cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jbernha...@apache.org
Subject [5/7] cxf-fediz git commit: [FEDIZ-144] Added Spring EL support for HomeRealm Discovery
Date Tue, 09 Feb 2016 09:45:39 GMT
[FEDIZ-144] Added Spring EL support for HomeRealm Discovery

Conflicts:
	services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/ProcessHRDSExpressionAction.java


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/6a6ffd0b
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/6a6ffd0b
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/6a6ffd0b

Branch: refs/heads/1.2.x-fixes
Commit: 6a6ffd0b9e97177b276a8dabf8c4aea7b345a3a3
Parents: b272bfa
Author: Jan Bernhardt <jbernhardt@talend.com>
Authored: Tue Jan 19 12:19:48 2016 +0100
Committer: Jan Bernhardt <jbernhardt@talend.com>
Committed: Tue Feb 9 08:26:42 2016 +0100

----------------------------------------------------------------------
 .../idp/beans/ProcessHRDSExpressionAction.java  | 46 +++++++++++++++-----
 .../idp/src/main/resources/entities-realma.xml  |  9 ++--
 .../WEB-INF/federation-signin-request.xml       | 44 +++++--------------
 3 files changed, 51 insertions(+), 48 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6a6ffd0b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/ProcessHRDSExpressionAction.java
----------------------------------------------------------------------
diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/ProcessHRDSExpressionAction.java
b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/ProcessHRDSExpressionAction.java
index 5389247..088af6c 100644
--- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/ProcessHRDSExpressionAction.java
+++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/ProcessHRDSExpressionAction.java
@@ -18,31 +18,57 @@
  */
 package org.apache.cxf.fediz.service.idp.beans;
 
+import javax.servlet.http.Cookie;
+
+import org.apache.cxf.fediz.core.FederationConstants;
 import org.apache.cxf.fediz.service.idp.domain.Idp;
 import org.apache.cxf.fediz.service.idp.util.WebUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.expression.Expression;
+import org.springframework.expression.ExpressionParser;
+import org.springframework.expression.spel.standard.SpelExpressionParser;
+import org.springframework.stereotype.Component;
 import org.springframework.webflow.execution.RequestContext;
 
 /**
  * This class is responsible to process Home Realm Discovery Service Expression.
  */
-
+@Component
 public class ProcessHRDSExpressionAction {
 
     private static final String IDP_CONFIG = "idpConfig";
-    private static final Logger LOG = LoggerFactory
-            .getLogger(ProcessHRDSExpressionAction.class);
+
+    private static final Logger LOG = LoggerFactory.getLogger(ProcessHRDSExpressionAction.class);
+
+    @Autowired
+    private HomeRealmReminder homeRealmReminder;
 
     public String submit(RequestContext context) {
+        // Check if home realm is known already
+        Cookie whrCookie = homeRealmReminder.readCookie(context);
+        if (whrCookie != null) {
+            LOG.debug("WHR Cookie set: {}", whrCookie);
+            return whrCookie.getValue();
+        }
+
+        // Check if custom HRDS is defined
         Idp idpConfig = (Idp)WebUtils.getAttributeFromFlowScope(context, IDP_CONFIG);
         String hrds = idpConfig.getHrds();
-        //TODO
-        if (hrds == null) {
-            LOG.info("HRDS is null (Mock).");
-            return "";
+
+        if (hrds != null) {
+            LOG.debug("HomeRealmDiscoveryService EL: {}", hrds);
+            ExpressionParser parser = new SpelExpressionParser();
+            Expression exp = parser.parseExpression(hrds);
+            String result = exp.getValue(context, String.class);
+            LOG.info("Realm resolved by HomeRealmDiscoveryService: {}", result);
+            return result;
         }
-        LOG.info("HRDS is not null (Mock).");
-        return "some-whr-value";
+
+        // Return whr parameter unchanged
+        String whr = (String)WebUtils.getAttributeFromFlowScope(context, FederationConstants.PARAM_HOME_REALM);
+        LOG.debug("No custom homeRealm handling, using whr parameter as provided in request:
{}", whr);
+        return whr;
     }
-}
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6a6ffd0b/services/idp/src/main/resources/entities-realma.xml
----------------------------------------------------------------------
diff --git a/services/idp/src/main/resources/entities-realma.xml b/services/idp/src/main/resources/entities-realma.xml
index 995b92d..2ccb07f 100644
--- a/services/idp/src/main/resources/entities-realma.xml
+++ b/services/idp/src/main/resources/entities-realma.xml
@@ -38,10 +38,8 @@
         <property name="rpSingleSignOutConfirmation" value="true"/>
         <property name="supportedProtocols">
             <util:list>
-                <value>http://docs.oasis-open.org/wsfed/federation/200706
-                </value>
-                <value>http://docs.oasis-open.org/ws-sx/ws-trust/200512
-                </value>
+                <value>http://docs.oasis-open.org/wsfed/federation/200706</value>
+                <value>http://docs.oasis-open.org/ws-sx/ws-trust/200512</value>
             </util:list>
         </property>
         <property name="tokenTypesOffered">
@@ -52,7 +50,8 @@
         </property>
         <property name="authenticationURIs">
             <util:map>
-                <entry key="default" value="federation/up" />
+                <entry key="default"
+                       value="federation/up" />
                 <entry key="http://docs.oasis-open.org/wsfed/authorization/200706/authntypes/SslAndKey"

                        value="federation/krb" />
                 <entry key="http://docs.oasis-open.org/wsfed/authorization/200706/authntypes/default"

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6a6ffd0b/services/idp/src/main/webapp/WEB-INF/federation-signin-request.xml
----------------------------------------------------------------------
diff --git a/services/idp/src/main/webapp/WEB-INF/federation-signin-request.xml b/services/idp/src/main/webapp/WEB-INF/federation-signin-request.xml
index 1231444..08e1d2b 100644
--- a/services/idp/src/main/webapp/WEB-INF/federation-signin-request.xml
+++ b/services/idp/src/main/webapp/WEB-INF/federation-signin-request.xml
@@ -32,51 +32,29 @@
     <input name="whr" />
 
     <decision-state id="checkHRDSEnabled">
-        <if test="true" then="checkWhrInSigninRequest" else="checkDefaultToThisIDP" />
+        <if test="true" then="processHRDSExpression" else="checkDefaultToThisIDP" />
     </decision-state>
 
-    <decision-state id="checkWhrInSigninRequest">
-        <if test="flowScope.whr == null or flowScope.whr.trim().isEmpty()"
-            then="checkHomeRealm" else="checkIsThisIDP" />
+    <decision-state id="checkDefaultToThisIDP">
+        <if test="flowScope.idpConfig.isUseCurrentIdp()" then="checkWauthTypeSupported"
+            else="viewBadRequest" />
     </decision-state>
 
-    <decision-state id="checkHomeRealm">
-        <if test="homeRealmReminder.readCookie(flowRequestContext) == null"
-            then="processHRDSExpression" else="restoreHomeRealm" />
+    <decision-state id="processHRDSExpression">
+        <on-entry>
+            <evaluate expression="processHRDSExpressionAction.submit(flowRequestContext)"
result="flowScope.whr" />
+        </on-entry>
+        <if test="flowScope.whr == null or flowScope.whr.trim().isEmpty()"
+            then="provideIDPListForUser" else="checkIsThisIDP" />
     </decision-state>
 
-    <action-state id="restoreHomeRealm">
-        <evaluate
-            expression="homeRealmReminder.readCookie(flowRequestContext).value"
-            result="flowScope.whr" />
-        <transition to="checkIsThisIDP" />
-    </action-state>
-
-    <action-state id="processHRDSExpression">
-        <!-- TODO -->
-        <evaluate
-            expression="processHRDSExpressionAction.submit(flowRequestContext)"
-            result="flowScope.whr" />
-        <transition on="" to="provideIDPListForUser" />
-        <transition to="checkIsThisIDP">
-            <evaluate
-                expression="homeRealmReminder.addCookie(flowRequestContext, flowScope.whr)"
/>
-        </transition>
-    </action-state>
-
     <decision-state id="provideIDPListForUser">
-        <if
-            test="flowScope.idpConfig.trustedIdps == null or idpConfig.trustedIdps.isEmpty()"
+        <if test="flowScope.idpConfig.trustedIdps == null or idpConfig.trustedIdps.isEmpty()"
             then="checkDefaultToThisIDP" />
         <if test="flowScope.idpConfig.isProvideIdpList() == false"
             then="checkDefaultToThisIDP" else="showIDPList" />
     </decision-state>
 
-    <decision-state id="checkDefaultToThisIDP">
-        <if test="flowScope.idpConfig.isUseCurrentIdp()" then="checkWauthTypeSupported"
-            else="viewBadRequest" />
-    </decision-state>
-
     <view-state id="showIDPList" view="idplist" model="trustedIDPSelection">
         <var name="trustedIDPSelection"
             class="org.apache.cxf.fediz.service.idp.model.TrustedIDPSelection" />


Mime
View raw message