Return-Path: 
 <commits-return-39350-apmail-cxf-commits-archive=cxf.apache.org@cxf.apache.org>
X-Original-To: apmail-cxf-commits-archive@www.apache.org
Delivered-To: apmail-cxf-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 47DFC18DAA
	for <apmail-cxf-commits-archive@www.apache.org>;
 Mon, 30 Nov 2015 13:13:23 +0000 (UTC)
Received: (qmail 14548 invoked by uid 500); 30 Nov 2015 13:13:23 -0000
Delivered-To: apmail-cxf-commits-archive@cxf.apache.org
Received: (qmail 14465 invoked by uid 500); 30 Nov 2015 13:13:23 -0000
Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@cxf.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@cxf.apache.org>
List-Post: <mailto:commits@cxf.apache.org>
List-Id: <commits.cxf.apache.org>
Reply-To: dev@cxf.apache.org
Delivered-To: mailing list commits@cxf.apache.org
Received: (qmail 14453 invoked by uid 99); 30 Nov 2015 13:13:23 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org)
 (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 30 Nov 2015 13:13:23 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at
 git1-us-west.apache.org, from userid 33)
	id AE5C1E0901; Mon, 30 Nov 2015 13:13:22 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: coheigea@apache.org
To: commits@cxf.apache.org
Date: Mon, 30 Nov 2015 13:13:23 -0000
Message-Id: <2593294e699b47a18e8f3e14b2d550da@git.apache.org>
In-Reply-To: <7663836ff6fa49f1a26588c65aa3dcf0@git.apache.org>
References: <7663836ff6fa49f1a26588c65aa3dcf0@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: [2/3] cxf git commit: Some minor changes to the SAML Grant Handler

Some minor changes to the SAML Grant Handler


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/203dd29b
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/203dd29b
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/203dd29b

Branch: refs/heads/3.0.x-fixes
Commit: 203dd29bac42b738480bbc3991c8c9cf8c26d2ed
Parents: b7ba15d
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Mon Nov 30 12:57:18 2015 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Mon Nov 30 13:03:13 2015 +0000

----------------------------------------------------------------------
 .../grants/saml/Saml2BearerGrantHandler.java      | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/203dd29b/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java b/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java
index 3be0905..3ac98f7 100644
--- a/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java
@@ -38,7 +38,6 @@ import org.apache.cxf.common.util.Base64Exception;
 import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.jaxrs.utils.HttpUtils;
 import org.apache.cxf.message.Message;
-import org.apache.cxf.message.MessageUtils;
 import org.apache.cxf.phase.PhaseInterceptorChain;
 import org.apache.cxf.rs.security.common.CryptoLoader;
 import org.apache.cxf.rs.security.common.SecurityUtils;
@@ -64,7 +63,6 @@ import org.apache.wss4j.common.saml.SamlAssertionWrapper;
 import org.apache.wss4j.dom.WSDocInfo;
 import org.apache.wss4j.dom.WSSConfig;
 import org.apache.wss4j.dom.handler.RequestData;
-import org.apache.wss4j.dom.handler.WSHandlerConstants;
 import org.apache.wss4j.dom.saml.WSSSAMLKeyInfoProcessor;
 import org.apache.wss4j.dom.validate.Credential;
 import org.apache.wss4j.dom.validate.SamlAssertionValidator;
@@ -186,8 +184,15 @@ public class Saml2BearerGrantHandler extends AbstractGrantHandler {
                 } catch (IOException ex) {
                     throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
                 }
-                data.setEnableRevocation(MessageUtils.isTrue(
-                    message.getContextualProperty(WSHandlerConstants.ENABLE_REVOCATION)));
+                
+                boolean enableRevocation = false;
+                String enableRevocationStr = 
+                    (String)org.apache.cxf.rt.security.utils.SecurityUtils.getSecurityPropertyValue(
+                        SecurityConstants.ENABLE_REVOCATION, message);
+                if (enableRevocationStr != null) {
+                    enableRevocation = Boolean.parseBoolean(enableRevocationStr);
+                }
+                data.setEnableRevocation(enableRevocation);
                 
                 Signature sig = assertion.getSignature();
                 WSDocInfo docInfo = new WSDocInfo(sig.getDOM().getOwnerDocument());
@@ -199,7 +204,10 @@ public class Saml2BearerGrantHandler extends AbstractGrantHandler {
                         data.getSigVerCrypto()
                     );
                 assertion.verifySignature(samlKeyInfo);
-                
+                assertion.parseSubject(
+                    new WSSSAMLKeyInfoProcessor(data, null), data.getSigVerCrypto(), 
+                    data.getCallbackHandler()
+                );
             } else if (getTLSCertificates(message) == null) {
                 throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
             }