Return-Path: 
 <commits-return-38754-apmail-cxf-commits-archive=cxf.apache.org@cxf.apache.org>
X-Original-To: apmail-cxf-commits-archive@www.apache.org
Delivered-To: apmail-cxf-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 7E29D18220
	for <apmail-cxf-commits-archive@www.apache.org>;
 Wed, 28 Oct 2015 13:06:40 +0000 (UTC)
Received: (qmail 11426 invoked by uid 500); 28 Oct 2015 13:06:31 -0000
Delivered-To: apmail-cxf-commits-archive@cxf.apache.org
Received: (qmail 11369 invoked by uid 500); 28 Oct 2015 13:06:30 -0000
Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@cxf.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@cxf.apache.org>
List-Post: <mailto:commits@cxf.apache.org>
List-Id: <commits.cxf.apache.org>
Reply-To: dev@cxf.apache.org
Delivered-To: mailing list commits@cxf.apache.org
Received: (qmail 11360 invoked by uid 99); 28 Oct 2015 13:06:30 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org)
 (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 28 Oct 2015 13:06:30 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at
 git1-us-west.apache.org, from userid 33)
	id 2D1D0E0159; Wed, 28 Oct 2015 13:06:30 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: sergeyb@apache.org
To: commits@cxf.apache.org
Message-Id: <e43bbe5e05a54366bf48fa8adee74994@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: cxf git commit: [CXF-6645] Introducing a 'jose.debug' property
Date: Wed, 28 Oct 2015 13:06:30 +0000 (UTC)

Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes e7ca0746f -> e4dcd31e4


[CXF-6645] Introducing a 'jose.debug' property


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e4dcd31e
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e4dcd31e
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e4dcd31e

Branch: refs/heads/3.0.x-fixes
Commit: e4dcd31e49c0546a5c7b38547244e7f5b9e38563
Parents: e7ca074
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Wed Oct 28 13:04:25 2015 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Wed Oct 28 13:06:07 2015 +0000

----------------------------------------------------------------------
 .../jose/jaxrs/AbstractJweDecryptingFilter.java         |  2 ++
 .../security/jose/jaxrs/AbstractJwsReaderProvider.java  |  4 +++-
 .../security/jose/jaxrs/AbstractJwsWriterProvider.java  |  1 +
 .../rs/security/jose/jaxrs/JweWriterInterceptor.java    |  3 +++
 .../rs/security/jose/jaxrs/JwsWriterInterceptor.java    |  2 ++
 .../cxf/rs/security/jose/common/JoseConstants.java      |  5 ++++-
 .../apache/cxf/rs/security/jose/common/JoseUtils.java   | 12 ++++++++++++
 .../org/apache/cxf/rs/security/jose/jwe/JweUtils.java   |  1 +
 .../org/apache/cxf/rs/security/jose/jws/JwsUtils.java   |  1 +
 .../cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java |  1 +
 10 files changed, 30 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/e4dcd31e/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJweDecryptingFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJweDecryptingFilter.java b/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJweDecryptingFilter.java
index 0d7d915..83e3533 100644
--- a/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJweDecryptingFilter.java
+++ b/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJweDecryptingFilter.java
@@ -22,6 +22,7 @@ import java.io.IOException;
 import java.io.InputStream;
 
 import org.apache.cxf.helpers.IOUtils;
+import org.apache.cxf.rs.security.jose.common.JoseUtils;
 import org.apache.cxf.rs.security.jose.jwe.JweCompactConsumer;
 import org.apache.cxf.rs.security.jose.jwe.JweDecryptionOutput;
 import org.apache.cxf.rs.security.jose.jwe.JweDecryptionProvider;
@@ -35,6 +36,7 @@ public class AbstractJweDecryptingFilter {
         JweCompactConsumer jwe = new JweCompactConsumer(new String(IOUtils.readBytesFromStream(is), "UTF-8"));
         JweDecryptionProvider theDecryptor = getInitializedDecryptionProvider(jwe.getJweHeaders());
         JweDecryptionOutput out = new JweDecryptionOutput(jwe.getJweHeaders(), jwe.getDecryptedContent(theDecryptor));
+        JoseUtils.traceHeaders(out.getHeaders());
         validateHeaders(out.getHeaders());
         return out;
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/e4dcd31e/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsReaderProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsReaderProvider.java b/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsReaderProvider.java
index 0e8b0d0..82e612c 100644
--- a/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsReaderProvider.java
+++ b/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsReaderProvider.java
@@ -18,6 +18,7 @@
  */
 package org.apache.cxf.rs.security.jose.jaxrs;
 
+import org.apache.cxf.rs.security.jose.common.JoseUtils;
 import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
 import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
 import org.apache.cxf.rs.security.jose.jws.JwsUtils;
@@ -31,12 +32,13 @@ public class AbstractJwsReaderProvider {
     }
 
     protected JwsSignatureVerifier getInitializedSigVerifier(JwsHeaders headers) {
+        JoseUtils.traceHeaders(headers);
         if (sigVerifier != null) {
             return sigVerifier;    
         } 
         return JwsUtils.loadSignatureVerifier(headers, true);
     }
-
+    
     public String getDefaultMediaType() {
         return defaultMediaType;
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/e4dcd31e/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsWriterProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsWriterProvider.java b/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsWriterProvider.java
index 7aef6d1..78a2ec6 100644
--- a/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsWriterProvider.java
+++ b/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/AbstractJwsWriterProvider.java
@@ -51,6 +51,7 @@ public class AbstractJwsWriterProvider {
     protected void writeJws(JwsCompactProducer p, JwsSignatureProvider theSigProvider, OutputStream os) 
         throws IOException {
         p.signWith(theSigProvider);
+        JoseUtils.traceHeaders(p.getJwsHeaders());
         byte[] bytes = StringUtils.toBytesUTF8(p.getSignedEncodedJws());
         IOUtils.copy(new ByteArrayInputStream(bytes), os);
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/e4dcd31e/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweWriterInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweWriterInterceptor.java b/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweWriterInterceptor.java
index e4e0e33..20bea16 100644
--- a/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweWriterInterceptor.java
+++ b/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JweWriterInterceptor.java
@@ -36,6 +36,7 @@ import org.apache.cxf.helpers.IOUtils;
 import org.apache.cxf.io.CachedOutputStream;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
 import org.apache.cxf.rs.security.jose.common.JoseConstants;
+import org.apache.cxf.rs.security.jose.common.JoseUtils;
 import org.apache.cxf.rs.security.jose.jwe.JweCompactProducer;
 import org.apache.cxf.rs.security.jose.jwe.JweEncryptionInput;
 import org.apache.cxf.rs.security.jose.jwe.JweEncryptionOutput;
@@ -77,6 +78,7 @@ public class JweWriterInterceptor implements WriterInterceptor {
         if (useJweOutputStream) {
             JweEncryptionOutput encryption = 
                 theEncryptionProvider.getEncryptionOutput(new JweEncryptionInput(jweHeaders));
+            JoseUtils.traceHeaders(encryption.getHeaders());
             try {
                 JweCompactProducer.startJweContent(actualOs,
                                                    encryption.getHeaders(), 
@@ -103,6 +105,7 @@ public class JweWriterInterceptor implements WriterInterceptor {
             ctx.setOutputStream(cos);
             ctx.proceed();
             String jweContent = theEncryptionProvider.encrypt(cos.getBytes(), jweHeaders);
+            JoseUtils.traceHeaders(jweHeaders);
             setJoseMediaType(ctx);
             IOUtils.copy(new ByteArrayInputStream(StringUtils.toBytesUTF8(jweContent)), 
                          actualOs);

http://git-wip-us.apache.org/repos/asf/cxf/blob/e4dcd31e/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java b/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java
index 1104a2d..4657c9e 100644
--- a/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java
+++ b/rt/rs/security/jose-parent/jose-jaxrs/src/main/java/org/apache/cxf/rs/security/jose/jaxrs/JwsWriterInterceptor.java
@@ -35,6 +35,7 @@ import org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
 import org.apache.cxf.rs.security.jose.common.JoseConstants;
 import org.apache.cxf.rs.security.jose.common.JoseHeaders;
+import org.apache.cxf.rs.security.jose.common.JoseUtils;
 import org.apache.cxf.rs.security.jose.jws.JwsCompactProducer;
 import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
 import org.apache.cxf.rs.security.jose.jws.JwsOutputStream;
@@ -58,6 +59,7 @@ public class JwsWriterInterceptor extends AbstractJwsWriterProvider implements W
         OutputStream actualOs = ctx.getOutputStream();
         if (useJwsOutputStream) {
             JwsSignature jwsSignature = sigProvider.createJwsSignature(headers);
+            JoseUtils.traceHeaders(headers);
             JwsOutputStream jwsStream = new JwsOutputStream(actualOs, jwsSignature);
             byte[] headerBytes = StringUtils.toBytesUTF8(writer.toJson(headers));
             Base64UrlUtility.encodeAndStream(headerBytes, 0, headerBytes.length, jwsStream);

http://git-wip-us.apache.org/repos/asf/cxf/blob/e4dcd31e/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java
index c05b37d..cc990b5 100644
--- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java
+++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseConstants.java
@@ -277,7 +277,10 @@ public final class JoseConstants {
      */
     public static final String ENABLE_UNSIGNED_JWT_PRINCIPAL = "rs.security.enable.unsigned-jwt.principal";
     
-    
+    /**
+     * Whether to trace JOSE headers.
+     */
+    public static final String JOSE_DEBUG = "jose.debug";
     
     private JoseConstants() {
         

http://git-wip-us.apache.org/repos/asf/cxf/blob/e4dcd31e/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseUtils.java b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseUtils.java
index 7c2f4eb..4649517 100644
--- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseUtils.java
+++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/common/JoseUtils.java
@@ -32,9 +32,13 @@ import org.apache.cxf.Bus;
 import org.apache.cxf.common.classloader.ClassLoaderUtils;
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.common.util.StringUtils;
+import org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter;
 import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageUtils;
 import org.apache.cxf.phase.PhaseInterceptorChain;
 import org.apache.cxf.resource.ResourceManager;
+import org.apache.cxf.rs.security.jose.jwe.JweHeaders;
+import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
 import org.apache.cxf.rt.security.crypto.CryptoUtils;
 
 public final class JoseUtils {
@@ -137,6 +141,14 @@ public final class JoseUtils {
         return list.size() > inputSet.size();
     }
     
+    public static void traceHeaders(JoseHeaders headers) {
+        Message m = PhaseInterceptorChain.getCurrentMessage();
+        if (MessageUtils.getContextualBoolean(m, JoseConstants.JOSE_DEBUG, false)) {
+            JsonMapObjectReaderWriter writer = new JsonMapObjectReaderWriter(true);
+            String thePrefix = headers instanceof JwsHeaders ? "JWS" : headers instanceof JweHeaders ? "JWE" : "JOSE";
+            LOG.info(thePrefix + " Headers: \r\n" + writer.toJson(headers));
+        }
+    }
     //
     // <Start> Copied from JAX-RS RT FRONTEND ResourceUtils
     //

http://git-wip-us.apache.org/repos/asf/cxf/blob/e4dcd31e/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
index 211c076..af7dd22 100644
--- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
+++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweUtils.java
@@ -718,4 +718,5 @@ public final class JweUtils {
             throw new JweException(JweException.Error.KEY_DECRYPTION_FAILURE);
         }
     }
+    
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/e4dcd31e/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
index 1f27611..74e3629 100644
--- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
+++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsUtils.java
@@ -455,4 +455,5 @@ public final class JwsUtils {
             throw new JwsException(JwsException.Error.INVALID_KEY);
         }
     }
+    
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/e4dcd31e/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
index 56117d5..ded9d2a 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/jwt/JAXRSJweJwsTest.java
@@ -152,6 +152,7 @@ public class JAXRSJweJwsTest extends AbstractBusClientServerTestBase {
         bean.setProviders(providers);
         bean.getProperties(true).put("rs.security.encryption.properties",
                                      "org/apache/cxf/systest/jaxrs/security/secret.jwk.properties");
+        bean.getProperties(true).put("jose.debug", true);
         BookStore bs = bean.create(BookStore.class);
         String text = bs.echoText("book");
         assertEquals("book", text);