cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject git commit: Fixing logout tests for the CXF plugin
Date Wed, 17 Sep 2014 14:20:28 GMT
Repository: cxf-fediz
Updated Branches:
  refs/heads/master 01c101637 -> bf51b0f8a


Fixing logout tests for the CXF plugin


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/bf51b0f8
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/bf51b0f8
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/bf51b0f8

Branch: refs/heads/master
Commit: bf51b0f8a4df005739c53d5ae5bcff7dc2295726
Parents: 01c1016
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Wed Sep 17 15:20:14 2014 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Wed Sep 17 15:20:14 2014 +0100

----------------------------------------------------------------------
 .../cxf/plugin/FedizRedirectBindingFilter.java  | 101 ++++++++++++++++---
 .../src/main/webapp/WEB-INF/signoutresponse.jsp |   2 +-
 .../federation/FederationTest.java              |  10 --
 3 files changed, 89 insertions(+), 24 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/bf51b0f8/plugins/cxf/src/main/java/org/apache/cxf/fediz/cxf/plugin/FedizRedirectBindingFilter.java
----------------------------------------------------------------------
diff --git a/plugins/cxf/src/main/java/org/apache/cxf/fediz/cxf/plugin/FedizRedirectBindingFilter.java
b/plugins/cxf/src/main/java/org/apache/cxf/fediz/cxf/plugin/FedizRedirectBindingFilter.java
index 9ab7d0b..6a1e81a 100644
--- a/plugins/cxf/src/main/java/org/apache/cxf/fediz/cxf/plugin/FedizRedirectBindingFilter.java
+++ b/plugins/cxf/src/main/java/org/apache/cxf/fediz/cxf/plugin/FedizRedirectBindingFilter.java
@@ -19,6 +19,7 @@
 package org.apache.cxf.fediz.cxf.plugin;
 
 import java.io.IOException;
+import java.io.InputStream;
 import java.io.UnsupportedEncodingException;
 import java.net.URI;
 import java.security.cert.X509Certificate;
@@ -28,10 +29,14 @@ import java.util.List;
 import java.util.Map;
 import java.util.UUID;
 
+import javax.servlet.ServletOutputStream;
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 import javax.ws.rs.HttpMethod;
 import javax.ws.rs.container.ContainerRequestContext;
 import javax.ws.rs.core.Context;
+import javax.ws.rs.core.Cookie;
+import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.MultivaluedMap;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.ResponseBuilder;
@@ -54,6 +59,7 @@ import org.apache.cxf.fediz.core.util.CookieUtils;
 import org.apache.cxf.fediz.cxf.plugin.state.ResponseState;
 import org.apache.cxf.helpers.IOUtils;
 import org.apache.cxf.jaxrs.ext.MessageContext;
+import org.apache.cxf.jaxrs.impl.HttpHeadersImpl;
 import org.apache.cxf.jaxrs.impl.UriInfoImpl;
 import org.apache.cxf.jaxrs.utils.ExceptionUtils;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
@@ -79,23 +85,31 @@ public class FedizRedirectBindingFilter extends AbstractServiceProviderFilter
{
         }
 
         // See if it is a Logout request
-        if (isLogoutRequest(context, fedConfig)) {
+        if (isLogoutRequest(context, m, fedConfig)) {
             return;
         }
         
-        if (checkSecurityContext(m)) {
+        String httpMethod = context.getMethod();
+        MultivaluedMap<String, String> params = null;
+        
+        try {
+            if (HttpMethod.GET.equals(httpMethod)) {
+                params = context.getUriInfo().getQueryParameters();
+            } else if (HttpMethod.POST.equals(httpMethod)) {
+                String strForm = IOUtils.toString(context.getEntityStream());
+                params = JAXRSUtils.getStructuredParams(strForm, "&", true, false);
+            }
+        } catch (Exception ex) {
+            LOG.debug(ex.getMessage(), ex);
+            throw ExceptionUtils.toInternalServerErrorException(ex, null);
+        }
+        
+        if (isSignoutCleanupRequest(fedConfig, m, params)) {
+            return;
+        } else if (checkSecurityContext(m)) {
             return;
         } else {
             try {
-                String httpMethod = context.getMethod();
-                MultivaluedMap<String, String> params = null;
-                if (HttpMethod.GET.equals(httpMethod)) {
-                    params = context.getUriInfo().getQueryParameters();
-                } else if (HttpMethod.POST.equals(httpMethod)) {
-                    String strForm = IOUtils.toString(context.getEntityStream());
-                    params = JAXRSUtils.getStructuredParams(strForm, "&", true, false);
-                }
-                
                 if (isSignInRequired(fedConfig, params)) {
                     // Unauthenticated -> redirect
                     FedizProcessor processor = 
@@ -244,12 +258,15 @@ public class FedizRedirectBindingFilter extends AbstractServiceProviderFilter
{
         return false;
     }
     
-    private boolean isLogoutRequest(ContainerRequestContext context, FedizContext fedConfig)
{
+    private boolean isLogoutRequest(ContainerRequestContext context, Message message,
+                                    FedizContext fedConfig) {
         //logout
         String logoutUrl = fedConfig.getLogoutURL();
         if (logoutUrl != null && !logoutUrl.isEmpty()) {
             String requestPath = "/" + context.getUriInfo().getPath();
             if (requestPath.equals(logoutUrl) || requestPath.equals(logoutUrl + "/")) {
+                cleanupContext(message);
+                
                 try {
                     FedizProcessor processor = 
                         FedizProcessorFactory.newFedizProcessor(fedConfig.getProtocol());
@@ -277,11 +294,23 @@ public class FedizRedirectBindingFilter extends AbstractServiceProviderFilter
{
                 }
             }
         }
-        // TODO ACTION_SIGNOUT_CLEANUP
         
         return false;
     }
     
+    private void cleanupContext(Message message) {
+        HttpHeaders headers = new HttpHeadersImpl(message);
+        Map<String, Cookie> cookies = headers.getCookies();
+        if (cookies.containsKey(SECURITY_CONTEXT_TOKEN)) {
+            String contextKey = cookies.get(SECURITY_CONTEXT_TOKEN).getValue();
+            getStateManager().removeResponseState(contextKey);
+        }
+        if (cookies.containsKey(SECURITY_CONTEXT_STATE)) {
+            String contextKey = cookies.get(SECURITY_CONTEXT_STATE).getValue();
+            getStateManager().removeRequestState(contextKey);
+        }
+    }
+    
     private String getMetadataURI(FedizContext fedConfig) {
         if (fedConfig.getProtocol().getMetadataURI() != null) {
             return fedConfig.getProtocol().getMetadataURI();
@@ -319,6 +348,51 @@ public class FedizRedirectBindingFilter extends AbstractServiceProviderFilter
{
         return false;
     }
     
+    private boolean isSignoutCleanupRequest(FedizContext fedConfig, Message m, MultivaluedMap<String,
String> params) { 
+        
+        boolean signoutCleanup = false;
+        if (params != null && fedConfig.getProtocol() instanceof FederationProtocol
+            && FederationConstants.ACTION_SIGNOUT_CLEANUP.equals(
+                params.getFirst(FederationConstants.PARAM_ACTION))) {
+            signoutCleanup = true;
+        } /* TODO else if (params != null && fedConfig.getProtocol() instanceof SAMLProtocol
+            && params.getFirst(SAMLSSOConstants.RELAY_STATE) != null) {
+            signoutCleanup = true;
+        }*/
+        
+        if (signoutCleanup) {
+            if (LOG.isDebugEnabled()) {
+                LOG.debug("SignOutCleanup request found");
+                LOG.debug("SignOutCleanup action...");
+            }
+            cleanupContext(m);
+            
+            HttpServletResponse response = messageContext.getHttpServletResponse();
+            try {
+                final ServletOutputStream responseOutputStream = response.getOutputStream();
+                InputStream inputStream = this.getClass().getClassLoader().getResourceAsStream("logout.jpg");
+                if (inputStream == null) {
+                    LOG.warn("Could not write logout.jpg");
+                    return true;
+                }
+                int read = 0;
+                byte[] buf = new byte[1024];
+                while ((read = inputStream.read(buf)) != -1) {
+                    responseOutputStream.write(buf, 0, read);
+                }
+                inputStream.close();
+                responseOutputStream.flush();
+            } catch (Exception ex) {
+                LOG.debug(ex.getMessage(), ex);
+                throw ExceptionUtils.toInternalServerErrorException(ex, null);
+            }
+            
+            return true;
+        }
+        
+        return false;
+    }
+    
     private String getResponseToken(FedizContext fedConfig, MultivaluedMap<String, String>
params) 
         throws IOException {
         if (params != null && fedConfig.getProtocol() instanceof FederationProtocol)
{
@@ -415,4 +489,5 @@ public class FedizRedirectBindingFilter extends AbstractServiceProviderFilter
{
             }
         }
     }
+    
 }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/bf51b0f8/services/idp/src/main/webapp/WEB-INF/signoutresponse.jsp
----------------------------------------------------------------------
diff --git a/services/idp/src/main/webapp/WEB-INF/signoutresponse.jsp b/services/idp/src/main/webapp/WEB-INF/signoutresponse.jsp
index 067290a..5314ab1 100644
--- a/services/idp/src/main/webapp/WEB-INF/signoutresponse.jsp
+++ b/services/idp/src/main/webapp/WEB-INF/signoutresponse.jsp
@@ -12,7 +12,7 @@
 <title>IDP SignOut Response Page</title>
 </head>
 <body>
-	<h1>CXF Fediz IDP succesfully logout.</h1>
+	<h1>CXF Fediz IDP successful logout.</h1>
 
     <p>
         <%

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/bf51b0f8/systests/cxf/src/test/java/org/apache/cxf/fediz/integrationtests/federation/FederationTest.java
----------------------------------------------------------------------
diff --git a/systests/cxf/src/test/java/org/apache/cxf/fediz/integrationtests/federation/FederationTest.java
b/systests/cxf/src/test/java/org/apache/cxf/fediz/integrationtests/federation/FederationTest.java
index 84b91df..8dbbcb5 100644
--- a/systests/cxf/src/test/java/org/apache/cxf/fediz/integrationtests/federation/FederationTest.java
+++ b/systests/cxf/src/test/java/org/apache/cxf/fediz/integrationtests/federation/FederationTest.java
@@ -223,16 +223,6 @@ public class FederationTest extends AbstractTests {
 
     }
 
-    @org.junit.Test
-    public void testRPLogout() throws Exception {
-        //
-    }
-    
-    @org.junit.Test
-    public void testIdPLogout() throws Exception {
-        //
-    }
-    
     public String getServletContextName() {
         return "fedizhelloworld";
     }


Mime
View raw message