Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@cxf.apache.org
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: sergeyb@apache.org
To: commits@cxf.apache.org
Message-Id: <5cde653c0a7243d2b986baaa7932e0a5@git.apache.org>
Subject: cxf git commit: Better support for requesting specific claims with a
 claims parameter
Date: Thu, 18 Feb 2016 12:52:09 +0000 (UTC)

Repository: cxf
Updated Branches:
  refs/heads/master 5249d5e71 -> b11a8cc31


Better support for requesting specific claims with a claims parameter


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b11a8cc3
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b11a8cc3
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b11a8cc3

Branch: refs/heads/master
Commit: b11a8cc31d57dfd7cc943e2937a1c791bd332874
Parents: 5249d5e
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Thu Feb 18 12:51:54 2016 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Thu Feb 18 12:51:54 2016 +0000

----------------------------------------------------------------------
 .../security/oidc/common/ClaimPreference.java   | 55 ++++++++++++++
 .../rs/security/oidc/common/ClaimsRequest.java  | 77 ++++++++++++++++++++
 .../oidc/rp/OidcClientCodeRequestFilter.java    |  6 ++
 3 files changed, 138 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/b11a8cc3/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/ClaimPreference.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/ClaimPreference.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/ClaimPreference.java
new file mode 100644
index 0000000..212dac8
--- /dev/null
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/ClaimPreference.java
@@ -0,0 +1,55 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oidc.common;
+
+import java.util.List;
+
+import org.apache.cxf.helpers.CastUtils;
+import org.apache.cxf.jaxrs.json.basic.JsonMapObject;
+
+public class ClaimPreference extends JsonMapObject {
+    public static final String ESSENTIAL_PROPERTY = "essential";
+    public static final String VALUE_PROPERTY = "value";
+    public static final String VALUES_PROPERTY = "values";
+    private static final long serialVersionUID = 9105405849730632953L;
+
+    public void setEssential(Boolean essential) {
+        setProperty(ESSENTIAL_PROPERTY, essential);
+    }
+    public Boolean getEssential() {
+        return getBooleanProperty(ESSENTIAL_PROPERTY);
+    }
+    public void setValue(String value) {
+        setProperty(VALUE_PROPERTY, value);
+    }
+    public String getValue() {
+        return getStringProperty(VALUE_PROPERTY);
+    }
+    public void setValues(List<String> values) {
+        setProperty(VALUES_PROPERTY, values);
+    }
+    public List<String> getValues() {
+        Object prop = getProperty(VALUES_PROPERTY);
+        if (prop instanceof List) {
+            return CastUtils.cast((List<?>)prop);
+        } else {
+            return null;
+        }
+    }
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/b11a8cc3/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/ClaimsRequest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/ClaimsRequest.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/ClaimsRequest.java
new file mode 100644
index 0000000..5c02f42
--- /dev/null
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/ClaimsRequest.java
@@ -0,0 +1,77 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oidc.common;
+
+import java.util.LinkedHashMap;
+import java.util.Map;
+
+import org.apache.cxf.helpers.CastUtils;
+import org.apache.cxf.jaxrs.json.basic.JsonMapObject;
+
+public class ClaimsRequest extends JsonMapObject {
+    public static final String ID_TOKEN_CLAIMS = "id_token";
+    public static final String USER_INFO_CLAIMS = "userinfo";
+    private static final long serialVersionUID = -1356735897518391517L;
+    
+
+    public void setIdTokenClaims(Map<String, ClaimPreference> claims) {
+        setProperty(ID_TOKEN_CLAIMS, claims);
+    }
+    
+    public Map<String, ClaimPreference> getIdTokenClaims() {
+        return getClaims(ID_TOKEN_CLAIMS);
+    }
+    
+    public void setUserInfoClaims(Map<String, ClaimPreference> claims) {
+        setProperty(USER_INFO_CLAIMS, claims);
+    }
+    
+    private Map<String, ClaimPreference> getClaims(String propertyName) {
+        Object claimsProp = getProperty(propertyName);
+        if (claimsProp instanceof Map) {
+            Map<String, ?> claimsMap = CastUtils.cast((Map<?, ?>)claimsProp);
+            if (!claimsMap.isEmpty()) {
+                if (claimsMap.values().iterator().next() instanceof ClaimPreference) {
+                    return CastUtils.cast((Map<?, ?>)claimsMap);
+                }
+                Map<String, ClaimPreference> claims = new LinkedHashMap<String, ClaimPreference>();
+                Map<String, Map<String, ?>> parsedMap = CastUtils.cast((Map<?, ?>)claimsProp);
+                for (Map.Entry<String, Map<String, ?>> entry : parsedMap.entrySet()) {
+                    
+                    ClaimPreference pref = new ClaimPreference();
+                    Object essentialProp = entry.getValue().get(ClaimPreference.ESSENTIAL_PROPERTY);
+                    if (essentialProp != null) {
+                        pref.setProperty(ClaimPreference.ESSENTIAL_PROPERTY, essentialProp);
+                    }
+                    Object valueProp = entry.getValue().get(ClaimPreference.VALUE_PROPERTY);
+                    if (valueProp != null) {
+                        pref.setProperty(ClaimPreference.VALUE_PROPERTY, valueProp);
+                    }
+                    Object valuesProp = entry.getValue().get(ClaimPreference.VALUES_PROPERTY);
+                    if (valuesProp != null) {
+                        pref.setProperty(ClaimPreference.VALUES_PROPERTY, valuesProp);
+                    }
+                }
+                return claims;
+            }
+        } 
+        return null;
+        
+    }
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/b11a8cc3/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
index 76035bc..f77efba 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
@@ -28,12 +28,14 @@ import javax.ws.rs.core.UriBuilder;
 import javax.ws.rs.core.UriInfo;
 
 import org.apache.cxf.common.util.StringUtils;
+import org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter;
 import org.apache.cxf.jaxrs.utils.ExceptionUtils;
 import org.apache.cxf.rs.security.oauth2.client.ClientCodeRequestFilter;
 import org.apache.cxf.rs.security.oauth2.client.ClientTokenContext;
 import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
+import org.apache.cxf.rs.security.oidc.common.ClaimsRequest;
 import org.apache.cxf.rs.security.oidc.common.IdToken;
 
 public class OidcClientCodeRequestFilter extends ClientCodeRequestFilter {
@@ -169,6 +171,10 @@ public class OidcClientCodeRequestFilter extends ClientCodeRequestFilter {
         this.maxAgeOffset = maxAgeOffset;
     }
 
+    public void setClaimsRequest(ClaimsRequest claimsRequest) {
+        setClaims(new JsonMapObjectReaderWriter().toJson(claimsRequest));
+    }
+    
     public void setClaims(String claims) {
         this.claims = claims;
     }