cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Having OIDC config service extending OAuth2 one to keep it in sync with the related spec efforts
Date Tue, 23 Aug 2016 17:11:59 GMT
Repository: cxf
Updated Branches:
  refs/heads/master b24261500 -> adcd2c612


Having OIDC config service extending OAuth2 one to keep it in sync with the related spec efforts


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/adcd2c61
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/adcd2c61
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/adcd2c61

Branch: refs/heads/master
Commit: adcd2c6122faa90049668e458dc6ff612c979eeb
Parents: b242615
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Tue Aug 23 18:11:34 2016 +0100
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Tue Aug 23 18:11:34 2016 +0100

----------------------------------------------------------------------
 .../services/AuthorizationMetadataService.java  | 111 +++++++++++++++++++
 .../oidc/idp/OidcConfigurationService.java      |  86 +-------------
 2 files changed, 116 insertions(+), 81 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/adcd2c61/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationMetadataService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationMetadataService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationMetadataService.java
new file mode 100644
index 0000000..cfd566b
--- /dev/null
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationMetadataService.java
@@ -0,0 +1,111 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth2.services;
+
+import java.util.LinkedHashMap;
+import java.util.Map;
+
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.UriInfo;
+
+import org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter;
+
+@Path("oauth-authorization-server")
+public class AuthorizationMetadataService {
+
+    private String issuer;
+    private String authorizationEndpointAddress;
+    private String tokenEndpointAddress;
+    private String tokenRevocationEndpointAddress;
+    private String jwkEndpointAddress;
+    
+    @GET
+    @Produces("application/json")
+    public String getConfiguration(@Context UriInfo ui) {
+        Map<String, Object> cfg = new LinkedHashMap<String, Object>();
+        String baseUri = getBaseUri(ui);
+        prepareConfigurationData(cfg, baseUri);
+        
+        JsonMapObjectReaderWriter writer = new JsonMapObjectReaderWriter();
+        return writer.toJson(cfg);
+    }
+    
+    protected void prepareConfigurationData(Map<String, Object> cfg, String baseUri)
{
+        // Issuer
+        cfg.put("issuer", issuer == null ? baseUri : issuer);
+        // Authorization Endpoint
+        String theAuthorizationEndpointAddress = 
+            calculateEndpointAddress(authorizationEndpointAddress, baseUri, "/idp/authorize");
+        cfg.put("authorization_endpoint", theAuthorizationEndpointAddress);
+        // Token Endpoint
+        String theTokenEndpointAddress = 
+            calculateEndpointAddress(tokenEndpointAddress, baseUri, "/oauth2/token");
+        cfg.put("token_endpoint", theTokenEndpointAddress);
+        // Token Revocation Endpoint
+        String theTokenRevocationEndpointAddress = 
+            calculateEndpointAddress(tokenRevocationEndpointAddress, baseUri, "/oauth2/revoke");
+        cfg.put("revocation_endpoint", theTokenRevocationEndpointAddress);
+        // Jwks Uri Endpoint
+        String theJwkEndpointAddress = 
+            calculateEndpointAddress(jwkEndpointAddress, baseUri, "/jwk/keys");
+        cfg.put("jwks_uri", theJwkEndpointAddress);
+    }
+
+    protected static String calculateEndpointAddress(String endpointAddress, String baseUri,
String defRelAddress) {
+        endpointAddress = endpointAddress == null ? endpointAddress : defRelAddress;
+        if (endpointAddress.startsWith("https")) {
+            return endpointAddress;
+        } else {
+            return baseUri + endpointAddress; 
+        }
+    }
+
+    private String getBaseUri(UriInfo ui) {
+        String requestUri = ui.getRequestUri().toString();
+        int ind = requestUri.lastIndexOf(".well-known");
+        if (ind != -1) {
+            requestUri = requestUri.substring(0, ind);
+        }
+        return requestUri;
+    }
+
+    public void setIssuer(String issuer) {
+        this.issuer = issuer;
+    }
+
+    public void setAuthorizationEndpointAddress(String authorizationEndpointAddress) {
+        this.authorizationEndpointAddress = authorizationEndpointAddress;
+    }
+
+    public void setTokenEndpointAddress(String tokenEndpointAddress) {
+        this.tokenEndpointAddress = tokenEndpointAddress;
+    }
+
+    public void setJwkEndpointAddress(String jwkEndpointAddress) {
+        this.jwkEndpointAddress = jwkEndpointAddress;
+    }
+
+    public void setTokenRevocationEndpointAddress(String tokenRevocationEndpointAddress)
{
+        this.tokenRevocationEndpointAddress = tokenRevocationEndpointAddress;
+    }
+    
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/adcd2c61/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcConfigurationService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcConfigurationService.java
b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcConfigurationService.java
index ba941d8..fab8037 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcConfigurationService.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcConfigurationService.java
@@ -19,108 +19,32 @@
 package org.apache.cxf.rs.security.oidc.idp;
 
 import java.util.Collections;
-import java.util.LinkedHashMap;
 import java.util.Map;
 import java.util.Properties;
 
-import javax.ws.rs.GET;
 import javax.ws.rs.Path;
-import javax.ws.rs.Produces;
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.UriInfo;
 
-import org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter;
 import org.apache.cxf.rs.security.jose.common.JoseConstants;
 import org.apache.cxf.rs.security.jose.jws.JwsUtils;
+import org.apache.cxf.rs.security.oauth2.services.AuthorizationMetadataService;
 
 @Path("openid-configuration")
-public class OidcConfigurationService {
-
-    private String issuer;
-    private String authorizationEndpointAddress;
-    private String tokenEndpointAddress;
-    private String tokenRevocationEndpointAddress;
+public class OidcConfigurationService extends AuthorizationMetadataService {
     private String userInfoEndpointAddress;
-    private String jwkEndpointAddress;
     
-    @GET
-    @Produces("application/json")
-    public String getConfiguration(@Context UriInfo ui) {
-        Map<String, Object> cfg = new LinkedHashMap<String, Object>();
-        // Issuer
-        String baseUri = getBaseUri(ui);
-        cfg.put("issuer", issuer == null ? baseUri : issuer);
-        // Authorization Endpoint
-        String theAuthorizationEndpointAddress = 
-            calculateEndpointAddress(authorizationEndpointAddress, baseUri, "/idp/authorize");
-        cfg.put("authorization_endpoint", theAuthorizationEndpointAddress);
-        // Token Endpoint
-        String theTokenEndpointAddress = 
-            calculateEndpointAddress(tokenEndpointAddress, baseUri, "/oauth2/token");
-        cfg.put("token_endpoint", theTokenEndpointAddress);
-        // Token Revocation Endpoint
-        String theTokenRevocationEndpointAddress = 
-            calculateEndpointAddress(tokenRevocationEndpointAddress, baseUri, "/oauth2/revoke");
-        cfg.put("revocation_endpoint", theTokenRevocationEndpointAddress);
+    @Override
+    protected void prepareConfigurationData(Map<String, Object> cfg, String baseUri)
{
+        super.prepareConfigurationData(cfg, baseUri);
         // UriInfo Endpoint
         String theUserInfoEndpointAddress = 
             calculateEndpointAddress(userInfoEndpointAddress, baseUri, "/users/userinfo");
         cfg.put("userinfo_endpoint", theUserInfoEndpointAddress);
-        // Jwks Uri Endpoint
-        String theJwkEndpointAddress = 
-            calculateEndpointAddress(jwkEndpointAddress, baseUri, "/jwk/keys");
-        cfg.put("jwks_uri", theJwkEndpointAddress);
         
         Properties sigProps = JwsUtils.loadSignatureOutProperties(false);
         if (sigProps != null && sigProps.containsKey(JoseConstants.RSSEC_SIGNATURE_ALGORITHM))
{
             cfg.put("id_token_signing_alg_values_supported", 
                     Collections.singletonList(sigProps.get(JoseConstants.RSSEC_SIGNATURE_ALGORITHM)));
   
         }
-        
-        JsonMapObjectReaderWriter writer = new JsonMapObjectReaderWriter();
-        return writer.toJson(cfg);
-    }
-
-    private static String calculateEndpointAddress(String endpointAddress, String baseUri,
String defRelAddress) {
-        endpointAddress = endpointAddress == null ? endpointAddress : defRelAddress;
-        if (endpointAddress.startsWith("https")) {
-            return endpointAddress;
-        } else {
-            return baseUri + endpointAddress; 
-        }
-    }
-
-    private String getBaseUri(UriInfo ui) {
-        String requestUri = ui.getRequestUri().toString();
-        int ind = requestUri.lastIndexOf(".well-known");
-        if (ind != -1) {
-            requestUri = requestUri.substring(0, ind);
-        }
-        return requestUri;
-    }
-
-    public void setIssuer(String issuer) {
-        this.issuer = issuer;
-    }
-
-    public void setAuthorizationEndpointAddress(String authorizationEndpointAddress) {
-        this.authorizationEndpointAddress = authorizationEndpointAddress;
-    }
-
-    public void setTokenEndpointAddress(String tokenEndpointAddress) {
-        this.tokenEndpointAddress = tokenEndpointAddress;
-    }
-
-    public void setJwkEndpointAddress(String jwkEndpointAddress) {
-        this.jwkEndpointAddress = jwkEndpointAddress;
-    }
-
-    public void setUserInfoEndpointAddress(String userInfoEndpointAddress) {
-        this.userInfoEndpointAddress = userInfoEndpointAddress;
-    }
-
-    public void setTokenRevocationEndpointAddress(String tokenRevocationEndpointAddress)
{
-        this.tokenRevocationEndpointAddress = tokenRevocationEndpointAddress;
     }
     
 }


Mime
View raw message