cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Workaround to avoid losing complex signed OAuth2 code extensions
Date Fri, 05 Dec 2014 16:28:46 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 6cd954781 -> ea98d522f


Workaround to avoid losing complex signed OAuth2 code extensions


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/ea98d522
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/ea98d522
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/ea98d522

Branch: refs/heads/master
Commit: ea98d522f6cc6b062dd8c2612e79ca6c6ce8b350
Parents: 6cd9547
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Fri Dec 5 16:28:27 2014 +0000
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Fri Dec 5 16:28:27 2014 +0000

----------------------------------------------------------------------
 .../json/JsonMapObjectReaderWriter.java         | 21 ++++++++++++++------
 .../grants/code/JwtRequestCodeFilter.java       | 15 +++++++++++++-
 2 files changed, 29 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/ea98d522/rt/rs/extensions/providers/src/main/java/org/apache/cxf/jaxrs/provider/json/JsonMapObjectReaderWriter.java
----------------------------------------------------------------------
diff --git a/rt/rs/extensions/providers/src/main/java/org/apache/cxf/jaxrs/provider/json/JsonMapObjectReaderWriter.java
b/rt/rs/extensions/providers/src/main/java/org/apache/cxf/jaxrs/provider/json/JsonMapObjectReaderWriter.java
index 604abfe..f395e6e 100644
--- a/rt/rs/extensions/providers/src/main/java/org/apache/cxf/jaxrs/provider/json/JsonMapObjectReaderWriter.java
+++ b/rt/rs/extensions/providers/src/main/java/org/apache/cxf/jaxrs/provider/json/JsonMapObjectReaderWriter.java
@@ -45,6 +45,12 @@ public class JsonMapObjectReaderWriter {
         return sb.toString();
     }
     
+    public String toJson(List<Object> list) {
+        StringBuilder sb = new StringBuilder();
+        toJsonInternal(new StringBuilderOutput(sb), list);
+        return sb.toString();
+    }
+    
     public void toJson(JsonMapObject obj, OutputStream os) {
         toJson(obj.asMap(), os);
     }
@@ -122,7 +128,10 @@ public class JsonMapObjectReaderWriter {
         readJsonObjectAsSettable(nextMap, theJson.substring(1, theJson.length() - 1));
         return nextMap.map;
     }
-    
+    public List<Object> fromJsonAsList(String json) {
+        String theJson = json.trim();
+        return internalFromJsonAsList(theJson.substring(1, theJson.length() - 1));
+    }
     protected void readJsonObjectAsSettable(Settable values, String json) {
         for (int i = 0; i < json.length(); i++) {
             if (isWhiteSpace(json.charAt(i))) {
@@ -148,18 +157,18 @@ public class JsonMapObjectReaderWriter {
             } else if (json.charAt(sepIndex + j) == '[') {
                 int closingIndex = getClosingIndex(json, '[', ']', sepIndex + j);
                 String newJson = json.substring(sepIndex + j + 1, closingIndex);
-                values.put(name, readJwtObjectAsList(name, newJson));
+                values.put(name, internalFromJsonAsList(newJson));
                 i = closingIndex + 1;
             } else {
                 int commaIndex = getCommaIndex(json, sepIndex + j);
-                Object value = readPrimitiveValue(name, json, sepIndex + j, commaIndex);
+                Object value = readPrimitiveValue(json, sepIndex + j, commaIndex);
                 values.put(name, value);
                 i = commaIndex + 1;
             }
             
         }
     }
-    protected List<Object> readJwtObjectAsList(String name, String json) {
+    protected List<Object> internalFromJsonAsList(String json) {
         List<Object> values = new LinkedList<Object>();
         for (int i = 0; i < json.length(); i++) {
             if (isWhiteSpace(json.charAt(i))) {
@@ -173,7 +182,7 @@ public class JsonMapObjectReaderWriter {
                 i = closingIndex + 1;
             } else {
                 int commaIndex = getCommaIndex(json, i);
-                Object value = readPrimitiveValue(name, json, i, commaIndex);
+                Object value = readPrimitiveValue(json, i, commaIndex);
                 values.add(value);
                 i = commaIndex;
             }
@@ -181,7 +190,7 @@ public class JsonMapObjectReaderWriter {
         
         return values;
     }
-    protected Object readPrimitiveValue(String name, String json, int from, int to) {
+    protected Object readPrimitiveValue(String json, int from, int to) {
         Object value = json.substring(from, to);
         String valueStr = value.toString().trim(); 
         if (valueStr.startsWith("\"")) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/ea98d522/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeFilter.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeFilter.java
index 73f0022..a318c2c 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeFilter.java
@@ -20,13 +20,16 @@ package org.apache.cxf.rs.security.oauth2.grants.code;
 
 import java.security.cert.X509Certificate;
 import java.security.interfaces.RSAPublicKey;
+import java.util.List;
 import java.util.Map;
 
 import javax.crypto.SecretKey;
 import javax.ws.rs.core.MultivaluedMap;
 
 import org.apache.cxf.common.util.crypto.CryptoUtils;
+import org.apache.cxf.helpers.CastUtils;
 import org.apache.cxf.jaxrs.impl.MetadataMap;
+import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
 import org.apache.cxf.rs.security.jose.JoseConstants;
 import org.apache.cxf.rs.security.jose.jwe.JweDecryptionProvider;
 import org.apache.cxf.rs.security.jose.jwe.JweUtils;
@@ -47,6 +50,7 @@ public class JwtRequestCodeFilter implements AuthorizationCodeRequestFilter
{
     private boolean verifyWithClientSecret;
     private boolean decryptWithClientSecret;
     private String issuer;
+    private JsonMapObjectReaderWriter jsonHandler = new JsonMapObjectReaderWriter();
     @Override
     public MultivaluedMap<String, String> process(MultivaluedMap<String, String>
params, 
                                                   UserSubject endUser,
@@ -72,7 +76,16 @@ public class JwtRequestCodeFilter implements AuthorizationCodeRequestFilter
{
             MultivaluedMap<String, String> newParams = new MetadataMap<String, String>();
             Map<String, Object> claimsMap = claims.asMap();
             for (Map.Entry<String, Object> entry : claimsMap.entrySet()) {
-                newParams.putSingle(entry.getKey(), entry.getValue().toString());
+                String key = entry.getKey();
+                Object value = entry.getValue();
+                if (value instanceof Map) {
+                    Map<String, Object> map = CastUtils.cast((Map<?, ?>)value);
+                    value = jsonHandler.toJson(map);
+                } else if (value instanceof List) {
+                    List<Object> list = CastUtils.cast((List<?>)value);
+                    value = jsonHandler.toJson(list);
+                } 
+                newParams.putSingle(key, value.toString());
             }
             return newParams;
         } else {


Mime
View raw message