cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject [1/2] cxf git commit: [FEDIZ-134] Making sure a code challenge is available to the code service
Date Tue, 17 Nov 2015 16:41:04 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes cec8828bd -> 13184062c


[FEDIZ-134] Making sure a code challenge is available to the code service


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/753368bb
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/753368bb
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/753368bb

Branch: refs/heads/3.1.x-fixes
Commit: 753368bb25f851d858c39b9f2ece764f81e14c2a
Parents: 5e5470e
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Tue Nov 17 16:03:15 2015 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Tue Nov 17 16:03:15 2015 +0000

----------------------------------------------------------------------
 .../oauth2/client/ClientCodeRequestFilter.java  | 26 ++++++++++++--------
 1 file changed, 16 insertions(+), 10 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/753368bb/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
index ac09dfc..f712ab6 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
@@ -155,8 +155,9 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter
{
     }
     protected void setCodeVerifier(UriBuilder ub, MultivaluedMap<String, String> redirectState)
{
         if (codeVerifierTransformer != null) {
+            String codeVerifier = redirectState.getFirst(OAuthConstants.AUTHORIZATION_CODE_VERIFIER);
             ub.queryParam(OAuthConstants.AUTHORIZATION_CODE_CHALLENGE, 
-                          redirectState.getFirst(OAuthConstants.AUTHORIZATION_CODE_VERIFIER));
+                          codeVerifierTransformer.transformCodeVerifier(codeVerifier));
             ub.queryParam(OAuthConstants.AUTHORIZATION_CODE_CHALLENGE_METHOD, 
                           codeVerifierTransformer.getChallengeMethod());
         }
@@ -222,17 +223,22 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter
{
         if (clientStateManager == null) {
             return null;
         }
-        return clientStateManager.toRedirectState(mc, 
-                                                  toCodeRequestState(rc, ui));
-    }
-    protected MultivaluedMap<String, String> toCodeRequestState(ContainerRequestContext
rc, UriInfo ui) {
-        MultivaluedMap<String, String> state = toRequestState(rc, ui);
+        String codeVerifier = null;
+        MultivaluedMap<String, String> codeRequestState = toCodeRequestState(rc, ui);
         if (codeVerifierTransformer != null) {
-            String codeVerifier = Base64UrlUtility.encode(CryptoUtils.generateSecureRandomBytes(32));
-            state.putSingle(OAuthConstants.AUTHORIZATION_CODE_VERIFIER, 
-                          codeVerifierTransformer.transformCodeVerifier(codeVerifier));
+            codeVerifier = Base64UrlUtility.encode(CryptoUtils.generateSecureRandomBytes(32));
+            codeRequestState.putSingle(OAuthConstants.AUTHORIZATION_CODE_VERIFIER, 
+                                       codeVerifier);
         }
-        return state;
+        MultivaluedMap<String, String> redirectState = 
+            clientStateManager.toRedirectState(mc, codeRequestState);
+        if (redirectState != null) {
+            redirectState.putSingle(OAuthConstants.AUTHORIZATION_CODE_VERIFIER, codeVerifier);
+        }
+        return redirectState;
+    }
+    protected MultivaluedMap<String, String> toCodeRequestState(ContainerRequestContext
rc, UriInfo ui) {
+        return toRequestState(rc, ui);
     }
     protected MultivaluedMap<String, String> toRequestState(ContainerRequestContext
rc, UriInfo ui) {
         MultivaluedMap<String, String> requestState = new MetadataMap<String, String>();


Mime
View raw message