From commits-return-45038-apmail-cxf-commits-archive=cxf.apache.org@cxf.apache.org  Fri Feb 10 12:23:13 2017
Return-Path: <commits-return-45038-apmail-cxf-commits-archive=cxf.apache.org@cxf.apache.org>
X-Original-To: apmail-cxf-commits-archive@www.apache.org
Delivered-To: apmail-cxf-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 3C5191914C
	for <apmail-cxf-commits-archive@www.apache.org>; Fri, 10 Feb 2017 12:23:13 +0000 (UTC)
Received: (qmail 34357 invoked by uid 500); 10 Feb 2017 12:23:13 -0000
Delivered-To: apmail-cxf-commits-archive@cxf.apache.org
Received: (qmail 34292 invoked by uid 500); 10 Feb 2017 12:23:13 -0000
Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@cxf.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@cxf.apache.org>
List-Post: <mailto:commits@cxf.apache.org>
List-Id: <commits.cxf.apache.org>
Reply-To: dev@cxf.apache.org
Delivered-To: mailing list commits@cxf.apache.org
Received: (qmail 34283 invoked by uid 99); 10 Feb 2017 12:23:13 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 10 Feb 2017 12:23:13 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33)
	id DB8E8DFA3D; Fri, 10 Feb 2017 12:23:12 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: coheigea@apache.org
To: commits@cxf.apache.org
Message-Id: <413bc50b4bbf4b2789d32a84dca3b5e6@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: cxf-fediz git commit: FEDIZ-189 - Add support for absolute URLs in
 the logoutRedirectTo parameter
Date: Fri, 10 Feb 2017 12:23:12 +0000 (UTC)

Repository: cxf-fediz
Updated Branches:
  refs/heads/master 2bcb3b328 -> f7380a4ad


FEDIZ-189 - Add support for absolute URLs in the logoutRedirectTo parameter


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/f7380a4a
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/f7380a4a
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/f7380a4a

Branch: refs/heads/master
Commit: f7380a4adae3dd8499328243d54de3763b51fe90
Parents: 2bcb3b3
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Fri Feb 10 12:08:20 2017 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Fri Feb 10 12:08:20 2017 +0000

----------------------------------------------------------------------
 .../core/processor/FederationProcessorImpl.java |  2 +-
 .../core/federation/FederationLogoutTest.java   | 24 ++++++++++++++
 .../test/resources/fediz_test_config_logout.xml | 34 ++++++++++++++++++++
 3 files changed, 59 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f7380a4a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
index 88e8da1..41a0865 100644
--- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
+++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
@@ -531,7 +531,7 @@ public class FederationProcessorImpl extends AbstractFedizProcessor {
     
                     if (logoutRedirectTo.startsWith("/")) {
                         logoutRedirectTo = extractFullContextPath(request).concat(logoutRedirectTo.substring(1));
-                    } else {
+                    } else if (!logoutRedirectTo.startsWith("http") && !logoutRedirectTo.startsWith("https")) {
                         logoutRedirectTo = extractFullContextPath(request).concat(logoutRedirectTo);
                     }
     

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f7380a4a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java
index 67c01a5..09842dd 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java
@@ -185,6 +185,30 @@ public class FederationLogoutTest {
     }
     
     @org.junit.Test
+    public void testSignoutWithAbsoluteURL() throws Exception {
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT4");
+        
+        HttpServletRequest req = EasyMock.createMock(HttpServletRequest.class);
+        EasyMock.expect(req.getParameter(FederationConstants.PARAM_ACTION)).andReturn(null).anyTimes();
+        EasyMock.expect(req.getParameter(FederationConstants.PARAM_REPLY)).andReturn(null);
+        EasyMock.expect(req.getRequestURL()).andReturn(new StringBuffer(LOGOUT_URL));
+        EasyMock.expect(req.getRequestURI()).andReturn(LOGOUT_URI);
+        EasyMock.expect(req.getContextPath()).andReturn(LOGOUT_URI);
+        EasyMock.replay(req);
+        
+        LogoutHandler logoutHandler = new LogoutHandler(config);
+        Assert.assertTrue(logoutHandler.canHandleRequest(req));
+        
+        HttpServletResponse resp = EasyMock.createMock(HttpServletResponse.class);
+        String expectedRedirectToIdP = 
+            "http://url_to_the_issuer?wa=wsignout1.0&wreply=https%3A%2F%2Flocalhost%2Fsecure%2Flogout%2Findex.html";
+        resp.sendRedirect(expectedRedirectToIdP);
+        EasyMock.expectLastCall();
+        EasyMock.replay(resp);
+        logoutHandler.handleRequest(req, resp);
+    }
+    
+    @org.junit.Test
     public void testSignoutAction() throws Exception {
         FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
         

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f7380a4a/plugins/core/src/test/resources/fediz_test_config_logout.xml
----------------------------------------------------------------------
diff --git a/plugins/core/src/test/resources/fediz_test_config_logout.xml b/plugins/core/src/test/resources/fediz_test_config_logout.xml
index 8e8f5c0..0c7831e 100644
--- a/plugins/core/src/test/resources/fediz_test_config_logout.xml
+++ b/plugins/core/src/test/resources/fediz_test_config_logout.xml
@@ -120,4 +120,38 @@
         <logoutRedirectToConstraint>.*wreply.html</logoutRedirectToConstraint>
 	</contextConfig>
 	
+	<contextConfig name="ROOT4">
+		<audienceUris>
+			<audienceItem>http://host_one:port/url</audienceItem>
+		</audienceUris>
+		<certificateStores>
+			<trustManager>
+				<keyStore file="ststrust.jks" password="storepass"
+					type="JKS" />
+			</trustManager>		
+		</certificateStores>
+		<trustedIssuers>
+			<issuer certificateValidation="PeerTrust" />
+		</trustedIssuers>
+
+		<maximumClockSkew>1000</maximumClockSkew>
+		<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+			xsi:type="federationProtocolType" version="1.2">
+			<realm>target realm</realm>
+			<issuer>http://url_to_the_issuer</issuer>
+			<roleDelimiter>;</roleDelimiter>
+			<roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
+			<authenticationType value="some auth type" type="String" />
+			<freshness>10000</freshness>
+			<reply>reply value</reply>
+			<request>REQUEST</request>
+			<claimTypesRequested>
+				<claimType type="a particular claim type" optional="true" />
+			</claimTypesRequested>
+		</protocol>
+		<logoutURL>secure/logout</logoutURL>
+        <logoutRedirectTo>https://localhost/secure/logout/index.html</logoutRedirectTo>
+        <logoutRedirectToConstraint>.*wreply.html</logoutRedirectToConstraint>
+	</contextConfig>
+	
 </FedizConfig>