cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject git commit: [CXF-5311] Passing principal name to password providers when possible
Date Tue, 17 Jun 2014 21:05:09 GMT
Repository: cxf
Updated Branches:
  refs/heads/master e4704fb09 -> c55f816a0


[CXF-5311] Passing principal name to password providers when possible


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c55f816a
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c55f816a
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c55f816a

Branch: refs/heads/master
Commit: c55f816a01cf510ce13966d504050b7f8a859b66
Parents: e4704fb
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Tue Jun 17 22:04:52 2014 +0100
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Tue Jun 17 22:04:52 2014 +0100

----------------------------------------------------------------------
 .../apache/cxf/rs/security/oauth2/jwt/JwtHeaders.java   |  8 ++++++++
 .../cxf/rs/security/oauth2/jwt/jwk/JsonWebKey.java      |  8 ++++++++
 .../rs/security/oauth2/utils/crypto/CryptoUtils.java    | 12 ++++++++++++
 3 files changed, 28 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/c55f816a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/JwtHeaders.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/JwtHeaders.java
b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/JwtHeaders.java
index c6ffedd..7ca0ba5 100644
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/JwtHeaders.java
+++ b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/JwtHeaders.java
@@ -104,6 +104,14 @@ public class JwtHeaders extends AbstractJwtObject {
         return (String)getHeader(JwtConstants.HEADER_X509_THUMBPRINT);
     }
     
+    public void setX509ThumbprintSHA256(String x509Thumbprint) {
+        super.setValue(JwtConstants.HEADER_X509_THUMBPRINT_SHA256, x509Thumbprint);
+    }
+    
+    public String getX509ThumbprintSHA256() {
+        return (String)super.getValue(JwtConstants.HEADER_X509_THUMBPRINT_SHA256);
+    }
+    
     public void setCritical(List<String> crit) {
         setHeader(JwtConstants.HEADER_CRITICAL, crit);
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/c55f816a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jwk/JsonWebKey.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jwk/JsonWebKey.java
b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jwk/JsonWebKey.java
index d1573c4..7445251 100644
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jwk/JsonWebKey.java
+++ b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jwk/JsonWebKey.java
@@ -122,6 +122,14 @@ public class JsonWebKey extends AbstractJwtObject {
         return (String)super.getValue(X509_THUMBPRINT);
     }
     
+    public void setX509ThumbprintSHA256(String x509Thumbprint) {
+        super.setValue(X509_THUMBPRINT_SHA256, x509Thumbprint);
+    }
+    
+    public String getX509ThumbprintSHA256() {
+        return (String)super.getValue(X509_THUMBPRINT_SHA256);
+    }
+    
     public JsonWebKey setProperty(String name, Object value) {
         super.setValue(name, value);
         return this;

http://git-wip-us.apache.org/repos/asf/cxf/blob/c55f816a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/CryptoUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/CryptoUtils.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/CryptoUtils.java
index 2c75038..e46409c 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/CryptoUtils.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/CryptoUtils.java
@@ -26,6 +26,7 @@ import java.math.BigInteger;
 import java.security.Key;
 import java.security.KeyFactory;
 import java.security.KeyStore;
+import java.security.Principal;
 import java.security.PrivateKey;
 import java.security.PublicKey;
 import java.security.SecureRandom;
@@ -53,6 +54,7 @@ import org.apache.cxf.helpers.IOUtils;
 import org.apache.cxf.jaxrs.utils.ResourceUtils;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.rs.security.oauth2.utils.Base64UrlUtility;
+import org.apache.cxf.security.SecurityContext;
 
 
 /**
@@ -64,6 +66,7 @@ public final class CryptoUtils {
     public static final String RSSEC_KEY_PSWD = "rs.security.key.password";
     public static final String RSSEC_KEY_STORE_ALIAS = "rs.security.keystore.alias";
     public static final String RSSEC_KEY_STORE_FILE = "rs.security.keystore.file";
+    public static final String RSSEC_PRINCIPAL_NAME = "rs.security.principal.name";
     public static final String RSSEC_SIG_KEY_PSWD_PROVIDER = "rs.security.signature.key.password.provider";
     public static final String RSSEC_DECRYPT_KEY_PSWD_PROVIDER = "rs.security.decryption.key.password.provider";
         
@@ -220,6 +223,15 @@ public final class CryptoUtils {
         KeyStore keyStore = CryptoUtils.loadPersistKeyStore(m, props);
         PrivateKeyPasswordProvider cb = 
             (PrivateKeyPasswordProvider)m.getContextualProperty(passwordProviderProp);
+        if (cb != null && m.getExchange().getInMessage() != null) {
+            SecurityContext sc = m.getExchange().getInMessage().get(SecurityContext.class);
+            if (sc != null) {
+                Principal p = sc.getUserPrincipal();
+                if (p != null) {
+                    props.setProperty(RSSEC_PRINCIPAL_NAME, p.getName());
+                }
+            }
+        }
         return CryptoUtils.loadPrivateKey(keyStore, props, bus, cb);
     }
     public static KeyStore loadPersistKeyStore(Message m, Properties props) {


Mime
View raw message