cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf-fediz git commit: FEDIZ-189 - Add support for absolute URLs in the logoutRedirectTo parameter
Date Fri, 10 Feb 2017 12:23:12 GMT
Repository: cxf-fediz
Updated Branches:
  refs/heads/master 2bcb3b328 -> f7380a4ad


FEDIZ-189 - Add support for absolute URLs in the logoutRedirectTo parameter


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/f7380a4a
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/f7380a4a
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/f7380a4a

Branch: refs/heads/master
Commit: f7380a4adae3dd8499328243d54de3763b51fe90
Parents: 2bcb3b3
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Fri Feb 10 12:08:20 2017 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Fri Feb 10 12:08:20 2017 +0000

----------------------------------------------------------------------
 .../core/processor/FederationProcessorImpl.java |  2 +-
 .../core/federation/FederationLogoutTest.java   | 24 ++++++++++++++
 .../test/resources/fediz_test_config_logout.xml | 34 ++++++++++++++++++++
 3 files changed, 59 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f7380a4a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
index 88e8da1..41a0865 100644
--- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
+++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
@@ -531,7 +531,7 @@ public class FederationProcessorImpl extends AbstractFedizProcessor {
     
                     if (logoutRedirectTo.startsWith("/")) {
                         logoutRedirectTo = extractFullContextPath(request).concat(logoutRedirectTo.substring(1));
-                    } else {
+                    } else if (!logoutRedirectTo.startsWith("http") && !logoutRedirectTo.startsWith("https"))
{
                         logoutRedirectTo = extractFullContextPath(request).concat(logoutRedirectTo);
                     }
     

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f7380a4a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java
b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java
index 67c01a5..09842dd 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java
@@ -185,6 +185,30 @@ public class FederationLogoutTest {
     }
     
     @org.junit.Test
+    public void testSignoutWithAbsoluteURL() throws Exception {
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT4");
+        
+        HttpServletRequest req = EasyMock.createMock(HttpServletRequest.class);
+        EasyMock.expect(req.getParameter(FederationConstants.PARAM_ACTION)).andReturn(null).anyTimes();
+        EasyMock.expect(req.getParameter(FederationConstants.PARAM_REPLY)).andReturn(null);
+        EasyMock.expect(req.getRequestURL()).andReturn(new StringBuffer(LOGOUT_URL));
+        EasyMock.expect(req.getRequestURI()).andReturn(LOGOUT_URI);
+        EasyMock.expect(req.getContextPath()).andReturn(LOGOUT_URI);
+        EasyMock.replay(req);
+        
+        LogoutHandler logoutHandler = new LogoutHandler(config);
+        Assert.assertTrue(logoutHandler.canHandleRequest(req));
+        
+        HttpServletResponse resp = EasyMock.createMock(HttpServletResponse.class);
+        String expectedRedirectToIdP = 
+            "http://url_to_the_issuer?wa=wsignout1.0&wreply=https%3A%2F%2Flocalhost%2Fsecure%2Flogout%2Findex.html";
+        resp.sendRedirect(expectedRedirectToIdP);
+        EasyMock.expectLastCall();
+        EasyMock.replay(resp);
+        logoutHandler.handleRequest(req, resp);
+    }
+    
+    @org.junit.Test
     public void testSignoutAction() throws Exception {
         FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
         

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f7380a4a/plugins/core/src/test/resources/fediz_test_config_logout.xml
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/resources/fediz_test_config_logout.xml b/plugins/core/src/test/resources/fediz_test_config_logout.xml
index 8e8f5c0..0c7831e 100644
--- a/plugins/core/src/test/resources/fediz_test_config_logout.xml
+++ b/plugins/core/src/test/resources/fediz_test_config_logout.xml
@@ -120,4 +120,38 @@
         <logoutRedirectToConstraint>.*wreply.html</logoutRedirectToConstraint>
 	</contextConfig>
 	
+	<contextConfig name="ROOT4">
+		<audienceUris>
+			<audienceItem>http://host_one:port/url</audienceItem>
+		</audienceUris>
+		<certificateStores>
+			<trustManager>
+				<keyStore file="ststrust.jks" password="storepass"
+					type="JKS" />
+			</trustManager>		
+		</certificateStores>
+		<trustedIssuers>
+			<issuer certificateValidation="PeerTrust" />
+		</trustedIssuers>
+
+		<maximumClockSkew>1000</maximumClockSkew>
+		<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+			xsi:type="federationProtocolType" version="1.2">
+			<realm>target realm</realm>
+			<issuer>http://url_to_the_issuer</issuer>
+			<roleDelimiter>;</roleDelimiter>
+			<roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
+			<authenticationType value="some auth type" type="String" />
+			<freshness>10000</freshness>
+			<reply>reply value</reply>
+			<request>REQUEST</request>
+			<claimTypesRequested>
+				<claimType type="a particular claim type" optional="true" />
+			</claimTypesRequested>
+		</protocol>
+		<logoutURL>secure/logout</logoutURL>
+        <logoutRedirectTo>https://localhost/secure/logout/index.html</logoutRedirectTo>
+        <logoutRedirectToConstraint>.*wreply.html</logoutRedirectToConstraint>
+	</contextConfig>
+	
 </FedizConfig>


Mime
View raw message