Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 7797117A1D for ; Wed, 9 Dec 2015 16:12:02 +0000 (UTC) Received: (qmail 31056 invoked by uid 500); 9 Dec 2015 16:11:46 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 31001 invoked by uid 500); 9 Dec 2015 16:11:46 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 30992 invoked by uid 99); 9 Dec 2015 16:11:46 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 09 Dec 2015 16:11:46 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 38F55E0B4E; Wed, 9 Dec 2015 16:11:46 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: sergeyb@apache.org To: commits@cxf.apache.org Message-Id: <642188fe46fc4e64ab9e42956ed1d6dd@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: cxf git commit: If UserInfo is not signed then returning issuer/aud claims is not recommended Date: Wed, 9 Dec 2015 16:11:46 +0000 (UTC) Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 86a0eca9d -> 36ebac7b2 If UserInfo is not signed then returning issuer/aud claims is not recommended Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/36ebac7b Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/36ebac7b Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/36ebac7b Branch: refs/heads/3.1.x-fixes Commit: 36ebac7b230f8b48d098c580b6774a91f1844854 Parents: 86a0eca Author: Sergey Beryozkin Authored: Wed Dec 9 16:09:31 2015 +0000 Committer: Sergey Beryozkin Committed: Wed Dec 9 16:11:24 2015 +0000 ---------------------------------------------------------------------- .../org/apache/cxf/rs/security/oidc/idp/UserInfoService.java | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/36ebac7b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java index b898593..a3d682d 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java @@ -74,8 +74,11 @@ public class UserInfoService extends AbstractOAuthServerJoseJwtProducer { protected UserInfo createFromIdToken(IdToken idToken) { UserInfo userInfo = new UserInfo(); userInfo.setSubject(idToken.getSubject()); - userInfo.setIssuer(idToken.getIssuer()); - userInfo.setAudience(idToken.getAudience()); + + if (super.isJwsRequired()) { + userInfo.setIssuer(idToken.getIssuer()); + userInfo.setAudience(idToken.getAudience()); + } if (idToken.getName() != null) { userInfo.setName(idToken.getName()); }