cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf-fediz git commit: [FEDIZ-207] Using the login name for a moment
Date Tue, 29 Aug 2017 14:41:42 GMT
Repository: cxf-fediz
Updated Branches:
  refs/heads/master 8bd1906e4 -> 6da93223c


[FEDIZ-207] Using the login name for a moment


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/6da93223
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/6da93223
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/6da93223

Branch: refs/heads/master
Commit: 6da93223c36bdc5dbbba80a437801f4c8deb059a
Parents: 8bd1906
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Tue Aug 29 15:37:30 2017 +0100
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Tue Aug 29 15:41:25 2017 +0100

----------------------------------------------------------------------
 .../apache/cxf/fediz/service/oidc/FedizSubjectCreator.java  | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6da93223/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
index 3708fca..8479895 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
@@ -30,7 +30,6 @@ import javax.ws.rs.core.UriBuilder;
 
 import org.w3c.dom.Element;
 
-import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.fediz.core.Claim;
 import org.apache.cxf.fediz.core.ClaimCollection;
 import org.apache.cxf.fediz.core.ClaimTypes;
@@ -43,7 +42,6 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 import org.apache.cxf.rs.security.oidc.common.IdToken;
 import org.apache.cxf.rs.security.oidc.idp.OidcUserSubject;
 import org.apache.cxf.rs.security.oidc.utils.OidcUtils;
-import org.apache.cxf.rt.security.crypto.CryptoUtils;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.saml.SamlAssertionWrapper;
 import org.joda.time.DateTime;
@@ -72,11 +70,8 @@ public class FedizSubjectCreator implements SubjectCreator {
         OidcUserSubject oidcSub = new OidcUserSubject();
         oidcSub.setLogin(fedizPrincipal.getName());
 
-        // Subject ID - a locally unique and never reassigned identifier allocated to the
end user
-        // REVISIT:
-        // Can it be allocated on per-session basis or is it something that is supposed to
be created
-        // by the authentication system (IDP/STS) once and reported every time a given user
signs in ?
-        oidcSub.setId(Base64UrlUtility.encode(CryptoUtils.generateSecureRandomBytes(16)));
+        // REVISIT: use fedizPrincipal.getId() to guarantee the uniqueness once FEDIZ-207
is resolved
+        oidcSub.setId(fedizPrincipal.getName());
 
         IdToken idToken = convertToIdToken(mc,
                                            fedizPrincipal.getLoginToken(),


Mime
View raw message