cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Fixing the master build
Date Mon, 12 Oct 2015 14:30:47 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 9f8ed96ae -> 1f7509eb5


Fixing the master build


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/1f7509eb
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/1f7509eb
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/1f7509eb

Branch: refs/heads/3.0.x-fixes
Commit: 1f7509eb554a8d3fef35a69b38d89e92bab66577
Parents: 9f8ed96
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Mon Oct 12 15:27:52 2015 +0100
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Mon Oct 12 15:29:53 2015 +0100

----------------------------------------------------------------------
 .../oauth2/grants/jwt/AbstractJwtHandler.java   | 20 +++++++++-----------
 .../oauth2/tokens/jwt/JwtAccessTokenUtils.java  |  8 ++++----
 2 files changed, 13 insertions(+), 15 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/1f7509eb/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/jwt/AbstractJwtHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/jwt/AbstractJwtHandler.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/jwt/AbstractJwtHandler.java
index baafd5f..4f966c2 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/jwt/AbstractJwtHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/jwt/AbstractJwtHandler.java
@@ -38,8 +38,8 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 public abstract class AbstractJwtHandler extends AbstractGrantHandler {
     private Set<String> supportedIssuers; 
     private JwsSignatureVerifier jwsVerifier;
-    private int ttl = 300;
-    private int futureTTL;
+    private int ttl;
+    private int clockOffset;
         
     protected AbstractJwtHandler(List<String> grants) {
         super(grants);
@@ -59,15 +59,13 @@ public abstract class AbstractJwtHandler extends AbstractGrantHandler
{
         
         // If we have no issued time then we need to have an expiry
         boolean expiredRequired = claims.getIssuedAt() == null;
-        JwtUtils.validateJwtExpiry(claims, expiredRequired);
+        JwtUtils.validateJwtExpiry(claims, clockOffset, expiredRequired);
         
-        JwtUtils.validateJwtNotBefore(claims, futureTTL, false);
+        JwtUtils.validateJwtNotBefore(claims, clockOffset, false);
         
         // If we have no expiry then we must have an issued at
         boolean issuedAtRequired = claims.getExpiryTime() == null;
-        if (issuedAtRequired) {
-            JwtUtils.validateJwtTTL(claims, ttl, issuedAtRequired);
-        }
+        JwtUtils.validateJwtIssuedAt(claims, ttl, clockOffset, issuedAtRequired);
     }
 
     protected void validateIssuer(String issuer) {
@@ -104,11 +102,11 @@ public abstract class AbstractJwtHandler extends AbstractGrantHandler
{
         this.ttl = ttl;
     }
 
-    public int getFutureTTL() {
-        return futureTTL;
+    public int getClockOffset() {
+        return clockOffset;
     }
 
-    public void setFutureTTL(int futureTTL) {
-        this.futureTTL = futureTTL;
+    public void setClockOffset(int clockOffset) {
+        this.clockOffset = clockOffset;
     }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/1f7509eb/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/jwt/JwtAccessTokenUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/jwt/JwtAccessTokenUtils.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/jwt/JwtAccessTokenUtils.java
index a88d96f..c413d00 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/jwt/JwtAccessTokenUtils.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/jwt/JwtAccessTokenUtils.java
@@ -110,19 +110,19 @@ public final class JwtAccessTokenUtils {
             throw new SecurityException();
         }
     }
-    public static void validateJwtClaims(JwtClaims claims, int ttl, int futureTTL, Client
c) {
+    public static void validateJwtClaims(JwtClaims claims, int ttl, int clockOffset, Client
c) {
         validateJwtSubjectAndAudience(claims, c);
         
         // If we have no issued time then we need to have an expiry
         boolean expiredRequired = claims.getIssuedAt() == null;
-        JwtUtils.validateJwtExpiry(claims, expiredRequired);
+        JwtUtils.validateJwtExpiry(claims, clockOffset, expiredRequired);
         
-        JwtUtils.validateJwtNotBefore(claims, futureTTL, false);
+        JwtUtils.validateJwtNotBefore(claims, clockOffset, false);
         
         // If we have no expiry then we must have an issued at
         boolean issuedAtRequired = claims.getExpiryTime() == null;
         if (issuedAtRequired) {
-            JwtUtils.validateJwtTTL(claims, ttl, issuedAtRequired);
+            JwtUtils.validateJwtIssuedAt(claims, ttl, clockOffset, issuedAtRequired);
         }
     }
     


Mime
View raw message