cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Removing a duplicate IdToken context provider, leeping the form stream available
Date Tue, 15 Dec 2015 11:09:54 GMT
Repository: cxf
Updated Branches:
  refs/heads/master c1eaf69cb -> 332551899


Removing a duplicate IdToken context provider, leeping the form stream available


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/33255189
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/33255189
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/33255189

Branch: refs/heads/master
Commit: 332551899eac231fb1d6d5bd91474bdfe241972b
Parents: c1eaf69
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Tue Dec 15 11:09:37 2015 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Tue Dec 15 11:09:37 2015 +0000

----------------------------------------------------------------------
 .../oidc/rp/IdTokenContextProvider.java         | 35 ------------------
 .../oidc/rp/OidcIdTokenRequestFilter.java       |  3 ++
 .../oidc/rp/OidcRpAuthenticationFilter.java     |  8 +++-
 .../security/oidc/rp/OidcUserInfoProvider.java  | 39 ++++++++++++++++++++
 .../oidc/rp/UserInfoContextProvider.java        | 39 --------------------
 5 files changed, 49 insertions(+), 75 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/33255189/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenContextProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenContextProvider.java
b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenContextProvider.java
deleted file mode 100644
index 0955b8e..0000000
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenContextProvider.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.oidc.rp;
-
-import org.apache.cxf.jaxrs.ext.ContextProvider;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.rs.security.oauth2.client.ClientTokenContext;
-import org.apache.cxf.rs.security.oidc.common.IdToken;
-
-public class IdTokenContextProvider implements ContextProvider<IdToken> {
-
-    @Override
-    public IdToken createContext(Message m) {
-        OidcClientTokenContext ctx = (OidcClientTokenContext)
-            m.getContent(ClientTokenContext.class);
-        return ctx != null ? ctx.getIdToken() : null;
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/33255189/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenRequestFilter.java
b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenRequestFilter.java
index 7026c9c..1babee7 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenRequestFilter.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenRequestFilter.java
@@ -18,6 +18,7 @@
  */
 package org.apache.cxf.rs.security.oidc.rp;
 
+import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.nio.charset.StandardCharsets;
 
@@ -27,6 +28,7 @@ import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.MultivaluedMap;
 import javax.ws.rs.core.Response;
 
+import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.jaxrs.impl.MetadataMap;
 import org.apache.cxf.jaxrs.utils.FormUtils;
 import org.apache.cxf.jaxrs.utils.JAXRSUtils;
@@ -58,6 +60,7 @@ public class OidcIdTokenRequestFilter implements ContainerRequestFilter
{
             String body = FormUtils.readBody(rc.getEntityStream(), StandardCharsets.UTF_8.name());
             FormUtils.populateMapFromString(requestState, JAXRSUtils.getCurrentMessage(),
body, 
                                             StandardCharsets.UTF_8.name(), false);
+            rc.setEntityStream(new ByteArrayInputStream(StringUtils.toBytesUTF8(body)));
         }
         return requestState;
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/33255189/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcRpAuthenticationFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcRpAuthenticationFilter.java
b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcRpAuthenticationFilter.java
index e2534ba..43950fe 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcRpAuthenticationFilter.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcRpAuthenticationFilter.java
@@ -18,6 +18,7 @@
  */
 package org.apache.cxf.rs.security.oidc.rp;
 
+import java.io.ByteArrayInputStream;
 import java.net.URI;
 import java.nio.charset.StandardCharsets;
 
@@ -33,6 +34,7 @@ import javax.ws.rs.core.MultivaluedMap;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.UriBuilder;
 
+import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.jaxrs.ext.MessageContext;
 import org.apache.cxf.jaxrs.impl.MetadataMap;
 import org.apache.cxf.jaxrs.utils.FormUtils;
@@ -51,7 +53,7 @@ public class OidcRpAuthenticationFilter implements ContainerRequestFilter
{
     public void filter(ContainerRequestContext rc) {
         if (checkSecurityContext(rc)) {
             return;
-        } else {
+        } else if (redirectUri != null) {
             URI redirectAddress = null;
             if (redirectUri.startsWith("/")) {
                 String basePath = (String)mc.get("http.base.path");
@@ -66,6 +68,8 @@ public class OidcRpAuthenticationFilter implements ContainerRequestFilter
{
                            .header(HttpHeaders.CACHE_CONTROL, "no-cache, no-store")
                            .header("Pragma", "no-cache") 
                            .build());
+        } else {
+            rc.abortWith(Response.status(401).build());
         }
     }
     protected boolean checkSecurityContext(ContainerRequestContext rc) {
@@ -89,6 +93,8 @@ public class OidcRpAuthenticationFilter implements ContainerRequestFilter
{
             String body = FormUtils.readBody(rc.getEntityStream(), StandardCharsets.UTF_8.name());
             FormUtils.populateMapFromString(requestState, JAXRSUtils.getCurrentMessage(),
body, 
                                             StandardCharsets.UTF_8.name(), true);
+            rc.setEntityStream(new ByteArrayInputStream(StringUtils.toBytesUTF8(body)));
+            
         }
         return requestState;
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/33255189/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcUserInfoProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcUserInfoProvider.java
b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcUserInfoProvider.java
new file mode 100644
index 0000000..52e03fa
--- /dev/null
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcUserInfoProvider.java
@@ -0,0 +1,39 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oidc.rp;
+
+import org.apache.cxf.jaxrs.ext.ContextProvider;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.rs.security.oauth2.client.ClientTokenContext;
+import org.apache.cxf.rs.security.oidc.common.UserInfo;
+
+public class OidcUserInfoProvider implements ContextProvider<UserInfo> {
+
+    @Override
+    public UserInfo createContext(Message m) {
+        OidcClientTokenContext ctx = (OidcClientTokenContext)
+            m.getContent(ClientTokenContext.class);
+        UserInfo userInfo = ctx != null ? ctx.getUserInfo() : null;
+        if (userInfo != null) {
+            userInfo.setIdToken(ctx.getIdToken());
+        }
+        return userInfo;
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/33255189/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/UserInfoContextProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/UserInfoContextProvider.java
b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/UserInfoContextProvider.java
deleted file mode 100644
index ad4793e..0000000
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/UserInfoContextProvider.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.oidc.rp;
-
-import org.apache.cxf.jaxrs.ext.ContextProvider;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.rs.security.oauth2.client.ClientTokenContext;
-import org.apache.cxf.rs.security.oidc.common.UserInfo;
-
-public class UserInfoContextProvider implements ContextProvider<UserInfo> {
-
-    @Override
-    public UserInfo createContext(Message m) {
-        OidcClientTokenContext ctx = (OidcClientTokenContext)
-            m.getContent(ClientTokenContext.class);
-        UserInfo userInfo = ctx != null ? ctx.getUserInfo() : null;
-        if (userInfo != null) {
-            userInfo.setIdToken(ctx.getIdToken());
-        }
-        return userInfo;
-    }
-
-}


Mime
View raw message