cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Making JWT authentication scheme name configurable
Date Thu, 08 Oct 2015 15:50:24 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 9e37adb74 -> 572a11cf2


Making JWT authentication scheme name configurable


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/572a11cf
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/572a11cf
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/572a11cf

Branch: refs/heads/master
Commit: 572a11cf258b7b977470b732f43e21dea5782bb2
Parents: 9e37adb
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Thu Oct 8 16:50:09 2015 +0100
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Thu Oct 8 16:50:09 2015 +0100

----------------------------------------------------------------------
 .../jose/jaxrs/JwtAuthenticationClientFilter.java         | 10 +++++++++-
 .../rs/security/jose/jaxrs/JwtAuthenticationFilter.java   | 10 ++++++++--
 2 files changed, 17 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/572a11cf/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationClientFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationClientFilter.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationClientFilter.java
index 531d92a..a618857 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationClientFilter.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationClientFilter.java
@@ -41,6 +41,8 @@ import org.apache.cxf.rt.security.crypto.CryptoUtils;
 public class JwtAuthenticationClientFilter extends AbstractJoseJwtProducer 
     implements ClientRequestFilter {
 
+    private static final String DEFAULT_AUTH_SCHEME = "JWT";
+    private String authScheme = DEFAULT_AUTH_SCHEME;
     @Override
     public void filter(ClientRequestContext requestContext) throws IOException {
         JwtToken jwt = getJwtToken(requestContext);
@@ -62,7 +64,7 @@ public class JwtAuthenticationClientFilter extends AbstractJoseJwtProducer
                                                 getContextPropertyValue());
         String data = super.processJwt(jwt);
         requestContext.getHeaders().putSingle(HttpHeaders.AUTHORIZATION, 
-                                              "JWT " + data);
+                                              authScheme + " " + data);
     }
     protected JwtToken getJwtToken(ClientRequestContext requestContext) {
         return (JwtToken)requestContext.getProperty("jwt.token");
@@ -71,4 +73,10 @@ public class JwtAuthenticationClientFilter extends AbstractJoseJwtProducer
         return Base64UrlUtility.encode(CryptoUtils.generateSecureRandomBytes(16));
     }
     
+    public void setAuthScheme(String authScheme) {
+        this.authScheme = authScheme;
+    }
+    
+    
+    
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/572a11cf/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationFilter.java
b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationFilter.java
index b19582b..c0c4e02 100644
--- a/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationFilter.java
+++ b/rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwtAuthenticationFilter.java
@@ -43,18 +43,24 @@ import org.apache.cxf.security.SecurityContext;
 public class JwtAuthenticationFilter extends AbstractJoseJwtConsumer implements ContainerRequestFilter
{
     protected static final Logger LOG = LogUtils.getL7dLogger(JwtAuthenticationFilter.class);
     
+    private static final String DEFAULT_AUTH_SCHEME = "JWT";
+    private String expectedAuthScheme = DEFAULT_AUTH_SCHEME;
+    
     @Override
     public void filter(ContainerRequestContext requestContext) throws IOException {
         String auth = requestContext.getHeaderString(HttpHeaders.AUTHORIZATION);
         String[] parts = auth == null ? null : auth.split(" ");
-        if (parts == null || !"JWT".equals(parts[0]) || parts.length != 2) {
-            throw new JoseException("JWT scheme is expected");
+        if (parts == null || !expectedAuthScheme.equals(parts[0]) || parts.length != 2) {
+            throw new JoseException(expectedAuthScheme + " scheme is expected");
         }
         JwtToken jwt = super.getJwtToken(parts[1]);
         JoseUtils.setMessageContextProperty(jwt.getHeaders());
         JAXRSUtils.getCurrentMessage().put(SecurityContext.class, 
               new SimpleSecurityContext(new JwtPrincipal(jwt)));
     }
+    public void setExpectedAuthScheme(String expectedAuthScheme) {
+        this.expectedAuthScheme = expectedAuthScheme;
+    }
     public static class JwtPrincipal extends SimplePrincipal {
         private static final long serialVersionUID = 1L;
         private JwtToken jwt;


Mime
View raw message