cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: [CXF-5607] Making it simpler for code filter subclasses to checks sessions, etc
Date Mon, 22 Jun 2015 13:45:49 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 05383ffcf -> b6aaae80c


[CXF-5607] Making it simpler for code filter subclasses to checks sessions, etc


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b6aaae80
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b6aaae80
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b6aaae80

Branch: refs/heads/master
Commit: b6aaae80c7735ea14ba76ff0223738b6b6375546
Parents: 05383ff
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Mon Jun 22 14:45:31 2015 +0100
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Mon Jun 22 14:45:31 2015 +0100

----------------------------------------------------------------------
 .../security/oauth2/client/ClientCodeRequestFilter.java  | 11 ++++++-----
 .../rs/security/oidc/rp/OidcClientCodeRequestFilter.java |  5 ++---
 2 files changed, 8 insertions(+), 8 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/b6aaae80/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
index 6fb0864..05c9f28 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
@@ -66,7 +66,7 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter {
     
     @Override
     public void filter(ContainerRequestContext rc) throws IOException {
-        checkSecurityContextStart(rc.getSecurityContext());
+        checkSecurityContextStart(rc);
         UriInfo ui = rc.getUriInfo();
         String absoluteRequestUri = ui.getAbsolutePath().toString();
         
@@ -92,14 +92,15 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter
{
             rc.abortWith(codeResponse);
         } else if (absoluteRequestUri.endsWith(completeUri)) {
             processCodeResponse(rc, ui);
-            checkSecurityContextEnd(rc.getSecurityContext());
+            checkSecurityContextEnd(rc);
         }
     }
 
-    protected void checkSecurityContextStart(SecurityContext sc) {
-        checkSecurityContextEnd(sc);
+    protected void checkSecurityContextStart(ContainerRequestContext rc) {
+        checkSecurityContextEnd(rc);
     }
-    private void checkSecurityContextEnd(SecurityContext sc) {
+    private void checkSecurityContextEnd(ContainerRequestContext rc) {
+        SecurityContext sc = rc.getSecurityContext();
         if (sc == null || sc.getUserPrincipal() == null) {
             throw ExceptionUtils.toNotAuthorizedException(null, null);
         }

http://git-wip-us.apache.org/repos/asf/cxf/blob/b6aaae80/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
index 57cc2de..4475aff 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
@@ -50,9 +50,8 @@ public class OidcClientCodeRequestFilter extends ClientCodeRequestFilter
{
         this.userInfoRequired = userInfoRequired;
     }
     @Override
-    protected void checkSecurityContextStart(SecurityContext sc) {
-        // The SSO is managed out of band and the act of validating IdToken
-        // finalizes the authentication flow
+    protected void checkSecurityContextStart(ContainerRequestContext rc) {
+        SecurityContext sc = rc.getSecurityContext();
         if (sc != null && sc.getUserPrincipal() != null) {
             throw ExceptionUtils.toNotAuthorizedException(null, null);
         }


Mime
View raw message