From 537caf268bfb21b88167d7074c480ec183b5fb28 Mon Sep 17 00:00:00 2001 From: Jan Fyrbach Date: Wed, 23 Aug 2023 10:16:20 +0200 Subject: [PATCH] Add OAuth2 revocation_endpoint to .well-known --- .../main/java/org/forgerock/oauth2/core/OAuth2Uris.java | 8 ++++++++ .../org/forgerock/openam/oauth2/OAuth2UrisFactory.java | 6 ++++++ .../openidconnect/OpenIDConnectProviderConfiguration.java | 2 ++ 3 files changed, 16 insertions(+) diff --git a/openam-oauth2/src/main/java/org/forgerock/oauth2/core/OAuth2Uris.java b/openam-oauth2/src/main/java/org/forgerock/oauth2/core/OAuth2Uris.java index b1423ef4e5..4f5283b29e 100644 --- a/openam-oauth2/src/main/java/org/forgerock/oauth2/core/OAuth2Uris.java +++ b/openam-oauth2/src/main/java/org/forgerock/oauth2/core/OAuth2Uris.java @@ -13,6 +13,7 @@ * * Copyright 2014-2015 ForgeRock AS. * Portions Copyrighted 2015 Nomura Research Institute, Ltd. + * Portions Copyrighted 2023 Wren Security */ package org.forgerock.oauth2.core; @@ -107,4 +108,11 @@ public interface OAuth2Uris { */ String getResourceSetRegistrationEndpoint(); + /** + * Gets the URI for the OAuth2 token revocation endpoint. + * + * @return The URL. + */ + String getRevocationEndpoint(); + } diff --git a/openam-oauth2/src/main/java/org/forgerock/openam/oauth2/OAuth2UrisFactory.java b/openam-oauth2/src/main/java/org/forgerock/openam/oauth2/OAuth2UrisFactory.java index 1d66581437..ca821a9d1e 100644 --- a/openam-oauth2/src/main/java/org/forgerock/openam/oauth2/OAuth2UrisFactory.java +++ b/openam-oauth2/src/main/java/org/forgerock/openam/oauth2/OAuth2UrisFactory.java @@ -12,6 +12,7 @@ * information: "Portions copyright [year] [name of copyright owner]". * * Copyright 2014-2016 ForgeRock AS. + * Portions copyright 2023 Wren Security */ package org.forgerock.openam.oauth2; @@ -169,6 +170,11 @@ public String getResourceSetRegistrationEndpoint() { return baseUrl + "/resource_set"; } + @Override + public String getRevocationEndpoint() { + return baseUrl + "/token/revoke"; + } + @Override public String getUserInfoEndpoint() { return baseUrl + "/userinfo"; diff --git a/openam-oauth2/src/main/java/org/forgerock/openidconnect/OpenIDConnectProviderConfiguration.java b/openam-oauth2/src/main/java/org/forgerock/openidconnect/OpenIDConnectProviderConfiguration.java index ba00fa1b29..7ebb4c8ef4 100644 --- a/openam-oauth2/src/main/java/org/forgerock/openidconnect/OpenIDConnectProviderConfiguration.java +++ b/openam-oauth2/src/main/java/org/forgerock/openidconnect/OpenIDConnectProviderConfiguration.java @@ -12,6 +12,7 @@ * information: "Portions copyright [year] [name of copyright owner]". * * Copyright 2014-2017 ForgeRock AS. + * Portions copyright 2023 Wren Security */ package org.forgerock.openidconnect; @@ -101,6 +102,7 @@ public JsonValue getConfiguration(OAuth2Request request) throws OAuth2Exception configuration.put("claims_parameter_supported", providerSettings.getClaimsParameterSupported()); configuration.put("token_endpoint_auth_methods_supported", providerSettings.getEndpointAuthMethodsSupported()); configuration.put("introspection_endpoint", uris.getIntrospectionEndpoint()); + configuration.put("revocation_endpoint", uris.getRevocationEndpoint()); return new JsonValue(configuration); }