cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [2/3] cxf git commit: CXF-7382 - Refactor interfaces for master only
Date Thu, 25 May 2017 13:11:12 GMT
CXF-7382 - Refactor interfaces for master only


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/762093f7
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/762093f7
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/762093f7

Branch: refs/heads/master
Commit: 762093f79fb799e3912ce572213f1a46eb02867c
Parents: 2a76fe1e
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Thu May 25 11:49:44 2017 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Thu May 25 11:49:44 2017 +0100

----------------------------------------------------------------------
 .../security/trust/DefaultSTSTokenCacher.java   | 22 ++++------
 .../cxf/ws/security/trust/STSTokenCacher.java   | 10 +++--
 .../ws/security/trust/STSTokenRetriever.java    | 45 ++++++++++----------
 3 files changed, 36 insertions(+), 41 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/762093f7/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/DefaultSTSTokenCacher.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/DefaultSTSTokenCacher.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/DefaultSTSTokenCacher.java
index d090e71..3387fe7 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/DefaultSTSTokenCacher.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/DefaultSTSTokenCacher.java
@@ -29,7 +29,6 @@ import org.w3c.dom.Element;
 
 import org.apache.cxf.interceptor.Fault;
 import org.apache.cxf.message.Message;
-import org.apache.cxf.rt.security.utils.SecurityUtils;
 import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.cxf.ws.security.tokenstore.SecurityToken;
 import org.apache.cxf.ws.security.tokenstore.TokenStore;
@@ -41,13 +40,9 @@ import org.apache.wss4j.dom.WSConstants;
 
 public class DefaultSTSTokenCacher implements STSTokenCacher {
 
-    public SecurityToken retrieveToken(Message message) {
-        boolean cacheIssuedToken =
-            SecurityUtils.getSecurityPropertyBoolean(SecurityConstants.CACHE_ISSUED_TOKEN_IN_ENDPOINT,
-                                              message,
-                                              true);
+    public SecurityToken retrieveToken(Message message, boolean retrieveTokenFromEndpoint)
{
         SecurityToken tok = null;
-        if (cacheIssuedToken) {
+        if (retrieveTokenFromEndpoint) {
             tok = (SecurityToken)message.getContextualProperty(SecurityConstants.TOKEN);
             if (tok == null) {
                 String tokId = (String)message.getContextualProperty(SecurityConstants.TOKEN_ID);
@@ -91,18 +86,17 @@ public class DefaultSTSTokenCacher implements STSTokenCacher {
         return null;
     }
 
-    public void storeToken(Message message, SecurityToken securityToken) {
-        boolean cacheIssuedToken =
-            SecurityUtils.getSecurityPropertyBoolean(SecurityConstants.CACHE_ISSUED_TOKEN_IN_ENDPOINT,
-                                              message,
-                                              true)
-                && !isOneTimeUse(securityToken);
-        if (cacheIssuedToken) {
+    public void storeToken(Message message, SecurityToken securityToken, boolean storeTokenInEndpoint)
{
+        if (storeTokenInEndpoint && !isOneTimeUse(securityToken)) {
             message.getExchange().getEndpoint().put(SecurityConstants.TOKEN, securityToken);
             message.getExchange().put(SecurityConstants.TOKEN, securityToken);
             message.getExchange().put(SecurityConstants.TOKEN_ID, securityToken.getId());
             message.getExchange().getEndpoint().put(SecurityConstants.TOKEN_ID,
                                                     securityToken.getId());
+        } else {
+            message.put(SecurityConstants.TOKEN, securityToken);
+            message.put(SecurityConstants.TOKEN_ID, securityToken.getId());
+            message.put(SecurityConstants.TOKEN_ELEMENT, securityToken.getToken());
         }
         TokenStoreUtils.getTokenStore(message).add(securityToken);
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/762093f7/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenCacher.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenCacher.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenCacher.java
index 9a5d128..f090e30 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenCacher.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenCacher.java
@@ -30,9 +30,10 @@ import org.apache.cxf.ws.security.tokenstore.SecurityToken;
 public interface STSTokenCacher {
 
     /**
-     * Retrieve a cached STS token
+     * Retrieve a cached STS token. The retrieveTokenFromEndpoint boolean lets us known whether
we want to retrieve the
+     * token from the endpoint or not.
      */
-    SecurityToken retrieveToken(Message message);
+    SecurityToken retrieveToken(Message message, boolean retrieveTokenFromEndpoint);
 
     /**
      * Retrieve a cached STS token for a given delegation token Element
@@ -40,9 +41,10 @@ public interface STSTokenCacher {
     SecurityToken retrieveToken(Message message, Element delegationToken, String cacheKey);
 
     /**
-     * Store a token in the cache
+     * Store a token in the cache. The storeTokenInEndpoint boolean lets us know whether
we want to store the token
+     * in the endpoint or not.
      */
-    void storeToken(Message message, SecurityToken securityToken);
+    void storeToken(Message message, SecurityToken securityToken, boolean storeTokenInEndpoint);
 
     /**
      * Store a given delegation token in the cache (or update it if it's already there),
with a reference to the

http://git-wip-us.apache.org/repos/asf/cxf/blob/762093f7/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenRetriever.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenRetriever.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenRetriever.java
index 5285eb6..6033c73 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenRetriever.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/STSTokenRetriever.java
@@ -32,7 +32,6 @@ import org.apache.cxf.rt.security.utils.SecurityUtils;
 import org.apache.cxf.ws.addressing.AddressingProperties;
 import org.apache.cxf.ws.security.SecurityConstants;
 import org.apache.cxf.ws.security.tokenstore.SecurityToken;
-import org.apache.cxf.ws.security.tokenstore.TokenStoreUtils;
 import org.apache.wss4j.policy.model.Trust10;
 import org.apache.wss4j.policy.model.Trust13;
 
@@ -92,20 +91,18 @@ public final class STSTokenRetriever {
                     key = ASSOCIATED_TOKEN;
                 }
                 
-                SecurityToken secToken = null;
-                if (onBehalfOfToken == null && actAsToken == null) {
-                    // If we have no delegation token then try to retrieve a cached token
from the message
-                    secToken = tokenCacher.retrieveToken(message);
-                } else {
-                    // Otherwise try to get a cached token corresponding to the delegation
token
-                    if (onBehalfOfToken != null) {
-                        secToken = tokenCacher.retrieveToken(message, onBehalfOfToken, key);
-                    }
-                    if (secToken == null && actAsToken != null) {
-                        secToken = tokenCacher.retrieveToken(message, actAsToken, key);
-                    }
+                boolean cacheToken = isCachedTokenFromEndpoint(message, onBehalfOfToken,
actAsToken);
+                // Try to retrieve a cached token from the message
+                SecurityToken secToken = tokenCacher.retrieveToken(message, cacheToken);
+
+                // Otherwise try to get a cached token corresponding to the delegation token
+                if (secToken == null && onBehalfOfToken != null) {
+                    secToken = tokenCacher.retrieveToken(message, onBehalfOfToken, key);
                 }
-                
+                if (secToken == null && actAsToken != null) {
+                    secToken = tokenCacher.retrieveToken(message, actAsToken, key);
+                }
+
                 if (secToken != null) {
                     // Check to see whether the token needs to be renewed
                     secToken = renewToken(message, secToken, params, tokenCacher);
@@ -116,15 +113,7 @@ public final class STSTokenRetriever {
                 if (secToken != null) {
                     tokenCacher.storeToken(message, onBehalfOfToken, secToken.getId(), key);
                     tokenCacher.storeToken(message, actAsToken, secToken.getId(), key);
-                    if (onBehalfOfToken == null && actAsToken == null) {
-                        tokenCacher.storeToken(message, secToken);
-                    } else {
-                        TokenStoreUtils.getTokenStore(message).add(secToken);
-                    }
-                    
-                    message.put(SecurityConstants.TOKEN, secToken);
-                    message.put(SecurityConstants.TOKEN_ID, secToken.getId());
-                    message.put(SecurityConstants.TOKEN_ELEMENT, secToken.getToken());
+                    tokenCacher.storeToken(message, secToken, cacheToken);
                 }
                 return secToken;
             } catch (RuntimeException e) {
@@ -139,6 +128,16 @@ public final class STSTokenRetriever {
             }
         }
     }
+    
+    private static boolean isCachedTokenFromEndpoint(Message message, Element onBehalfOfToken,
Element actAsToken) {
+        if (onBehalfOfToken != null || actAsToken != null) {
+            return false;
+        }
+        return
+            SecurityUtils.getSecurityPropertyBoolean(SecurityConstants.CACHE_ISSUED_TOKEN_IN_ENDPOINT,
+                                              message,
+                                              true);
+    }
 
     private static SecurityToken renewToken(
                                      Message message,


Mime
View raw message