cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From owu...@apache.org
Subject svn commit: r1495610 - in /cxf/fediz/trunk/plugins/core/src: main/java/org/apache/cxf/fediz/core/ main/java/org/apache/cxf/fediz/core/config/ main/java/org/apache/cxf/fediz/core/spi/ main/resources/schemas/ test/java/org/apache/cxf/fediz/core/config/
Date Fri, 21 Jun 2013 21:55:39 GMT
Author: owulff
Date: Fri Jun 21 21:55:38 2013
New Revision: 1495610

URL: http://svn.apache.org/r1495610
Log:
[FEDIZ-62] Customize SignIn Query

Added:
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/SignInQueryCallback.java
Modified:
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocol.java
    cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd
    cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/CallbackHandlerTest.java
    cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/TestCallbackHandler.java

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java?rev=1495610&r1=1495609&r2=1495610&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java
(original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java
Fri Jun 21 21:55:38 2013
@@ -21,6 +21,7 @@ package org.apache.cxf.fediz.core;
 
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
+import java.io.UnsupportedEncodingException;
 import java.net.MalformedURLException;
 import java.net.URL;
 import java.net.URLEncoder;
@@ -29,6 +30,7 @@ import java.text.ParseException;
 import java.util.ArrayList;
 import java.util.Date;
 import java.util.List;
+import java.util.Map;
 
 import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
@@ -47,6 +49,7 @@ import org.apache.cxf.fediz.core.metadat
 import org.apache.cxf.fediz.core.spi.FreshnessCallback;
 import org.apache.cxf.fediz.core.spi.HomeRealmCallback;
 import org.apache.cxf.fediz.core.spi.IDPCallback;
+import org.apache.cxf.fediz.core.spi.SignInQueryCallback;
 import org.apache.cxf.fediz.core.spi.WAuthCallback;
 import org.apache.cxf.fediz.core.util.DOMUtils;
 import org.apache.ws.security.WSConstants;
@@ -349,63 +352,24 @@ public class FederationProcessorImpl imp
                 throw new IllegalStateException("Unsupported protocol");
             }
             
-            Object issuerObj = ((FederationProtocol)config.getProtocol()).getIssuer();
-            String issuerURL = null;
-            if (issuerObj instanceof String) {
-                issuerURL = (String)issuerObj;
-            } else if (issuerObj instanceof CallbackHandler) {
-                CallbackHandler issuerCB = (CallbackHandler)issuerObj;
-                IDPCallback callback = new IDPCallback(request);
-                issuerCB.handle(new Callback[] {callback});
-                issuerURL = callback.getIssuerUrl().toString();
-            }
+            String issuerURL = resolveIssuer(request, config);
             LOG.info("Issuer url: " + issuerURL);
             if (issuerURL != null && issuerURL.length() > 0) {
                 redirectURL = issuerURL;
             }
             
-            Object wAuthObj = ((FederationProtocol)config.getProtocol()).getAuthenticationType();
-            String wAuth = null;
-            if (wAuthObj != null) {
-                if (wAuthObj instanceof String) {
-                    wAuth = (String)wAuthObj;
-                } else if (wAuthObj instanceof CallbackHandler) {
-                    CallbackHandler wauthCB = (CallbackHandler)wAuthObj;
-                    WAuthCallback callback = new WAuthCallback(request);
-                    wauthCB.handle(new Callback[] {callback});
-                    wAuth = callback.getWauth();
-                }  
-            }
+            String wAuth = resolveAuthenticationType(request, config);
             LOG.info("WAuth: " + wAuth);
             
-            Object homeRealmObj = ((FederationProtocol)config.getProtocol()).getHomeRealm();
-            String homeRealm = null;
-            if (homeRealmObj != null) {
-                if (homeRealmObj instanceof String) {
-                    homeRealm = (String)homeRealmObj;
-                } else if (homeRealmObj instanceof CallbackHandler) {
-                    CallbackHandler hrCB = (CallbackHandler)homeRealmObj;
-                    HomeRealmCallback callback = new HomeRealmCallback(request);
-                    hrCB.handle(new Callback[] {callback});
-                    homeRealm = callback.getHomeRealm();
-                }
-            }
+            String homeRealm = resolveHomeRealm(request, config);
             LOG.info("HomeRealm: " + homeRealm);
             
-            Object freshnessObj = ((FederationProtocol)config.getProtocol()).getFreshness();
-            String freshness = null;
-            if (freshnessObj != null) {
-                if (freshnessObj instanceof String) {
-                    freshness = (String)freshnessObj;
-                } else if (freshnessObj instanceof CallbackHandler) {
-                    CallbackHandler frCB = (CallbackHandler)freshnessObj;
-                    FreshnessCallback callback = new FreshnessCallback(request);
-                    frCB.handle(new Callback[] {callback});
-                    freshness = callback.getFreshness();
-                }
-            }
+            String freshness = resolveFreshness(request, config);
             LOG.info("Freshness: " + freshness);
             
+            String signInQuery = resolveSignInQuery(request, config);
+            LOG.info("SignIn Query: " + signInQuery);
+            
              
             StringBuilder sb = new StringBuilder();
             sb.append(FederationConstants.PARAM_ACTION).append('=').append(FederationConstants.ACTION_SIGNIN);
@@ -463,6 +427,11 @@ public class FederationProcessorImpl imp
             sb.append('&').append(FederationConstants.PARAM_CURRENT_TIME).append('=')
             .append(URLEncoder.encode(wct, "UTF-8"));
             
+            // add signin query extensions
+            if (signInQuery != null && signInQuery.length() > 0) {
+                sb.append('&').append(signInQuery);
+            }
+            
             redirectURL = redirectURL + "?" + sb.toString();
         } catch (Exception ex) {
             LOG.error("Failed to create SignInRequest", ex);
@@ -470,6 +439,99 @@ public class FederationProcessorImpl imp
         }        
         return redirectURL;
     }
+
+    private String resolveSignInQuery(HttpServletRequest request, FederationContext config)
+        throws IOException, UnsupportedCallbackException, UnsupportedEncodingException {
+        Object signInQueryObj = ((FederationProtocol)config.getProtocol()).getSignInQuery();
+        String signInQuery = null;
+        if (signInQueryObj != null) {
+            if (signInQueryObj instanceof String) {
+                signInQuery = (String)signInQueryObj;
+            } else if (signInQueryObj instanceof CallbackHandler) {
+                CallbackHandler frCB = (CallbackHandler)signInQueryObj;
+                SignInQueryCallback callback = new SignInQueryCallback(request);
+                frCB.handle(new Callback[] {callback});
+                Map<String, String> signInQueryMap = callback.getSignInQueryParamMap();
+                StringBuilder sbQuery = new StringBuilder();
+                for (String key : signInQueryMap.keySet()) {
+                    if (sbQuery.length() > 0) {
+                        sbQuery.append("&");
+                    }
+                    sbQuery.append(key).append('=').
+                    append(URLEncoder.encode(signInQueryMap.get(key), "UTF-8"));
+                }
+                signInQuery = sbQuery.toString();
+               
+            }
+        }
+        return signInQuery;
+    }
+
+    private String resolveFreshness(HttpServletRequest request, FederationContext config)
throws IOException,
+        UnsupportedCallbackException {
+        Object freshnessObj = ((FederationProtocol)config.getProtocol()).getFreshness();
+        String freshness = null;
+        if (freshnessObj != null) {
+            if (freshnessObj instanceof String) {
+                freshness = (String)freshnessObj;
+            } else if (freshnessObj instanceof CallbackHandler) {
+                CallbackHandler frCB = (CallbackHandler)freshnessObj;
+                FreshnessCallback callback = new FreshnessCallback(request);
+                frCB.handle(new Callback[] {callback});
+                freshness = callback.getFreshness();
+            }
+        }
+        return freshness;
+    }
+
+    private String resolveHomeRealm(HttpServletRequest request, FederationContext config)
throws IOException,
+        UnsupportedCallbackException {
+        Object homeRealmObj = ((FederationProtocol)config.getProtocol()).getHomeRealm();
+        String homeRealm = null;
+        if (homeRealmObj != null) {
+            if (homeRealmObj instanceof String) {
+                homeRealm = (String)homeRealmObj;
+            } else if (homeRealmObj instanceof CallbackHandler) {
+                CallbackHandler hrCB = (CallbackHandler)homeRealmObj;
+                HomeRealmCallback callback = new HomeRealmCallback(request);
+                hrCB.handle(new Callback[] {callback});
+                homeRealm = callback.getHomeRealm();
+            }
+        }
+        return homeRealm;
+    }
+
+    private String resolveAuthenticationType(HttpServletRequest request, FederationContext
config)
+        throws IOException, UnsupportedCallbackException {
+        Object wAuthObj = ((FederationProtocol)config.getProtocol()).getAuthenticationType();
+        String wAuth = null;
+        if (wAuthObj != null) {
+            if (wAuthObj instanceof String) {
+                wAuth = (String)wAuthObj;
+            } else if (wAuthObj instanceof CallbackHandler) {
+                CallbackHandler wauthCB = (CallbackHandler)wAuthObj;
+                WAuthCallback callback = new WAuthCallback(request);
+                wauthCB.handle(new Callback[] {callback});
+                wAuth = callback.getWauth();
+            }  
+        }
+        return wAuth;
+    }
+
+    private String resolveIssuer(HttpServletRequest request, FederationContext config) throws
IOException,
+        UnsupportedCallbackException {
+        Object issuerObj = ((FederationProtocol)config.getProtocol()).getIssuer();
+        String issuerURL = null;
+        if (issuerObj instanceof String) {
+            issuerURL = (String)issuerObj;
+        } else if (issuerObj instanceof CallbackHandler) {
+            CallbackHandler issuerCB = (CallbackHandler)issuerObj;
+            IDPCallback callback = new IDPCallback(request);
+            issuerCB.handle(new Callback[] {callback});
+            issuerURL = callback.getIssuerUrl().toString();
+        }
+        return issuerURL;
+    }
     
     private String extractFullContextPath(HttpServletRequest request) throws MalformedURLException
{
         String result = null;

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocol.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocol.java?rev=1495610&r1=1495609&r2=1495610&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocol.java
(original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationProtocol.java
Fri Jun 21 21:55:38 2013
@@ -43,6 +43,7 @@ public class FederationProtocol extends 
     private Object issuer;
     private Object homeRealm;
     private Object freshness;
+    private Object signInQuery;
     private List<TokenValidator> validators = new ArrayList<TokenValidator>();
     
     public FederationProtocol(ProtocolType protocolType) {
@@ -265,6 +266,43 @@ public class FederationProtocol extends 
                                                + "java.lang.String or javax.security.auth.callback.CallbackHandler.");
         }
     }
+    
+    public Object getSignInQuery() {
+        if (this.signInQuery != null) {
+            return this.signInQuery;
+        }
+        CallbackType cbt = getFederationProtocol().getSignInQuery();
+        if (cbt == null) {
+            return null;
+        }
+        if (cbt.getType() == null || cbt.getType().equals(ArgumentType.STRING)) {
+            this.signInQuery = new String(cbt.getValue());
+        } else if (cbt.getType().equals(ArgumentType.CLASS)) {
+            try {
+                this.signInQuery =
+                    Thread.currentThread().getContextClassLoader().loadClass(cbt.getValue()).newInstance();
+            } catch (Exception e) {
+                LOG.error("Failed to create instance of " + cbt.getValue(), e);
+                throw new IllegalStateException("Failed to create instance of " + cbt.getValue());
+            }            
+        } else {
+            LOG.error("Only String and Class are supported for 'SignInQuery'");
+            throw new IllegalStateException("Only String and Class are supported for 'SignInQuery'");
+        }
+        return this.signInQuery;
+    }
+
+    public void setSignInQuery(Object value) {
+        final boolean isString = value instanceof String;
+        final boolean isCallbackHandler = value instanceof CallbackHandler;
+        if (isString || isCallbackHandler) {
+            this.signInQuery = value;
+        } else {
+            LOG.error("Unsupported 'SignInQuery' object");
+            throw new IllegalArgumentException("Unsupported 'SignInQuery' object. Type must
be "
+                                               + "java.lang.String or javax.security.auth.callback.CallbackHandler.");
+        }
+    }
 
     public String getReply() {
         return getFederationProtocol().getReply();

Added: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/SignInQueryCallback.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/SignInQueryCallback.java?rev=1495610&view=auto
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/SignInQueryCallback.java
(added)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/spi/SignInQueryCallback.java
Fri Jun 21 21:55:38 2013
@@ -0,0 +1,42 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.fediz.core.spi;
+
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+
+public class SignInQueryCallback extends AbstractServletCallback {
+
+    private Map<String, String> signInQueryParamMap;
+
+    public SignInQueryCallback(HttpServletRequest request) {
+        super(request);
+    }
+
+    public Map<String, String> getSignInQueryParamMap() {
+        return signInQueryParamMap;
+    }
+
+    public void setSignInQueryParamMap(Map<String, String> signInQueryParamMap) {
+        this.signInQueryParamMap = signInQueryParamMap;
+    }
+
+}

Modified: cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd?rev=1495610&r1=1495609&r2=1495610&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd (original)
+++ cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd Fri Jun 21 21:55:38
2013
@@ -96,6 +96,7 @@
 					<xs:element ref="freshness" />
 					<xs:element ref="reply" />
 					<xs:element ref="request" />
+					<xs:element ref="signInQuery" />
 					<xs:element ref="claimTypesRequested" />
 					<xs:element ref="tokenValidators" />
 					<xs:element ref="applicationServiceURL" />
@@ -126,6 +127,7 @@
 	<xs:element name="homeRealm" type="CallbackType" />
 	<xs:element name="authenticationType" type="CallbackType" />
 	<xs:element name="freshness" type="CallbackType" />
+	<xs:element name="signInQuery" type="CallbackType" />
 
 	<xs:simpleType name="argumentType">
 		<xs:restriction base="xs:string">

Modified: cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/CallbackHandlerTest.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/CallbackHandlerTest.java?rev=1495610&r1=1495609&r2=1495610&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/CallbackHandlerTest.java
(original)
+++ cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/CallbackHandlerTest.java
Fri Jun 21 21:55:38 2013
@@ -22,6 +22,7 @@ package org.apache.cxf.fediz.core.config
 import java.io.StringReader;
 import java.io.StringWriter;
 import java.math.BigInteger;
+import java.util.Map;
 
 import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
@@ -47,6 +48,7 @@ import org.apache.cxf.fediz.core.config.
 import org.apache.cxf.fediz.core.config.jaxb.ValidationType;
 import org.apache.cxf.fediz.core.spi.HomeRealmCallback;
 import org.apache.cxf.fediz.core.spi.IDPCallback;
+import org.apache.cxf.fediz.core.spi.SignInQueryCallback;
 import org.apache.cxf.fediz.core.spi.WAuthCallback;
 import org.junit.AfterClass;
 
@@ -67,6 +69,7 @@ public class CallbackHandlerTest {
     private static final String ROLE_URI = "http://someserver:8080/path/roles.uri";
     private static final String CLAIM_TYPE = "a particular claim type";
     private static final String SUBJECT_VALUE = ".*CN=www.sts1.com.*";
+    private static final String TEST_SIGNIN_QUERY = "pubid=myid";
     
     
     @AfterClass
@@ -151,6 +154,11 @@ public class CallbackHandlerTest {
         authType.setValue(TestCallbackHandler.TEST_WAUTH);
         protocol.setAuthenticationType(authType);
         
+        CallbackType signInQueryType = new CallbackType();
+        signInQueryType.setType(ArgumentType.STRING);
+        signInQueryType.setValue(TEST_SIGNIN_QUERY);
+        protocol.setSignInQuery(signInQueryType);
+        
         return config;
     }
     
@@ -174,6 +182,11 @@ public class CallbackHandlerTest {
         authType.setValue(CALLBACKHANDLER_CLASS);
         protocol.setAuthenticationType(authType);
         
+        CallbackType signInQueryType = new CallbackType();
+        signInQueryType.setType(ArgumentType.CLASS);
+        signInQueryType.setValue(CALLBACKHANDLER_CLASS);
+        protocol.setSignInQuery(signInQueryType);
+        
         return config;
     }
     
@@ -216,6 +229,17 @@ public class CallbackHandlerTest {
         hrCB.handle(new Callback[] {callbackHR});
         String hr = callbackHR.getHomeRealm();
         Assert.assertEquals(TestCallbackHandler.TEST_HOME_REALM, hr);
+        
+        Object signInQueryObj = fp.getSignInQuery();
+        Assert.assertTrue(signInQueryObj instanceof CallbackHandler);
+        CallbackHandler siqCB = (CallbackHandler)signInQueryObj;
+        SignInQueryCallback callbackSIQ = new SignInQueryCallback(null);
+        siqCB.handle(new Callback[] {callbackSIQ});
+        Map<String, String> signinQueryMap = callbackSIQ.getSignInQueryParamMap();
+        Assert.assertEquals(2, signinQueryMap.size());
+        Assert.assertEquals("myid", signinQueryMap.get("pubid"));
+        Assert.assertEquals("<=>", signinQueryMap.get("testenc"));
+        
     }
     
     @org.junit.Test
@@ -248,6 +272,11 @@ public class CallbackHandlerTest {
         Assert.assertTrue(homeRealmObj instanceof String);
         String hr = (String)homeRealmObj;
         Assert.assertEquals(TestCallbackHandler.TEST_HOME_REALM, hr);
+        
+        Object signInQueryObj = fp.getSignInQuery();
+        Assert.assertTrue(signInQueryObj instanceof String);
+        String signInQuery = (String)signInQueryObj;
+        Assert.assertEquals(TestCallbackHandler.TEST_SIGNIN_QUERY, signInQuery);
     }
     
 }

Modified: cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/TestCallbackHandler.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/TestCallbackHandler.java?rev=1495610&r1=1495609&r2=1495610&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/TestCallbackHandler.java
(original)
+++ cxf/fediz/trunk/plugins/core/src/test/java/org/apache/cxf/fediz/core/config/TestCallbackHandler.java
Fri Jun 21 21:55:38 2013
@@ -21,6 +21,8 @@ package org.apache.cxf.fediz.core.config
 
 import java.io.IOException;
 import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
 
 import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
@@ -28,6 +30,7 @@ import javax.security.auth.callback.Unsu
 
 import org.apache.cxf.fediz.core.spi.HomeRealmCallback;
 import org.apache.cxf.fediz.core.spi.IDPCallback;
+import org.apache.cxf.fediz.core.spi.SignInQueryCallback;
 import org.apache.cxf.fediz.core.spi.WAuthCallback;
 
 public class TestCallbackHandler implements CallbackHandler {
@@ -35,6 +38,7 @@ public class TestCallbackHandler impleme
     static final String TEST_HOME_REALM = "http://test.com/homerealm";
     static final String TEST_IDP = "http://rp.example.com/";
     static final String TEST_WAUTH = "up";
+    static final String TEST_SIGNIN_QUERY = "pubid=myid";
     
     public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
{
         for (int i = 0; i < callbacks.length; i++) {
@@ -47,6 +51,12 @@ public class TestCallbackHandler impleme
             } else if (callbacks[i] instanceof IDPCallback) {
                 IDPCallback callback = (IDPCallback) callbacks[i];
                 callback.setIssuerUrl(new URL(TEST_IDP));
+            } else if (callbacks[i] instanceof SignInQueryCallback) {
+                SignInQueryCallback callback = (SignInQueryCallback) callbacks[i];
+                Map<String, String> queryParamMap = new HashMap<String, String>();
+                queryParamMap.put("pubid", "myid");
+                queryParamMap.put("testenc", "<=>");
+                callback.setSignInQueryParamMap(queryParamMap);
             } else {
                 throw new UnsupportedCallbackException(callbacks[i], "Unrecognized Callback");
             }



Mime
View raw message