cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [09/22] cxf git commit: Splitting current jose module into jose-core + jose-jaxrs
Date Tue, 13 Oct 2015 10:35:02 GMT
http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeaders.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeaders.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeaders.java
deleted file mode 100644
index add5408..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseHeaders.java
+++ /dev/null
@@ -1,179 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.rs.security.jose;
-
-import java.util.List;
-import java.util.Map;
-
-import org.apache.cxf.helpers.CastUtils;
-import org.apache.cxf.jaxrs.provider.json.JsonMapObject;
-import org.apache.cxf.rs.security.jose.jwk.JsonWebKey;
-
-public abstract class JoseHeaders extends JsonMapObject {
-    public JoseHeaders() {
-    }
-    
-    public JoseHeaders(JoseType type) {
-        init(type);
-    }
-    
-    public JoseHeaders(JoseHeaders headers) {
-        this(headers.asMap());
-    }
-    
-    public JoseHeaders(Map<String, Object> values) {
-        super(values);
-    }
-    private void init(JoseType type) {
-        setType(type);
-    }
-    public void setType(JoseType type) {
-        setHeader(JoseConstants.HEADER_TYPE, type.toString());
-    }
-    
-    public JoseType getType() {
-        Object prop = getHeader(JoseConstants.HEADER_TYPE);
-        return prop == null ? null : JoseType.getType(prop.toString());
-    }
-    
-    public void setContentType(String type) {
-        setHeader(JoseConstants.HEADER_CONTENT_TYPE, type);
-    }
-    
-    public String getContentType() {
-        return (String)getHeader(JoseConstants.HEADER_CONTENT_TYPE);
-    }
-    
-    public void setAlgorithm(String algo) {
-        setHeader(JoseConstants.HEADER_ALGORITHM, algo);
-    }
-    
-    public String getAlgorithm() {
-        Object prop = getHeader(JoseConstants.HEADER_ALGORITHM);
-        return prop == null ? null : prop.toString();
-    }
-    
-    public void setKeyId(String kid) {
-        setHeader(JoseConstants.HEADER_KEY_ID, kid);
-    }
-    
-    public String getKeyId() {
-        return (String)getHeader(JoseConstants.HEADER_KEY_ID);
-    }
-    
-    public void setX509Url(String x509Url) {
-        setHeader(JoseConstants.HEADER_X509_URL, x509Url);
-    }
-
-    public String getX509Url() {
-        return (String)getHeader(JoseConstants.HEADER_X509_URL);
-    }
-    
-    public void setX509Chain(List<String> x509Chain) {
-        setProperty(JoseConstants.HEADER_X509_CHAIN, x509Chain);
-    }
-
-    public List<String> getX509Chain() {
-        return CastUtils.cast((List<?>)getProperty(JoseConstants.HEADER_X509_CHAIN));
-    }
-    
-    public void setX509Thumbprint(String x509Thumbprint) {
-        setHeader(JoseConstants.HEADER_X509_THUMBPRINT, x509Thumbprint);
-    }
-    
-    public String getX509Thumbprint() {
-        return (String)getHeader(JoseConstants.HEADER_X509_THUMBPRINT);
-    }
-    
-    public void setX509ThumbprintSHA256(String x509Thumbprint) {
-        setHeader(JoseConstants.HEADER_X509_THUMBPRINT_SHA256, x509Thumbprint);
-    }
-    
-    public String getX509ThumbprintSHA256() {
-        return (String)getHeader(JoseConstants.HEADER_X509_THUMBPRINT_SHA256);
-    }
-    
-    public void setCritical(List<String> crit) {
-        setHeader(JoseConstants.HEADER_CRITICAL, crit);
-    }
-    
-    public List<String> getCritical() {
-        return CastUtils.cast((List<?>)getHeader(JoseConstants.HEADER_CRITICAL));
-    }
-    
-    public void setJsonWebKey(JsonWebKey key) {
-        setJsonWebKey(JoseConstants.HEADER_JSON_WEB_KEY, key);
-    }
-    
-    public void setJsonWebKey(String headerName, JsonWebKey key) {
-        setHeader(headerName, key);
-    }
-    
-    public void setJsonWebKeysUrl(String url) {
-        setHeader(JoseConstants.HEADER_JSON_WEB_KEY_SET, url);
-    }
-    
-    public String getJsonWebKeysUrl() {
-        return (String)getHeader(JoseConstants.HEADER_JSON_WEB_KEY_SET);
-    }
-    
-    public JsonWebKey getJsonWebKey() {
-        return getJsonWebKey(JoseConstants.HEADER_JSON_WEB_KEY);
-    }
-    public JsonWebKey getJsonWebKey(String headerName) {
-        Object jsonWebKey = getHeader(headerName);
-        if (jsonWebKey == null || jsonWebKey instanceof JsonWebKey) {
-            return (JsonWebKey)jsonWebKey;
-        }  
-        Map<String, Object> map = CastUtils.cast((Map<?, ?>)jsonWebKey);
-        return new JsonWebKey(map);
-    }
-    
-    public JoseHeaders setHeader(String name, Object value) {
-        setProperty(name, value);
-        return this;
-    }
-    
-    public Object getHeader(String name) {
-        return getProperty(name);
-    }
-    
-    public JoseHeaders setIntegerHeader(String name, Integer value) {
-        setHeader(name, value);
-        return this;
-    }
-    
-    public Integer getIntegerHeader(String name) {
-        return getIntegerProperty(name);
-    }
-    public JoseHeaders setLongHeader(String name, Long value) {
-        setHeader(name, value);
-        return this;
-    }
-    
-    public Long getLongHeader(String name) {
-        return getLongProperty(name);
-    }
-    
-    public boolean containsHeader(String name) {
-        return containsProperty(name);
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseType.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseType.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseType.java
deleted file mode 100644
index 57a16c7..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseType.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose;
-
-
-public enum JoseType {
-    JOSE(JoseConstants.TYPE_JOSE),
-    JOSE_JSON(JoseConstants.TYPE_JOSE_JSON),
-    JWT(JoseConstants.TYPE_JWT);
-    
-    private final String type;
-    JoseType(String type) {
-        this.type = type;
-    }
-    public static JoseType getType(String type) {
-        if (type == null) {
-            return null;
-        } else if (JoseConstants.TYPE_JOSE_JSON.equals(type)) {
-            return JOSE_JSON;    
-        } else {
-            return valueOf(type);
-        }
-    }
-    public String toString() {
-        return type;
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseUtils.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseUtils.java
deleted file mode 100644
index 03a379d..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/JoseUtils.java
+++ /dev/null
@@ -1,125 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose;
-
-import java.io.UnsupportedEncodingException;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
-import java.util.logging.Logger;
-
-import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.jaxrs.utils.JAXRSUtils;
-import org.apache.cxf.rt.security.crypto.CryptoUtils;
-
-public final class JoseUtils {
-    private static final Logger LOG = LogUtils.getL7dLogger(JoseUtils.class);
-    private JoseUtils() {
-        
-    }
-    public static String[] getCompactParts(String compactContent) {
-        if (compactContent.startsWith("\"") && compactContent.endsWith("\"")) {
-            compactContent = compactContent.substring(1, compactContent.length() - 1);
-        }
-        return StringUtils.split(compactContent, "\\.");    
-    }
-    public static void setJoseContextProperty(JoseHeaders headers) {    
-        String context = (String)JAXRSUtils.getCurrentMessage().get(JoseConstants.JOSE_CONTEXT_PROPERTY);
-        if (context != null) {
-            headers.setHeader(JoseConstants.JOSE_CONTEXT_PROPERTY, context);
-        }
-    }
-    public static void setJoseMessageContextProperty(JoseHeaders headers, String value) {    
-        headers.setHeader(JoseConstants.JOSE_CONTEXT_PROPERTY, value);
-        JAXRSUtils.getCurrentMessage().put(JoseConstants.JOSE_CONTEXT_PROPERTY, value);
-    }
-    public static void setMessageContextProperty(JoseHeaders headers) {    
-        String context = (String)headers.getHeader(JoseConstants.JOSE_CONTEXT_PROPERTY);
-        if (context != null) {
-            JAXRSUtils.getCurrentMessage().put(JoseConstants.JOSE_CONTEXT_PROPERTY, context);
-        }
-    }
-    public static void validateRequestContextProperty(JoseHeaders headers) {
-        Object requestContext = JAXRSUtils.getCurrentMessage().get(JoseConstants.JOSE_CONTEXT_PROPERTY);
-        Object headerContext = headers.getHeader(JoseConstants.JOSE_CONTEXT_PROPERTY);
-        if (requestContext == null && headerContext == null) {
-            return;
-        }
-        if (requestContext == null && headerContext != null
-            || requestContext != null && headerContext == null
-            || !requestContext.equals(headerContext)) {
-            LOG.warning("Invalid JOSE context property");
-            throw new JoseException();
-        }
-    }
-    
-    public static String checkContentType(String contentType, String defaultType) {
-        if (contentType != null) {
-            int paramIndex = contentType.indexOf(';');
-            String typeWithoutParams = paramIndex == -1 ? contentType : contentType.substring(0, paramIndex);
-            if (typeWithoutParams.indexOf('/') == -1) {
-                contentType = "application/" + contentType;
-            }
-        } else {
-            contentType = defaultType;
-        }
-        return contentType;
-    }
-    public static String expandContentType(String contentType) {
-        int paramIndex = contentType.indexOf(';');
-        String typeWithoutParams = paramIndex == -1 ? contentType : contentType.substring(0, paramIndex);
-        if (typeWithoutParams.indexOf('/') == -1) {
-            contentType = "application/" + contentType;
-        }
-        return contentType;
-    }
-    
-    public static String decodeToString(String encoded) {
-        try {
-            return new String(decode(encoded), "UTF-8");
-        } catch (UnsupportedEncodingException ex) {
-            throw new JoseException(ex);
-        }
-        
-    }
-    public static byte[] decode(String encoded) {
-        return CryptoUtils.decodeSequence(encoded);
-    }
-    
-    public static boolean validateCriticalHeaders(JoseHeaders headers) {
-        List<String> critical = headers.getCritical();
-        if (critical == null) {
-            return true;
-        }
-        // The "crit" value MUST NOT be empty "[]" or contain either duplicate values or "crit"
-        if (critical.isEmpty() 
-            || detectDoubleEntry(critical)
-            || critical.contains(JoseConstants.HEADER_CRITICAL)) {
-            return false;
-        }
-        
-        // Check that the headers contain these critical headers
-        return headers.asMap().keySet().containsAll(critical);
-    }
-    private static boolean detectDoubleEntry(List<?> list) {
-        Set<Object> inputSet = new HashSet<Object>(list);
-        return list.size() > inputSet.size();
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJweDecryptingFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJweDecryptingFilter.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJweDecryptingFilter.java
deleted file mode 100644
index 0d7d915..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJweDecryptingFilter.java
+++ /dev/null
@@ -1,62 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jaxrs;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.apache.cxf.helpers.IOUtils;
-import org.apache.cxf.rs.security.jose.jwe.JweCompactConsumer;
-import org.apache.cxf.rs.security.jose.jwe.JweDecryptionOutput;
-import org.apache.cxf.rs.security.jose.jwe.JweDecryptionProvider;
-import org.apache.cxf.rs.security.jose.jwe.JweHeaders;
-import org.apache.cxf.rs.security.jose.jwe.JweUtils;
-
-public class AbstractJweDecryptingFilter {
-    private JweDecryptionProvider decryption;
-    private String defaultMediaType;
-    protected JweDecryptionOutput decrypt(InputStream is) throws IOException {
-        JweCompactConsumer jwe = new JweCompactConsumer(new String(IOUtils.readBytesFromStream(is), "UTF-8"));
-        JweDecryptionProvider theDecryptor = getInitializedDecryptionProvider(jwe.getJweHeaders());
-        JweDecryptionOutput out = new JweDecryptionOutput(jwe.getJweHeaders(), jwe.getDecryptedContent(theDecryptor));
-        validateHeaders(out.getHeaders());
-        return out;
-    }
-
-    protected void validateHeaders(JweHeaders headers) {
-        // complete
-    }
-    public void setDecryptionProvider(JweDecryptionProvider decryptor) {
-        this.decryption = decryptor;
-    }
-    protected JweDecryptionProvider getInitializedDecryptionProvider(JweHeaders headers) {
-        if (decryption != null) {
-            return decryption;    
-        } 
-        return JweUtils.loadDecryptionProvider(headers, true);
-    }
-    public String getDefaultMediaType() {
-        return defaultMediaType;
-    }
-
-    public void setDefaultMediaType(String defaultMediaType) {
-        this.defaultMediaType = defaultMediaType;
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsJsonReaderProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsJsonReaderProvider.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsJsonReaderProvider.java
deleted file mode 100644
index 094991e..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsJsonReaderProvider.java
+++ /dev/null
@@ -1,91 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jaxrs;
-
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.logging.Logger;
-
-import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.helpers.CastUtils;
-import org.apache.cxf.jaxrs.utils.JAXRSUtils;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.message.MessageUtils;
-import org.apache.cxf.rs.security.jose.jws.JwsException;
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
-import org.apache.cxf.rs.security.jose.jws.JwsUtils;
-
-public class AbstractJwsJsonReaderProvider {
-    protected static final Logger LOG = LogUtils.getL7dLogger(AbstractJwsJsonReaderProvider.class);
-    private static final String RSSEC_SIGNATURE_IN_LIST_PROPS = "rs.security.signature.in.list.properties";
-    private static final String RSSEC_SIGNATURE_LIST_PROPS = "rs.security.signature.list.properties";
-    
-    private List<JwsSignatureVerifier> sigVerifiers;
-    private String defaultMediaType;
-    private boolean strictVerification;
-    
-    public void setSignatureVerifier(JwsSignatureVerifier signatureVerifier) {
-        setSignatureVerifiers(Collections.singletonList(signatureVerifier));
-    }
-    public void setSignatureVerifiers(List<JwsSignatureVerifier> signatureVerifiers) {
-        this.sigVerifiers = signatureVerifiers;
-    }
-
-    protected List<JwsSignatureVerifier> getInitializedSigVerifiers() {
-        if (sigVerifiers != null) {
-            return sigVerifiers;    
-        }
-        Message m = JAXRSUtils.getCurrentMessage();
-        Object propLocsProp = 
-            MessageUtils.getContextualProperty(m, RSSEC_SIGNATURE_IN_LIST_PROPS, RSSEC_SIGNATURE_LIST_PROPS);
-        if (propLocsProp == null) {
-            LOG.warning("JWS JSON init properties resource is not identified");
-            throw new JwsException(JwsException.Error.NO_INIT_PROPERTIES);
-        }
-        List<String> propLocs = null;
-        if (propLocsProp instanceof String) { 
-            String[] props = ((String)propLocsProp).split(",");
-            propLocs = Arrays.asList(props);
-        } else {
-            propLocs = CastUtils.cast((List<?>)propLocsProp);
-        }
-        List<JwsSignatureVerifier> theSigVerifiers = new LinkedList<JwsSignatureVerifier>();
-        for (String propLoc : propLocs) {
-            theSigVerifiers.addAll(JwsUtils.loadSignatureVerifiers(propLoc, m));
-        }
-        return theSigVerifiers;
-    }
-
-    public String getDefaultMediaType() {
-        return defaultMediaType;
-    }
-
-    public void setDefaultMediaType(String defaultMediaType) {
-        this.defaultMediaType = defaultMediaType;
-    }
-    public boolean isStrictVerification() {
-        return strictVerification;
-    }
-    public void setStrictVerification(boolean strictVerification) {
-        this.strictVerification = strictVerification;
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsJsonWriterProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsJsonWriterProvider.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsJsonWriterProvider.java
deleted file mode 100644
index d5068e2..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsJsonWriterProvider.java
+++ /dev/null
@@ -1,86 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jaxrs;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.logging.Logger;
-
-import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.helpers.CastUtils;
-import org.apache.cxf.helpers.IOUtils;
-import org.apache.cxf.jaxrs.utils.JAXRSUtils;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.message.MessageUtils;
-import org.apache.cxf.rs.security.jose.jws.JwsException;
-import org.apache.cxf.rs.security.jose.jws.JwsJsonProducer;
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
-import org.apache.cxf.rs.security.jose.jws.JwsUtils;
-
-public class AbstractJwsJsonWriterProvider {
-    protected static final Logger LOG = LogUtils.getL7dLogger(AbstractJwsJsonWriterProvider.class);
-    private static final String RSSEC_SIGNATURE_OUT_LIST_PROPS = "rs.security.signature.out.list.properties";
-    private static final String RSSEC_SIGNATURE_LIST_PROPS = "rs.security.signature.list.properties";
-    
-    private List<JwsSignatureProvider> sigProviders;
-    
-    public void setSignatureProvider(JwsSignatureProvider signatureProvider) {
-        setSignatureProviders(Collections.singletonList(signatureProvider));
-    }
-    public void setSignatureProviders(List<JwsSignatureProvider> signatureProviders) {
-        this.sigProviders = signatureProviders;
-    }
-    
-    protected List<JwsSignatureProvider> getInitializedSigProviders() {
-        if (sigProviders != null) {
-            return sigProviders;    
-        } 
-        Message m = JAXRSUtils.getCurrentMessage();
-        Object propLocsProp = 
-            MessageUtils.getContextualProperty(m, RSSEC_SIGNATURE_OUT_LIST_PROPS, RSSEC_SIGNATURE_LIST_PROPS);
-        if (propLocsProp == null) {
-            LOG.warning("JWS JSON init properties resource is not identified");
-            throw new JwsException(JwsException.Error.NO_INIT_PROPERTIES);
-        }
-        List<String> propLocs = null;
-        if (propLocsProp instanceof String) {
-            String[] props = ((String)propLocsProp).split(",");
-            propLocs = Arrays.asList(props);
-        } else {
-            propLocs = CastUtils.cast((List<?>)propLocsProp);
-        }
-        List<JwsSignatureProvider> theSigProviders = new LinkedList<JwsSignatureProvider>();
-        for (String propLoc : propLocs) {
-            theSigProviders.addAll(JwsUtils.loadSignatureProviders(propLoc, m));
-        }
-        return theSigProviders;
-    }
-    protected void writeJws(JwsJsonProducer p, OutputStream os) 
-        throws IOException {
-        byte[] bytes = StringUtils.toBytesUTF8(p.getJwsJsonSignedDocument());
-        IOUtils.copy(new ByteArrayInputStream(bytes), os);
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsReaderProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsReaderProvider.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsReaderProvider.java
deleted file mode 100644
index 0e8b0d0..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsReaderProvider.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jaxrs;
-
-import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
-import org.apache.cxf.rs.security.jose.jws.JwsUtils;
-
-public class AbstractJwsReaderProvider {
-    private JwsSignatureVerifier sigVerifier;
-    private String defaultMediaType;
-    
-    public void setSignatureVerifier(JwsSignatureVerifier signatureVerifier) {
-        this.sigVerifier = signatureVerifier;
-    }
-
-    protected JwsSignatureVerifier getInitializedSigVerifier(JwsHeaders headers) {
-        if (sigVerifier != null) {
-            return sigVerifier;    
-        } 
-        return JwsUtils.loadSignatureVerifier(headers, true);
-    }
-
-    public String getDefaultMediaType() {
-        return defaultMediaType;
-    }
-
-    public void setDefaultMediaType(String defaultMediaType) {
-        this.defaultMediaType = defaultMediaType;
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsWriterProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsWriterProvider.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsWriterProvider.java
deleted file mode 100644
index 33ec0b0..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsWriterProvider.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jaxrs;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.helpers.IOUtils;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
-import org.apache.cxf.rs.security.jose.JoseUtils;
-import org.apache.cxf.rs.security.jose.jws.JwsCompactProducer;
-import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
-import org.apache.cxf.rs.security.jose.jws.JwsUtils;
-
-public class AbstractJwsWriterProvider {
-    private JwsSignatureProvider sigProvider;
-    
-    public void setSignatureProvider(JwsSignatureProvider signatureProvider) {
-        this.sigProvider = signatureProvider;
-    }
-    
-    protected JwsSignatureProvider getInitializedSigProvider(JwsHeaders headers) {
-        setRequestContextProperty(headers);
-        if (sigProvider != null) {
-            return sigProvider;    
-        } 
-        return JwsUtils.loadSignatureProvider(headers, true); 
-    }
-    protected void setRequestContextProperty(JoseHeaders headers) {    
-        JoseUtils.setJoseContextProperty(headers);
-    }
-    protected void writeJws(JwsCompactProducer p, JwsSignatureProvider theSigProvider, OutputStream os) 
-        throws IOException {
-        p.signWith(theSigProvider);
-        byte[] bytes = StringUtils.toBytesUTF8(p.getSignedEncodedJws());
-        IOUtils.copy(new ByteArrayInputStream(bytes), os);
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JsonWebKeysProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JsonWebKeysProvider.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JsonWebKeysProvider.java
deleted file mode 100644
index a877925..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JsonWebKeysProvider.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jaxrs;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.lang.annotation.Annotation;
-import java.lang.reflect.Type;
-
-import javax.ws.rs.WebApplicationException;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.MultivaluedMap;
-import javax.ws.rs.ext.MessageBodyReader;
-
-import org.apache.cxf.rs.security.jose.jwk.JsonWebKeys;
-import org.apache.cxf.rs.security.jose.jwk.JwkUtils;
-
-public class JsonWebKeysProvider implements MessageBodyReader<JsonWebKeys> {
-    
-    @Override
-    public boolean isReadable(Class<?> cls, Type type, Annotation[] anns, MediaType mt) {
-        return cls == JsonWebKeys.class;
-    }
-
-    @Override
-    public JsonWebKeys readFrom(Class<JsonWebKeys> cls, Type t, Annotation[] anns, MediaType mt,
-                             MultivaluedMap<String, String> headers, InputStream is) throws IOException,
-        WebApplicationException {
-        return JwkUtils.readJwkSet(is);
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweClientResponseFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweClientResponseFilter.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweClientResponseFilter.java
deleted file mode 100644
index d04d4c2..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweClientResponseFilter.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jaxrs;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-
-import javax.annotation.Priority;
-import javax.ws.rs.client.ClientRequestContext;
-import javax.ws.rs.client.ClientResponseContext;
-import javax.ws.rs.client.ClientResponseFilter;
-
-import org.apache.cxf.rs.security.jose.JoseUtils;
-import org.apache.cxf.rs.security.jose.jwe.JweDecryptionOutput;
-
-@Priority(Priorities.JWE_CLIENT_READ_PRIORITY)
-public class JweClientResponseFilter extends AbstractJweDecryptingFilter implements ClientResponseFilter {
-    @Override
-    public void filter(ClientRequestContext req, ClientResponseContext res) throws IOException {
-        JweDecryptionOutput out = decrypt(res.getEntityStream());
-        byte[] bytes = out.getContent();
-        res.setEntityStream(new ByteArrayInputStream(bytes));
-        res.getHeaders().putSingle("Content-Length", Integer.toString(bytes.length));
-        String ct = JoseUtils.checkContentType(out.getHeaders().getContentType(), getDefaultMediaType());
-        if (ct != null) {
-            res.getHeaders().putSingle("Content-Type", ct);
-        }
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweContainerRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweContainerRequestFilter.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweContainerRequestFilter.java
deleted file mode 100644
index a362f76..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweContainerRequestFilter.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jaxrs;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-
-import javax.annotation.Priority;
-import javax.ws.rs.HttpMethod;
-import javax.ws.rs.container.ContainerRequestContext;
-import javax.ws.rs.container.ContainerRequestFilter;
-import javax.ws.rs.container.PreMatching;
-
-import org.apache.cxf.rs.security.jose.JoseUtils;
-import org.apache.cxf.rs.security.jose.jwe.JweDecryptionOutput;
-
-@PreMatching
-@Priority(Priorities.JWE_SERVER_READ_PRIORITY)
-public class JweContainerRequestFilter extends AbstractJweDecryptingFilter implements ContainerRequestFilter {
-    @Override
-    public void filter(ContainerRequestContext context) throws IOException {
-        if (HttpMethod.GET.equals(context.getMethod())) {
-            return;
-        }
-        JweDecryptionOutput out = decrypt(context.getEntityStream());
-        byte[] bytes = out.getContent();
-        context.setEntityStream(new ByteArrayInputStream(bytes));
-        context.getHeaders().putSingle("Content-Length", Integer.toString(bytes.length));
-        String ct = JoseUtils.checkContentType(out.getHeaders().getContentType(), getDefaultMediaType());
-        if (ct != null) {
-            context.getHeaders().putSingle("Content-Type", ct);
-        }
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweWriterInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweWriterInterceptor.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweWriterInterceptor.java
deleted file mode 100644
index 108a15f..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweWriterInterceptor.java
+++ /dev/null
@@ -1,133 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jaxrs;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.logging.Logger;
-import java.util.zip.DeflaterOutputStream;
-
-import javax.annotation.Priority;
-import javax.ws.rs.WebApplicationException;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.ext.WriterInterceptor;
-import javax.ws.rs.ext.WriterInterceptorContext;
-
-import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.helpers.IOUtils;
-import org.apache.cxf.io.CachedOutputStream;
-import org.apache.cxf.jaxrs.utils.JAXRSUtils;
-import org.apache.cxf.rs.security.jose.JoseConstants;
-import org.apache.cxf.rs.security.jose.jwe.JweCompactProducer;
-import org.apache.cxf.rs.security.jose.jwe.JweEncryptionInput;
-import org.apache.cxf.rs.security.jose.jwe.JweEncryptionOutput;
-import org.apache.cxf.rs.security.jose.jwe.JweEncryptionProvider;
-import org.apache.cxf.rs.security.jose.jwe.JweException;
-import org.apache.cxf.rs.security.jose.jwe.JweHeaders;
-import org.apache.cxf.rs.security.jose.jwe.JweOutputStream;
-import org.apache.cxf.rs.security.jose.jwe.JweUtils;
-
-@Priority(Priorities.JWE_WRITE_PRIORITY)
-public class JweWriterInterceptor implements WriterInterceptor {
-    protected static final Logger LOG = LogUtils.getL7dLogger(JweWriterInterceptor.class);
-    private JweEncryptionProvider encryptionProvider;
-    private boolean contentTypeRequired = true;
-    private boolean useJweOutputStream;
-    @Override
-    public void aroundWriteTo(WriterInterceptorContext ctx) throws IOException, WebApplicationException {
-        if (ctx.getEntity() == null) {
-            ctx.proceed();
-            return;
-        }
-        OutputStream actualOs = ctx.getOutputStream();
-        JweHeaders jweHeaders = new JweHeaders();
-        JweEncryptionProvider theEncryptionProvider = getInitializedEncryptionProvider(jweHeaders);
-        
-        String ctString = null;
-        MediaType contentMediaType = ctx.getMediaType();
-        if (contentTypeRequired && contentMediaType != null) {
-            if ("application".equals(contentMediaType.getType())) {
-                ctString = contentMediaType.getSubtype();
-            } else {
-                ctString = JAXRSUtils.mediaTypeToString(contentMediaType);
-            }
-        }
-        if (ctString != null) {
-            jweHeaders.setContentType(ctString);
-        }
-        
-        if (useJweOutputStream) {
-            JweEncryptionOutput encryption = 
-                theEncryptionProvider.getEncryptionOutput(new JweEncryptionInput(jweHeaders));
-            try {
-                JweCompactProducer.startJweContent(actualOs,
-                                                   encryption.getHeaders(), 
-                                                   encryption.getContentEncryptionKey(), 
-                                                   encryption.getIv());
-            } catch (IOException ex) {
-                LOG.warning("JWE encryption error");
-                throw new JweException(JweException.Error.CONTENT_ENCRYPTION_FAILURE, ex);
-            }
-            OutputStream wrappedStream = null;
-            JweOutputStream jweOutputStream = new JweOutputStream(actualOs, encryption.getCipher(), 
-                                                         encryption.getAuthTagProducer());
-            wrappedStream = jweOutputStream;
-            if (encryption.isCompressionSupported()) {
-                wrappedStream = new DeflaterOutputStream(jweOutputStream);
-            }
-            
-            ctx.setOutputStream(wrappedStream);
-            ctx.proceed();
-            setJoseMediaType(ctx);
-            jweOutputStream.finalFlush();
-        } else {
-            CachedOutputStream cos = new CachedOutputStream(); 
-            ctx.setOutputStream(cos);
-            ctx.proceed();
-            String jweContent = theEncryptionProvider.encrypt(cos.getBytes(), jweHeaders);
-            setJoseMediaType(ctx);
-            IOUtils.copy(new ByteArrayInputStream(StringUtils.toBytesUTF8(jweContent)), 
-                         actualOs);
-            actualOs.flush();
-        }
-    }
-    
-    private void setJoseMediaType(WriterInterceptorContext ctx) {
-        MediaType joseMediaType = JAXRSUtils.toMediaType(JoseConstants.MEDIA_TYPE_JOSE);
-        ctx.setMediaType(joseMediaType);
-    }
-    
-    protected JweEncryptionProvider getInitializedEncryptionProvider(JweHeaders headers) {
-        if (encryptionProvider != null) {
-            return encryptionProvider;    
-        } 
-        return JweUtils.loadEncryptionProvider(headers, true);
-    }
-    
-    public void setUseJweOutputStream(boolean useJweOutputStream) {
-        this.useJweOutputStream = useJweOutputStream;
-    }
-
-    public void setEncryptionProvider(JweEncryptionProvider encryptionProvider) {
-        this.encryptionProvider = encryptionProvider;
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsClientResponseFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsClientResponseFilter.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsClientResponseFilter.java
deleted file mode 100644
index 8b811ec..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsClientResponseFilter.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jaxrs;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-
-import javax.annotation.Priority;
-import javax.ws.rs.client.ClientRequestContext;
-import javax.ws.rs.client.ClientResponseContext;
-import javax.ws.rs.client.ClientResponseFilter;
-
-import org.apache.cxf.helpers.IOUtils;
-import org.apache.cxf.rs.security.jose.JoseUtils;
-import org.apache.cxf.rs.security.jose.jws.JwsCompactConsumer;
-import org.apache.cxf.rs.security.jose.jws.JwsException;
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
-
-@Priority(Priorities.JWS_CLIENT_READ_PRIORITY)
-public class JwsClientResponseFilter extends AbstractJwsReaderProvider implements ClientResponseFilter {
-    @Override
-    public void filter(ClientRequestContext req, ClientResponseContext res) throws IOException {
-        JwsCompactConsumer p = new JwsCompactConsumer(IOUtils.readStringFromStream(res.getEntityStream()));
-        JwsSignatureVerifier theSigVerifier = getInitializedSigVerifier(p.getJwsHeaders());
-        if (!p.verifySignatureWith(theSigVerifier)) {
-            throw new JwsException(JwsException.Error.INVALID_SIGNATURE);
-        }
-        byte[] bytes = p.getDecodedJwsPayloadBytes();
-        res.setEntityStream(new ByteArrayInputStream(bytes));
-        res.getHeaders().putSingle("Content-Length", Integer.toString(bytes.length));
-        String ct = JoseUtils.checkContentType(p.getJwsHeaders().getContentType(), getDefaultMediaType());
-        if (ct != null) {
-            res.getHeaders().putSingle("Content-Type", ct);
-        }
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsContainerRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsContainerRequestFilter.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsContainerRequestFilter.java
deleted file mode 100644
index 8a3a069..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsContainerRequestFilter.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jaxrs;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-
-import javax.annotation.Priority;
-import javax.ws.rs.HttpMethod;
-import javax.ws.rs.container.ContainerRequestContext;
-import javax.ws.rs.container.ContainerRequestFilter;
-import javax.ws.rs.container.PreMatching;
-
-import org.apache.cxf.helpers.IOUtils;
-import org.apache.cxf.jaxrs.utils.JAXRSUtils;
-import org.apache.cxf.rs.security.jose.JoseUtils;
-import org.apache.cxf.rs.security.jose.jws.JwsCompactConsumer;
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
-
-@PreMatching
-@Priority(Priorities.JWS_SERVER_READ_PRIORITY)
-public class JwsContainerRequestFilter extends AbstractJwsReaderProvider implements ContainerRequestFilter {
-    @Override
-    public void filter(ContainerRequestContext context) throws IOException {
-        if (HttpMethod.GET.equals(context.getMethod())) {
-            return;
-        }
-        JwsCompactConsumer p = new JwsCompactConsumer(IOUtils.readStringFromStream(context.getEntityStream()));
-        JwsSignatureVerifier theSigVerifier = getInitializedSigVerifier(p.getJwsHeaders());
-        if (!p.verifySignatureWith(theSigVerifier)) {
-            context.abortWith(JAXRSUtils.toResponse(400));
-            return;
-        }
-        JoseUtils.validateRequestContextProperty(p.getJwsHeaders());
-        byte[] bytes = p.getDecodedJwsPayloadBytes();
-        context.setEntityStream(new ByteArrayInputStream(bytes));
-        context.getHeaders().putSingle("Content-Length", Integer.toString(bytes.length));
-        
-        String ct = JoseUtils.checkContentType(p.getJwsHeaders().getContentType(), getDefaultMediaType());
-        if (ct != null) {
-            context.getHeaders().putSingle("Content-Type", ct);
-        }
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonClientResponseFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonClientResponseFilter.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonClientResponseFilter.java
deleted file mode 100644
index 728c19d..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonClientResponseFilter.java
+++ /dev/null
@@ -1,59 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jaxrs;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.util.List;
-
-import javax.annotation.Priority;
-import javax.ws.rs.client.ClientRequestContext;
-import javax.ws.rs.client.ClientResponseContext;
-import javax.ws.rs.client.ClientResponseFilter;
-
-import org.apache.cxf.helpers.IOUtils;
-import org.apache.cxf.rs.security.jose.JoseUtils;
-import org.apache.cxf.rs.security.jose.jws.JwsException;
-import org.apache.cxf.rs.security.jose.jws.JwsJsonConsumer;
-import org.apache.cxf.rs.security.jose.jws.JwsJsonSignatureEntry;
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
-
-@Priority(Priorities.JWS_CLIENT_READ_PRIORITY)
-public class JwsJsonClientResponseFilter extends AbstractJwsJsonReaderProvider implements ClientResponseFilter {
-    @Override
-    public void filter(ClientRequestContext req, ClientResponseContext res) throws IOException {
-        List<JwsSignatureVerifier> theSigVerifiers = getInitializedSigVerifiers();
-        JwsJsonConsumer p = new JwsJsonConsumer(IOUtils.readStringFromStream(res.getEntityStream()));
-        if (isStrictVerification() && p.getSignatureEntries().size() != theSigVerifiers.size()
-            || !p.verifySignatureWith(theSigVerifiers)) {
-            throw new JwsException(JwsException.Error.INVALID_SIGNATURE);
-        }
-        byte[] bytes = p.getDecodedJwsPayloadBytes();
-        res.setEntityStream(new ByteArrayInputStream(bytes));
-        res.getHeaders().putSingle("Content-Length", Integer.toString(bytes.length));
-        
-        // the list is guaranteed to be non-empty
-        JwsJsonSignatureEntry sigEntry = p.getSignatureEntries().get(0);
-        String ct = JoseUtils.checkContentType(sigEntry.getUnionHeader().getContentType(), getDefaultMediaType());
-        if (ct != null) {
-            res.getHeaders().putSingle("Content-Type", ct);
-        }
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonContainerRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonContainerRequestFilter.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonContainerRequestFilter.java
deleted file mode 100644
index 7512536..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonContainerRequestFilter.java
+++ /dev/null
@@ -1,65 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jaxrs;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.util.List;
-
-import javax.annotation.Priority;
-import javax.ws.rs.HttpMethod;
-import javax.ws.rs.container.ContainerRequestContext;
-import javax.ws.rs.container.ContainerRequestFilter;
-import javax.ws.rs.container.PreMatching;
-
-import org.apache.cxf.helpers.IOUtils;
-import org.apache.cxf.jaxrs.utils.JAXRSUtils;
-import org.apache.cxf.rs.security.jose.JoseUtils;
-import org.apache.cxf.rs.security.jose.jws.JwsJsonConsumer;
-import org.apache.cxf.rs.security.jose.jws.JwsJsonSignatureEntry;
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
-
-@PreMatching
-@Priority(Priorities.JWS_SERVER_READ_PRIORITY)
-public class JwsJsonContainerRequestFilter extends AbstractJwsJsonReaderProvider implements ContainerRequestFilter {
-    @Override
-    public void filter(ContainerRequestContext context) throws IOException {
-        if (HttpMethod.GET.equals(context.getMethod())) {
-            return;
-        }
-        List<JwsSignatureVerifier> theSigVerifiers = getInitializedSigVerifiers();
-        JwsJsonConsumer p = new JwsJsonConsumer(IOUtils.readStringFromStream(context.getEntityStream()));
-        
-        if (isStrictVerification() && p.getSignatureEntries().size() != theSigVerifiers.size() 
-            || !p.verifySignatureWith(theSigVerifiers)) {
-            context.abortWith(JAXRSUtils.toResponse(400));
-            return;
-        }
-        byte[] bytes = p.getDecodedJwsPayloadBytes();
-        context.setEntityStream(new ByteArrayInputStream(bytes));
-        context.getHeaders().putSingle("Content-Length", Integer.toString(bytes.length));
-        
-        // the list is guaranteed to be non-empty
-        JwsJsonSignatureEntry sigEntry = p.getSignatureEntries().get(0);
-        String ct = JoseUtils.checkContentType(sigEntry.getUnionHeader().getContentType(), getDefaultMediaType());
-        if (ct != null) {
-            context.getHeaders().putSingle("Content-Type", ct);
-        }
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java
deleted file mode 100644
index 89b611d..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsJsonWriterInterceptor.java
+++ /dev/null
@@ -1,138 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jaxrs;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.annotation.Priority;
-import javax.ws.rs.WebApplicationException;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.ext.WriterInterceptor;
-import javax.ws.rs.ext.WriterInterceptorContext;
-
-import org.apache.cxf.common.util.Base64UrlOutputStream;
-import org.apache.cxf.common.util.Base64UrlUtility;
-import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.io.CachedOutputStream;
-import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
-import org.apache.cxf.jaxrs.utils.JAXRSUtils;
-import org.apache.cxf.rs.security.jose.JoseConstants;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
-import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
-import org.apache.cxf.rs.security.jose.jws.JwsJsonOutputStream;
-import org.apache.cxf.rs.security.jose.jws.JwsJsonProducer;
-import org.apache.cxf.rs.security.jose.jws.JwsSignature;
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
-
-@Priority(Priorities.JWS_WRITE_PRIORITY)
-public class JwsJsonWriterInterceptor extends AbstractJwsJsonWriterProvider implements WriterInterceptor {
-    private JsonMapObjectReaderWriter writer = new JsonMapObjectReaderWriter();
-    private boolean contentTypeRequired = true;
-    private boolean useJwsOutputStream;
-    private boolean encodePayload = true;
-    @Override
-    public void aroundWriteTo(WriterInterceptorContext ctx) throws IOException, WebApplicationException {
-        if (ctx.getEntity() == null) {
-            ctx.proceed();
-            return;
-        }
-        List<JwsSignatureProvider> sigProviders = getInitializedSigProviders();
-        OutputStream actualOs = ctx.getOutputStream();
-        if (useJwsOutputStream) {
-            List<String> protectedHeaders = new ArrayList<String>(sigProviders.size());
-            List<JwsSignature> signatures = new ArrayList<JwsSignature>(sigProviders.size());
-            for (JwsSignatureProvider signer : sigProviders) {
-                JwsHeaders protectedHeader = prepareProtectedHeader(ctx, signer);
-                String encoded = Base64UrlUtility.encode(writer.toJson(protectedHeader));
-                protectedHeaders.add(encoded);
-                JwsSignature signature = signer.createJwsSignature(protectedHeader);
-                byte[] start = StringUtils.toBytesUTF8(encoded + ".");
-                signature.update(start, 0, start.length);
-                signatures.add(signature);
-            }    
-            ctx.setMediaType(JAXRSUtils.toMediaType(JoseConstants.MEDIA_TYPE_JOSE_JSON));
-            actualOs.write(StringUtils.toBytesUTF8("{\"payload\":\""));
-            JwsJsonOutputStream jwsStream = new JwsJsonOutputStream(actualOs, protectedHeaders, signatures);
-            
-            Base64UrlOutputStream base64Stream = null;
-            if (encodePayload) {
-                base64Stream = new Base64UrlOutputStream(jwsStream);
-                ctx.setOutputStream(base64Stream);
-            } else {
-                ctx.setOutputStream(jwsStream);
-            }
-            ctx.proceed();
-            if (encodePayload) {
-                base64Stream.flush();
-            }
-            jwsStream.flush();
-        } else {
-            CachedOutputStream cos = new CachedOutputStream(); 
-            ctx.setOutputStream(cos);
-            ctx.proceed();
-            JwsJsonProducer p = new JwsJsonProducer(new String(cos.getBytes(), "UTF-8"));
-            for (JwsSignatureProvider signer : sigProviders) {
-                JwsHeaders protectedHeader = prepareProtectedHeader(ctx, signer);
-                p.signWith(signer, protectedHeader, null);    
-            }
-            ctx.setMediaType(JAXRSUtils.toMediaType(JoseConstants.MEDIA_TYPE_JOSE_JSON));
-            writeJws(p, actualOs);
-        }
-        
-    }
-    
-    private JwsHeaders prepareProtectedHeader(WriterInterceptorContext ctx, 
-                                              JwsSignatureProvider signer) {
-        JwsHeaders headers = new JwsHeaders();
-        headers.setSignatureAlgorithm(signer.getAlgorithm());
-        setContentTypeIfNeeded(headers, ctx);
-        if (!encodePayload) {
-            headers.setPayloadEncodingStatus(false);
-        }
-        return headers;
-    }
-    
-    public void setContentTypeRequired(boolean contentTypeRequired) {
-        this.contentTypeRequired = contentTypeRequired;
-    }
-    public void setUseJwsJsonOutputStream(boolean useJwsJsonOutputStream) {
-        this.useJwsOutputStream = useJwsJsonOutputStream;
-    }
-    private void setContentTypeIfNeeded(JoseHeaders headers, WriterInterceptorContext ctx) {    
-        if (contentTypeRequired) {
-            MediaType mt = ctx.getMediaType();
-            if (mt != null 
-                && !JAXRSUtils.mediaTypeToString(mt).equals(JoseConstants.MEDIA_TYPE_JOSE_JSON)) {
-                if ("application".equals(mt.getType())) {
-                    headers.setContentType(mt.getSubtype());
-                } else {
-                    headers.setContentType(JAXRSUtils.mediaTypeToString(mt));
-                }
-            }
-        }
-    }
-
-    public void setEncodePayload(boolean encodePayload) {
-        this.encodePayload = encodePayload;
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java
deleted file mode 100644
index 5deaceb..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java
+++ /dev/null
@@ -1,107 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jaxrs;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-import javax.annotation.Priority;
-import javax.ws.rs.WebApplicationException;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.ext.WriterInterceptor;
-import javax.ws.rs.ext.WriterInterceptorContext;
-
-import org.apache.cxf.common.util.Base64UrlOutputStream;
-import org.apache.cxf.common.util.Base64UrlUtility;
-import org.apache.cxf.common.util.StringUtils;
-import org.apache.cxf.io.CachedOutputStream;
-import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
-import org.apache.cxf.jaxrs.utils.JAXRSUtils;
-import org.apache.cxf.rs.security.jose.JoseConstants;
-import org.apache.cxf.rs.security.jose.JoseHeaders;
-import org.apache.cxf.rs.security.jose.jws.JwsCompactProducer;
-import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
-import org.apache.cxf.rs.security.jose.jws.JwsOutputStream;
-import org.apache.cxf.rs.security.jose.jws.JwsSignature;
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
-
-@Priority(Priorities.JWS_WRITE_PRIORITY)
-public class JwsWriterInterceptor extends AbstractJwsWriterProvider implements WriterInterceptor {
-    private boolean contentTypeRequired = true;
-    private boolean useJwsOutputStream;
-    private JsonMapObjectReaderWriter writer = new JsonMapObjectReaderWriter();
-    @Override
-    public void aroundWriteTo(WriterInterceptorContext ctx) throws IOException, WebApplicationException {
-        if (ctx.getEntity() == null) {
-            ctx.proceed();
-            return;
-        }
-        JwsHeaders headers = new JwsHeaders();
-        JwsSignatureProvider sigProvider = getInitializedSigProvider(headers);
-        setContentTypeIfNeeded(headers, ctx);
-        OutputStream actualOs = ctx.getOutputStream();
-        if (useJwsOutputStream) {
-            JwsSignature jwsSignature = sigProvider.createJwsSignature(headers);
-            JwsOutputStream jwsStream = new JwsOutputStream(actualOs, jwsSignature);
-            byte[] headerBytes = StringUtils.toBytesUTF8(writer.toJson(headers));
-            Base64UrlUtility.encodeAndStream(headerBytes, 0, headerBytes.length, jwsStream);
-            jwsStream.write(new byte[]{'.'});
-                        
-            Base64UrlOutputStream base64Stream = new Base64UrlOutputStream(jwsStream);
-            ctx.setOutputStream(base64Stream);
-            ctx.proceed();
-            setJoseMediaType(ctx);
-            base64Stream.flush();
-            jwsStream.flush();
-        } else {
-            CachedOutputStream cos = new CachedOutputStream(); 
-            ctx.setOutputStream(cos);
-            ctx.proceed();
-            JwsCompactProducer p = new JwsCompactProducer(headers, new String(cos.getBytes(), "UTF-8"));
-            setJoseMediaType(ctx);
-            writeJws(p, sigProvider, actualOs);
-        }
-    }
-    
-    public void setContentTypeRequired(boolean contentTypeRequired) {
-        this.contentTypeRequired = contentTypeRequired;
-    }
-    
-    public void setUseJwsOutputStream(boolean useJwsOutputStream) {
-        this.useJwsOutputStream = useJwsOutputStream;
-    }
-    private void setContentTypeIfNeeded(JoseHeaders headers, WriterInterceptorContext ctx) {    
-        if (contentTypeRequired) {
-            MediaType mt = ctx.getMediaType();
-            if (mt != null 
-                && !JAXRSUtils.mediaTypeToString(mt).equals(JoseConstants.MEDIA_TYPE_JOSE)) {
-                if ("application".equals(mt.getType())) {
-                    headers.setContentType(mt.getSubtype());
-                } else {
-                    headers.setContentType(JAXRSUtils.mediaTypeToString(mt));
-                }
-            }
-        }
-    }
-    
-    private void setJoseMediaType(WriterInterceptorContext ctx) {
-        MediaType joseMediaType = JAXRSUtils.toMediaType(JoseConstants.MEDIA_TYPE_JOSE);
-        ctx.setMediaType(joseMediaType);
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationClientFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationClientFilter.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationClientFilter.java
deleted file mode 100644
index dc77d15..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationClientFilter.java
+++ /dev/null
@@ -1,83 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jaxrs;
-
-import java.io.IOException;
-
-import javax.annotation.Priority;
-import javax.ws.rs.Priorities;
-import javax.ws.rs.client.ClientRequestContext;
-import javax.ws.rs.client.ClientRequestFilter;
-import javax.ws.rs.core.HttpHeaders;
-
-import org.apache.cxf.common.util.Base64UrlUtility;
-import org.apache.cxf.configuration.security.AuthorizationPolicy;
-import org.apache.cxf.jaxrs.utils.JAXRSUtils;
-import org.apache.cxf.rs.security.jose.JoseException;
-import org.apache.cxf.rs.security.jose.JoseUtils;
-import org.apache.cxf.rs.security.jose.jwe.JweHeaders;
-import org.apache.cxf.rs.security.jose.jwt.AbstractJoseJwtProducer;
-import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
-import org.apache.cxf.rs.security.jose.jwt.JwtConstants;
-import org.apache.cxf.rs.security.jose.jwt.JwtToken;
-import org.apache.cxf.rt.security.crypto.CryptoUtils;
-
-@Priority(Priorities.AUTHENTICATION)
-public class JwtAuthenticationClientFilter extends AbstractJoseJwtProducer 
-    implements ClientRequestFilter {
-
-    private static final String DEFAULT_AUTH_SCHEME = "JWT";
-    private String authScheme = DEFAULT_AUTH_SCHEME;
-    @Override
-    public void filter(ClientRequestContext requestContext) throws IOException {
-        JwtToken jwt = getJwtToken(requestContext);
-        if (jwt == null && super.isJweRequired()) {
-            AuthorizationPolicy ap = JAXRSUtils.getCurrentMessage().getExchange()
-                .getEndpoint().getEndpointInfo().getExtensor(AuthorizationPolicy.class);
-            if (ap != null && ap.getUserName() != null) {
-                JwtClaims claims = new JwtClaims();
-                claims.setSubject(ap.getUserName());
-                claims.setClaim("password", ap.getPassword());
-                claims.setIssuedAt(System.currentTimeMillis() / 1000);
-                jwt = new JwtToken(new JweHeaders(), claims);
-            }
-        }
-        if (jwt == null) {
-            throw new JoseException("JWT token is not available");
-        }
-        JoseUtils.setJoseMessageContextProperty(jwt.getHeaders(),
-                                                getContextPropertyValue());
-        String data = super.processJwt(jwt);
-        requestContext.getHeaders().putSingle(HttpHeaders.AUTHORIZATION, 
-                                              authScheme + " " + data);
-    }
-    protected JwtToken getJwtToken(ClientRequestContext requestContext) {
-        return (JwtToken)requestContext.getProperty(JwtConstants.JWT_TOKEN);
-    }
-    protected String getContextPropertyValue() {
-        return Base64UrlUtility.encode(CryptoUtils.generateSecureRandomBytes(16));
-    }
-    
-    public void setAuthScheme(String authScheme) {
-        this.authScheme = authScheme;
-    }
-    
-    
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationFilter.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationFilter.java
deleted file mode 100644
index 3c64890..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationFilter.java
+++ /dev/null
@@ -1,113 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jaxrs;
-
-import java.io.IOException;
-import java.util.logging.Logger;
-
-import javax.annotation.Priority;
-import javax.ws.rs.Priorities;
-import javax.ws.rs.container.ContainerRequestContext;
-import javax.ws.rs.container.ContainerRequestFilter;
-import javax.ws.rs.container.PreMatching;
-import javax.ws.rs.core.HttpHeaders;
-
-import org.apache.cxf.common.logging.LogUtils;
-import org.apache.cxf.jaxrs.utils.JAXRSUtils;
-import org.apache.cxf.rs.security.jose.JoseException;
-import org.apache.cxf.rs.security.jose.JoseUtils;
-import org.apache.cxf.rs.security.jose.jwt.AbstractJoseJwtConsumer;
-import org.apache.cxf.rs.security.jose.jwt.JwtToken;
-import org.apache.cxf.rs.security.jose.jwt.JwtUtils;
-import org.apache.cxf.security.SecurityContext;
-
-@PreMatching
-@Priority(Priorities.AUTHENTICATION)
-public class JwtAuthenticationFilter extends AbstractJoseJwtConsumer implements ContainerRequestFilter {
-    protected static final Logger LOG = LogUtils.getL7dLogger(JwtAuthenticationFilter.class);
-    
-    private static final String DEFAULT_AUTH_SCHEME = "JWT";
-    private String expectedAuthScheme = DEFAULT_AUTH_SCHEME;
-    private int clockOffset;
-    private String roleClaim;
-    private int ttl;
-    
-    @Override
-    public void filter(ContainerRequestContext requestContext) throws IOException {
-        String auth = requestContext.getHeaderString(HttpHeaders.AUTHORIZATION);
-        String[] parts = auth == null ? null : auth.split(" ");
-        if (parts == null || !expectedAuthScheme.equals(parts[0]) || parts.length != 2) {
-            throw new JoseException(expectedAuthScheme + " scheme is expected");
-        }
-        JwtToken token = super.getJwtToken(parts[1]);
-        JoseUtils.setMessageContextProperty(token.getHeaders());
-        
-        SecurityContext securityContext = configureSecurityContext(token);
-        if (securityContext != null) {
-            JAXRSUtils.getCurrentMessage().put(SecurityContext.class, securityContext);
-        }
-
-    }
-    
-    protected SecurityContext configureSecurityContext(JwtToken jwt) {
-        return new JwtTokenSecurityContext(jwt, roleClaim);
-    }
-
-    
-    public void setExpectedAuthScheme(String expectedAuthScheme) {
-        this.expectedAuthScheme = expectedAuthScheme;
-    }
-    
-    @Override
-    protected void validateToken(JwtToken jwt) {
-        // If we have no issued time then we need to have an expiry
-        boolean expiredRequired = jwt.getClaims().getIssuedAt() == null;
-        JwtUtils.validateJwtExpiry(jwt.getClaims(), clockOffset, expiredRequired);
-        
-        JwtUtils.validateJwtNotBefore(jwt.getClaims(), clockOffset, false);
-        
-        // If we have no expiry then we must have an issued at
-        boolean issuedAtRequired = jwt.getClaims().getExpiryTime() == null;
-        JwtUtils.validateJwtIssuedAt(jwt.getClaims(), ttl, clockOffset, issuedAtRequired);
-    }
-
-    public int getClockOffset() {
-        return clockOffset;
-    }
-
-    public void setClockOffset(int clockOffset) {
-        this.clockOffset = clockOffset;
-    }
-    
-    public String getRoleClaim() {
-        return roleClaim;
-    }
-
-    public void setRoleClaim(String roleClaim) {
-        this.roleClaim = roleClaim;
-    }
-
-    public int getTtl() {
-        return ttl;
-    }
-
-    public void setTtl(int ttl) {
-        this.ttl = ttl;
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/66a81773/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtTokenSecurityContext.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtTokenSecurityContext.java b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtTokenSecurityContext.java
deleted file mode 100644
index f100228..0000000
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtTokenSecurityContext.java
+++ /dev/null
@@ -1,81 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.jose.jaxrs;
-
-import java.security.Principal;
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.Set;
-
-import javax.security.auth.Subject;
-
-import org.apache.cxf.common.security.SimpleGroup;
-import org.apache.cxf.common.security.SimplePrincipal;
-import org.apache.cxf.rs.security.jose.jwt.JwtToken;
-import org.apache.cxf.security.LoginSecurityContext;
-
-public class JwtTokenSecurityContext implements LoginSecurityContext {
-    private final JwtToken token;
-    private final Principal principal;
-    private final Set<Principal> roles;
-    
-    public JwtTokenSecurityContext(JwtToken jwt, String roleClaim) {
-        principal = new SimplePrincipal(jwt.getClaims().getSubject());
-        this.token = jwt;
-        if (roleClaim != null && jwt.getClaims().containsProperty(roleClaim)) {
-            roles = new HashSet<>();
-            String role = jwt.getClaims().getStringProperty(roleClaim).trim();
-            for (String r : role.split(",")) {
-                roles.add(new SimpleGroup(r));
-            }
-        } else {
-            roles = Collections.emptySet();
-        }
-    }
-    
-    public JwtToken getToken() {
-        return token;
-    }
-
-    @Override
-    public Subject getSubject() {
-        return null;
-    }
-
-    @Override
-    public Set<Principal> getUserRoles() {
-        return Collections.unmodifiableSet(roles);
-    }
-
-    @Override
-    public Principal getUserPrincipal() {
-        return principal;
-    }
-
-    @Override
-    public boolean isUserInRole(String role) {
-        for (Principal principalRole : roles) {
-            if (principalRole != principal && principalRole.getName().equals(role)) {
-                return true;
-            }
-        }
-        return false;
-    }
-
-}


Mime
View raw message