cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf-fediz git commit: FEDIZ-189 - Add support for absolute URLs in the logoutRedirectTo parameter
Date Fri, 10 Feb 2017 12:27:56 GMT
Repository: cxf-fediz
Updated Branches:
  refs/heads/1.3.x-fixes a838de5a2 -> dda42595e


FEDIZ-189 - Add support for absolute URLs in the logoutRedirectTo parameter


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/dda42595
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/dda42595
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/dda42595

Branch: refs/heads/1.3.x-fixes
Commit: dda42595e51ab8d21ddfe07da115ccfbc2755c48
Parents: a838de5
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Fri Feb 10 12:08:20 2017 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Fri Feb 10 12:27:50 2017 +0000

----------------------------------------------------------------------
 .../core/processor/FederationProcessorImpl.java | 28 +++++++++-------
 .../core/federation/FederationLogoutTest.java   | 24 ++++++++++++++
 .../test/resources/fediz_test_config_logout.xml | 34 ++++++++++++++++++++
 3 files changed, 74 insertions(+), 12 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/dda42595/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
index 1a70d2b..67e0108 100644
--- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
+++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
@@ -518,22 +518,26 @@ public class FederationProcessorImpl extends AbstractFedizProcessor
{
                     }
                 }
             }
-            
-            if (logoutRedirectTo == null || logoutRedirectTo.isEmpty()) {
-                logoutRedirectTo = config.getLogoutRedirectTo();
-            }
-            
-            if (logoutRedirectTo != null && !logoutRedirectTo.isEmpty()) {
-    
-                if (logoutRedirectTo.startsWith("/")) {
-                    logoutRedirectTo = extractFullContextPath(request).concat(logoutRedirectTo.substring(1));
-                } else {
-                    logoutRedirectTo = extractFullContextPath(request).concat(logoutRedirectTo);
-                }
 
+            if (logoutRedirectTo != null && !logoutRedirectTo.isEmpty()) {
                 LOG.debug("wreply={}", logoutRedirectTo);
                 sb.append('&').append(FederationConstants.PARAM_REPLY).append('=');
                 sb.append(URLEncoder.encode(logoutRedirectTo, "UTF-8"));
+            } else {
+                logoutRedirectTo = config.getLogoutRedirectTo();
+                if (logoutRedirectTo != null && !logoutRedirectTo.isEmpty()) {
+    
+                    if (logoutRedirectTo.startsWith("/")) {
+                        logoutRedirectTo = extractFullContextPath(request).concat(logoutRedirectTo.substring(1));
+                    } else if (!logoutRedirectTo.startsWith("http") && !logoutRedirectTo.startsWith("https"))
{
+                        logoutRedirectTo = extractFullContextPath(request).concat(logoutRedirectTo);
+                    }
+    
+                    LOG.debug("wreply={}", logoutRedirectTo);
+                    sb.append('&').append(FederationConstants.PARAM_REPLY).append('=');
+                    sb.append(URLEncoder.encode(logoutRedirectTo, "UTF-8"));
+                }
+>>>>>>> f7380a4... FEDIZ-189 - Add support for absolute URLs in the
logoutRedirectTo parameter
             }
 
             redirectURL = redirectURL + "?" + sb.toString();

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/dda42595/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java
b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java
index ee6775e..f1d1c44 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java
@@ -186,6 +186,30 @@ public class FederationLogoutTest {
     }
     
     @org.junit.Test
+    public void testSignoutWithAbsoluteURL() throws Exception {
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT4");
+        
+        HttpServletRequest req = EasyMock.createMock(HttpServletRequest.class);
+        EasyMock.expect(req.getParameter(FederationConstants.PARAM_ACTION)).andReturn(null).anyTimes();
+        EasyMock.expect(req.getParameter(FederationConstants.PARAM_REPLY)).andReturn(null);
+        EasyMock.expect(req.getRequestURL()).andReturn(new StringBuffer(LOGOUT_URL));
+        EasyMock.expect(req.getRequestURI()).andReturn(LOGOUT_URI);
+        EasyMock.expect(req.getContextPath()).andReturn(LOGOUT_URI);
+        EasyMock.replay(req);
+        
+        LogoutHandler logoutHandler = new LogoutHandler(config);
+        Assert.assertTrue(logoutHandler.canHandleRequest(req));
+        
+        HttpServletResponse resp = EasyMock.createMock(HttpServletResponse.class);
+        String expectedRedirectToIdP = 
+            "http://url_to_the_issuer?wa=wsignout1.0&wreply=https%3A%2F%2Flocalhost%2Fsecure%2Flogout%2Findex.html";
+        resp.sendRedirect(expectedRedirectToIdP);
+        EasyMock.expectLastCall();
+        EasyMock.replay(resp);
+        logoutHandler.handleRequest(req, resp);
+    }
+    
+    @org.junit.Test
     public void testSignoutAction() throws Exception {
         FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
         

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/dda42595/plugins/core/src/test/resources/fediz_test_config_logout.xml
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/resources/fediz_test_config_logout.xml b/plugins/core/src/test/resources/fediz_test_config_logout.xml
index 030281e..f3a9bd1 100644
--- a/plugins/core/src/test/resources/fediz_test_config_logout.xml
+++ b/plugins/core/src/test/resources/fediz_test_config_logout.xml
@@ -85,4 +85,38 @@
         <logoutRedirectTo>/index.html</logoutRedirectTo>
 	</contextConfig>
 	
+	<contextConfig name="ROOT4">
+		<audienceUris>
+			<audienceItem>http://host_one:port/url</audienceItem>
+		</audienceUris>
+		<certificateStores>
+			<trustManager>
+				<keyStore file="ststrust.jks" password="storepass"
+					type="JKS" />
+			</trustManager>		
+		</certificateStores>
+		<trustedIssuers>
+			<issuer certificateValidation="PeerTrust" />
+		</trustedIssuers>
+
+		<maximumClockSkew>1000</maximumClockSkew>
+		<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+			xsi:type="federationProtocolType" version="1.2">
+			<realm>target realm</realm>
+			<issuer>http://url_to_the_issuer</issuer>
+			<roleDelimiter>;</roleDelimiter>
+			<roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
+			<authenticationType value="some auth type" type="String" />
+			<freshness>10000</freshness>
+			<reply>reply value</reply>
+			<request>REQUEST</request>
+			<claimTypesRequested>
+				<claimType type="a particular claim type" optional="true" />
+			</claimTypesRequested>
+		</protocol>
+		<logoutURL>secure/logout</logoutURL>
+        <logoutRedirectTo>https://localhost/secure/logout/index.html</logoutRedirectTo>
+        <logoutRedirectToConstraint>.*wreply.html</logoutRedirectToConstraint>
+	</contextConfig>
+	
 </FedizConfig>


Mime
View raw message