cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [5/6] cxf git commit: Fix a problem with returning a token
Date Fri, 06 Nov 2015 15:14:24 GMT
Fix a problem with returning a token


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/ff693a62
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/ff693a62
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/ff693a62

Branch: refs/heads/3.1.x-fixes
Commit: ff693a62de7674464fe28265c48ca07dcdb64026
Parents: b2b0c2a
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Fri Nov 6 14:36:19 2015 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Fri Nov 6 15:14:09 2015 +0000

----------------------------------------------------------------------
 .../cxf/ws/security/trust/AbstractSTSClient.java    |  9 ++++++++-
 .../cxf/sts/operation/TokenIssueOperation.java      | 16 ++++++++++++++--
 .../apache/cxf/sts/operation/IssueJWTUnitTest.java  | 10 ++++------
 3 files changed, 26 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/ff693a62/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
index 0784b61..f06ff80 100755
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
@@ -1423,7 +1423,8 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
         Element entropy = null;
         String tt = null;
         String retKeySize = null;
-
+        String tokenData = null;
+        
         while (el != null) {
             String ln = el.getLocalName();
             if (namespace.equals(el.getNamespaceURI())) {
@@ -1431,6 +1432,9 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
                     lte = el;
                 } else if ("RequestedSecurityToken".equals(ln)) {
                     rst = DOMUtils.getFirstElement(el);
+                    if (rst == null) {
+                        tokenData = el.getTextContent();
+                    }
                 } else if ("RequestedAttachedReference".equals(ln)) {
                     rar = DOMUtils.getFirstElement(el);
                 } else if ("RequestedUnattachedReference".equals(ln)) {
@@ -1457,6 +1461,9 @@ public abstract class AbstractSTSClient implements Configurable, InterceptorProv
         token.setUnattachedReference(rur);
         token.setIssuerAddress(location);
         token.setTokenType(tt);
+        if (tokenData != null) {
+            token.setData(tokenData.getBytes());
+        }
 
         byte[] secret = null;
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/ff693a62/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
index 1d0c378..39f5b6b 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java
@@ -31,12 +31,15 @@ import javax.xml.bind.JAXBElement;
 import javax.xml.ws.WebServiceContext;
 import javax.xml.ws.handler.MessageContext;
 
+import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.helpers.CastUtils;
+import org.apache.cxf.helpers.DOMUtils;
 import org.apache.cxf.rt.security.claims.ClaimCollection;
 import org.apache.cxf.sts.QNameConstants;
+import org.apache.cxf.sts.STSConstants;
 import org.apache.cxf.sts.event.STSIssueFailureEvent;
 import org.apache.cxf.sts.event.STSIssueSuccessEvent;
 import org.apache.cxf.sts.request.KeyRequirements;
@@ -286,7 +289,16 @@ public class TokenIssueOperation extends AbstractOperation implements
IssueOpera
             QNameConstants.WS_TRUST_FACTORY.createRequestedSecurityToken(requestedTokenType);
         LOG.fine("Encrypting Issued Token: " + encryptIssuedToken);
         if (!encryptIssuedToken) {
-            requestedTokenType.setAny(tokenResponse.getToken());
+            if (tokenResponse.getToken() instanceof String) {
+                Document doc = DOMUtils.newDocument();
+                Element requestedTokenEl = doc.createElementNS(STSConstants.WST_NS_05_12,

+                                                             "RequestedSecurityToken");
+                requestedTokenEl.setTextContent((String)tokenResponse.getToken());
+                response.getAny().add(requestedTokenEl);
+            } else {
+                requestedTokenType.setAny(tokenResponse.getToken());
+                response.getAny().add(requestedToken);
+            }
         } else {
             if (!(tokenResponse.getToken() instanceof Element)) {
                 throw new STSException("Error in creating the response", STSException.REQUEST_FAILED);
@@ -297,8 +309,8 @@ public class TokenIssueOperation extends AbstractOperation implements
IssueOpera
                     encryptionProperties, keyRequirements, webServiceContext
                 )
             );
+            response.getAny().add(requestedToken);
         }
-        response.getAny().add(requestedToken);
 
         if (returnReferences) {
             // RequestedAttachedReference

http://git-wip-us.apache.org/repos/asf/cxf/blob/ff693a62/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTUnitTest.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTUnitTest.java
b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTUnitTest.java
index 6112d2f..58d6b25 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTUnitTest.java
@@ -51,7 +51,6 @@ import org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
-import org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType;
 import org.apache.cxf.ws.security.tokenstore.TokenStore;
 import org.apache.wss4j.common.crypto.Crypto;
 import org.apache.wss4j.common.crypto.CryptoFactory;
@@ -130,11 +129,10 @@ public class IssueJWTUnitTest extends org.junit.Assert {
         // Test the generated token.
         String jwtToken = null;
         for (Object tokenObject : securityTokenResponse.get(0).getAny()) {
-            if (tokenObject instanceof JAXBElement<?>
-                && REQUESTED_SECURITY_TOKEN.equals(((JAXBElement<?>)tokenObject).getName()))
{
-                RequestedSecurityTokenType rstType = 
-                    (RequestedSecurityTokenType)((JAXBElement<?>)tokenObject).getValue();
-                jwtToken = (String)rstType.getAny();
+            if (tokenObject instanceof Element
+                && REQUESTED_SECURITY_TOKEN.getLocalPart().equals(((Element)tokenObject).getLocalName())
+                && REQUESTED_SECURITY_TOKEN.getNamespaceURI().equals(((Element)tokenObject).getNamespaceURI()))
{
+                jwtToken = ((Element)tokenObject).getTextContent();
                 break;
             }
         }


Mime
View raw message