cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Testing the standard token introspection path
Date Tue, 25 Apr 2017 16:48:01 GMT
Repository: cxf
Updated Branches:
  refs/heads/master dc47b8e0d -> 7298cc60e


Testing the standard token introspection path


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7298cc60
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7298cc60
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7298cc60

Branch: refs/heads/master
Commit: 7298cc60e9b217dcda22fadd43058002dea4852d
Parents: dc47b8e
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Tue Apr 25 17:47:48 2017 +0100
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Tue Apr 25 17:47:48 2017 +0100

----------------------------------------------------------------------
 .../oauth2/provider/OAuthJSONProvider.java      |  2 +-
 .../security/oauth2/tls/JAXRSOAuth2TlsTest.java | 10 ++++--
 .../jaxrs/security/oauth2/tls/serverTls.xml     | 36 ++++++++++++++++++--
 3 files changed, 43 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/7298cc60/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java
index ce083c1..486bda3 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java
@@ -131,7 +131,7 @@ public class OAuthJSONProvider implements MessageBodyWriter<Object>,
                     if (JoseConstants.HEADER_X509_THUMBPRINT_SHA256.equals(entry.getKey()))
{
                         StringBuilder cnfObj = new StringBuilder();
                         cnfObj.append("{");
-                        appendJsonPair(sb, entry.getKey(), entry.getValue());
+                        appendJsonPair(cnfObj, entry.getKey(), entry.getValue());
                         cnfObj.append("}");
                         appendJsonPair(sb, "cnf", cnfObj.toString(), false);
                     } else {

http://git-wip-us.apache.org/repos/asf/cxf/blob/7298cc60/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/tls/JAXRSOAuth2TlsTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/tls/JAXRSOAuth2TlsTest.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/tls/JAXRSOAuth2TlsTest.java
index 50bfea3..0820364 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/tls/JAXRSOAuth2TlsTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/tls/JAXRSOAuth2TlsTest.java
@@ -64,6 +64,10 @@ public class JAXRSOAuth2TlsTest extends AbstractBusClientServerTestBase
{
         Book book = wcRs.get(Book.class);
         assertEquals(123L, book.getId());
         
+        String protectedRsAddress2 = "https://localhost:" + PORT + "/rs2/bookstore/books/123";
+        WebClient wcRs2 = createRsWebClient(protectedRsAddress2, at, "client.xml");
+        book = wcRs2.get(Book.class);
+        assertEquals(123L, book.getId());
         
         String unprotectedRsAddress = "https://localhost:" + PORT + "/rsUnprotected/bookstore/books/123";
         WebClient wcRsDiffClientCert = createRsWebClient(unprotectedRsAddress, at, "client2.xml");
@@ -71,10 +75,12 @@ public class JAXRSOAuth2TlsTest extends AbstractBusClientServerTestBase
{
         book = wcRsDiffClientCert.get(Book.class);
         assertEquals(123L, book.getId());
         
-        // Protected resource, access token was created with Morphit key, RS is accessed
with
-        // Bethal.key, thus 401 is expected
+        // Protected resource, access token was created with Morphit.jks key, RS is accessed
with
+        // Bethal.jks key, thus 401 is expected
         wcRsDiffClientCert = createRsWebClient(protectedRsAddress, at, "client2.xml");
         assertEquals(401, wcRsDiffClientCert.get().getStatus());
+        wcRsDiffClientCert = createRsWebClient(protectedRsAddress2, at, "client2.xml");
+        assertEquals(401, wcRsDiffClientCert.get().getStatus());
     }
     
     @Test

http://git-wip-us.apache.org/repos/asf/cxf/blob/7298cc60/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/tls/serverTls.xml
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/tls/serverTls.xml
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/tls/serverTls.xml
index 40ade66..a0db728 100644
--- a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/tls/serverTls.xml
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/tls/serverTls.xml
@@ -81,11 +81,16 @@ under the License.
        <property name="dataProvider" ref="dataProvider"/>
        <property name="blockUnauthorizedRequests" value="false"/>
     </bean>
+    <bean id="tokenIntrospectionService1" class="org.apache.cxf.rs.security.oauth2.services.TokenIntrospectionService">
+       <property name="dataProvider" ref="dataProvider"/>
+       <property name="blockUnauthorizedRequests" value="false"/>
+    </bean>
     
     <jaxrs:server id="tokenServer1" address="https://localhost:${testutil.ports.jaxrs-oauth2-tls}/oauth2">
         <jaxrs:serviceBeans>
             <ref bean="accessTokenService1"/>
             <ref bean="tokenValidatorService1"/>
+            <ref bean="tokenIntrospectionService1"/>
         </jaxrs:serviceBeans>
     </jaxrs:server>
     
@@ -98,13 +103,32 @@ under the License.
          </jaxrs-client:headers>
     </jaxrs-client:client>
     
-   <bean id="tokenValidator1" class="org.apache.cxf.rs.security.oauth2.filters.AccessTokenValidatorClient">
+    <bean id="tokenValidator1" class="org.apache.cxf.rs.security.oauth2.filters.AccessTokenValidatorClient">
        <property name="tokenValidatorClient" ref="tokenValidatorClient1"/>
-   </bean>
+    </bean>
     
     <bean id="oauth2Filter1" class="org.apache.cxf.rs.security.oauth2.filters.OAuthRequestFilter">
         <property name="tokenValidator" ref="tokenValidator1"/>
     </bean>
+    
+    <jaxrs-client:client id="tokenValidatorClient2" 
+        address="https://localhost:${testutil.ports.jaxrs-oauth2-tls}/oauth2/introspect"

+        serviceClass="org.apache.cxf.jaxrs.client.WebClient">
+        <jaxrs-client:headers>
+            <entry key="Accept" value="application/json"/>
+            <entry key="Content-Type" value="application/x-www-form-urlencoded"/>
+         </jaxrs-client:headers>
+    </jaxrs-client:client>
+    
+    <bean id="tokenValidator2" class="org.apache.cxf.rs.security.oauth2.filters.AccessTokenIntrospectionClient">
+       <property name="tokenValidatorClient" ref="tokenValidatorClient2"/>
+    </bean>
+    
+    <bean id="oauth2Filter2" class="org.apache.cxf.rs.security.oauth2.filters.OAuthRequestFilter">
+        <property name="tokenValidator" ref="tokenValidator2"/>
+    </bean>
+    
+    
     <jaxrs:server id="rsServer1" address="https://localhost:${testutil.ports.jaxrs-oauth2-tls}/rs">
         <jaxrs:serviceBeans>
             <ref bean="rsService"/>
@@ -113,6 +137,14 @@ under the License.
             <ref bean="oauth2Filter1"/>
         </jaxrs:providers>
     </jaxrs:server>
+    <jaxrs:server id="rsServer2" address="https://localhost:${testutil.ports.jaxrs-oauth2-tls}/rs2">
+        <jaxrs:serviceBeans>
+            <ref bean="rsService"/>
+        </jaxrs:serviceBeans>
+        <jaxrs:providers>
+            <ref bean="oauth2Filter2"/>
+        </jaxrs:providers>
+    </jaxrs:server>
     <jaxrs:server id="rsServerUnprotected" address="https://localhost:${testutil.ports.jaxrs-oauth2-tls}/rsUnprotected">
         <jaxrs:serviceBeans>
             <ref bean="rsService"/>


Mime
View raw message