cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [2/4] cxf git commit: Remove JwtJwsAuthenticationFilter
Date Fri, 09 Oct 2015 14:09:33 GMT
Remove JwtJwsAuthenticationFilter


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/0bb08f37
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/0bb08f37
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/0bb08f37

Branch: refs/heads/3.0.x-fixes
Commit: 0bb08f373f33bc837e697947b0939facd3d1c1d8
Parents: 3badd41
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Fri Oct 9 12:07:13 2015 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Fri Oct 9 15:07:45 2015 +0100

----------------------------------------------------------------------
 .../jose/jaxrs/JwtAuthenticationFilter.java     | 22 ++-----
 .../jose/jaxrs/JwtJwsAuthenticationFilter.java  | 69 --------------------
 2 files changed, 5 insertions(+), 86 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/0bb08f37/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationFilter.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationFilter.java
index c0c4e02..408ce20 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationFilter.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationFilter.java
@@ -29,8 +29,6 @@ import javax.ws.rs.container.PreMatching;
 import javax.ws.rs.core.HttpHeaders;
 
 import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.common.security.SimplePrincipal;
-import org.apache.cxf.common.security.SimpleSecurityContext;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
 import org.apache.cxf.rs.security.jose.JoseException;
 import org.apache.cxf.rs.security.jose.JoseUtils;
@@ -53,23 +51,13 @@ public class JwtAuthenticationFilter extends AbstractJoseJwtConsumer implements
         if (parts == null || !expectedAuthScheme.equals(parts[0]) || parts.length != 2) {
             throw new JoseException(expectedAuthScheme + " scheme is expected");
         }
-        JwtToken jwt = super.getJwtToken(parts[1]);
-        JoseUtils.setMessageContextProperty(jwt.getHeaders());
-        JAXRSUtils.getCurrentMessage().put(SecurityContext.class, 
-              new SimpleSecurityContext(new JwtPrincipal(jwt)));
+        JwtToken token = super.getJwtToken(parts[1]);
+        JoseUtils.setMessageContextProperty(token.getHeaders());
+        JAXRSUtils.getCurrentMessage().put(SecurityContext.class, new JwtTokenSecurityContext(token));
     }
+    
     public void setExpectedAuthScheme(String expectedAuthScheme) {
         this.expectedAuthScheme = expectedAuthScheme;
     }
-    public static class JwtPrincipal extends SimplePrincipal {
-        private static final long serialVersionUID = 1L;
-        private JwtToken jwt;
-        public JwtPrincipal(JwtToken jwt) {
-            super(jwt.getClaims().getSubject());
-            this.jwt = jwt;
-        }
-        public JwtToken getJwt() {
-            return jwt;
-        }
-    }
+    
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/0bb08f37/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtJwsAuthenticationFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtJwsAuthenticationFilter.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtJwsAuthenticationFilter.java
deleted file mode 100644
index e495104..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtJwsAuthenticationFilter.java
+++ /dev/null
@@ -1,69 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jaxrs;
-
-import java.io.IOException;
-
-import javax.annotation.Priority;
-import javax.ws.rs.container.ContainerRequestContext;
-import javax.ws.rs.container.ContainerRequestFilter;
-import javax.ws.rs.container.PreMatching;
-import javax.ws.rs.core.HttpHeaders;
-
-import org.apache.cxf.jaxrs.utils.JAXRSUtils;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.rs.security.jose.JoseException;
-import org.apache.cxf.rs.security.jose.jws.JwsCompactConsumer;
-import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer;
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
-import org.apache.cxf.rs.security.jose.jwt.JwtToken;
-import org.apache.cxf.security.SecurityContext;
-
-@PreMatching
-@Priority(Priorities.JWS_SERVER_READ_PRIORITY)
-public class JwtJwsAuthenticationFilter extends AbstractJwsReaderProvider implements ContainerRequestFilter
{
-    private static final String JWS_CONTEXT_PROPERTY = "org.apache.cxf.jws.context";
-    private static final String JWT_SCHEME_PROPERTY = "JWT";
-    @Override
-    public void filter(ContainerRequestContext context) throws IOException {
-        String authHeader = context.getHeaderString(HttpHeaders.AUTHORIZATION);
-        String[] schemeData = authHeader.split(" ");
-        if (schemeData.length != 2 || !JWT_SCHEME_PROPERTY.equals(schemeData[0])) {
-            throw new JoseException("JWT scheme is expected");
-        }
-        
-        JwsJwtCompactConsumer p = new JwsJwtCompactConsumer(schemeData[1]);
-        JwsSignatureVerifier theSigVerifier = getInitializedSigVerifier(p.getJwsHeaders());
-        if (!p.verifySignatureWith(theSigVerifier)) {
-            context.abortWith(JAXRSUtils.toResponse(400));
-            return;
-        }
-        Message m = JAXRSUtils.getCurrentMessage();
-        setRequestContextProperty(m, p);
-        JwtToken token = p.getJwtToken();
-        m.put(SecurityContext.class, new JwtTokenSecurityContext(token));
-        
-    }
-    protected void setRequestContextProperty(Message m, JwsCompactConsumer c) {
-        Object headerContext = c.getJwsHeaders().getHeader(JWS_CONTEXT_PROPERTY);
-        if (headerContext != null) {
-            m.put(JWS_CONTEXT_PROPERTY, headerContext);
-        }
-    }
-}


Mime
View raw message