cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [2/2] cxf git commit: Add a new SubjectProviderParameters interface to make it easier to pass more parameters through to the SubjectProviders
Date Wed, 03 Jun 2015 14:20:38 GMT
Add a new SubjectProviderParameters interface to make it easier to pass more parameters through
to the SubjectProviders


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f97ef837
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f97ef837
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f97ef837

Branch: refs/heads/master
Commit: f97ef83725ba3f54083efe99a7dd97bab6e44dec
Parents: 3348a29
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Wed Jun 3 15:19:59 2015 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Wed Jun 3 15:19:59 2015 +0100

----------------------------------------------------------------------
 .../token/provider/DefaultSubjectProvider.java  | 27 +++---
 .../sts/token/provider/SAMLTokenProvider.java   | 10 ++-
 .../cxf/sts/token/provider/SubjectProvider.java |  3 +-
 .../provider/SubjectProviderParameters.java     | 88 ++++++++++++++++++++
 .../token/provider/CustomSubjectProvider.java   |  5 +-
 .../sts/secure_conv/SCTSAMLTokenProvider.java   | 11 ++-
 6 files changed, 124 insertions(+), 20 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/f97ef837/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java
index 4aa6253..2d5540f 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/DefaultSubjectProvider.java
@@ -84,21 +84,20 @@ public class DefaultSubjectProvider implements SubjectProvider {
     /**
      * Get a SubjectBean object.
      */
-    public SubjectBean getSubject(
-        TokenProviderParameters providerParameters, Document doc, byte[] secret
-    ) {
+    public SubjectBean getSubject(SubjectProviderParameters subjectProviderParameters) {
+        
         // 1. Get the principal
-        Principal principal = getPrincipal(providerParameters);
+        Principal principal = getPrincipal(subjectProviderParameters);
         if (principal == null) {
             LOG.fine("Error in getting principal");
             throw new STSException("Error in getting principal", STSException.REQUEST_FAILED);
         }
         
         // 2. Create the SubjectBean using the principal
-        SubjectBean subjectBean = createSubjectBean(principal, providerParameters);
+        SubjectBean subjectBean = createSubjectBean(principal, subjectProviderParameters);
         
         // 3. Create the KeyInfoBean and set it on the SubjectBean
-        KeyInfoBean keyInfo = createKeyInfo(providerParameters, doc, secret);
+        KeyInfoBean keyInfo = createKeyInfo(subjectProviderParameters);
         subjectBean.setKeyInfo(keyInfo);
         
         return subjectBean;
@@ -112,7 +111,9 @@ public class DefaultSubjectProvider implements SubjectProvider {
      *  - The principal associated with the request. We don't need to check to see if it
is "valid" here, as it
      *    is not parsed by the STS (but rather the WS-Security layer).
      */
-    protected Principal getPrincipal(TokenProviderParameters providerParameters) {
+    protected Principal getPrincipal(SubjectProviderParameters subjectProviderParameters)
{
+        TokenProviderParameters providerParameters = subjectProviderParameters.getProviderParameters();
+        
         Principal principal = null;
         //TokenValidator in IssueOperation has validated the ReceivedToken
         //if validation was successful, the principal was set in ReceivedToken 
@@ -141,7 +142,10 @@ public class DefaultSubjectProvider implements SubjectProvider {
     /**
      * Create the SubjectBean using the specified principal.
      */
-    protected SubjectBean createSubjectBean(Principal principal, TokenProviderParameters
providerParameters) {
+    protected SubjectBean createSubjectBean(
+        Principal principal, SubjectProviderParameters subjectProviderParameters
+    ) {
+        TokenProviderParameters providerParameters = subjectProviderParameters.getProviderParameters();
         TokenRequirements tokenRequirements = providerParameters.getTokenRequirements();
         KeyRequirements keyRequirements = providerParameters.getKeyRequirements();
 
@@ -199,9 +203,8 @@ public class DefaultSubjectProvider implements SubjectProvider {
     /**
      * Create and return the KeyInfoBean to be inserted into the SubjectBean
      */
-    protected KeyInfoBean createKeyInfo(
-        TokenProviderParameters providerParameters, Document doc, byte[] secret
-    ) {
+    protected KeyInfoBean createKeyInfo(SubjectProviderParameters subjectProviderParameters)
{
+        TokenProviderParameters providerParameters = subjectProviderParameters.getProviderParameters();
         KeyRequirements keyRequirements = providerParameters.getKeyRequirements();
         STSPropertiesMBean stsProperties = providerParameters.getStsProperties();
 
@@ -241,6 +244,8 @@ public class DefaultSubjectProvider implements SubjectProvider {
                 if ((certs == null) || (certs.length == 0)) {
                     throw new STSException("Encryption certificate is not found for alias:
" + encryptionName);
                 }
+                Document doc = subjectProviderParameters.getDoc();
+                byte[] secret = subjectProviderParameters.getSecret();
                 KeyInfoBean keyInfo = 
                     createEncryptedKeyKeyInfo(certs[0], secret, doc, encryptionProperties,
crypto);
                 return keyInfo;

http://git-wip-us.apache.org/repos/asf/cxf/blob/f97ef837/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SAMLTokenProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SAMLTokenProvider.java
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SAMLTokenProvider.java
index 388f3a7..feac5bd 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SAMLTokenProvider.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SAMLTokenProvider.java
@@ -383,7 +383,15 @@ public class SAMLTokenProvider extends AbstractSAMLTokenProvider implements
Toke
         }
         
         // Get the Subject and Conditions
-        SubjectBean subjectBean = subjectProvider.getSubject(tokenParameters, doc, secret);
+        SubjectProviderParameters subjectProviderParameters = new SubjectProviderParameters();
+        subjectProviderParameters.setProviderParameters(tokenParameters);
+        subjectProviderParameters.setDoc(doc);
+        subjectProviderParameters.setSecret(secret);
+        subjectProviderParameters.setAttrBeanList(attrBeanList);
+        subjectProviderParameters.setAuthBeanList(authBeanList);
+        subjectProviderParameters.setAuthDecisionBeanList(authDecisionBeanList);
+        SubjectBean subjectBean = subjectProvider.getSubject(subjectProviderParameters);
+        
         ConditionsBean conditionsBean = conditionsProvider.getConditions(tokenParameters);
         
         // Set all of the beans on the SamlCallbackHandler

http://git-wip-us.apache.org/repos/asf/cxf/blob/f97ef837/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SubjectProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SubjectProvider.java
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SubjectProvider.java
index 70801ef..9715119 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SubjectProvider.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SubjectProvider.java
@@ -18,7 +18,6 @@
  */
 package org.apache.cxf.sts.token.provider;
 
-import org.w3c.dom.Document;
 import org.apache.wss4j.common.saml.bean.SubjectBean;
 
 /**
@@ -30,6 +29,6 @@ public interface SubjectProvider {
     /**
      * Get a SubjectBean object.
      */
-    SubjectBean getSubject(TokenProviderParameters providerParameters, Document doc, byte[]
secret);
+    SubjectBean getSubject(SubjectProviderParameters subjectProviderParameters);
         
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/f97ef837/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SubjectProviderParameters.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SubjectProviderParameters.java
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SubjectProviderParameters.java
new file mode 100644
index 0000000..d0476a0
--- /dev/null
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/SubjectProviderParameters.java
@@ -0,0 +1,88 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.sts.token.provider;
+
+import java.util.List;
+import org.w3c.dom.Document;
+
+import org.apache.wss4j.common.saml.bean.AttributeStatementBean;
+import org.apache.wss4j.common.saml.bean.AuthDecisionStatementBean;
+import org.apache.wss4j.common.saml.bean.AuthenticationStatementBean;
+
+/**
+ * The parameters that are passed through to a SubjectProvider implementation to create a
Subject(Bean).
+ */
+public class SubjectProviderParameters {
+
+    private TokenProviderParameters providerParameters;
+    private Document doc;
+    private byte[] secret;
+    private List<AttributeStatementBean> attrBeanList;
+    private List<AuthenticationStatementBean> authBeanList;
+    private List<AuthDecisionStatementBean> authDecisionBeanList;
+    
+    public TokenProviderParameters getProviderParameters() {
+        return providerParameters;
+    }
+    
+    public void setProviderParameters(TokenProviderParameters providerParameters) {
+        this.providerParameters = providerParameters;
+    }
+    
+    public Document getDoc() {
+        return doc;
+    }
+    
+    public void setDoc(Document doc) {
+        this.doc = doc;
+    }
+    
+    public byte[] getSecret() {
+        return secret;
+    }
+    
+    public void setSecret(byte[] secret) {
+        this.secret = secret;
+    }
+    
+    public List<AttributeStatementBean> getAttrBeanList() {
+        return attrBeanList;
+    }
+    
+    public void setAttrBeanList(List<AttributeStatementBean> attrBeanList) {
+        this.attrBeanList = attrBeanList;
+    }
+    
+    public List<AuthenticationStatementBean> getAuthBeanList() {
+        return authBeanList;
+    }
+    
+    public void setAuthBeanList(List<AuthenticationStatementBean> authBeanList) {
+        this.authBeanList = authBeanList;
+    }
+    
+    public List<AuthDecisionStatementBean> getAuthDecisionBeanList() {
+        return authDecisionBeanList;
+    }
+    
+    public void setAuthDecisionBeanList(List<AuthDecisionStatementBean> authDecisionBeanList)
{
+        this.authDecisionBeanList = authDecisionBeanList;
+    }
+        
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/f97ef837/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/CustomSubjectProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/CustomSubjectProvider.java
b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/CustomSubjectProvider.java
index ddbd844..bbd770c 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/CustomSubjectProvider.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/CustomSubjectProvider.java
@@ -20,8 +20,6 @@ package org.apache.cxf.sts.token.provider;
 
 import java.security.Principal;
 
-import org.w3c.dom.Document;
-
 import org.apache.cxf.sts.STSConstants;
 import org.apache.cxf.sts.request.KeyRequirements;
 import org.apache.cxf.sts.request.TokenRequirements;
@@ -40,7 +38,8 @@ public class CustomSubjectProvider implements SubjectProvider {
     /**
      * Get a SubjectBean object.
      */
-    public SubjectBean getSubject(TokenProviderParameters providerParameters, Document doc,
byte[] secret) {
+    public SubjectBean getSubject(SubjectProviderParameters subjectProviderParameters) {
+        TokenProviderParameters providerParameters = subjectProviderParameters.getProviderParameters();
         TokenRequirements tokenRequirements = providerParameters.getTokenRequirements();
         KeyRequirements keyRequirements = providerParameters.getKeyRequirements();
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/f97ef837/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/secure_conv/SCTSAMLTokenProvider.java
----------------------------------------------------------------------
diff --git a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/secure_conv/SCTSAMLTokenProvider.java
b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/secure_conv/SCTSAMLTokenProvider.java
index 81f257e..b1e4abb 100644
--- a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/secure_conv/SCTSAMLTokenProvider.java
+++ b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/secure_conv/SCTSAMLTokenProvider.java
@@ -26,7 +26,6 @@ import java.util.logging.Logger;
 
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
-
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.helpers.DOMUtils;
 import org.apache.cxf.sts.STSConstants;
@@ -40,6 +39,7 @@ import org.apache.cxf.sts.token.provider.DefaultConditionsProvider;
 import org.apache.cxf.sts.token.provider.DefaultSubjectProvider;
 import org.apache.cxf.sts.token.provider.SamlCallbackHandler;
 import org.apache.cxf.sts.token.provider.SubjectProvider;
+import org.apache.cxf.sts.token.provider.SubjectProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProviderResponse;
@@ -53,7 +53,6 @@ import org.apache.wss4j.common.saml.bean.AttributeStatementBean;
 import org.apache.wss4j.common.saml.bean.ConditionsBean;
 import org.apache.wss4j.common.saml.bean.SubjectBean;
 import org.apache.wss4j.dom.WSConstants;
-
 import org.joda.time.DateTime;
 import org.opensaml.saml.common.SAMLVersion;
 
@@ -250,7 +249,13 @@ public class SCTSAMLTokenProvider implements TokenProvider {
         }
 
         // Get the Subject and Conditions
-        SubjectBean subjectBean = subjectProvider.getSubject(tokenParameters, doc, secret);
+        SubjectProviderParameters subjectProviderParameters = new SubjectProviderParameters();
+        subjectProviderParameters.setProviderParameters(tokenParameters);
+        subjectProviderParameters.setDoc(doc);
+        subjectProviderParameters.setSecret(secret);
+        subjectProviderParameters.setAttrBeanList(attrBeanList);
+        SubjectBean subjectBean = subjectProvider.getSubject(subjectProviderParameters);
+        
         ConditionsBean conditionsBean = conditionsProvider.getConditions(tokenParameters);
 
         // Set all of the beans on the SamlCallbackHandler


Mime
View raw message