Return-Path: 
 <commits-return-39561-apmail-cxf-commits-archive=cxf.apache.org@cxf.apache.org>
X-Original-To: apmail-cxf-commits-archive@www.apache.org
Delivered-To: apmail-cxf-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 01C1918B58
	for <apmail-cxf-commits-archive@www.apache.org>;
 Wed,  9 Dec 2015 11:41:07 +0000 (UTC)
Received: (qmail 42634 invoked by uid 500); 9 Dec 2015 11:41:06 -0000
Delivered-To: apmail-cxf-commits-archive@cxf.apache.org
Received: (qmail 42562 invoked by uid 500); 9 Dec 2015 11:41:06 -0000
Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@cxf.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@cxf.apache.org>
List-Post: <mailto:commits@cxf.apache.org>
List-Id: <commits.cxf.apache.org>
Reply-To: dev@cxf.apache.org
Delivered-To: mailing list commits@cxf.apache.org
Received: (qmail 42553 invoked by uid 99); 9 Dec 2015 11:41:06 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org)
 (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 09 Dec 2015 11:41:06 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at
 git1-us-west.apache.org, from userid 33)
	id A574DE00AF; Wed,  9 Dec 2015 11:41:06 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: sergeyb@apache.org
To: commits@cxf.apache.org
Message-Id: <6f412b703bfd42b2aaef51a8b04f4391@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: cxf git commit: Updating UserInfoService to check OidcUserSubject for
 the prepared UserInfo and adding some basic IdToken to UserInfo conversion
 code if UserInfo is not available
Date: Wed,  9 Dec 2015 11:41:06 +0000 (UTC)

Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 660fe85f2 -> 86a0eca9d


Updating UserInfoService to check OidcUserSubject for the prepared UserInfo and adding some basic IdToken to UserInfo conversion code if UserInfo is not available


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/86a0eca9
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/86a0eca9
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/86a0eca9

Branch: refs/heads/3.1.x-fixes
Commit: 86a0eca9db696ac997d48b80222c15d43743bf97
Parents: 660fe85
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Wed Dec 9 11:39:53 2015 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Wed Dec 9 11:40:46 2015 +0000

----------------------------------------------------------------------
 .../rs/security/oidc/idp/OidcUserSubject.java   | 10 +++++
 .../rs/security/oidc/idp/UserInfoService.java   | 42 +++++++++++++++++++-
 2 files changed, 50 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/86a0eca9/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcUserSubject.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcUserSubject.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcUserSubject.java
index d9dd955..c08bd78 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcUserSubject.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcUserSubject.java
@@ -20,11 +20,13 @@ package org.apache.cxf.rs.security.oidc.idp;
 
 import org.apache.cxf.rs.security.oauth2.common.UserSubject;
 import org.apache.cxf.rs.security.oidc.common.IdToken;
+import org.apache.cxf.rs.security.oidc.common.UserInfo;
 
 public class OidcUserSubject extends UserSubject {
     
     private static final long serialVersionUID = 8806727177012442229L;
     private IdToken idToken;
+    private UserInfo userInfo;
     
     public OidcUserSubject() {
         
@@ -41,4 +43,12 @@ public class OidcUserSubject extends UserSubject {
         this.idToken = idToken;
     }
 
+    public UserInfo getUserInfo() {
+        return userInfo;
+    }
+
+    public void setUserInfo(UserInfo userInfo) {
+        this.userInfo = userInfo;
+    }
+
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/86a0eca9/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
index ae22b22..b898593 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
@@ -30,6 +30,7 @@ import org.apache.cxf.rs.security.oauth2.common.OAuthContext;
 import org.apache.cxf.rs.security.oauth2.provider.AbstractOAuthServerJoseJwtProducer;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthDataProvider;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthContextUtils;
+import org.apache.cxf.rs.security.oidc.common.IdToken;
 import org.apache.cxf.rs.security.oidc.common.UserInfo;
 
 @Path("/userinfo")
@@ -43,9 +44,25 @@ public class UserInfoService extends AbstractOAuthServerJoseJwtProducer {
     @Produces({"application/json", "application/jwt" })
     public Response getUserInfo() {
         OAuthContext oauth = OAuthContextUtils.getContext(mc);
-        UserInfo userInfo = 
-            userInfoProvider.getUserInfo(oauth.getClientId(), oauth.getSubject(), oauth.getPermissions());
+        UserInfo userInfo = null;
+        if (userInfoProvider != null) {
+            userInfo = userInfoProvider.getUserInfo(oauth.getClientId(), 
+                                         oauth.getSubject(), 
+                                         oauth.getPermissions());
+        } else if (oauth.getSubject() instanceof OidcUserSubject) {
+            OidcUserSubject oidcUserSubject = (OidcUserSubject)oauth.getSubject();
+            userInfo = oidcUserSubject.getUserInfo();
+            if (userInfo == null) {
+                userInfo = createFromIdToken(oidcUserSubject.getIdToken());
+            }
+        }
+        if (userInfo == null) {
+            // Consider customizing the error code in case of UserInfo being not available
+            return Response.serverError().build();
+        }
+        
         Object responseEntity = userInfo;
+        // UserInfo may be returned in a clear form as JSON
         if (super.isJwsRequired() || super.isJweRequired()) {
             responseEntity = super.processJwt(new JwtToken(userInfo),
                                               oauthDataProvider.getClient(oauth.getClientId()));
@@ -54,6 +71,27 @@ public class UserInfoService extends AbstractOAuthServerJoseJwtProducer {
         
     }
     
+    protected UserInfo createFromIdToken(IdToken idToken) {
+        UserInfo userInfo = new UserInfo();
+        userInfo.setSubject(idToken.getSubject());
+        userInfo.setIssuer(idToken.getIssuer());
+        userInfo.setAudience(idToken.getAudience());
+        if (idToken.getName() != null) {
+            userInfo.setName(idToken.getName());
+        }
+        if (idToken.getGivenName() != null) {
+            userInfo.setGivenName(idToken.getGivenName());
+        }
+        if (idToken.getFamilyName() != null) {
+            userInfo.setFamilyName(idToken.getFamilyName());
+        }
+        if (idToken.getEmail() != null) {
+            userInfo.setEmail(idToken.getEmail());
+        }
+        //etc
+        return userInfo;
+    }
+
     public void setUserInfoProvider(UserInfoProvider userInfoProvider) {
         this.userInfoProvider = userInfoProvider;
     }