cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject git commit: [CXF-5311] Minor update to the grant handler
Date Mon, 09 Jun 2014 15:03:26 GMT
Repository: cxf
Updated Branches:
  refs/heads/master a2616506a -> 9e51e56a7


[CXF-5311] Minor update to the grant handler


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/9e51e56a
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/9e51e56a
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/9e51e56a

Branch: refs/heads/master
Commit: 9e51e56a7f5c85ade60f6a902d1d2aed29a0286f
Parents: a261650
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Mon Jun 9 16:03:07 2014 +0100
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Mon Jun 9 16:03:07 2014 +0100

----------------------------------------------------------------------
 .../security/oauth2/jwt/grant/AbstractJwtHandler.java   | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/9e51e56a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/grant/AbstractJwtHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/grant/AbstractJwtHandler.java
b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/grant/AbstractJwtHandler.java
index ff1bc48..8dfdf60 100644
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/grant/AbstractJwtHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/grant/AbstractJwtHandler.java
@@ -23,6 +23,7 @@ import java.util.Set;
 
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rs.security.oauth2.grants.AbstractGrantHandler;
+import org.apache.cxf.rs.security.oauth2.jws.JwsSignatureVerifier;
 import org.apache.cxf.rs.security.oauth2.jwt.JwtClaims;
 import org.apache.cxf.rs.security.oauth2.jwt.JwtHeaders;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
@@ -34,13 +35,16 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
  */
 public abstract class AbstractJwtHandler extends AbstractGrantHandler {
     private Set<String> supportedIssuers; 
+    private JwsSignatureVerifier jwsVefifier;
         
     protected AbstractJwtHandler(List<String> grants) {
         super(grants);
     }
     
-    protected void validateSignature(JwtHeaders headers, String plainSequence, byte[] signature)
{
-        
+    protected void validateSignature(JwtHeaders headers, String unsignedText, byte[] signature)
{
+        if (jwsVefifier.verify(headers, unsignedText, signature)) {    
+            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
+        }
     }
     
     protected void validateClaims(Client client, JwtClaims claims) {
@@ -88,5 +92,9 @@ public abstract class AbstractJwtHandler extends AbstractGrantHandler {
     public void setSupportedIssuers(Set<String> supportedIssuers) {
         this.supportedIssuers = supportedIssuers;
     }
+
+    public void setJwsVefifier(JwsSignatureVerifier jwsVefifier) {
+        this.jwsVefifier = jwsVefifier;
+    }
     
 }


Mime
View raw message