cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1518287 - in /cxf/trunk: rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/ rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/ rt/rs/security...
Date Wed, 28 Aug 2013 17:12:27 GMT
Author: sergeyb
Date: Wed Aug 28 17:12:27 2013
New Revision: 1518287

URL: http://svn.apache.org/r1518287
Log:
[CXF-5239] Support for transient client secrets in auth code flow

Added:
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/Base64UrlUtility.java
      - copied, changed from r1517477, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/Base64UrlUtility.java
Removed:
    cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/Base64UrlUtility.java
Modified:
    cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthHandler.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthOutInterceptor.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/AbstractSaml2BearerGrant.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/MessageDigestGenerator.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
    cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthHandler.java?rev=1518287&r1=1518286&r2=1518287&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthHandler.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthHandler.java
Wed Aug 28 17:12:27 2013
@@ -36,9 +36,9 @@ import org.apache.cxf.jaxrs.utils.FormUt
 import org.apache.cxf.jaxrs.utils.HttpUtils;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
 import org.apache.cxf.message.Message;
-import org.apache.cxf.rs.security.oauth2.saml.Base64UrlUtility;
 import org.apache.cxf.rs.security.oauth2.saml.Constants;
 import org.apache.cxf.rs.security.oauth2.saml.SamlOAuthValidator;
+import org.apache.cxf.rs.security.oauth2.utils.Base64UrlUtility;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 import org.apache.cxf.rs.security.saml.AbstractSamlInHandler;
 import org.apache.cxf.rs.security.saml.SAMLUtils;

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthOutInterceptor.java?rev=1518287&r1=1518286&r2=1518287&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthOutInterceptor.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthOutInterceptor.java
Wed Aug 28 17:12:27 2013
@@ -21,8 +21,8 @@ package org.apache.cxf.rs.security.oauth
 import javax.ws.rs.core.Form;
 
 import org.apache.cxf.common.util.Base64Exception;
-import org.apache.cxf.rs.security.oauth2.saml.Base64UrlUtility;
 import org.apache.cxf.rs.security.oauth2.saml.Constants;
+import org.apache.cxf.rs.security.oauth2.utils.Base64UrlUtility;
 import org.apache.cxf.rs.security.saml.SamlFormOutInterceptor;
 
 public class Saml2BearerAuthOutInterceptor extends SamlFormOutInterceptor {

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/AbstractSaml2BearerGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/AbstractSaml2BearerGrant.java?rev=1518287&r1=1518286&r2=1518287&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/AbstractSaml2BearerGrant.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/AbstractSaml2BearerGrant.java
Wed Aug 28 17:12:27 2013
@@ -23,7 +23,7 @@ import javax.ws.rs.core.MultivaluedMap;
 import org.apache.cxf.jaxrs.impl.MetadataMap;
 import org.apache.cxf.rs.security.oauth2.common.AccessTokenGrant;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
-import org.apache.cxf.rs.security.oauth2.saml.Base64UrlUtility;
+import org.apache.cxf.rs.security.oauth2.utils.Base64UrlUtility;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 
 public abstract class AbstractSaml2BearerGrant implements AccessTokenGrant {

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java?rev=1518287&r1=1518286&r2=1518287&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java
Wed Aug 28 17:12:27 2013
@@ -47,9 +47,9 @@ import org.apache.cxf.rs.security.oauth2
 import org.apache.cxf.rs.security.oauth2.common.UserSubject;
 import org.apache.cxf.rs.security.oauth2.grants.AbstractGrantHandler;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
-import org.apache.cxf.rs.security.oauth2.saml.Base64UrlUtility;
 import org.apache.cxf.rs.security.oauth2.saml.Constants;
 import org.apache.cxf.rs.security.oauth2.saml.SamlOAuthValidator;
+import org.apache.cxf.rs.security.oauth2.utils.Base64UrlUtility;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
 import org.apache.cxf.rs.security.saml.authorization.JAXRSSAMLSecurityContext;

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java?rev=1518287&r1=1518286&r2=1518287&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
Wed Aug 28 17:12:27 2013
@@ -19,12 +19,17 @@
 
 package org.apache.cxf.rs.security.oauth2.grants.code;
 
+import java.io.StringWriter;
+
 import javax.ws.rs.core.MultivaluedMap;
 
+import org.apache.cxf.common.util.Base64Exception;
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
 import org.apache.cxf.rs.security.oauth2.grants.AbstractGrantHandler;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
+import org.apache.cxf.rs.security.oauth2.utils.Base64UrlUtility;
+import org.apache.cxf.rs.security.oauth2.utils.MessageDigestGenerator;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
 
@@ -68,11 +73,37 @@ public class AuthorizationCodeGrantHandl
                 || !client.getRedirectUris().contains(expectedRedirectUri))) {
             throw new OAuthServiceException(OAuthConstants.INVALID_REQUEST);
         }
+        
+        String tempClientSecretHash = grant.getTempClientSecretHash();
+        if (tempClientSecretHash != null) {
+            String tempClientSecret = params.getFirst(OAuthConstants.TEMP_CLIENT_SECRET);
+            if (!compareTcshWithTch(tempClientSecretHash, tempClientSecret)) {
+                throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
+            }
+        }
+        
         return doCreateAccessToken(client, 
                                    grant.getSubject(), 
                                    grant.getApprovedScopes(),
                                    grant.getAudience());
     }
     
-    
+    private boolean compareTcshWithTch(String tempClientSecretHash, String tempClientSecret)
{
+        if (tempClientSecret == null) {
+            return false;
+        }
+        MessageDigestGenerator mdg = new MessageDigestGenerator();
+        byte[] digest = mdg.createDigest(tempClientSecret, "SHA-256");
+        int length = digest.length > 128 / 8 ? 128 / 8 : digest.length;
+        
+        StringWriter stringWriter = new StringWriter();
+        try {
+            Base64UrlUtility.encode(digest, 0, length, stringWriter);
+        } catch (Base64Exception e) {
+            throw new OAuthServiceException("server_error", e);
+        }
+        String expectedHash = stringWriter.toString();
+        return tempClientSecretHash.equals(expectedHash);
+        
+    }
 }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java?rev=1518287&r1=1518286&r2=1518287&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
Wed Aug 28 17:12:27 2013
@@ -35,6 +35,7 @@ public class AuthorizationCodeRegistrati
     private String redirectUri;
     private UserSubject subject;
     private String audience;
+    private String tempClientSecretHash;
     
     /**
      * Sets the {@link Client} reference
@@ -119,4 +120,10 @@ public class AuthorizationCodeRegistrati
     public void setAudience(String audience) {
         this.audience = audience;
     }
+    public String getTempClientSecretHash() {
+        return tempClientSecretHash;
+    }
+    public void setTempClientSecretHash(String tempClientSecretHash) {
+        this.tempClientSecretHash = tempClientSecretHash;
+    }
 }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java?rev=1518287&r1=1518286&r2=1518287&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
Wed Aug 28 17:12:27 2013
@@ -39,6 +39,7 @@ public class ServerAuthorizationCodeGran
     private List<String> approvedScopes = Collections.emptyList();
     private UserSubject subject;
     private String audience;
+    private String tempClientSecretHash;
     
     public ServerAuthorizationCodeGrant(Client client, 
                                         long lifetime) {
@@ -123,4 +124,12 @@ public class ServerAuthorizationCodeGran
     public void setAudience(String audience) {
         this.audience = audience;
     }
+
+    public String getTempClientSecretHash() {
+        return tempClientSecretHash;
+    }
+
+    public void setTempClientSecretHash(String tempClientSecretHash) {
+        this.tempClientSecretHash = tempClientSecretHash;
+    }
 }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java?rev=1518287&r1=1518286&r2=1518287&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
Wed Aug 28 17:12:27 2013
@@ -72,6 +72,7 @@ public class AuthorizationCodeGrantServi
         codeReg.setApprovedScope(approvedScope);
         codeReg.setSubject(userSubject);
         codeReg.setAudience(params.getFirst(OAuthConstants.CLIENT_AUDIENCE));
+        codeReg.setTempClientSecretHash(params.getFirst(OAuthConstants.TEMP_CLIENT_SECRET_HASH));
         
         ServerAuthorizationCodeGrant grant = null;
         try {

Copied: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/Base64UrlUtility.java
(from r1517477, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/Base64UrlUtility.java)
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/Base64UrlUtility.java?p2=cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/Base64UrlUtility.java&p1=cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/Base64UrlUtility.java&r1=1517477&r2=1518287&rev=1518287&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/Base64UrlUtility.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/Base64UrlUtility.java
Wed Aug 28 17:12:27 2013
@@ -17,7 +17,7 @@
  * under the License.
  */
 
-package org.apache.cxf.rs.security.oauth2.saml;
+package org.apache.cxf.rs.security.oauth2.utils;
 
 /**
  * Base64 URL Encoding/Decoding utility (character 62 is '-', 63 - '_')

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/MessageDigestGenerator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/MessageDigestGenerator.java?rev=1518287&r1=1518286&r2=1518287&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/MessageDigestGenerator.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/MessageDigestGenerator.java
Wed Aug 28 17:12:27 2013
@@ -18,6 +18,7 @@
  */
 package org.apache.cxf.rs.security.oauth2.utils;
 
+import java.io.UnsupportedEncodingException;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 
@@ -36,10 +37,7 @@ public class MessageDigestGenerator {
         }
 
         try {
-            MessageDigest md = MessageDigest.getInstance(algorithm);
-            md.reset();
-            md.update(input);
-            byte[] messageDigest = md.digest();
+            byte[] messageDigest = createDigest(input, algorithm);
             StringBuffer hexString = new StringBuffer();
             for (int i = 0; i < messageDigest.length; i++) {
                 hexString.append(Integer.toHexString(0xFF & messageDigest[i]));
@@ -51,6 +49,23 @@ public class MessageDigestGenerator {
         }
     }
 
+    public byte[] createDigest(String input, String algo) {
+        try {
+            return createDigest(input.getBytes("UTF-8"), algo);
+        } catch (UnsupportedEncodingException e) {
+            throw new OAuthServiceException("server_error", e);
+        } catch (NoSuchAlgorithmException e) {
+            throw new OAuthServiceException("server_error", e);
+        }   
+    }
+    
+    public byte[] createDigest(byte[] input, String algo) throws NoSuchAlgorithmException
{ 
+        MessageDigest md = MessageDigest.getInstance(algo);
+        md.reset();
+        md.update(input);
+        return md.digest();
+    }
+    
     public void setAlgorithm(String algo) {
         this.algorithm = algo;
     }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java?rev=1518287&r1=1518286&r2=1518287&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
Wed Aug 28 17:12:27 2013
@@ -26,7 +26,10 @@ public final class OAuthConstants {
     // Common OAuth2 constants
     public static final String CLIENT_ID = "client_id";
     public static final String CLIENT_SECRET = "client_secret";
+    public static final String TEMP_CLIENT_SECRET = "tcs";
+    public static final String TEMP_CLIENT_SECRET_HASH = "tcsh";
     public static final String CLIENT_AUDIENCE = "audience";
+    
     public static final String REDIRECT_URI = "redirect_uri";
     public static final String SCOPE = "scope";
     public static final String STATE = "state";

Modified: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java?rev=1518287&r1=1518286&r2=1518287&view=diff
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java
(original)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java
Wed Aug 28 17:12:27 2013
@@ -37,8 +37,8 @@ import org.apache.cxf.rs.security.oauth2
 import org.apache.cxf.rs.security.oauth2.common.AccessTokenGrant;
 import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
 import org.apache.cxf.rs.security.oauth2.grants.saml.Saml2BearerGrant;
-import org.apache.cxf.rs.security.oauth2.saml.Base64UrlUtility;
 import org.apache.cxf.rs.security.oauth2.saml.Constants;
+import org.apache.cxf.rs.security.oauth2.utils.Base64UrlUtility;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 import org.apache.cxf.rs.security.saml.SAMLUtils;
 import org.apache.cxf.rs.security.saml.SAMLUtils.SelfSignInfo;



Mime
View raw message