cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf-fediz git commit: Enforcing that if a client provides a logout_uri a size of the list of post_logout_uris is 1 then the values must match
Date Wed, 31 May 2017 10:15:34 GMT
Repository: cxf-fediz
Updated Branches:
  refs/heads/master ff10f9664 -> 00041dec0


Enforcing that if a client provides a logout_uri a size of the list of post_logout_uris is
1 then the values must match


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/00041dec
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/00041dec
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/00041dec

Branch: refs/heads/master
Commit: 00041dec0511c173151baa8b204139eae61b8287
Parents: ff10f96
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Wed May 31 11:15:18 2017 +0100
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Wed May 31 11:15:18 2017 +0100

----------------------------------------------------------------------
 .../cxf/fediz/service/oidc/logout/LogoutService.java     | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/00041dec/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/LogoutService.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/LogoutService.java
b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/LogoutService.java
index 43e551c..b26d387 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/LogoutService.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/LogoutService.java
@@ -33,6 +33,7 @@ import javax.ws.rs.core.MultivaluedMap;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.UriBuilder;
 
+import org.apache.commons.lang3.StringUtils;
 import org.apache.cxf.fediz.service.oidc.FedizSubjectCreator;
 import org.apache.cxf.jaxrs.ext.MessageContext;
 import org.apache.cxf.rs.security.oauth2.common.Client;
@@ -84,14 +85,17 @@ public class LogoutService {
         // logoutUriProp is guaranteed to be not null at this point
         String[] uris = logoutUriProp.split(" ");
         String uriStr = null;
+        String clientLogoutUriParam = params.getFirst(CLIENT_LOGOUT_URI);
         if (uris.length > 1) {
-            String clientLogoutUriParam = params.getFirst(CLIENT_LOGOUT_URI);
             if (clientLogoutUriParam == null 
-                    || !new HashSet<>(Arrays.asList(uris)).contains(clientLogoutUriParam))
{
+                || !new HashSet<>(Arrays.asList(uris)).contains(clientLogoutUriParam))
{
                 throw new BadRequestException();    
             }
             uriStr = clientLogoutUriParam;
         } else {
+            if (clientLogoutUriParam != null && !uris[0].equals(clientLogoutUriParam))
{
+                throw new BadRequestException();    
+            }
             uriStr = uris[0];
         }
         UriBuilder ub = UriBuilder.fromUri(uriStr);
@@ -111,8 +115,7 @@ public class LogoutService {
         if (c == null) {
             throw new BadRequestException();
         }
-        if (c.getProperties().get(CLIENT_LOGOUT_URIS) == null) {
-            //TODO: Possibly default to something ?
+        if (StringUtils.isEmpty(c.getProperties().get(CLIENT_LOGOUT_URIS))) {
             throw new BadRequestException();
         }
         return c;


Mime
View raw message