cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [4/6] cxf git commit: Another change of the "include" properties
Date Mon, 26 Oct 2015 17:09:13 GMT
Another change of the "include" properties


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/049a8bd4
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/049a8bd4
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/049a8bd4

Branch: refs/heads/3.0.x-fixes
Commit: 049a8bd438df760ac2315e43b463811b91959aaa
Parents: 71048a0
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Mon Oct 26 15:32:51 2015 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Mon Oct 26 17:08:46 2015 +0000

----------------------------------------------------------------------
 .../rs/security/jose/common/JoseConstants.java  | 32 +++-----------------
 .../cxf/rs/security/jose/jwe/JweUtils.java      | 20 +++++-------
 .../cxf/rs/security/jose/jws/JwsUtils.java      | 20 +++++-------
 .../jaxrs/security/jwt/JAXRSJweJwsTest.java     |  7 +++--
 4 files changed, 24 insertions(+), 55 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/049a8bd4/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java
b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java
index 66c86d9..c05b37d 100644
--- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java
+++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java
@@ -100,26 +100,6 @@ public final class JoseConstants {
     public static final String RSSEC_KEY_PSWD_PROVIDER = "rs.security.key.password.provider";
     
     /**
-     * Include the JWK public key (for signature or encryption) in the "jwk" header.
-     */
-    public static final String RSSEC_INCLUDE_PUBLIC_KEY = "rs.security.include.public.key";
-    
-    /**
-     * Include the X.509 certificate (for signature or encryption) in the "x5c" header.
-     */
-    public static final String RSSEC_INCLUDE_CERT = "rs.security.include.cert";
-    
-    /**
-     * Include the JWK key id (for signature or encryption) in the "kid" header.
-     */
-    public static final String RSSEC_INCLUDE_KEY_ID = "rs.security.include.key.id";
-    
-    /**
-     * Include the X.509 certificate SHA-1 digest (for signature or encryption) in the "x5t"
header.
-     */
-    public static final String RSSEC_INCLUDE_CERT_SHA1 = "rs.security.include.cert.sha1";
-    
-    /**
      * Whether to allow using a JWK received in the header for signature validation. The
default
      * is "false".
      */
@@ -187,26 +167,22 @@ public final class JoseConstants {
     public static final String RSSEC_SIGNATURE_LIST_PROPS = "rs.security.signature.list.properties";
     
     /**
-     * Include the JWK public key for signature in the "jwk" header. If not configured then
it
-     * falls back to RSSEC_INCLUDE_PUBLIC_KEY.
+     * Include the JWK public key for signature in the "jwk" header. 
      */
     public static final String RSSEC_SIGNATURE_INCLUDE_PUBLIC_KEY = "rs.security.signature.include.public.key";
     
     /**
-     * Include the X.509 certificate for signature in the "x5c" header. If not configured
then it
-     * falls back to RSSEC_INCLUDE_CERT.
+     * Include the X.509 certificate for signature in the "x5c" header. 
      */
     public static final String RSSEC_SIGNATURE_INCLUDE_CERT = "rs.security.signature.include.cert";
     
     /**
-     * Include the JWK key id for signature in the "kid" header. If not configured then it
-     * falls back to RSSEC_INCLUDE_KEY_ID.
+     * Include the JWK key id for signature in the "kid" header.
      */
     public static final String RSSEC_SIGNATURE_INCLUDE_KEY_ID = "rs.security.signature.include.key.id";
     
     /**
-     * Include the X.509 certificate SHA-1 digest for signature in the "x5t" header. If not
configured then it
-     * falls back to RSSEC_INCLUDE_CERT_SHA1.
+     * Include the X.509 certificate SHA-1 digest for signature in the "x5t" header. 
      */
     public static final String RSSEC_SIGNATURE_INCLUDE_CERT_SHA1 = "rs.security.signature.include.cert.sha1";
     

http://git-wip-us.apache.org/repos/asf/cxf/blob/049a8bd4/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
index ad9b137..4591bc3 100644
--- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
+++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
@@ -282,12 +282,10 @@ public final class JweUtils {
         }
         
         boolean includeCert = 
-            headers != null && MessageUtils.isTrue(
-                MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_ENCRYPTION_INCLUDE_CERT,

-                                                   JoseConstants.RSSEC_INCLUDE_CERT));
-        boolean includeCertSha1 = headers != null && MessageUtils.isTrue(
-                MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_ENCRYPTION_INCLUDE_CERT_SHA1,

-                                                   JoseConstants.RSSEC_INCLUDE_CERT_SHA1));
+            headers != null && MessageUtils.getContextualBoolean(
+                m, JoseConstants.RSSEC_ENCRYPTION_INCLUDE_CERT, false);
+        boolean includeCertSha1 = headers != null && MessageUtils.getContextualBoolean(
+                m, JoseConstants.RSSEC_ENCRYPTION_INCLUDE_CERT_SHA1, false);
         
         KeyEncryptionProvider keyEncryptionProvider = null;
         String keyEncryptionAlgo = getKeyEncryptionAlgo(m, props, null, null);
@@ -304,12 +302,10 @@ public final class JweUtils {
                                                          getDefaultKeyAlgo(jwk));
                 keyEncryptionProvider = getKeyEncryptionProvider(jwk, keyAlgo);
                 
-                boolean includePublicKey = headers != null && MessageUtils.isTrue(
-                    MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_ENCRYPTION_INCLUDE_PUBLIC_KEY,
-                                                       JoseConstants.RSSEC_INCLUDE_PUBLIC_KEY));
-                boolean includeKeyId = headers != null && MessageUtils.isTrue(
-                    MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_ENCRYPTION_INCLUDE_KEY_ID,
-                                                       JoseConstants.RSSEC_INCLUDE_KEY_ID));
+                boolean includePublicKey = headers != null && MessageUtils.getContextualBoolean(
+                    m, JoseConstants.RSSEC_ENCRYPTION_INCLUDE_PUBLIC_KEY, false);
+                boolean includeKeyId = headers != null && MessageUtils.getContextualBoolean(
+                    m, JoseConstants.RSSEC_ENCRYPTION_INCLUDE_KEY_ID, false);
                 
                 if (includeCert) {
                     JwkUtils.includeCertChain(jwk, headers, keyEncryptionAlgo);

http://git-wip-us.apache.org/repos/asf/cxf/blob/049a8bd4/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
index 7cdefbe..1f27611 100644
--- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
+++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
@@ -268,12 +268,10 @@ public final class JwsUtils {
                                                               boolean ignoreNullProvider)
{
         JwsSignatureProvider theSigProvider = null;
         
-        boolean includeCert = headers != null && MessageUtils.isTrue(
-                MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_SIGNATURE_INCLUDE_CERT,

-                                                   JoseConstants.RSSEC_INCLUDE_CERT));
-        boolean includeCertSha1 = headers != null && MessageUtils.isTrue(
-                MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_SIGNATURE_INCLUDE_CERT_SHA1,

-                                                   JoseConstants.RSSEC_INCLUDE_CERT_SHA1));
+        boolean includeCert = headers != null && MessageUtils.getContextualBoolean(
+                m, JoseConstants.RSSEC_SIGNATURE_INCLUDE_CERT, false);
+        boolean includeCertSha1 = headers != null && MessageUtils.getContextualBoolean(
+                m, JoseConstants.RSSEC_SIGNATURE_INCLUDE_CERT_SHA1, false);
         
         if (JoseConstants.HEADER_JSON_WEB_KEY.equals(props.get(JoseConstants.RSSEC_KEY_STORE_TYPE)))
{
             JsonWebKey jwk = JwkUtils.loadJsonWebKey(m, props, KeyOperation.SIGN);
@@ -281,12 +279,10 @@ public final class JwsUtils {
                 String signatureAlgo = getSignatureAlgo(m, props, jwk.getAlgorithm(), getDefaultKeyAlgo(jwk));
                 theSigProvider = JwsUtils.getSignatureProvider(jwk, SignatureAlgorithm.getAlgorithm(signatureAlgo));
                 
-                boolean includePublicKey = headers != null && MessageUtils.isTrue(
-                    MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_SIGNATURE_INCLUDE_PUBLIC_KEY,
-                                                       JoseConstants.RSSEC_INCLUDE_PUBLIC_KEY));
-                boolean includeKeyId = headers != null && MessageUtils.isTrue(
-                    MessageUtils.getContextualProperty(m, JoseConstants.RSSEC_SIGNATURE_INCLUDE_KEY_ID,
-                                                       JoseConstants.RSSEC_INCLUDE_KEY_ID));
+                boolean includePublicKey = headers != null && MessageUtils.getContextualBoolean(
+                    m, JoseConstants.RSSEC_SIGNATURE_INCLUDE_PUBLIC_KEY, false);
+                boolean includeKeyId = headers != null && MessageUtils.getContextualBoolean(
+                    m, JoseConstants.RSSEC_SIGNATURE_INCLUDE_KEY_ID, false);
                 
                 if (includeCert) {
                     JwkUtils.includeCertChain(jwk, headers, signatureAlgo);

http://git-wip-us.apache.org/repos/asf/cxf/blob/049a8bd4/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
index 629ed0f..b65ff32 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
@@ -243,7 +243,8 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase {
         }
         String address = "https://localhost:" + PORT + "/jwejwsrsaCertInHeaders";
         BookStore bs = createJweJwsBookStore(address, null, null);
-        WebClient.getConfig(bs).getRequestContext().put("rs.security.include.cert", "true");
+        WebClient.getConfig(bs).getRequestContext().put("rs.security.signature.include.cert",
"true");
+        WebClient.getConfig(bs).getRequestContext().put("rs.security.encryption.include.cert",
"true");
         String text = bs.echoText("book");
         assertEquals("book", text);
     }
@@ -369,10 +370,10 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase
{
         bean.getProperties(true).put("rs.security.signature.in.properties",
             "org/apache/cxf/systest/jaxrs/security/bob.jwk.properties");
         if (includePublicKey) {
-            bean.getProperties(true).put("rs.security.include.public.key", true);
+            bean.getProperties(true).put("rs.security.signature.include.public.key", true);
         }
         if (includeKeyId) {
-            bean.getProperties(true).put("rs.security.include.key.id", true);
+            bean.getProperties(true).put("rs.security.signature.include.key.id", true);
         }
         BookStore bs = bean.create(BookStore.class);
         String text = bs.echoText("book");


Mime
View raw message