Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 66F3D200B32 for ; Thu, 23 Jun 2016 18:47:48 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 65C2C160A59; Thu, 23 Jun 2016 16:47:48 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 875FA160A35 for ; Thu, 23 Jun 2016 18:47:47 +0200 (CEST) Received: (qmail 10203 invoked by uid 500); 23 Jun 2016 16:47:46 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 10194 invoked by uid 99); 23 Jun 2016 16:47:46 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 23 Jun 2016 16:47:46 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id A66ECE38B1; Thu, 23 Jun 2016 16:47:45 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: sergeyb@apache.org To: commits@cxf.apache.org Message-Id: <68b9ccc66ad84133b48f3952f7707851@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: cxf git commit: Some tweaking around the way advanced IdToken claims are dealt with Date: Thu, 23 Jun 2016 16:47:45 +0000 (UTC) archived-at: Thu, 23 Jun 2016 16:47:48 -0000 Repository: cxf Updated Branches: refs/heads/master 026a8efe4 -> cc950cf4f Some tweaking around the way advanced IdToken claims are dealt with Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/cc950cf4 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/cc950cf4 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/cc950cf4 Branch: refs/heads/master Commit: cc950cf4f0bbe3758f6110af9a1e7e889f1ce61e Parents: 026a8ef Author: Sergey Beryozkin Authored: Thu Jun 23 17:46:04 2016 +0100 Committer: Sergey Beryozkin Committed: Thu Jun 23 17:46:04 2016 +0100 ---------------------------------------------------------------------- .../security/oidc/common/AbstractUserInfo.java | 62 +++++++++++++++----- 1 file changed, 46 insertions(+), 16 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/cc950cf4/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AbstractUserInfo.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AbstractUserInfo.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AbstractUserInfo.java index f63aaaa..a55ee43 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AbstractUserInfo.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AbstractUserInfo.java @@ -181,7 +181,7 @@ public abstract class AbstractUserInfo extends JwtClaims { } public void setAggregatedClaims(AggregatedClaims claims) { - setProperty(OidcUtils.CLAIM_NAMES_PROPERTY, claims.getClaimNames()); + setAddClaimNames(claims.getClaimNames()); Map> sources = new LinkedHashMap>(); for (Map.Entry entry : claims.getClaimNames().entrySet()) { String source = entry.getValue(); @@ -190,7 +190,24 @@ public abstract class AbstractUserInfo extends JwtClaims { Collections.singletonMap(OidcUtils.JWT_CLAIM_SOURCE_PROPERTY, jwt)); } - setProperty(OidcUtils.CLAIM_SOURCES_PROPERTY, sources); + setAddClaimSources(sources); + } + private void setAddClaimSources(Map> newSources) { + Map> sources = + CastUtils.cast((Map)getProperty(OidcUtils.CLAIM_SOURCES_PROPERTY)); + if (sources == null) { + setProperty(OidcUtils.CLAIM_SOURCES_PROPERTY, sources); + } else { + sources.putAll(newSources); + } + } + private void setAddClaimNames(Map claimNames) { + Map names = CastUtils.cast((Map)getProperty(OidcUtils.CLAIM_NAMES_PROPERTY)); + if (names == null) { + setProperty(OidcUtils.CLAIM_NAMES_PROPERTY, claimNames); + } else { + names.putAll(claimNames); + } } public AggregatedClaims getAggregatedClaims() { Map names = CastUtils.cast((Map)getProperty(OidcUtils.CLAIM_NAMES_PROPERTY)); @@ -199,19 +216,26 @@ public abstract class AbstractUserInfo extends JwtClaims { if (names == null || sources == null) { return null; } + AggregatedClaims claims = new AggregatedClaims(); - claims.setClaimNames(names); + + Map namesMap = new LinkedHashMap(); Map sourcesMap = new LinkedHashMap(); - for (Map.Entry> entry : sources.entrySet()) { - String source = entry.getKey(); - String jwt = entry.getValue().values().iterator().next(); - sourcesMap.put(source, jwt); + for (Map.Entry entry : names.entrySet()) { + String source = entry.getValue(); + Map sourceValue = sources.get(source); + if (sourceValue != null && sourceValue.containsKey(OidcUtils.JWT_CLAIM_SOURCE_PROPERTY)) { + namesMap.put(entry.getKey(), source); + String jwt = sourceValue.values().iterator().next(); + sourcesMap.put(source, jwt); + } } + claims.setClaimNames(namesMap); claims.setClaimSources(sourcesMap); return claims; } public void setDistributedClaims(DistributedClaims claims) { - setProperty(OidcUtils.CLAIM_NAMES_PROPERTY, claims.getClaimNames()); + setAddClaimNames(claims.getClaimNames()); Map> sources = new LinkedHashMap>(); for (Map.Entry entry : claims.getClaimNames().entrySet()) { String source = entry.getValue(); @@ -223,7 +247,7 @@ public abstract class AbstractUserInfo extends JwtClaims { } sources.put(source, mapSource); } - setProperty(OidcUtils.CLAIM_SOURCES_PROPERTY, sources); + setAddClaimSources(sources); } public DistributedClaims getDistributedClaims() { Map names = CastUtils.cast((Map)getProperty(OidcUtils.CLAIM_NAMES_PROPERTY)); @@ -233,15 +257,21 @@ public abstract class AbstractUserInfo extends JwtClaims { return null; } DistributedClaims claims = new DistributedClaims(); - claims.setClaimNames(names); + Map namesMap = new LinkedHashMap(); Map sourcesMap = new LinkedHashMap(); - for (Map.Entry> entry : sources.entrySet()) { - String source = entry.getKey(); - DistributedClaimSource distSource = new DistributedClaimSource(); - distSource.setEndpoint(entry.getValue().get(OidcUtils.ENDPOINT_CLAIM_SOURCE_PROPERTY)); - distSource.setAccessToken(entry.getValue().get(OidcUtils.TOKEN_CLAIM_SOURCE_PROPERTY)); - sourcesMap.put(source, distSource); + for (Map.Entry entry : names.entrySet()) { + String source = entry.getValue(); + Map sourceValue = sources.get(source); + if (sourceValue != null + && !sourceValue.containsKey(OidcUtils.JWT_CLAIM_SOURCE_PROPERTY)) { + namesMap.put(entry.getKey(), source); + DistributedClaimSource distSource = new DistributedClaimSource(); + distSource.setEndpoint(sourceValue.get(OidcUtils.ENDPOINT_CLAIM_SOURCE_PROPERTY)); + distSource.setAccessToken(sourceValue.get(OidcUtils.TOKEN_CLAIM_SOURCE_PROPERTY)); + sourcesMap.put(source, distSource); + } } + claims.setClaimNames(namesMap); claims.setClaimSources(sourcesMap); return claims; }