Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 601C71808A for ; Fri, 15 Jan 2016 16:55:46 +0000 (UTC) Received: (qmail 38224 invoked by uid 500); 15 Jan 2016 16:55:46 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 38165 invoked by uid 500); 15 Jan 2016 16:55:46 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 38155 invoked by uid 99); 15 Jan 2016 16:55:46 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 15 Jan 2016 16:55:46 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id F145EDFE13; Fri, 15 Jan 2016 16:55:45 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: sergeyb@apache.org To: commits@cxf.apache.org Message-Id: <2d7dde5db2584f5da0629f7f7dc2381b@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: cxf-fediz git commit: Starting to use the introspecttion protocol Date: Fri, 15 Jan 2016 16:55:45 +0000 (UTC) Repository: cxf-fediz Updated Branches: refs/heads/master 89ac63f2b -> a7aa8170a Starting to use the introspecttion protocol Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/a7aa8170 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/a7aa8170 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/a7aa8170 Branch: refs/heads/master Commit: a7aa8170ac85130f69c18de06e28c615a4439eaa Parents: 89ac63f Author: Sergey Beryozkin Authored: Fri Jan 15 16:55:29 2016 +0000 Committer: Sergey Beryozkin Committed: Fri Jan 15 16:55:29 2016 +0000 ---------------------------------------------------------------------- .../service/oidc/FedizAccessTokenValidator.java | 63 -------------------- .../main/webapp/WEB-INF/applicationContext.xml | 10 +--- 2 files changed, 2 insertions(+), 71 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/a7aa8170/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizAccessTokenValidator.java ---------------------------------------------------------------------- diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizAccessTokenValidator.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizAccessTokenValidator.java deleted file mode 100644 index 76f0cfa..0000000 --- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizAccessTokenValidator.java +++ /dev/null @@ -1,63 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.cxf.fediz.service.oidc; - -import java.util.Collections; -import java.util.List; - -import javax.ws.rs.core.MultivaluedMap; - -import org.apache.cxf.jaxrs.ext.MessageContext; -import org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation; -import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken; -import org.apache.cxf.rs.security.oauth2.provider.AccessTokenValidator; -import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException; -import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants; - -public class FedizAccessTokenValidator implements AccessTokenValidator { - - private OAuthDataManager dataProvider; - - @Override - public List getSupportedAuthorizationSchemes() { - return Collections.singletonList(OAuthConstants.BEARER_AUTHORIZATION_SCHEME); - } - - @Override - public AccessTokenValidation validateAccessToken(MessageContext mc, String authScheme, String authSchemeData, - MultivaluedMap extraProps) throws OAuthServiceException { - - // This is the access token used by a 3rd party client when accessing a REST service - ServerAccessToken token = dataProvider.getAccessToken(authSchemeData); - - String idToken = token.getSubject().getProperties().get("id_token"); - if (idToken != null) { - //TODO: validate the user behind this id_token is still a valid user ? - } - // Do some Fediz specific token validation ? - // and - // Let CXF do the core validation (is access token still valid, etc) - return new AccessTokenValidation(token); - } - - public void setDataProvider(OAuthDataManager dataProvider) { - this.dataProvider = dataProvider; - } - -} http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/a7aa8170/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml ---------------------------------------------------------------------- diff --git a/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml b/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml index 4e3b004..9bdf677 100644 --- a/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml +++ b/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml @@ -135,21 +135,15 @@ - + - - - - - +