cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [09/18] cxf-fediz git commit: Whitespace cleanup
Date Mon, 13 Feb 2017 11:36:25 GMT
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AuthnRequestParser.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AuthnRequestParser.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AuthnRequestParser.java
index 53feb73..3bd4c53 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AuthnRequestParser.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AuthnRequestParser.java
@@ -81,7 +81,7 @@ public class AuthnRequestParser {
     public void parseSAMLRequest(RequestContext context, Idp idp, String samlRequest,
                                  String signature, String relayState) throws ProcessingException {
         LOG.debug("Received SAML Request: {}", samlRequest);
-        
+
         if (samlRequest == null) {
             WebUtils.removeAttribute(context, IdpConstants.SAML_AUTHN_REQUEST);
             throw new ProcessingException(TYPE.BAD_REQUEST);
@@ -93,35 +93,35 @@ public class AuthnRequestParser {
                 LOG.warn("Error parsing request: {}", ex.getMessage());
                 throw new ProcessingException(TYPE.BAD_REQUEST);
             }
-            
+
             // Store various attributes from the AuthnRequest
             SAMLAuthnRequest authnRequest = new SAMLAuthnRequest(parsedRequest);
             WebUtils.putAttributeInFlowScope(context, IdpConstants.SAML_AUTHN_REQUEST, authnRequest);
-            
-            validateSignature(context, parsedRequest, idp, signature, relayState, 
+
+            validateSignature(context, parsedRequest, idp, signature, relayState,
                               samlRequest, authnRequest.getIssuer());
             validateRequest(parsedRequest);
-            
+
             LOG.debug("SAML Request with id '{}' successfully parsed", parsedRequest.getID());
         }
     }
-    
+
     public String retrieveRealm(RequestContext context) {
-        SAMLAuthnRequest authnRequest = 
+        SAMLAuthnRequest authnRequest =
             (SAMLAuthnRequest)WebUtils.getAttributeFromFlowScope(context, IdpConstants.SAML_AUTHN_REQUEST);
-        
+
         if (authnRequest != null) {
             String issuer = authnRequest.getIssuer();
             LOG.debug("Parsed SAML AuthnRequest Issuer: {}", issuer);
             return issuer;
         }
-        
+
         LOG.debug("No AuthnRequest available to be parsed");
         return null;
     }
-    
+
     public String retrieveConsumerURL(RequestContext context) {
-        SAMLAuthnRequest authnRequest = 
+        SAMLAuthnRequest authnRequest =
             (SAMLAuthnRequest)WebUtils.getAttributeFromFlowScope(context, IdpConstants.SAML_AUTHN_REQUEST);
 
         if (authnRequest != null && authnRequest.getConsumerServiceURL() != null) {
@@ -129,13 +129,13 @@ public class AuthnRequestParser {
             LOG.debug("Parsed SAML AuthnRequest Consumer URL: {}", consumerURL);
             return consumerURL;
         }
-        
+
         LOG.debug("No AuthnRequest available to be parsed");
         return null;
     }
-    
+
     public String retrieveRequestId(RequestContext context) {
-        SAMLAuthnRequest authnRequest = 
+        SAMLAuthnRequest authnRequest =
             (SAMLAuthnRequest)WebUtils.getAttributeFromFlowScope(context, IdpConstants.SAML_AUTHN_REQUEST);
 
         if (authnRequest != null && authnRequest.getRequestId() != null) {
@@ -143,13 +143,13 @@ public class AuthnRequestParser {
             LOG.debug("Parsed SAML AuthnRequest Id: {}", id);
             return id;
         }
-        
+
         LOG.debug("No AuthnRequest available to be parsed");
         return null;
     }
-    
+
     public String retrieveRequestIssuer(RequestContext context) {
-        SAMLAuthnRequest authnRequest = 
+        SAMLAuthnRequest authnRequest =
             (SAMLAuthnRequest)WebUtils.getAttributeFromFlowScope(context, IdpConstants.SAML_AUTHN_REQUEST);
 
         if (authnRequest != null && authnRequest.getIssuer() != null) {
@@ -157,39 +157,39 @@ public class AuthnRequestParser {
             LOG.debug("Parsed SAML AuthnRequest Issuer: {}", issuer);
             return issuer;
         }
-        
+
         LOG.debug("No AuthnRequest available to be parsed");
         return null;
     }
-    
+
     public boolean isForceAuthentication(RequestContext context) {
-        SAMLAuthnRequest authnRequest = 
+        SAMLAuthnRequest authnRequest =
             (SAMLAuthnRequest)WebUtils.getAttributeFromFlowScope(context, IdpConstants.SAML_AUTHN_REQUEST);
         if (authnRequest != null) {
             return authnRequest.isForceAuthn();
         }
-        
+
         LOG.debug("No AuthnRequest available to be parsed");
         return false;
     }
-    
+
     protected AuthnRequest extractRequest(RequestContext context, String samlRequest) throws Exception {
         byte[] deflatedToken = Base64Utility.decode(samlRequest);
         String httpMethod = WebUtils.getHttpServletRequest(context).getMethod();
-        
+
         InputStream tokenStream = supportDeflateEncoding || "GET".equals(httpMethod)
              ? new DeflateEncoderDecoder().inflateToken(deflatedToken)
                  : new ByteArrayInputStream(deflatedToken);
 
         Document responseDoc = StaxUtils.read(new InputStreamReader(tokenStream, "UTF-8"));
-        AuthnRequest request = 
+        AuthnRequest request =
             (AuthnRequest)OpenSAMLUtil.fromDom(responseDoc.getDocumentElement());
         if (LOG.isDebugEnabled()) {
             LOG.debug(DOM2Writer.nodeToString(responseDoc));
         }
         return request;
     }
-    
+
     public boolean isSupportDeflateEncoding() {
         return supportDeflateEncoding;
     }
@@ -197,59 +197,59 @@ public class AuthnRequestParser {
     public void setSupportDeflateEncoding(boolean supportDeflateEncoding) {
         this.supportDeflateEncoding = supportDeflateEncoding;
     }
-    
+
     private void validateRequest(AuthnRequest parsedRequest) throws ProcessingException {
         if (parsedRequest.getIssuer() == null) {
             LOG.debug("No Issuer is present in the AuthnRequest");
             throw new ProcessingException(TYPE.BAD_REQUEST);
         }
-        
+
         String format = parsedRequest.getIssuer().getFormat();
         if (format != null
             && !"urn:oasis:names:tc:SAML:2.0:nameid-format:entity".equals(format)) {
             LOG.debug("An invalid Format attribute was received: {}", format);
             throw new ProcessingException(TYPE.BAD_REQUEST);
         }
-        
+
         // No SubjectConfirmation Elements are allowed
-        if (parsedRequest.getSubject() != null 
+        if (parsedRequest.getSubject() != null
             && parsedRequest.getSubject().getSubjectConfirmations() != null
             && !parsedRequest.getSubject().getSubjectConfirmations().isEmpty()) {
             LOG.debug("An invalid SubjectConfirmation Element was received");
             throw new ProcessingException(TYPE.BAD_REQUEST);
         }
     }
-    
-    private void validateSignature(RequestContext context, AuthnRequest authnRequest, Idp idp, 
-                                   String signature, String relayState, String samlRequest, 
+
+    private void validateSignature(RequestContext context, AuthnRequest authnRequest, Idp idp,
+                                   String signature, String relayState, String samlRequest,
                                    String realm) throws ProcessingException {
         try {
             if (authnRequest.isSigned()) {
                 // Check destination
                 checkDestination(context, authnRequest);
-                
+
                 // Check signature
                 X509Certificate validatingCert = getValidatingCertificate(idp, realm);
-                Crypto issuerCrypto = 
+                Crypto issuerCrypto =
                     new CertificateStore(Collections.singletonList(validatingCert).toArray(new X509Certificate[0]));
                 validateAuthnRequestSignature(authnRequest.getSignature(), issuerCrypto);
             } else if (signature != null) {
                 // Check destination
                 checkDestination(context, authnRequest);
-                
+
                 // Check signature
                 X509Certificate validatingCert = getValidatingCertificate(idp, realm);
-                
+
                 java.security.Signature sig = java.security.Signature.getInstance("SHA1withRSA");
                 sig.initVerify(validatingCert);
-                
+
                 // Recreate request to sign
                 String requestToSign = SSOConstants.SAML_REQUEST + "=" + URLEncoder.encode(samlRequest, "UTF-8")
-                     + "&" + SSOConstants.RELAY_STATE + "=" + relayState + "&" + SSOConstants.SIG_ALG 
+                     + "&" + SSOConstants.RELAY_STATE + "=" + relayState + "&" + SSOConstants.SIG_ALG
                      + "=" + URLEncoder.encode(SSOConstants.RSA_SHA1, StandardCharsets.UTF_8.name());
-                
+
                 sig.update(requestToSign.getBytes(StandardCharsets.UTF_8));
-                
+
                 if (!sig.verify(Base64.decode(signature))) {
                     LOG.debug("Signature validation failed");
                     throw new ProcessingException(TYPE.BAD_REQUEST);
@@ -265,30 +265,30 @@ public class AuthnRequestParser {
             throw new ProcessingException(TYPE.BAD_REQUEST);
         }
     }
-    
-    private X509Certificate getValidatingCertificate(Idp idp, String realm) 
+
+    private X509Certificate getValidatingCertificate(Idp idp, String realm)
         throws Exception {
         Application serviceConfig = idp.findApplication(realm);
         if (serviceConfig == null || serviceConfig.getValidatingCertificate() == null) {
             LOG.debug("No validating certificate found for realm {}", realm);
             throw new ProcessingException(TYPE.ISSUER_NOT_TRUSTED);
         }
-        
+
         return CertsUtils.parseX509Certificate(serviceConfig.getValidatingCertificate());
     }
-    
+
     private void checkDestination(RequestContext context, AuthnRequest authnRequest) throws ProcessingException {
         // Check destination
         String destination = authnRequest.getDestination();
         LOG.debug("Validating destination: {}", destination);
-        
+
         String localAddr = WebUtils.getHttpServletRequest(context).getRequestURL().toString();
         if (destination == null || !localAddr.startsWith(destination)) {
             LOG.debug("The destination {} does not match the local address {}", destination, localAddr);
             throw new ProcessingException(TYPE.BAD_REQUEST);
         }
     }
-    
+
     /**
      * Validate the AuthnRequest signature
      */
@@ -317,7 +317,7 @@ public class AuthnRequestParser {
                 throw ex;
             }
         }
-        
+
         if (samlKeyInfo == null) {
             LOG.debug("No KeyInfo supplied in the AuthnRequest signature");
             throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, "invalidSAMLsecurity");
@@ -384,5 +384,5 @@ public class AuthnRequestParser {
     public void setRequireSignature(boolean requireSignature) {
         this.requireSignature = requireSignature;
     }
-    
+
 }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/LocalRedirectCreator.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/LocalRedirectCreator.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/LocalRedirectCreator.java
index 9dfd626..0111c2c 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/LocalRedirectCreator.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/LocalRedirectCreator.java
@@ -35,20 +35,20 @@ public class LocalRedirectCreator {
     public String createRedirectURL(RequestContext context, Idp idp) throws UnsupportedEncodingException {
         StringBuilder redirectURL = new StringBuilder();
         redirectURL.append(idp.getIdpUrl().toString()).append("?");
-        
+
         String relayState = (String)WebUtils.getAttributeFromFlowScope(context, "RelayState");
         redirectURL.append("RelayState=").append(relayState).append("&");
         String samlRequest = (String)WebUtils.getAttributeFromFlowScope(context, "SAMLRequest");
         redirectURL.append("SAMLRequest=").append(URLEncoder.encode(samlRequest, "UTF-8"));
-        
+
         String signature = (String)WebUtils.getAttributeFromFlowScope(context, "Signature");
         if (signature != null) {
             redirectURL.append("&");
             redirectURL.append("Signature=").append(URLEncoder.encode(signature, "UTF-8"));
         }
-        
+
         return redirectURL.toString();
     }
-    
-    
+
+
 }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/SamlResponseCreator.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/SamlResponseCreator.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/SamlResponseCreator.java
index 742797d..dadbe13 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/SamlResponseCreator.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/SamlResponseCreator.java
@@ -67,25 +67,25 @@ public class SamlResponseCreator {
     private boolean supportDeflateEncoding;
 
     public String createSAMLResponse(RequestContext context, Idp idp, Element rpToken,
-                                     String consumerURL, String requestId, String requestIssuer) 
+                                     String consumerURL, String requestId, String requestIssuer)
                                          throws ProcessingException {
-        List<Element> samlTokens = 
+        List<Element> samlTokens =
             DOMUtils.findAllElementsByTagNameNS(rpToken, WSConstants.SAML2_NS, "Assertion");
         if (samlTokens.isEmpty() || samlTokens.size() != 1) {
             throw new ProcessingException(TYPE.BAD_REQUEST);
         }
-        
+
         try {
             SamlAssertionWrapper wrapper = new SamlAssertionWrapper(samlTokens.get(0));
             if (wrapper.getSaml2() == null) {
                 throw new ProcessingException(TYPE.BAD_REQUEST);
             }
-            
+
             String remoteAddr = WebUtils.getHttpServletRequest(context).getRemoteAddr();
-            Assertion saml2Assertion = 
-                createSAML2Assertion(context, idp, wrapper, requestId, requestIssuer, 
+            Assertion saml2Assertion =
+                createSAML2Assertion(context, idp, wrapper, requestId, requestIssuer,
                                      remoteAddr, consumerURL);
-            
+
             Element response = createResponse(idp, requestId, saml2Assertion);
             return encodeResponse(response);
         } catch (Exception ex) {
@@ -93,17 +93,17 @@ public class SamlResponseCreator {
             throw new ProcessingException(TYPE.BAD_REQUEST);
         }
     }
-    
+
     private Assertion createSAML2Assertion(RequestContext context, Idp idp, SamlAssertionWrapper receivedToken,
-                                           String requestID, String requestIssuer, 
+                                           String requestID, String requestIssuer,
                                            String remoteAddr, String racs) throws Exception {
         // Create an AuthenticationAssertion
         SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
         callbackHandler.setIssuer(idp.getRealm());
         callbackHandler.setSubject(receivedToken.getSaml2().getSubject());
-        
+
         // Test Subject against received Subject (if applicable)
-        SAMLAuthnRequest authnRequest = 
+        SAMLAuthnRequest authnRequest =
             (SAMLAuthnRequest)WebUtils.getAttributeFromFlowScope(context, IdpConstants.SAML_AUTHN_REQUEST);
         if (authnRequest.getSubjectNameId() != null && receivedToken.getSaml2().getSubject().getNameID() != null) {
             NameID issuedNameId = receivedToken.getSaml2().getSubject().getNameID();
@@ -113,7 +113,7 @@ public class SamlResponseCreator {
                 throw new ProcessingException(ProcessingException.TYPE.INVALID_REQUEST);
             }
         }
-        
+
         // Subject Confirmation Data
         SubjectConfirmationDataBean subjectConfirmationData = new SubjectConfirmationDataBean();
         subjectConfirmationData.setAddress(remoteAddr);
@@ -121,45 +121,45 @@ public class SamlResponseCreator {
         subjectConfirmationData.setNotAfter(new DateTime().plusMinutes(5));
         subjectConfirmationData.setRecipient(racs);
         callbackHandler.setSubjectConfirmationData(subjectConfirmationData);
-        
+
         // Audience Restriction
         ConditionsBean conditions = new ConditionsBean();
         conditions.setTokenPeriodMinutes(5);
-        
+
         AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
         audienceRestriction.setAudienceURIs(Collections.singletonList(requestIssuer));
         conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction));
         callbackHandler.setConditions(conditions);
-        
+
         // Attributes
         callbackHandler.setAttributeStatements(receivedToken.getSaml2().getAttributeStatements());
-        
+
         SAMLCallback samlCallback = new SAMLCallback();
         SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
         SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
-        
+
         Crypto issuerCrypto = CertsUtils.getCryptoFromCertificate(idp.getCertificate());
-        assertion.signAssertion(issuerCrypto.getDefaultX509Identifier(), idp.getCertificatePassword(), 
+        assertion.signAssertion(issuerCrypto.getDefaultX509Identifier(), idp.getCertificatePassword(),
                                 issuerCrypto, false);
-        
+
         return assertion.getSaml2();
     }
-    
+
     protected Element createResponse(Idp idp, String requestID, Assertion assertion) throws Exception {
         Document doc = DOMUtils.newDocument();
-        
-        Status status = 
+
+        Status status =
             SAML2PResponseComponentBuilder.createStatus(
                 "urn:oasis:names:tc:SAML:2.0:status:Success", null
             );
-        Response response = 
+        Response response =
             SAML2PResponseComponentBuilder.createSAMLResponse(requestID, idp.getRealm(), status);
-        
+
         response.getAssertions().add(assertion);
-        
+
         Element policyElement = OpenSAMLUtil.toDom(response, doc);
         doc.appendChild(policyElement);
-        
+
         return policyElement;
     }
 
@@ -173,10 +173,10 @@ public class SamlResponseCreator {
 
             return Base64Utility.encode(deflatedBytes);
         }
-        
+
         return Base64Utility.encode(responseMessage.getBytes());
     }
-    
+
     public boolean isSupportDeflateEncoding() {
         return supportDeflateEncoding;
     }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/SamlResponseErrorCreator.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/SamlResponseErrorCreator.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/SamlResponseErrorCreator.java
index ce257e0..a35e3c2 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/SamlResponseErrorCreator.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/SamlResponseErrorCreator.java
@@ -49,22 +49,22 @@ public class SamlResponseErrorCreator {
     private boolean supportDeflateEncoding;
 
     public String createSAMLResponse(RequestContext context, boolean requestor,
-                                     Idp idp, String requestID) throws ProcessingException { 
+                                     Idp idp, String requestID) throws ProcessingException {
         Document doc = DOMUtils.newDocument();
-        
+
         String statusValue = "urn:oasis:names:tc:SAML:2.0:status:Responder";
         if (requestor) {
             statusValue = "urn:oasis:names:tc:SAML:2.0:status:Requester";
         }
-        Status status = 
+        Status status =
             SAML2PResponseComponentBuilder.createStatus(statusValue, null);
-        Response response = 
+        Response response =
             SAML2PResponseComponentBuilder.createSAMLResponse(requestID, idp.getRealm(), status);
-        
+
         try {
             Element policyElement = OpenSAMLUtil.toDom(response, doc);
             doc.appendChild(policyElement);
-            
+
             Element responseElement = policyElement;
             return encodeResponse(responseElement);
         } catch (Exception e) {
@@ -83,10 +83,10 @@ public class SamlResponseErrorCreator {
 
             return Base64Utility.encode(deflatedBytes);
         }
-        
+
         return Base64Utility.encode(responseMessage.getBytes());
     }
-    
+
     public boolean isSupportDeflateEncoding() {
         return supportDeflateEncoding;
     }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/wsfed/WfreshParser.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/wsfed/WfreshParser.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/wsfed/WfreshParser.java
index 148d24b..f9dee3a 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/wsfed/WfreshParser.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/wsfed/WfreshParser.java
@@ -28,7 +28,7 @@ import org.springframework.stereotype.Component;
 import org.springframework.webflow.execution.RequestContext;
 
 /**
- * This class is responsible to parse the 'wfresh' parameter 
+ * This class is responsible to parse the 'wfresh' parameter
  */
 @Component
 public class WfreshParser {
@@ -37,13 +37,13 @@ public class WfreshParser {
 
     public boolean authenticationRequired(String wfresh, String whr, RequestContext context)
         throws Exception {
-        
-        SecurityToken idpToken = 
+
+        SecurityToken idpToken =
             (SecurityToken) WebUtils.getAttributeFromExternalContext(context, whr);
         if (idpToken == null) {
             return true;
         }
-        
+
         if (wfresh == null || wfresh.trim().isEmpty()) {
             return false;
         }
@@ -58,7 +58,7 @@ public class WfreshParser {
         if (ttl == 0) {
             return true;
         }
-        
+
         long ttlMs = ttl * 60L * 1000L;
         if (ttlMs > 0) {
             Date createdDate = idpToken.getCreated();
@@ -80,5 +80,5 @@ public class WfreshParser {
         }
         return false;
     }
-    
+
 }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Application.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Application.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Application.java
index 814e342..1373000 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Application.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Application.java
@@ -36,16 +36,16 @@ import javax.xml.bind.annotation.XmlType;
                       "policyNamespace", "passiveRequestorEndpoint", "passiveRequestorEndpointConstraint", "id",
                       "validatingCertificate", "enableAppliesTo"})
 public class Application implements Serializable {
-        
+
     private static final long serialVersionUID = 5644327504861846964L;
 
-    
-    
+
+
     protected int id;
-    
-            
+
+
     //Could be imported from Metadata document or manually filled
-    
+
     //@Column(name = "REALM", nullable = true, length = FIELD_LENGTH)
     protected String realm;  //wtrealm, whr
 
@@ -53,52 +53,52 @@ public class Application implements Serializable {
     // "http://docs.oasis-open.org/wsfed/federation/200706"
     // Metadata could provide more than one but one must be chosen
     protected String protocol;
- 
+
     // Public key only
     // Could be read from Metadata, md:KeyDescriptor, use="encryption"
     protected String encryptionCertificate;
-    
+
     // Certificate for Signature verification
     protected String validatingCertificate;
-    
+
     // Could be read from Metadata, fed:ClaimTypesRequested
     protected List<RequestClaim> requestedClaims = new ArrayList<>();
-    
+
     //Could be read from Metadata, ServiceDisplayName
     //usage for list of application where user is logged in
     protected String serviceDisplayName;
-    
+
     //Could be read from Metadata, ServiceDescription
     //usage for list of application where user is logged in
     protected String serviceDescription;
-    
+
     //Could be read from Metadata, RoleDescriptor
     //fed:ApplicationServiceType, fed:SecurityTokenServiceType
     protected String role;
-        
+
     // Not in Metadata, configured in IDP or passed in wreq parameter
     protected String tokenType;
-    
+
     // Not in Metadata, configured in IDP or passed in wreq parameter
     protected int lifeTime;
-    
+
     // WS-Policy Namespace for AppliesTo element
     protected String policyNamespace;
-    
+
     // Request audience restriction in token for this application (default is true)
     private boolean enableAppliesTo = true;
-    
+
     private URI href;
-    
+
     //Could be read from Metadata, PassiveRequestorEndpoint
     //fed:ApplicationServiceType, fed:SecurityTokenServiceType
     private String passiveRequestorEndpoint;
-    
+
     // A regular expression constraint on the passiveRequestorEndpoint
     private String passiveRequestorEndpointConstraint;
     private Pattern compiledPassiveRequestorEndpointConstraint;
-    
-    
+
+
     @XmlAttribute
     public int getId() {
         return id;
@@ -107,7 +107,7 @@ public class Application implements Serializable {
     public void setId(int id) {
         this.id = id;
     }
-    
+
     @XmlAttribute
     public URI getHref() {
         return href;
@@ -219,11 +219,11 @@ public class Application implements Serializable {
             compiledPassiveRequestorEndpointConstraint = null;
         }
     }
-    
+
     public Pattern getCompiledPassiveRequestorEndpointConstraint() {
         return compiledPassiveRequestorEndpointConstraint;
     }
-    
+
     public String getValidatingCertificate() {
         return validatingCertificate;
     }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Claim.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Claim.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Claim.java
index 96afed9..a703b64 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Claim.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Claim.java
@@ -26,15 +26,15 @@ import javax.xml.bind.annotation.XmlRootElement;
 
 @XmlRootElement(name = "claim", namespace = "http://org.apache.cxf.fediz/")
 public class Claim implements Serializable {
-    
+
     private static final long serialVersionUID = 2635896159019665467L;
-    
+
     protected URI claimType;
     protected String displayName;
     protected String description;
     protected int id;
     private URI href;
-    
+
     @XmlAttribute
     public URI getHref() {
         return href;
@@ -43,7 +43,7 @@ public class Claim implements Serializable {
     public void setHref(URI href) {
         this.href = href;
     }
-    
+
     @XmlAttribute
     public int getId() {
         return id;
@@ -52,11 +52,11 @@ public class Claim implements Serializable {
     public void setId(int id) {
         this.id = id;
     }
-    
+
     public void setClaimType(URI claimType) {
         this.claimType = claimType;
     }
-    
+
     public URI getClaimType() {
         return claimType;
     }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Entitlement.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Entitlement.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Entitlement.java
index c926386..67b54b4 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Entitlement.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Entitlement.java
@@ -27,14 +27,14 @@ import javax.xml.bind.annotation.XmlType;
 @XmlRootElement(name = "entitlement", namespace = "http://org.apache.cxf.fediz/")
 @XmlType(propOrder = {"name", "description", "internal", "id" })
 public class Entitlement implements Serializable {
-    
+
     private static final long serialVersionUID = 2635896159019665467L;
-    
+
     protected String name;
     protected String description;
     protected int id;
     protected boolean internal;
-    
+
     @XmlAttribute
     public int getId() {
         return id;
@@ -43,7 +43,7 @@ public class Entitlement implements Serializable {
     public void setId(int id) {
         this.id = id;
     }
-    
+
     public String getName() {
         return name;
     }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/FederationType.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/FederationType.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/FederationType.java
index 2dcc296..de6265f 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/FederationType.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/FederationType.java
@@ -1,40 +1,40 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.fediz.service.idp.domain;
-
-import javax.xml.bind.annotation.XmlEnum;
-
-@XmlEnum
-public enum FederationType {
-
-    FEDERATE_IDENTITY("FederateIdentity"),
-    FEDERATE_CLAIMS("FederateClaims");
-
-    private String name;
-
-    FederationType(final String name) {
-        this.name = name;
-    }
-
-    @Override
-    public String toString() {
-        return name;
-    }
-
-}
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.idp.domain;
+
+import javax.xml.bind.annotation.XmlEnum;
+
+@XmlEnum
+public enum FederationType {
+
+    FEDERATE_IDENTITY("FederateIdentity"),
+    FEDERATE_CLAIMS("FederateClaims");
+
+    private String name;
+
+    FederationType(final String name) {
+        this.name = name;
+    }
+
+    @Override
+    public String toString() {
+        return name;
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Idp.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Idp.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Idp.java
index d382184..0674b5a 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Idp.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Idp.java
@@ -40,9 +40,9 @@ public class Idp implements Serializable {
 
     private static final long serialVersionUID = -5570301342547139039L;
 
-    
+
     protected int id;
-    
+
     // Unique
     // fed:TargetScope
     protected String realm; // wtrealm, whr
@@ -111,13 +111,13 @@ public class Idp implements Serializable {
 
     // ServiceDescription
     protected String serviceDescription;
-    
+
     // The user/browser must explicitly confirm to logout from all applications
     private boolean rpSingleSignOutConfirmation;
-    
+
     // Is explicit confirmation required when the "cleanup" URL is called
     private boolean rpSingleSignOutCleanupConfirmation;
-    
+
     @XmlAttribute
     public int getId() {
         return id;
@@ -126,7 +126,7 @@ public class Idp implements Serializable {
     public void setId(int id) {
         this.id = id;
     }
-    
+
     public String getRealm() {
         return realm;
     }
@@ -216,7 +216,7 @@ public class Idp implements Serializable {
         }
         return null;
     }
-    
+
     @XmlElementWrapper(name = "applications")
     @XmlElementRef(name = "application")
     public List<Application> getApplications() {
@@ -235,7 +235,7 @@ public class Idp implements Serializable {
         }
         return null;
     }
-    
+
     @XmlElementWrapper(name = "trustedIdps")
     @XmlElementRef(name = "trustedIdp")
     public List<TrustedIdp> getTrustedIdps() {

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/RequestClaim.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/RequestClaim.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/RequestClaim.java
index 008e75a..fc2b232 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/RequestClaim.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/RequestClaim.java
@@ -22,15 +22,15 @@ import javax.xml.bind.annotation.XmlRootElement;
 
 @XmlRootElement(name = "requestClaim", namespace = "http://org.apache.cxf.fediz/")
 public class RequestClaim extends Claim {
-    
+
     private static final long serialVersionUID = 8097560995225077866L;
-    
+
     protected boolean optional;
-    
+
     public RequestClaim() {
         super();
     }
-    
+
     public RequestClaim(Claim c) {
         super();
         this.setClaimType(c.getClaimType());
@@ -38,11 +38,11 @@ public class RequestClaim extends Claim {
         this.setDisplayName(c.getDisplayName());
         this.setId(c.getId());
     }
-      
+
     public void setOptional(boolean optional) {
         this.optional = optional;
     }
-    
+
     public boolean isOptional() {
         return optional;
     }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Role.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Role.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Role.java
index f403546..3af82a0 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Role.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/Role.java
@@ -29,15 +29,15 @@ import javax.xml.bind.annotation.XmlType;
 @XmlRootElement(name = "role", namespace = "http://org.apache.cxf.fediz/")
 @XmlType(propOrder = {"name", "description", "entitlements", "id" })
 public class Role implements Serializable {
-    
+
     private static final long serialVersionUID = 2635896159019665467L;
-    
+
     protected String name;
     protected String description;
     protected int id;
-    
+
     protected List<Entitlement> entitlements = new ArrayList<>();
-    
+
     @XmlAttribute
     public int getId() {
         return id;
@@ -46,7 +46,7 @@ public class Role implements Serializable {
     public void setId(int id) {
         this.id = id;
     }
-    
+
     public String getName() {
         return name;
     }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/TrustType.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/TrustType.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/TrustType.java
index 50efb25..0bfd084 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/TrustType.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/TrustType.java
@@ -1,40 +1,40 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.fediz.service.idp.domain;
-
-import javax.xml.bind.annotation.XmlEnum;
-
-@XmlEnum
-public enum TrustType {
-
-    PEER_TRUST("PeerTrust"),
-    INDIRECT_TRUST("IndirectTrust");
-
-    private String name;
-
-    TrustType(final String name) {
-        this.name = name;
-    }
-
-    @Override
-    public String toString() {
-        return name;
-    }
-
-}
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.idp.domain;
+
+import javax.xml.bind.annotation.XmlEnum;
+
+@XmlEnum
+public enum TrustType {
+
+    PEER_TRUST("PeerTrust"),
+    INDIRECT_TRUST("IndirectTrust");
+
+    private String name;
+
+    TrustType(final String name) {
+        this.name = name;
+    }
+
+    @Override
+    public String toString() {
+        return name;
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/TrustedIdp.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/TrustedIdp.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/TrustedIdp.java
index b3262b5..013456c 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/TrustedIdp.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/domain/TrustedIdp.java
@@ -34,50 +34,50 @@ public class TrustedIdp implements Serializable {
 
     private static final long serialVersionUID = -6520081722646469178L;
 
-    
+
     protected int id;
 
     //@Column(name = "REALM", nullable = true, length = FIELD_LENGTH)
     protected String realm;  //wtrealm, whr
-    
+
     //@Column(name = "Issuer", nullable = true, length = FIELD_LENGTH)
     protected String issuer;  //SAMLResponse issuer name
 
     // Should tokens be cached from trusted IDPs
     // to avoid redirection to the trusted IDP again for next SignIn request
     protected boolean cacheTokens;
-    
+
     //Could be read from Metadata, PassiveRequestorEndpoint
     protected String url;
-    
+
     //Could be read from Metadata, md:KeyDescriptor, use="signing"
     //Store certificate in DB or filesystem, provide options?
     protected String certificate;
-    
+
     //Direct trust (signing cert imported), Indirect trust (CA certs imported, subject configured)
     protected TrustType trustType;
-    
+
     //Could be read from Metadata, RoleDescriptor protocolSupportEnumeration=
     // "http://docs.oasis-open.org/wsfed/federation/200706"
     // Metadata could provide more than one but one must be chosen
     protected String protocol;
-    
+
     //FederateIdentity, FederateClaims
     protected FederationType federationType;
-    
+
     //optional (to provide a list of IDPs)
     protected String name;
-    
+
     //optional (to provide a list of IDPs)
     protected String description;
-    
+
     //optional (to provide a list of IDPs)
     protected String logo;
-    
+
     // Additional (possibly protocol specific parameters)
     protected Map<String, String> parameters = new HashMap<>();
 
-    
+
     @XmlAttribute
     public int getId() {
         return id;
@@ -86,15 +86,15 @@ public class TrustedIdp implements Serializable {
     public void setId(int id) {
         this.id = id;
     }
-    
+
     public String getIssuer() {
         return issuer;
     }
-    
+
     public void setIssuer(String issuer) {
         this.issuer = issuer;
     }
-    
+
     public String getRealm() {
         return realm;
     }
@@ -182,6 +182,6 @@ public class TrustedIdp implements Serializable {
     public void setParameters(Map<String, String> parameters) {
         this.parameters = parameters;
     }
-               
+
 
 }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/KerberosAuthenticationProcessingFilter.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/KerberosAuthenticationProcessingFilter.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/KerberosAuthenticationProcessingFilter.java
index 8e39e85..5594b58 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/KerberosAuthenticationProcessingFilter.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/KerberosAuthenticationProcessingFilter.java
@@ -18,7 +18,7 @@
  */
 /*
  * Copyright 2002-2008 the original author or authors.
- * 
+ *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -68,7 +68,7 @@ import org.springframework.web.filter.GenericFilterBean;
  * @see KerberosEntryPoint
  */
 public class KerberosAuthenticationProcessingFilter extends GenericFilterBean {
-    private AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource = 
+    private AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource =
         new WebAuthenticationDetailsSource();
     private AuthenticationManager authenticationManager;
     private AuthenticationSuccessHandler successHandler;
@@ -81,7 +81,7 @@ public class KerberosAuthenticationProcessingFilter extends GenericFilterBean {
      * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest,
      * javax.servlet.ServletResponse, javax.servlet.FilterChain)
      */
-    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) 
+    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
         throws IOException, ServletException {
         HttpServletRequest request = (HttpServletRequest) req;
         HttpServletResponse response = (HttpServletResponse) res;

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/KerberosEntryPoint.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/KerberosEntryPoint.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/KerberosEntryPoint.java
index 457a60e..2115cb1 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/KerberosEntryPoint.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/KerberosEntryPoint.java
@@ -18,7 +18,7 @@
  */
 /*
  * Copyright 2009 the original author or authors.
- * 
+ *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -53,9 +53,9 @@ import org.springframework.security.web.AuthenticationEntryPoint;
 * @see KerberosAuthenticationProcessingFilter
 */
 public class KerberosEntryPoint implements AuthenticationEntryPoint {
-    
+
     private static final Log LOG = LogFactory.getLog(KerberosEntryPoint.class);
-    
+
     public void commence(HttpServletRequest request, HttpServletResponse response,
                          AuthenticationException ex) throws IOException, ServletException {
         if (LOG.isDebugEnabled()) {
@@ -65,6 +65,6 @@ public class KerberosEntryPoint implements AuthenticationEntryPoint {
         response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
         response.flushBuffer();
     }
-    
+
 }
 

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/KerberosServiceRequestToken.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/KerberosServiceRequestToken.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/KerberosServiceRequestToken.java
index 2aba9cf..b1a2cbf 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/KerberosServiceRequestToken.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/KerberosServiceRequestToken.java
@@ -18,7 +18,7 @@
  */
 /*
  * Copyright 2009 the original author or authors.
- * 
+ *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
@@ -56,15 +56,15 @@ public class KerberosServiceRequestToken extends AbstractAuthenticationToken {
     private static final long serialVersionUID = 395488921064775014L;
     private final byte[] token;
     private final Object principal;
-    
+
     /** Creates an authenticated token, normally used as an output of an authentication provider.
      * @param principal the user principal (mostly of instance <code>UserDetails</code>
      * @param authorities the authorities which are granted to the user
      * @param token the Kerberos/SPNEGO token
      * @see UserDetails
      */
-    public KerberosServiceRequestToken(Object principal, 
-                                       Collection<? extends GrantedAuthority> authorities, 
+    public KerberosServiceRequestToken(Object principal,
+                                       Collection<? extends GrantedAuthority> authorities,
                                        byte[] token) {
         super(authorities);
         if (token != null) {
@@ -75,7 +75,7 @@ public class KerberosServiceRequestToken extends AbstractAuthenticationToken {
         this.principal = principal;
         super.setAuthenticated(true);
     }
-    
+
     /**
      * Creates an unauthenticated instance which should then be authenticated by
      * <code>KerberosServiceAuthenticationProvider/code>
@@ -92,7 +92,7 @@ public class KerberosServiceRequestToken extends AbstractAuthenticationToken {
         }
         this.principal = null;
     }
-    
+
     /**
      * Calculates hashcode based on the Kerberos token
      */
@@ -103,7 +103,7 @@ public class KerberosServiceRequestToken extends AbstractAuthenticationToken {
         result = prime * result + Arrays.hashCode(token);
         return result;
     }
-    
+
     /**
      * equals() is based only on the Kerberos token
      */
@@ -124,21 +124,21 @@ public class KerberosServiceRequestToken extends AbstractAuthenticationToken {
         }
         return true;
     }
-    
+
     /* (non-Javadoc)
      * @see org.springframework.security.core.Authentication#getCredentials()
      */
     public Object getCredentials() {
         return null;
     }
-    
+
     /* (non-Javadoc)
      * @see org.springframework.security.core.Authentication#getPrincipal()
      */
     public Object getPrincipal() {
         return this.principal;
     }
-    
+
     /** Returns the Kerberos token
      */
     public byte[] getToken() {

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/KerberosTokenValidator.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/KerberosTokenValidator.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/KerberosTokenValidator.java
index c9b0cd7..6b25ac4 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/KerberosTokenValidator.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/KerberosTokenValidator.java
@@ -95,7 +95,7 @@ public class KerberosTokenValidator {
         return serviceName;
     }
 
-    public KerberosServiceContext validate(KerberosServiceRequestToken token) 
+    public KerberosServiceContext validate(KerberosServiceRequestToken token)
         throws LoginException, PrivilegedActionException {
         if (LOG.isDebugEnabled()) {
             try {
@@ -133,8 +133,8 @@ public class KerberosTokenValidator {
         }
 
         // Validate the ticket
-        KerberosServiceExceptionAction action = 
-            new KerberosServiceExceptionAction(token.getToken(), service, 
+        KerberosServiceExceptionAction action =
+            new KerberosServiceExceptionAction(token.getToken(), service,
                                                isUsernameServiceNameForm(), spnego);
         KerberosServiceContext krbServiceCtx = Subject.doAs(subject, action);
 
@@ -148,15 +148,15 @@ public class KerberosTokenValidator {
     /**
      * SPN can be configured to be in either <b>"hostbased"</b> or <b>"username"</b> form.<br/>
      *     - <b>"hostbased"</b> - specifies that the service principal name should be interpreted
-     *      as a "host-based" name as specified in GSS API Rfc, section "4.1: Host-Based Service 
+     *      as a "host-based" name as specified in GSS API Rfc, section "4.1: Host-Based Service
      *      Name Form" - The service name, as it is specified in LDAP/AD, as it is listed in the
      *      KDC.<br/>
      *     - <b>"username"</b> - specifies that the service principal name should be interpreted
-     *      as a "username" name as specified in GSS API Rfc, section "4.2: User Name Form" 
+     *      as a "username" name as specified in GSS API Rfc, section "4.2: User Name Form"
      *      This is usually the client username in LDAP/AD used for authentication to the KDC.
-     * 
+     *
      * <br/><br/>Default is <b>"hostbased"</b>.
-     * 
+     *
      * @return the isUsernameServiceNameForm
      */
     public boolean isUsernameServiceNameForm() {
@@ -166,9 +166,9 @@ public class KerberosTokenValidator {
     /**
      * If true - sets the SPN form to "username"
      * <br/>If false<b>(default)</b> - the SPN form is "hostbased"
-     * 
+     *
      * @see KerberosSecurity#retrieveServiceTicket(String, CallbackHandler, String, boolean)
-     * 
+     *
      * @param isUsernameServiceNameForm the isUsernameServiceNameForm to set
      */
     public void setUsernameServiceNameForm(boolean isUsernameServiceNameForm) {

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/PassThroughKerberosClient.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/PassThroughKerberosClient.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/PassThroughKerberosClient.java
index d75b812..012b6da 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/PassThroughKerberosClient.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/kerberos/PassThroughKerberosClient.java
@@ -31,12 +31,12 @@ import org.apache.wss4j.dom.message.token.KerberosSecurity;
 import org.apache.xml.security.utils.Base64;
 
 /**
- * Override the default CXF KerberosClient just to create a BinarySecurityToken from a 
- * give Kerberos token. This is used to pass a received Kerberos token through to the 
+ * Override the default CXF KerberosClient just to create a BinarySecurityToken from a
+ * give Kerberos token. This is used to pass a received Kerberos token through to the
  * STS, without retrieving a new token.
  */
 public class PassThroughKerberosClient extends KerberosClient {
-    
+
     private byte[] token;
 
     public PassThroughKerberosClient() {
@@ -50,7 +50,7 @@ public class PassThroughKerberosClient extends KerberosClient {
         bst.setToken(token);
         bst.addWSUNamespace();
         bst.setID(WSSConfig.getNewInstance().getIdAllocator().createSecureId("BST-", bst));
-        
+
         SecurityToken securityToken = new SecurityToken(bst.getID());
         securityToken.setToken(bst.getElement());
         securityToken.setWsuId(bst.getID());

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/metadata/IdpMetadataWriter.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/metadata/IdpMetadataWriter.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/metadata/IdpMetadataWriter.java
index 7c5baec..d3f59d8 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/metadata/IdpMetadataWriter.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/metadata/IdpMetadataWriter.java
@@ -43,9 +43,9 @@ import static org.apache.cxf.fediz.core.FedizConstants.WS_ADDRESSING_NS;
 import static org.apache.cxf.fediz.core.FedizConstants.WS_FEDERATION_NS;
 
 public class IdpMetadataWriter {
-    
+
     private static final Logger LOG = LoggerFactory.getLogger(IdpMetadataWriter.class);
-    
+
     //CHECKSTYLE:OFF
     public Document getMetaData(Idp config) throws RuntimeException {
         try {
@@ -83,7 +83,7 @@ public class IdpMetadataWriter {
                 LOG.debug("***************** unsigned ****************");
             }
 
-            Document result = SignatureUtils.signMetaInfo(crypto, null, config.getCertificatePassword(), 
+            Document result = SignatureUtils.signMetaInfo(crypto, null, config.getCertificatePassword(),
                                                           writer.getDocument(), referenceID);
             if (result != null) {
                 return result;
@@ -96,7 +96,7 @@ public class IdpMetadataWriter {
         }
 
     }
-    
+
     private void writeFederationMetadata(
         XMLStreamWriter writer, Idp config, Crypto crypto
     ) throws XMLStreamException {
@@ -176,5 +176,5 @@ public class IdpMetadataWriter {
         writer.writeEndElement(); // RoleDescriptor
     }
 
- 
+
 }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/metadata/ServiceMetadataWriter.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/metadata/ServiceMetadataWriter.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/metadata/ServiceMetadataWriter.java
index 3118d8f..815edf0 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/metadata/ServiceMetadataWriter.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/metadata/ServiceMetadataWriter.java
@@ -46,7 +46,7 @@ import static org.apache.cxf.fediz.core.FedizConstants.WS_ADDRESSING_NS;
 import static org.apache.cxf.fediz.core.FedizConstants.WS_FEDERATION_NS;
 
 public class ServiceMetadataWriter {
-    
+
     private static final Logger LOG = LoggerFactory.getLogger(ServiceMetadataWriter.class);
 
     //CHECKSTYLE:OFF
@@ -54,7 +54,7 @@ public class ServiceMetadataWriter {
 
         try {
             Crypto crypto = CertsUtils.getCryptoFromFile(config.getCertificate());
-            
+
             W3CDOMStreamWriter writer = new W3CDOMStreamWriter();
 
             writer.writeStartDocument("UTF-8", "1.0");
@@ -62,10 +62,10 @@ public class ServiceMetadataWriter {
             String referenceID = IDGenerator.generateID("_");
             writer.writeStartElement("md", "EntityDescriptor", SAML2_METADATA_NS);
             writer.writeAttribute("ID", referenceID);
-            
+
             String serviceURL = config.getIdpUrl().toString();
             writer.writeAttribute("entityID", config.getRealm());
-            
+
             writer.writeNamespace("md", SAML2_METADATA_NS);
             writer.writeNamespace("fed", WS_FEDERATION_NS);
             writer.writeNamespace("wsa", WS_ADDRESSING_NS);
@@ -77,11 +77,11 @@ public class ServiceMetadataWriter {
             } else if ("urn:oasis:names:tc:SAML:2.0:profiles:SSO:browser".equals(serviceConfig.getProtocol())) {
                 writeSAMLMetadata(writer, serviceConfig, serviceURL, crypto);
             }
-            
+
             writer.writeEndElement(); // EntityDescriptor
 
             writer.writeEndDocument();
-            
+
             writer.close();
 
             if (LOG.isDebugEnabled()) {
@@ -91,7 +91,7 @@ public class ServiceMetadataWriter {
                 LOG.debug("***************** unsigned ****************");
             }
 
-            Document result = SignatureUtils.signMetaInfo(crypto, null, config.getCertificatePassword(), 
+            Document result = SignatureUtils.signMetaInfo(crypto, null, config.getCertificatePassword(),
                                                           writer.getDocument(), referenceID);
             if (result != null) {
                 return result;
@@ -108,7 +108,7 @@ public class ServiceMetadataWriter {
     }
 
     private void writeFederationMetadata(
-        XMLStreamWriter writer, 
+        XMLStreamWriter writer,
         TrustedIdp config,
         String serviceURL
     ) throws XMLStreamException {
@@ -122,7 +122,7 @@ public class ServiceMetadataWriter {
 
         writer.writeStartElement("wsa", "Address", WS_ADDRESSING_NS);
         writer.writeCharacters(serviceURL);
-        
+
         writer.writeEndElement(); // Address
         writer.writeEndElement(); // EndpointReference
         writer.writeEndElement(); // ApplicationServiceEndpoint
@@ -146,68 +146,68 @@ public class ServiceMetadataWriter {
         writer.writeEndElement(); // PassiveRequestorEndpoint
         writer.writeEndElement(); // RoleDescriptor
     }
-    
+
     private void writeSAMLMetadata(
-        XMLStreamWriter writer, 
+        XMLStreamWriter writer,
         TrustedIdp config,
         String serviceURL,
         Crypto crypto
     ) throws Exception {
-        
+
         writer.writeStartElement("md", "SPSSODescriptor", SAML2_METADATA_NS);
-        boolean signRequest = 
+        boolean signRequest =
             isPropertyConfigured(config, TrustedIdpSAMLProtocolHandler.SIGN_REQUEST, true);
         writer.writeAttribute("AuthnRequestsSigned", Boolean.toString(signRequest));
         writer.writeAttribute("WantAssertionsSigned", "true");
         writer.writeAttribute("protocolSupportEnumeration", "urn:oasis:names:tc:SAML:2.0:protocol");
-        
+
         writer.writeStartElement("md", "AssertionConsumerService", SAML2_METADATA_NS);
         writer.writeAttribute("Location", serviceURL);
         writer.writeAttribute("index", "0");
         writer.writeAttribute("isDefault", "true");
         writer.writeAttribute("Binding", "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
         writer.writeEndElement(); // AssertionConsumerService
-        
+
         if (signRequest) {
             writer.writeStartElement("md", "KeyDescriptor", SAML2_METADATA_NS);
             writer.writeAttribute("use", "signing");
-            
+
             writer.writeStartElement("ds", "KeyInfo", "http://www.w3.org/2000/09/xmldsig#");
             writer.writeNamespace("ds", "http://www.w3.org/2000/09/xmldsig#");
             writer.writeStartElement("ds", "X509Data", "http://www.w3.org/2000/09/xmldsig#");
             writer.writeStartElement("ds", "X509Certificate", "http://www.w3.org/2000/09/xmldsig#");
 
             // Write the Base-64 encoded certificate
-            
+
             String keyAlias = crypto.getDefaultX509Identifier();
             X509Certificate cert = CertsUtils.getX509CertificateFromCrypto(crypto, keyAlias);
-            
+
             if (cert == null) {
                 throw new ProcessingException(
-                    "No signing certs were found to insert into the metadata using name: " 
+                    "No signing certs were found to insert into the metadata using name: "
                         + keyAlias);
             }
             byte data[] = cert.getEncoded();
             String encodedCertificate = Base64.encode(data);
             writer.writeCharacters(encodedCertificate);
-            
+
             writer.writeEndElement(); // X509Certificate
             writer.writeEndElement(); // X509Data
             writer.writeEndElement(); // KeyInfo
             writer.writeEndElement(); // KeyDescriptor
         }
-        
+
         writer.writeEndElement(); // SPSSODescriptor
     }
-    
+
     // Is a property configured. Defaults to "true" if not
     private boolean isPropertyConfigured(TrustedIdp trustedIdp, String property, boolean defaultValue) {
         Map<String, String> parameters = trustedIdp.getParameters();
-        
+
         if (parameters != null && parameters.containsKey(property)) {
             return Boolean.parseBoolean(parameters.get(property));
         }
-        
+
         return defaultValue;
     }
 

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/model/IDPConfig.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/model/IDPConfig.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/model/IDPConfig.java
index 9b9c5cd..8ffa6a9 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/model/IDPConfig.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/model/IDPConfig.java
@@ -32,11 +32,11 @@ public class IDPConfig extends Idp {
     public void setServices(Map<String, Application> applications) {
         this.applications = new ArrayList<>(applications.values());
     }
-    
+
     public void setTrustedIdps(Map<String, TrustedIDPConfig> trustedIdps) {
         this.trustedIdpList = new ArrayList<TrustedIdp>(trustedIdps.values());
     }
-    
+
     @Deprecated
     public void setTrustedIDPs(Map<String, TrustedIDPConfig> trustedIdps) {
         setTrustedIdps(trustedIdps);

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/model/RequestClaim.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/model/RequestClaim.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/model/RequestClaim.java
index 6fd3d05..cf6a67f 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/model/RequestClaim.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/model/RequestClaim.java
@@ -20,7 +20,7 @@ package org.apache.cxf.fediz.service.idp.model;
 
 //@XmlRootElement(name = "Claim", namespace = "http://org.apache.cxf.fediz")
 public class RequestClaim extends org.apache.cxf.fediz.service.idp.domain.RequestClaim {
-    
+
     private static final long serialVersionUID = 2635896159019665467L;
-    
+
 }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/model/ServiceConfig.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/model/ServiceConfig.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/model/ServiceConfig.java
index fdae8f5..3bd27e1 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/model/ServiceConfig.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/model/ServiceConfig.java
@@ -29,7 +29,7 @@ import org.apache.cxf.fediz.service.idp.domain.Application;
 //@Table(name = "SERVICE")
 //@XmlRootElement(name = "Service", namespace = "http://org.apache.cxf.fediz")
 public class ServiceConfig extends Application {
-        
-    private static final long serialVersionUID = 585676715065240699L;       
+
+    private static final long serialVersionUID = 585676715065240699L;
 
 }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/model/TrustedIDPSelection.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/model/TrustedIDPSelection.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/model/TrustedIDPSelection.java
index 44cb3a2..4797c74 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/model/TrustedIDPSelection.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/model/TrustedIDPSelection.java
@@ -23,7 +23,7 @@ import java.io.Serializable;
 public class TrustedIDPSelection implements Serializable {
 
     private static final long serialVersionUID = 1L;
-    
+
     private String homeRealm;
 
     public String getHomeRealm() {

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/AbstractTrustedIdpOAuth2ProtocolHandler.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/AbstractTrustedIdpOAuth2ProtocolHandler.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/AbstractTrustedIdpOAuth2ProtocolHandler.java
index 84a70ca..f5182c8 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/AbstractTrustedIdpOAuth2ProtocolHandler.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/AbstractTrustedIdpOAuth2ProtocolHandler.java
@@ -48,42 +48,42 @@ import org.slf4j.LoggerFactory;
 import org.springframework.webflow.execution.RequestContext;
 
 public abstract class AbstractTrustedIdpOAuth2ProtocolHandler extends AbstractTrustedIdpProtocolHandler {
-    
+
     /**
      * The client_id value to send to the IdP.
      */
     public static final String CLIENT_ID = "client.id";
-    
+
     /**
      * The secret associated with the client to authenticate to the IdP.
      */
     public static final String CLIENT_SECRET = "client.secret";
-    
+
     /**
      * The Token endpoint. The authorization endpoint is specified by TrustedIdp.url.
      */
     public static final String TOKEN_ENDPOINT = "token.endpoint";
-    
+
     /**
      * Additional (space-separated) parameters to be sent in the "scope" to the authorization endpoint.
      * The default value depends on the subclass.
      */
     public static final String SCOPE = "scope";
-    
+
     private static final Logger LOG = LoggerFactory.getLogger(AbstractTrustedIdpOAuth2ProtocolHandler.class);
 
     @Override
     public URL mapSignInRequest(RequestContext context, Idp idp, TrustedIdp trustedIdp) {
-        
+
         String clientId = getProperty(trustedIdp, CLIENT_ID);
         if (clientId == null || clientId.isEmpty()) {
             LOG.warn("A CLIENT_ID must be configured for OAuth 2.0");
             throw new IllegalStateException("No CLIENT_ID specified");
         }
-        
+
         String scope = getScope(trustedIdp);
         LOG.debug("Using scope: {}", scope);
-        
+
         try {
             StringBuilder sb = new StringBuilder();
             sb.append(trustedIdp.getUrl());
@@ -99,11 +99,11 @@ public abstract class AbstractTrustedIdpOAuth2ProtocolHandler extends AbstractTr
             sb.append("&");
             sb.append("scope").append('=');
             sb.append(URLEncoder.encode(scope, "UTF-8"));
-            
+
             String state = context.getFlowScope().getString(IdpConstants.TRUSTED_IDP_CONTEXT);
             sb.append("&").append("state").append('=');
             sb.append(state);
-            
+
             return new URL(sb.toString());
         } catch (MalformedURLException ex) {
             LOG.error("Invalid Redirect URL for Trusted Idp", ex);
@@ -113,7 +113,7 @@ public abstract class AbstractTrustedIdpOAuth2ProtocolHandler extends AbstractTr
             throw new IllegalStateException("Invalid Redirect URL for Trusted Idp");
         }
     }
-    
+
     protected SamlAssertionWrapper createSamlAssertion(Idp idp, TrustedIdp trustedIdp, String subjectName,
                                                      Date notBefore,
                                                      Date expires) throws Exception {
@@ -125,12 +125,12 @@ public abstract class AbstractTrustedIdpOAuth2ProtocolHandler extends AbstractTr
         if (issuer != null) {
             callbackHandler.setIssuer(issuer);
         }
-        
+
         // Subject
         SubjectBean subjectBean =
             new SubjectBean(subjectName, SAML2Constants.NAMEID_FORMAT_UNSPECIFIED, SAML2Constants.CONF_BEARER);
         callbackHandler.setSubjectBean(subjectBean);
-        
+
         // Conditions
         ConditionsBean conditionsBean = new ConditionsBean();
         conditionsBean.setNotAfter(new DateTime(expires));
@@ -141,45 +141,45 @@ public abstract class AbstractTrustedIdpOAuth2ProtocolHandler extends AbstractTr
             conditionsBean.setNotBefore(new DateTime());
         }
         callbackHandler.setConditionsBean(conditionsBean);
-        
+
         SAMLCallback samlCallback = new SAMLCallback();
         SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
-        
+
         SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
-        
+
         Crypto crypto = CertsUtils.getCryptoFromCertificate(idp.getCertificate());
-        assertion.signAssertion(crypto.getDefaultX509Identifier(), idp.getCertificatePassword(), 
+        assertion.signAssertion(crypto.getDefaultX509Identifier(), idp.getCertificatePassword(),
                                 crypto, false);
-        
+
         return assertion;
     }
-    
+
     private static class SamlCallbackHandler implements CallbackHandler {
         private ConditionsBean conditionsBean;
         private SubjectBean subjectBean;
         private String issuer;
-        
+
         /**
          * Set the SubjectBean
          */
         public void setSubjectBean(SubjectBean subjectBean) {
             this.subjectBean = subjectBean;
         }
-        
+
         /**
          * Set the ConditionsBean
          */
         public void setConditionsBean(ConditionsBean conditionsBean) {
             this.conditionsBean = conditionsBean;
         }
-        
+
         /**
          * Set the issuer name
          */
         public void setIssuer(String issuerName) {
             this.issuer = issuerName;
         }
-        
+
         public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
             for (Callback callback : callbacks) {
                 if (callback instanceof SAMLCallback) {
@@ -190,7 +190,7 @@ public abstract class AbstractTrustedIdpOAuth2ProtocolHandler extends AbstractTr
                         samlCallback.setSubject(subjectBean);
                     }
                     samlCallback.setSamlVersion(Version.SAML_20);
-                    
+
                     // Set the issuer
                     samlCallback.setIssuer(issuer);
 
@@ -199,9 +199,9 @@ public abstract class AbstractTrustedIdpOAuth2ProtocolHandler extends AbstractTr
                 }
             }
         }
-        
+
     }
-    
+
     abstract String getScope(TrustedIdp trustedIdp);
 
 }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/AbstractTrustedIdpProtocolHandler.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/AbstractTrustedIdpProtocolHandler.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/AbstractTrustedIdpProtocolHandler.java
index 2329eb2..c1e9c2c 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/AbstractTrustedIdpProtocolHandler.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/AbstractTrustedIdpProtocolHandler.java
@@ -27,7 +27,7 @@ import org.apache.cxf.fediz.service.idp.domain.TrustedIdp;
 import org.apache.cxf.fediz.service.idp.spi.TrustedIdpProtocolHandler;
 
 public abstract class AbstractTrustedIdpProtocolHandler implements TrustedIdpProtocolHandler {
-    
+
     @Override
     public boolean canHandleRequest(HttpServletRequest request) {
         // TODO Auto-generated method stub
@@ -36,23 +36,23 @@ public abstract class AbstractTrustedIdpProtocolHandler implements TrustedIdpPro
 
     protected String getProperty(TrustedIdp trustedIdp, String property) {
         Map<String, String> parameters = trustedIdp.getParameters();
-        
+
         if (parameters != null && parameters.containsKey(property)) {
             return parameters.get(property);
         }
-        
+
         return null;
     }
-    
+
     // Is a property configured. Defaults to the boolean "defaultValue" if not
     protected boolean isBooleanPropertyConfigured(TrustedIdp trustedIdp, String property, boolean defaultValue) {
         Map<String, String> parameters = trustedIdp.getParameters();
-        
+
         if (parameters != null && parameters.containsKey(property)) {
             return Boolean.parseBoolean(parameters.get(property));
         }
-        
+
         return defaultValue;
     }
-    
+
 }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/ApplicationProtocolControllerImpl.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/ApplicationProtocolControllerImpl.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/ApplicationProtocolControllerImpl.java
index c2be3eb..55e8b9a 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/ApplicationProtocolControllerImpl.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/ApplicationProtocolControllerImpl.java
@@ -33,10 +33,10 @@ import org.springframework.stereotype.Component;
 public class ApplicationProtocolControllerImpl implements ProtocolController<ApplicationProtocolHandler> {
 
     private static final Logger LOG = LoggerFactory.getLogger(ApplicationProtocolControllerImpl.class);
-    
+
     @Autowired
     private List<ApplicationProtocolHandler> protocolHandlers;
-    
+
     @Override
     public ApplicationProtocolHandler getProtocolHandler(String protocol) {
         for (ApplicationProtocolHandler protocolHandler : protocolHandlers) {
@@ -47,7 +47,7 @@ public class ApplicationProtocolControllerImpl implements ProtocolController<App
         LOG.warn("No protocol handler found for {}", protocol);
         return null;
     }
-    
+
     @Override
     public List<String> getProtocols() {
         List<String> protocols = new ArrayList<>();

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/ApplicationSAMLSSOProtocolHandler.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/ApplicationSAMLSSOProtocolHandler.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/ApplicationSAMLSSOProtocolHandler.java
index ebab362..5d7307a 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/ApplicationSAMLSSOProtocolHandler.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/ApplicationSAMLSSOProtocolHandler.java
@@ -28,7 +28,7 @@ import org.springframework.webflow.execution.RequestContext;
 
 @Component
 public class ApplicationSAMLSSOProtocolHandler implements ApplicationProtocolHandler {
-    
+
     public static final String PROTOCOL = "urn:oasis:names:tc:SAML:2.0:profiles:SSO:browser";
 
     //private static final Logger LOG = LoggerFactory.getLogger(ApplicationWSFedProtocolHandler.class);

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/2ca31863/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/ApplicationWSFedProtocolHandler.java
----------------------------------------------------------------------
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/ApplicationWSFedProtocolHandler.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/ApplicationWSFedProtocolHandler.java
index 2024e3d..d583823 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/ApplicationWSFedProtocolHandler.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/protocols/ApplicationWSFedProtocolHandler.java
@@ -28,7 +28,7 @@ import org.springframework.webflow.execution.RequestContext;
 
 @Component
 public class ApplicationWSFedProtocolHandler implements ApplicationProtocolHandler {
-    
+
     public static final String PROTOCOL = "http://docs.oasis-open.org/wsfed/federation/200706";
 
     //private static final Logger LOG = LoggerFactory.getLogger(ApplicationWSFedProtocolHandler.class);


Mime
View raw message