDetailsEntity newClient = parse(jsonString);
=======
		ClientDetailsEntity newClient = ClientDetailsEntityJsonProcessor.parse(jsonString);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

		if (newClient != null) {
			// it parsed!
Solution content 
	@RequestMapping(method = RequestMethod.POST, consumes = "application/json", produces = "application/json")
	public String registerNewClient(@RequestBody String jsonString, Model m) {

		ClientDetailsEntity newClient = ClientDetailsEntityJsonProcessor.parse(jsonString);

		if (newClient != null) {
			// it parsed!
File
ClientDynamicRegistrationEndpoint.java
Developer's decision
Version 2
Kind of conflict
Method invocation
Variable
Chunk
Conflicting content 
			// set default grant types if needed
			if (newClient.getGrantTypes() == null || newClient.getGrantTypes().isEmpty()) {
<<<<<<< HEAD
				newClient.setGrantTypes(Sets.newHashSet("authorization_code", "refresh_token")); // allow authorization code and refresh token grant types by default
=======
				if (newClient.getScope().contains("offline_access")) { // client asked for offline access
					newClient.setGrantTypes(Sets.newHashSet("authorization_code", "refresh_token")); // allow authorization code and refresh token grant types by default
				} else {
					newClient.setGrantTypes(Sets.newHashSet("authorization_code")); // allow authorization code grant type by default
				}
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			}

			// set default response types if needed
Solution content 
			// set default grant types if needed
			if (newClient.getGrantTypes() == null || newClient.getGrantTypes().isEmpty()) {
				if (newClient.getScope().contains("offline_access")) { // client asked for offline access
					newClient.setGrantTypes(Sets.newHashSet("authorization_code", "refresh_token")); // allow authorization code and refresh token grant types by default
				} else {
					newClient.setGrantTypes(Sets.newHashSet("authorization_code")); // allow authorization code grant type by default
				}
			}

			// set default response types if needed
File
ClientDynamicRegistrationEndpoint.java
Developer's decision
Version 2
Kind of conflict
Comment
If statement
Method invocation
Chunk
Conflicting content 
			m.addAttribute("client", registered);
			m.addAttribute("code", HttpStatus.CREATED); // http 201
<<<<<<< HEAD
			m.addAttribute("token", token);
=======
			//m.addAttribute("token", token);
			//m.addAttribute("uri", config.getIssuer() + "register/" + savedClient.getClientId());
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

			return "clientInformationResponseView";
		} else {
Solution content 
			m.addAttribute("client", registered);
			m.addAttribute("code", HttpStatus.CREATED); // http 201

			return "clientInformationResponseView";
		} else {
File
ClientDynamicRegistrationEndpoint.java
Developer's decision
None
Kind of conflict
Comment
Method invocation
Chunk
Conflicting content 
	public String readClientConfiguration(@PathVariable("id") String clientId, Model m, OAuth2Authentication auth) {

		ClientDetailsEntity client = clientService.loadClientByClientId(clientId);
<<<<<<< HEAD

		if (client != null && client.getClientId().equals(auth.getOAuth2Request().getClientId())) {

=======

		if (client != null && client.getClientId().equals(auth.getAuthorizationRequest().getClientId())) {

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

			// we return the token that we got in
			OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails();
Solution content 
	public String readClientConfiguration(@PathVariable("id") String clientId, Model m, OAuth2Authentication auth) {

		ClientDetailsEntity client = clientService.loadClientByClientId(clientId);

		if (client != null && client.getClientId().equals(auth.getOAuth2Request().getClientId())) {


			// we return the token that we got in
			OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails();
File
ClientDynamicRegistrationEndpoint.java
Developer's decision
Version 1
Kind of conflict
If statement
Chunk
Conflicting content 
			// send it all out to the view
			m.addAttribute("client", registered);
			m.addAttribute("code", HttpStatus.OK); // http 200
<<<<<<< HEAD
			m.addAttribute("token", token);
=======
			//m.addAttribute("token", token);
			// TODO: urlencode the client id for safety?
			//m.addAttribute("uri", config.getIssuer() + "register/" + client.getClientId());
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

			return "clientInformationResponseView";
		} else {
Solution content 
			// send it all out to the view
			m.addAttribute("client", registered);
			m.addAttribute("code", HttpStatus.OK); // http 200

			return "clientInformationResponseView";
		} else {
File
ClientDynamicRegistrationEndpoint.java
Developer's decision
None
Kind of conflict
Comment
Method invocation
Chunk
Conflicting content 
		} else {
			// client mismatch
			logger.error("readClientConfiguration failed, client ID mismatch: "
<<<<<<< HEAD
					+ clientId + " and " + auth.getOAuth2Request().getClientId() + " do not match.");
=======
					+ clientId + " and " + auth.getAuthorizationRequest().getClientId() + " do not match.");
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			m.addAttribute("code", HttpStatus.FORBIDDEN); // http 403

			return "httpCodeView";
Solution content 
		} else {
			// client mismatch
			logger.error("readClientConfiguration failed, client ID mismatch: "
					+ clientId + " and " + auth.getOAuth2Request().getClientId() + " do not match.");
			m.addAttribute("code", HttpStatus.FORBIDDEN); // http 403

			return "httpCodeView";
File
ClientDynamicRegistrationEndpoint.java
Developer's decision
Version 1
Kind of conflict
Method invocation
Variable
Chunk
Conflicting content 
	public String updateClient(@PathVariable("id") String clientId, @RequestBody String jsonString, Model m, OAuth2Authentication auth) {


<<<<<<< HEAD
		ClientDetailsEntity newClient = parse(jsonString);
=======
		ClientDetailsEntity newClient = ClientDetailsEntityJsonProcessor.parse(jsonString);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		ClientDetailsEntity oldClient = clientService.loadClientByClientId(clientId);

		if (newClient != null && oldClient != null  // we have an existing client and the new one parsed
Solution content 
	public String updateClient(@PathVariable("id") String clientId, @RequestBody String jsonString, Model m, OAuth2Authentication auth) {


		ClientDetailsEntity newClient = ClientDetailsEntityJsonProcessor.parse(jsonString);
		ClientDetailsEntity oldClient = clientService.loadClientByClientId(clientId);

		if (newClient != null && oldClient != null  // we have an existing client and the new one parsed
File
ClientDynamicRegistrationEndpoint.java
Developer's decision
Version 2
Kind of conflict
Method invocation
Variable
Chunk
Conflicting content 
			OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails();
			OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue());

<<<<<<< HEAD
=======
			// TODO: urlencode the client id for safety?
			RegisteredClient registered = new RegisteredClient(savedClient, token.getValue(), config.getIssuer() + "register/" + savedClient.getClientId());

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			// send it all out to the view
			m.addAttribute("client", registered);
			m.addAttribute("code", HttpStatus.OK); // http 200
Solution content 
			OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails();
			OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue());

			// TODO: urlencode the client id for safety?
			RegisteredClient registered = new RegisteredClient(savedClient, token.getValue(), config.getIssuer() + "register/" + savedClient.getClientId());

			// send it all out to the view
			m.addAttribute("client", registered);
			m.addAttribute("code", HttpStatus.OK); // http 200
File
ClientDynamicRegistrationEndpoint.java
Developer's decision
Version 2
Kind of conflict
Comment
Method invocation
Variable
Chunk
Conflicting content 
			// send it all out to the view
			m.addAttribute("client", registered);
			m.addAttribute("code", HttpStatus.OK); // http 200
<<<<<<< HEAD
			m.addAttribute("token", token);
=======
			//m.addAttribute("token", token);
			// TODO: urlencode the client id for safety?
			//m.addAttribute("uri", config.getIssuer() + "register/" + savedClient.getClientId());
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

			return "clientInformationResponseView";
		} else {
Solution content 
			// send it all out to the view
			m.addAttribute("client", registered);
			m.addAttribute("code", HttpStatus.OK); // http 200

			return "clientInformationResponseView";
		} else {
File
ClientDynamicRegistrationEndpoint.java
Developer's decision
None
Kind of conflict
Comment
Method invocation
Chunk
Conflicting content 
		} else {
			// client mismatch
			logger.error("readClientConfiguration failed, client ID mismatch: "
<<<<<<< HEAD
					+ clientId + " and " + auth.getOAuth2Request().getClientId() + " do not match.");
=======
					+ clientId + " and " + auth.getAuthorizationRequest().getClientId() + " do not match.");
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			m.addAttribute("code", HttpStatus.FORBIDDEN); // http 403

			return "httpCodeView";
Solution content 
		} else {
			// client mismatch
			logger.error("readClientConfiguration failed, client ID mismatch: "
					+ clientId + " and " + auth.getOAuth2Request().getClientId() + " do not match.");
			m.addAttribute("code", HttpStatus.FORBIDDEN); // http 403

			return "httpCodeView";
File
ClientDynamicRegistrationEndpoint.java
Developer's decision
Version 1
Kind of conflict
Method invocation
Variable
Chunk
Conflicting content 
		ClientDetailsEntity client = clientService.loadClientByClientId(clientId);

<<<<<<< HEAD
		if (client != null && client.getClientId().equals(auth.getOAuth2Request().getClientId())) {

			clientService.deleteClient(client);

			// we return the token that we got in
			OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails();
			OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue());

			// send it all out to the view
			m.addAttribute("client", client);
			m.addAttribute("code", HttpStatus.OK); // http 200
			m.addAttribute("token", token);

			return "clientInformationResponseView";
		} else {
			// client mismatch
			logger.error("readClientConfiguration failed, client ID mismatch: "
					+ clientId + " and " + auth.getOAuth2Request().getClientId() + " do not match.");
=======
		if (client != null && client.getClientId().equals(auth.getAuthorizationRequest().getClientId())) {

			clientService.deleteClient(client);

			// send it all out to the view
			m.addAttribute("client", client);
			m.addAttribute("code", HttpStatus.NO_CONTENT); // http 204

			return "httpCodeView";
		} else {
			// client mismatch
			logger.error("readClientConfiguration failed, client ID mismatch: "
					+ clientId + " and " + auth.getAuthorizationRequest().getClientId() + " do not match.");
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			m.addAttribute("code", HttpStatus.FORBIDDEN); // http 403

			return "httpCodeView";
Solution content 
		ClientDetailsEntity client = clientService.loadClientByClientId(clientId);

		if (client != null && client.getClientId().equals(auth.getOAuth2Request().getClientId())) {

			clientService.deleteClient(client);

			m.addAttribute("code", HttpStatus.NO_CONTENT); // http 204

			return "httpCodeView";
		} else {
			// client mismatch
			logger.error("readClientConfiguration failed, client ID mismatch: "
					+ clientId + " and " + auth.getOAuth2Request().getClientId() + " do not match.");
			m.addAttribute("code", HttpStatus.FORBIDDEN); // http 403

			return "httpCodeView";
File
ClientDynamicRegistrationEndpoint.java
Developer's decision
Combination
Kind of conflict
Cast expression
Comment
If statement
Method invocation
Return statement
Variable
Chunk
Conflicting content 
			String scope = getAsString(o, "scope");
			if (scope != null) {



<<<<<<< HEAD

	/**
	 * 
	 * Create an unbound ClientDetailsEntity from the given JSON string.
	 * 
	 * @param jsonString
	 * @return the entity if successful, null otherwise
	 */
	private ClientDetailsEntity parse(String jsonString) {
		JsonElement jsonEl = parser.parse(jsonString);
		if (jsonEl.isJsonObject()) {

			JsonObject o = jsonEl.getAsJsonObject();
			ClientDetailsEntity c = new ClientDetailsEntity();

			// TODO: make these field names into constants

			// these two fields should only be sent in the update request, and MUST match existing values
			c.setClientId(getAsString(o, "client_id"));
			c.setClientSecret(getAsString(o, "client_secret"));

			// OAuth DynReg
			c.setRedirectUris(getAsStringSet(o, "redirect_uris"));
			c.setClientName(getAsString(o, "client_name"));
			c.setClientUri(getAsString(o, "client_uri"));
			c.setLogoUri(getAsString(o, "logo_uri"));
			c.setContacts(getAsStringSet(o, "contacts"));
			c.setTosUri(getAsString(o, "tos_uri"));

			String authMethod = getAsString(o, "token_endpoint_auth_method");
			if (authMethod != null) {
				c.setTokenEndpointAuthMethod(AuthMethod.getByValue(authMethod));
			}

			// scope is a space-separated string
				c.setScope(Sets.newHashSet(Splitter.on(" ").split(scope)));
			}

			c.setGrantTypes(getAsStringSet(o, "grant_types"));
			c.setPolicyUri(getAsString(o, "policy_uri"));
			c.setJwksUri(getAsString(o, "jwks_uri"));


			// OIDC Additions
			String appType = getAsString(o, "application_type");
			if (appType != null) {
				c.setApplicationType(AppType.getByValue(appType));
			}

			c.setSectorIdentifierUri(getAsString(o, "sector_identifier_uri"));

			String subjectType = getAsString(o, "subject_type");
			if (subjectType != null) {
				c.setSubjectType(SubjectType.getByValue(subjectType));
			}

			c.setRequestObjectSigningAlg(getAsJwsAlgorithm(o, "request_object_signing_alg"));

			c.setUserInfoSignedResponseAlg(getAsJwsAlgorithm(o, "userinfo_signed_response_alg"));
			c.setUserInfoEncryptedResponseAlg(getAsJweAlgorithm(o, "userinfo_encrypted_response_alg"));
			c.setUserInfoEncryptedResponseEnc(getAsJweEncryptionMethod(o, "userinfo_encrypted_response_enc"));

			c.setIdTokenSignedResponseAlg(getAsJwsAlgorithm(o, "id_token_signed_response_alg"));
			c.setIdTokenEncryptedResponseAlg(getAsJweAlgorithm(o, "id_token_encrypted_response_alg"));
			c.setIdTokenEncryptedResponseEnc(getAsJweEncryptionMethod(o, "id_token_encrypted_response_enc"));

			if (o.has("default_max_age")) {
				if (o.get("default_max_age").isJsonPrimitive()) {
					c.setDefaultMaxAge(o.get("default_max_age").getAsInt());
				}
			}

			if (o.has("require_auth_time")) {
				if (o.get("require_auth_time").isJsonPrimitive()) {
					c.setRequireAuthTime(o.get("require_auth_time").getAsBoolean());
				}
			}

			c.setDefaultACRvalues(getAsStringSet(o, "default_acr_values"));
			c.setInitiateLoginUri(getAsString(o, "initiate_login_uri"));
			c.setPostLogoutRedirectUri(getAsString(o, "post_logout_redirect_uri"));
			c.setRequestUris(getAsStringSet(o, "request_uris"));

			return c;
		} else {
			return null;
		}
	}
=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

	/**
	 * @param client
Solution content 


	/**
	 * @param client
	 * @return
	 * @throws AuthenticationException
	 */
	private OAuth2AccessTokenEntity createRegistrationAccessToken(ClientDetailsEntity client) throws AuthenticationException {

		Map authorizationParameters = Maps.newHashMap();
		OAuth2Request storedRequest = new OAuth2Request(authorizationParameters, client.getClientId(),
				Sets.newHashSet(new SimpleGrantedAuthority("ROLE_CLIENT")), true,
				Sets.newHashSet(OAuth2AccessTokenEntity.REGISTRATION_TOKEN_SCOPE), null, null, null);
		OAuth2Authentication authentication = new OAuth2Authentication(storedRequest, null);
		OAuth2AccessTokenEntity registrationAccessToken = (OAuth2AccessTokenEntity) tokenService.createAccessToken(authentication);
		return registrationAccessToken;
	}

}
File
ClientDynamicRegistrationEndpoint.java
Developer's decision
Manual
Kind of conflict
Comment
Method declaration
Chunk
Conflicting content 
	/**
			return null;
		}
	}
	 * @return
	 * @throws AuthenticationException
	 */
<<<<<<< HEAD
	private Set getAsStringSet(JsonObject o, String member) throws JsonSyntaxException {
		if (o.has(member)) {
			return gson.fromJson(o.get(member), new TypeToken>(){}.getType());
		} else {
	 * Gets the value of the given member as a string, null if it doesn't exist
	 */
	private String getAsString(JsonObject o, String member) {
		if (o.has(member)) {
			JsonElement e = o.get(member);
			if (e != null && e.isJsonPrimitive()) {
				return e.getAsString();
			} else {
				return null;
			}
		} else {
			return null;
		}
	}

	/**
	 * Gets the value of the given member as a JWS Algorithm, null if it doesn't exist
	 */
	private JWSAlgorithmEmbed getAsJwsAlgorithm(JsonObject o, String member) {
		String s = getAsString(o, member);
		if (s != null) {
			return JWSAlgorithmEmbed.getForAlgorithmName(s);
		} else {
			return null;
		}
	}

	/**
	 * Gets the value of the given member as a JWE Algorithm, null if it doesn't exist
	 */
	private JWEAlgorithmEmbed getAsJweAlgorithm(JsonObject o, String member) {
		String s = getAsString(o, member);
		if (s != null) {
			return JWEAlgorithmEmbed.getForAlgorithmName(s);
		} else {
			return null;
		}
	}


	/**
	 * Gets the value of the given member as a JWE Encryption Method, null if it doesn't exist
	 */
	private JWEEncryptionMethodEmbed getAsJweEncryptionMethod(JsonObject o, String member) {
		String s = getAsString(o, member);
		if (s != null) {
			return JWEEncryptionMethodEmbed.getForAlgorithmName(s);
		} else {
			return null;
		}
	}
	/**
	 * @param client
	 * @return
	 * @throws AuthenticationException
	 */
	private OAuth2AccessTokenEntity createRegistrationAccessToken(ClientDetailsEntity client) throws AuthenticationException {

		Map authorizationParameters = Maps.newHashMap();
		authorizationParameters.put("client_id", client.getClientId());
		authorizationParameters.put("scope", OAuth2AccessTokenEntity.REGISTRATION_TOKEN_SCOPE);
		OAuth2Request storedRequest = new OAuth2Request(authorizationParameters, client.getClientId(),
				Sets.newHashSet(new SimpleGrantedAuthority("ROLE_CLIENT")), true,
				Sets.newHashSet(OAuth2AccessTokenEntity.REGISTRATION_TOKEN_SCOPE), null, null, null);
		OAuth2Authentication authentication = new OAuth2Authentication(storedRequest, null);
=======
	private OAuth2AccessTokenEntity createRegistrationAccessToken(ClientDetailsEntity client) throws AuthenticationException {
		// create a registration access token, treat it like a client credentials flow
		// I can't use the auth request interface here because it has no setters and bad constructors -- THIS IS BAD API DESIGN
		DefaultAuthorizationRequest authorizationRequest = new DefaultAuthorizationRequest(client.getClientId(), Sets.newHashSet(OAuth2AccessTokenEntity.REGISTRATION_TOKEN_SCOPE));
		authorizationRequest.setApproved(true);
		authorizationRequest.setAuthorities(Sets.newHashSet(new SimpleGrantedAuthority("ROLE_CLIENT")));
		OAuth2Authentication authentication = new OAuth2Authentication(authorizationRequest, null);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		OAuth2AccessTokenEntity registrationAccessToken = (OAuth2AccessTokenEntity) tokenService.createAccessToken(authentication);
		return registrationAccessToken;
	}
Solution content 
	/**
	 * @param client
	 * @return
	 * @throws AuthenticationException
	 */
	private OAuth2AccessTokenEntity createRegistrationAccessToken(ClientDetailsEntity client) throws AuthenticationException {

		Map authorizationParameters = Maps.newHashMap();
		OAuth2Request storedRequest = new OAuth2Request(authorizationParameters, client.getClientId(),
				Sets.newHashSet(new SimpleGrantedAuthority("ROLE_CLIENT")), true,
				Sets.newHashSet(OAuth2AccessTokenEntity.REGISTRATION_TOKEN_SCOPE), null, null, null);
		OAuth2Authentication authentication = new OAuth2Authentication(storedRequest, null);
		OAuth2AccessTokenEntity registrationAccessToken = (OAuth2AccessTokenEntity) tokenService.createAccessToken(authentication);
		return registrationAccessToken;
	}
File
ClientDynamicRegistrationEndpoint.java
Developer's decision
Combination
Kind of conflict
Comment
Method declaration
Method invocation
Method signature
Variable
Chunk
Conflicting content 
		return registrationAccessToken;
	}

<<<<<<< HEAD
}
=======
}
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
Solution content 
		return registrationAccessToken;
	}

}
File
ClientDynamicRegistrationEndpoint.java
Developer's decision
Version 1
Kind of conflict
Other
Chunk
Conflicting content 
		return "contact";
	}

<<<<<<< HEAD
	@PreAuthorize("hasRole('ROLE_USER')") // TODO: this probably shouldn't be here
=======
	@PreAuthorize("hasRole('ROLE_USER')")
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	@RequestMapping("manage/**")
	public String showClientManager(ModelMap m) {
		return "manage";
Solution content 
		return "contact";
	}

	@PreAuthorize("hasRole('ROLE_USER')")
	@RequestMapping("manage/**")
	public String showClientManager(ModelMap m) {
		return "manage";
File
ManagerController.java
Developer's decision
Version 2
Kind of conflict
Annotation
Comment
Chunk
Conflicting content 
		m.put("entity", e);

<<<<<<< HEAD
		return "statsSummaryJson";

	}

=======
		return "jsonEntityView";

	}

	@RequestMapping(value = "byclientid", produces = "application/json")
	public String statsByClient(ModelMap m) {
		Map e = statsService.calculateByClientId();

		m.put("entity", e);

		return "jsonEntityView";
	}

	@RequestMapping(value = "byclientid/{id}", produces = "application/json")
	public String statsByClientId(@PathVariable("id") Long id, ModelMap m) {
		Integer e = statsService.countForClientId(id);

		m.put("entity", e);

		return "jsonEntityView";
	}

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
}
Solution content 
		m.put("entity", e);

		return "jsonEntityView";

	}

	@RequestMapping(value = "byclientid", produces = "application/json")
	public String statsByClient(ModelMap m) {
		Map e = statsService.calculateByClientId();

		m.put("entity", e);

		return "jsonEntityView";
	}

	@RequestMapping(value = "byclientid/{id}", produces = "application/json")
	public String statsByClientId(@PathVariable("id") Long id, ModelMap m) {
		Integer e = statsService.countForClientId(id);

		m.put("entity", e);

		return "jsonEntityView";
	}

}
File
StatsAPI.java
Developer's decision
Version 2
Kind of conflict
Annotation
Method declaration
Return statement
Chunk
Conflicting content 
<<<<<<< HEAD

	private static Logger logger = LoggerFactory.getLogger(UserInfoEndpoint.class);

	private Map schemaToViewNameMap = ImmutableMap.of(
			openIdSchema, jsonUserInfoViewName,
			pocoSchema, pocoUserInfoViewName
			);

	// Valid schemas and associated views
	private static final String openIdSchema = "openid";
	private static final String pocoSchema = "poco";
	private static final String jsonUserInfoViewName = "jsonUserInfoView";
	private static final String pocoUserInfoViewName = "pocoUserInfoView";

=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	/**
	 * Get information about the user as specified in the accessToken included in this request
	 */
Solution content 
	private static Logger logger = LoggerFactory.getLogger(UserInfoEndpoint.class);

	/**
	 * Get information about the user as specified in the accessToken included in this request
	 */
File
UserInfoEndpoint.java
Developer's decision
Version 2
Kind of conflict
Attribute
Comment
Method invocation
Chunk
Conflicting content 
			return "httpCodeView";
		}

<<<<<<< HEAD
		String viewName = schemaToViewNameMap.get(schema);
		if (viewName == null) {
			logger.error("getInfo failed; unknown User Info schema " + schema);
			model.addAttribute("code", HttpStatus.BAD_REQUEST);
			return "httpCodeView";
		}

=======
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
		String userId = p.getName();
		UserInfo userInfo = userInfoService.getBySubject(userId);
Solution content 
			return "httpCodeView";
		}

		String userId = p.getName();
		UserInfo userInfo = userInfoService.getBySubject(userId);
File
UserInfoEndpoint.java
Developer's decision
Version 2
Kind of conflict
If statement
Method invocation
Variable
Chunk
Conflicting content 
		if (p instanceof OAuth2Authentication) {
			OAuth2Authentication authentication = (OAuth2Authentication)p;
<<<<<<< HEAD

			model.addAttribute("scope", authentication.getOAuth2Request().getScope());
			model.addAttribute("requestObject", authentication.getOAuth2Request().getRequestParameters().get("request"));
		}

		model.addAttribute("userInfo", userInfo);

		return viewName;
=======

			model.addAttribute("scope", authentication.getAuthorizationRequest().getScope());
			model.addAttribute("requestObject", authentication.getAuthorizationRequest().getAuthorizationParameters().get("request"));
		}
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0

		model.addAttribute("userInfo", userInfo);
Solution content 
		if (p instanceof OAuth2Authentication) {
			OAuth2Authentication authentication = (OAuth2Authentication)p;

			model.addAttribute("scope", authentication.getOAuth2Request().getScope());
			model.addAttribute("requestObject", authentication.getOAuth2Request().getRequestParameters().get("request"));
		}

		model.addAttribute("userInfo", userInfo);

		return "userInfoView";

	}

}
File
UserInfoEndpoint.java
Developer's decision
Manual
Kind of conflict
Method invocation
Return statement
Variable
Chunk
Conflicting content 
		model.addAttribute("userInfo", userInfo);

<<<<<<< HEAD
	/**
	 * @return the schemaToViewNameMap (defaults to an immutable map)
	 */
	public Map getSchemaToViewNameMap() {
		return schemaToViewNameMap;
	}

	/**
	 * @param schemaToViewNameMap the schemaToViewNameMap to set
	 */
	public void setSchemaToViewNameMap(Map schemaToViewNameMap) {
		this.schemaToViewNameMap = schemaToViewNameMap;
=======
		return "userInfoView";

>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
	}

}
Solution content 
/*******************************************************************************
 * Copyright 2013 The MITRE Corporation and the MIT Kerberos and Internet Trust Consortuim
 * 
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 * 
 *   http://www.apache.org/licenses/LICENSE-2.0
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 ******************************************************************************/
package org.mitre.openid.connect.web;

import java.security.Principal;

import org.mitre.openid.connect.model.UserInfo;
import org.mitre.openid.connect.service.UserInfoService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

/**
 * OpenID Connect UserInfo endpoint, as specified in Standard sec 5 and Messages sec 2.4.
 * 
 * @author AANGANES
 *
 */
@Controller
public class UserInfoEndpoint {

	@Autowired
	private UserInfoService userInfoService;

	private static Logger logger = LoggerFactory.getLogger(UserInfoEndpoint.class);

	/**
	 * Get information about the user as specified in the accessToken included in this request
	 */
	@PreAuthorize("hasRole('ROLE_USER') and #oauth2.hasScope('openid')")
	@RequestMapping(value="/userinfo", method= {RequestMethod.GET, RequestMethod.POST}, produces = "application/json")
	public String getInfo(Principal p, Model model) {

		if (p == null) {
			logger.error("getInfo failed; no principal. Requester is not authorized.");
			model.addAttribute("code", HttpStatus.FORBIDDEN);
			return "httpCodeView";
		}

		String userId = p.getName();
		UserInfo userInfo = userInfoService.getBySubject(userId);

		if (userInfo == null) {
			logger.error("getInfo failed; user not found: " + userId);
			model.addAttribute("code", HttpStatus.NOT_FOUND);
			return "httpCodeView";
		}

		if (p instanceof OAuth2Authentication) {
			OAuth2Authentication authentication = (OAuth2Authentication)p;

			model.addAttribute("scope", authentication.getOAuth2Request().getScope());
			model.addAttribute("requestObject", authentication.getOAuth2Request().getRequestParameters().get("request"));
		}

		model.addAttribute("userInfo", userInfo);

		return "userInfoView";

	}

}
File
UserInfoEndpoint.java
Developer's decision
Manual
Kind of conflict
Attribute
Comment
Method declaration
Method signature
Return statement
Chunk
Conflicting content 
			whitelist = gson.fromJson(json, WhitelistedSite.class);

		} catch (JsonParseException e) {
<<<<<<< HEAD
			logger.error("addNewWhitelistedSite failed due to JsonParseException: " , e);
=======
			logger.error("addNewWhitelistedSite failed due to JsonParseException", e);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			m.addAttribute("code", HttpStatus.BAD_REQUEST);
			m.addAttribute("errorMessage", "Could not save new whitelisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
Solution content 
			whitelist = gson.fromJson(json, WhitelistedSite.class);
		} catch (JsonParseException e) {
			logger.error("addNewWhitelistedSite failed due to JsonParseException", e);
			m.addAttribute("code", HttpStatus.BAD_REQUEST);
			m.addAttribute("errorMessage", "Could not save new whitelisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
File
WhitelistAPI.java
Developer's decision
Version 2
Kind of conflict
Method invocation
Chunk
Conflicting content 
			m.addAttribute("errorMessage", "Could not save new whitelisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
		} catch (IllegalStateException e) {
<<<<<<< HEAD
			logger.error("addNewWhitelistedSite failed due to IllegalStateException: " , e);
=======
			logger.error("addNewWhitelistedSite failed due to IllegalStateException", e);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			m.addAttribute("code", HttpStatus.BAD_REQUEST);
			m.addAttribute("errorMessage", "Could not save new whitelisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
			return "jsonErrorView";
Solution content 
			m.addAttribute("errorMessage", "Could not save new whitelisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
		} catch (IllegalStateException e) {
			logger.error("addNewWhitelistedSite failed due to IllegalStateException", e);
			m.addAttribute("code", HttpStatus.BAD_REQUEST);
			m.addAttribute("errorMessage", "Could not save new whitelisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
			return "jsonErrorView";
File
WhitelistAPI.java
Developer's decision
Version 2
Kind of conflict
Method invocation
Chunk
Conflicting content 
			whitelist = gson.fromJson(json, WhitelistedSite.class);

		} catch (JsonParseException e) {
<<<<<<< HEAD
			logger.error("updateWhitelistedSite failed due to JsonParseException: " , e);
=======
			logger.error("updateWhitelistedSite failed due to JsonParseException", e);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			m.put("code", HttpStatus.BAD_REQUEST);
			m.put("errorMessage", "Could not update whitelisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
Solution content 
			whitelist = gson.fromJson(json, WhitelistedSite.class);

		} catch (JsonParseException e) {
			logger.error("updateWhitelistedSite failed due to JsonParseException", e);
			m.put("code", HttpStatus.BAD_REQUEST);
			m.put("errorMessage", "Could not update whitelisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
File
WhitelistAPI.java
Developer's decision
Version 2
Kind of conflict
Method invocation
Chunk
Conflicting content 
			m.put("errorMessage", "Could not update whitelisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
		} catch (IllegalStateException e) {
<<<<<<< HEAD
			logger.error("updateWhitelistedSite failed due to IllegalStateException: " , e);
=======
			logger.error("updateWhitelistedSite failed due to IllegalStateException", e);
>>>>>>> 023dd440d4a0e6e59a14c88013837d79a77c74e0
			m.put("code", HttpStatus.BAD_REQUEST);
			m.put("errorMessage", "Could not update whitelisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
			return "jsonErrorView";
Solution content 
			m.put("errorMessage", "Could not update whitelisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
			return "jsonErrorView";
		} catch (IllegalStateException e) {
			logger.error("updateWhitelistedSite failed due to IllegalStateException", e);
			m.put("code", HttpStatus.BAD_REQUEST);
			m.put("errorMessage", "Could not update whitelisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
			return "jsonErrorView";
File
WhitelistAPI.java
Developer's decision
Version 2
Kind of conflict
Method invocation