cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Some OISC RP refactoring
Date Wed, 24 Dec 2014 16:32:40 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 27c1bb5a1 -> 9511cd40a


Some OISC RP refactoring


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/9511cd40
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/9511cd40
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/9511cd40

Branch: refs/heads/master
Commit: 9511cd40a9701ee1b46ba28b61154f6f0833b7d9
Parents: 27c1bb5
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Wed Dec 24 16:31:40 2014 +0000
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Wed Dec 24 16:31:40 2014 +0000

----------------------------------------------------------------------
 .../java/demo/jaxrs/server/BigQueryService.java | 28 +++++---------------
 .../main/webapp/WEB-INF/applicationContext.xml  |  8 +++---
 .../oidc/rp/AbstractTokenValidator.java         |  2 +-
 .../rs/security/oidc/rp/IdTokenValidator.java   |  2 +-
 .../cxf/rs/security/oidc/rp/UserInfoClient.java |  8 +++---
 5 files changed, 17 insertions(+), 31 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/9511cd40/distribution/src/main/release/samples/jax_rs/big_query/src/main/java/demo/jaxrs/server/BigQueryService.java
----------------------------------------------------------------------
diff --git a/distribution/src/main/release/samples/jax_rs/big_query/src/main/java/demo/jaxrs/server/BigQueryService.java
b/distribution/src/main/release/samples/jax_rs/big_query/src/main/java/demo/jaxrs/server/BigQueryService.java
index 37840d6..5940fa5 100644
--- a/distribution/src/main/release/samples/jax_rs/big_query/src/main/java/demo/jaxrs/server/BigQueryService.java
+++ b/distribution/src/main/release/samples/jax_rs/big_query/src/main/java/demo/jaxrs/server/BigQueryService.java
@@ -42,7 +42,7 @@ import org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeGrant;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 import org.apache.cxf.rs.security.oidc.common.IdToken;
 import org.apache.cxf.rs.security.oidc.common.UserInfo;
-import org.apache.cxf.rs.security.oidc.rp.IdTokenValidator;
+import org.apache.cxf.rs.security.oidc.rp.UserInfoClient;
 
 @Path("/service")
 public class BigQueryService {
@@ -54,8 +54,7 @@ public class BigQueryService {
 
     private String authorizationServiceUri;
     private WebClient accessTokenServiceClient;
-    private WebClient userInfoServiceClient;
-    private IdTokenValidator tokenValidator;
+    private UserInfoClient tokenClient;
     private Consumer consumer;
 
     @GET
@@ -104,11 +103,10 @@ public class BigQueryService {
         ClientAccessToken at = getClientAccessToken(consumer, code, postMessage);
 
         // Expect and validate id_token
-        IdToken idToken = tokenValidator.getIdTokenFromJwt(at,
-                consumer.getKey());
+        IdToken idToken = tokenClient.getIdToken(at, consumer.getKey());
 
-        // Get User Profile if needed
-        UserInfo userInfo = getUserInfo(at, idToken);
+        // Get User Profile
+        UserInfo userInfo = tokenClient.getUserInfo(at, idToken);
 
         // Complete the request, use 'at' to access some other user's API,
         // return the response to the user
@@ -137,20 +135,8 @@ public class BigQueryService {
                         OAuthConstants.REDIRECT_URI, redirectUri), false);
     }
 
-    private UserInfo getUserInfo(ClientAccessToken at, IdToken idToken) {
-        if (userInfoServiceClient != null) {
-            OAuthClientUtils.setAuthorizationHeader(userInfoServiceClient, at);
-            return userInfoServiceClient.get(UserInfo.class);
-        }
-        return null;
-    }
-
-    public void setUserInfoServiceClient(WebClient userInfoServiceClient) {
-        this.userInfoServiceClient = userInfoServiceClient;
-    }
-
-    public void setIdTokenValidator(IdTokenValidator tokenValidator) {
-        this.tokenValidator = tokenValidator;
+    public void setUserInfoClient(UserInfoClient tokenClient) {
+        this.tokenClient = tokenClient;
     }
 
     public void setAuthorizationServiceUri(String authorizationServiceUri) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/9511cd40/distribution/src/main/release/samples/jax_rs/big_query/src/main/webapp/WEB-INF/applicationContext.xml
----------------------------------------------------------------------
diff --git a/distribution/src/main/release/samples/jax_rs/big_query/src/main/webapp/WEB-INF/applicationContext.xml
b/distribution/src/main/release/samples/jax_rs/big_query/src/main/webapp/WEB-INF/applicationContext.xml
index 51d829e..598e42f 100644
--- a/distribution/src/main/release/samples/jax_rs/big_query/src/main/webapp/WEB-INF/applicationContext.xml
+++ b/distribution/src/main/release/samples/jax_rs/big_query/src/main/webapp/WEB-INF/applicationContext.xml
@@ -60,7 +60,7 @@
      </jaxrsclient:client> 
      
      <!-- WebClient for requesting an OIDC UserInfo -->
-     <jaxrsclient:client id="userProfileClient" threadSafe="true" 
+     <jaxrsclient:client id="userInfoServiceClient" threadSafe="true" 
         address="https://www.googleapis.com/plus/v1/people/me/openIdConnect"
         serviceClass="org.apache.cxf.jaxrs.client.WebClient">
         <jaxrsclient:headers>
@@ -89,9 +89,10 @@
         </jaxrsclient:features>
      </jaxrsclient:client>
      
-     <bean id="idTokenValidator" class="org.apache.cxf.rs.security.oidc.rp.IdTokenValidator">
+     <bean id="userInfoClient" class="org.apache.cxf.rs.security.oidc.rp.UserInfoClient">
          <property name="jwkSetClient" ref="jwkSetClient"/> 
          <property name="issuerId" value="accounts.google.com"/>
+         <property name="userInfoServiceClient" ref="userInfoServiceClient"/>
      </bean>
 
      <bean id="consumer" class="org.apache.cxf.rs.security.oauth2.client.Consumer">
@@ -101,8 +102,7 @@
 
      <bean id="bigQueryService" class="demo.jaxrs.server.BigQueryService">
          <property name="accessTokenServiceClient" ref="atServiceClient"/>
-         <property name="userInfoServiceClient" ref="userProfileClient"/>
-         <property name="idTokenValidator" ref="idTokenValidator"/>
+         <property name="userInfoClient" ref="userInfoClient"/>
          <property name="consumer" ref="consumer"/>
          <property name="authorizationServiceUri" value="https://accounts.google.com/o/oauth2/auth"/>
      </bean> 

http://git-wip-us.apache.org/repos/asf/cxf/blob/9511cd40/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/AbstractTokenValidator.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/AbstractTokenValidator.java
b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/AbstractTokenValidator.java
index f6e95c6..f468d33 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/AbstractTokenValidator.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/AbstractTokenValidator.java
@@ -76,7 +76,7 @@ public abstract class AbstractTokenValidator {
 
         // validate the provider
         String issuer = claims.getIssuer();
-        if (issuerId == null && validateClaimsAlways || issuerId != null &&
!issuerId.equals(issuer)) {
+        if (issuer == null && validateClaimsAlways || issuer != null && !issuer.equals(issuerId))
{
             throw new SecurityException("Invalid provider");
         }
         JwtUtils.validateJwtTimeClaims(claims, issuedAtRange, validateClaimsAlways);

http://git-wip-us.apache.org/repos/asf/cxf/blob/9511cd40/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenValidator.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenValidator.java
b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenValidator.java
index 3d5a1f3..378cbe5 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenValidator.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenValidator.java
@@ -26,7 +26,7 @@ import org.apache.cxf.rs.security.oidc.utils.OidcUtils;
 public class IdTokenValidator extends AbstractTokenValidator {
     private boolean requireAtHash = true;
     
-    public IdToken getIdTokenFromJwt(ClientAccessToken at, String clientId) {
+    public IdToken getIdToken(ClientAccessToken at, String clientId) {
         JwtToken jwt = getIdJwtToken(at, clientId);
         return getIdTokenFromJwt(jwt, clientId);
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/9511cd40/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/UserInfoClient.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/UserInfoClient.java
b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/UserInfoClient.java
index bbd98d5..b6cab0c 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/UserInfoClient.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/UserInfoClient.java
@@ -29,9 +29,9 @@ public class UserInfoClient extends IdTokenValidator {
     private boolean encryptedOnly;
     private WebClient profileClient;
     public UserInfo getUserInfo(ClientAccessToken at, IdToken idToken) {
-        return getProfile(at, idToken, false);
+        return getUserInfo(at, idToken, false);
     }
-    public UserInfo getProfile(ClientAccessToken at, IdToken idToken, boolean asJwt) {
+    public UserInfo getUserInfo(ClientAccessToken at, IdToken idToken, boolean asJwt) {
         OAuthClientUtils.setAuthorizationHeader(profileClient, at);
         if (asJwt) {
             String jwt = profileClient.get(String.class);
@@ -64,8 +64,8 @@ public class UserInfoClient extends IdTokenValidator {
     public void setEncryptedOnly(boolean encryptedOnly) {
         this.encryptedOnly = encryptedOnly;
     }
-    public void setProfileClient(WebClient profileClient) {
-        this.profileClient = profileClient;
+    public void setUserInfoServiceClient(WebClient client) {
+        this.profileClient = client;
     }
     
 }


Mime
View raw message