Return-Path: <commits-return-47336-archive-asf-public=cust-asf.ponee.io@cxf.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 57AFF200498
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Tue, 29 Aug 2017 16:41:46 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id 55889166C7F; Tue, 29 Aug 2017 14:41:46 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 9C182166C7E
	for <archive-asf-public@cust-asf.ponee.io>; Tue, 29 Aug 2017 16:41:45 +0200 (CEST)
Received: (qmail 87125 invoked by uid 500); 29 Aug 2017 14:41:43 -0000
Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@cxf.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@cxf.apache.org>
List-Post: <mailto:commits@cxf.apache.org>
List-Id: <commits.cxf.apache.org>
Reply-To: dev@cxf.apache.org
Delivered-To: mailing list commits@cxf.apache.org
Received: (qmail 87116 invoked by uid 99); 29 Aug 2017 14:41:43 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 29 Aug 2017 14:41:43 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33)
	id E1D91E96F4; Tue, 29 Aug 2017 14:41:42 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: sergeyb@apache.org
To: commits@cxf.apache.org
Message-Id: <612945939e80416e8807eef554360ca8@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: cxf-fediz git commit: [FEDIZ-207] Using the login name for a moment
Date: Tue, 29 Aug 2017 14:41:42 +0000 (UTC)
archived-at: Tue, 29 Aug 2017 14:41:46 -0000

Repository: cxf-fediz
Updated Branches:
  refs/heads/master 8bd1906e4 -> 6da93223c


[FEDIZ-207] Using the login name for a moment


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/6da93223
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/6da93223
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/6da93223

Branch: refs/heads/master
Commit: 6da93223c36bdc5dbbba80a437801f4c8deb059a
Parents: 8bd1906
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Tue Aug 29 15:37:30 2017 +0100
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Tue Aug 29 15:41:25 2017 +0100

----------------------------------------------------------------------
 .../apache/cxf/fediz/service/oidc/FedizSubjectCreator.java  | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6da93223/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
index 3708fca..8479895 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
@@ -30,7 +30,6 @@ import javax.ws.rs.core.UriBuilder;
 
 import org.w3c.dom.Element;
 
-import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.fediz.core.Claim;
 import org.apache.cxf.fediz.core.ClaimCollection;
 import org.apache.cxf.fediz.core.ClaimTypes;
@@ -43,7 +42,6 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 import org.apache.cxf.rs.security.oidc.common.IdToken;
 import org.apache.cxf.rs.security.oidc.idp.OidcUserSubject;
 import org.apache.cxf.rs.security.oidc.utils.OidcUtils;
-import org.apache.cxf.rt.security.crypto.CryptoUtils;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.saml.SamlAssertionWrapper;
 import org.joda.time.DateTime;
@@ -72,11 +70,8 @@ public class FedizSubjectCreator implements SubjectCreator {
         OidcUserSubject oidcSub = new OidcUserSubject();
         oidcSub.setLogin(fedizPrincipal.getName());
 
-        // Subject ID - a locally unique and never reassigned identifier allocated to the end user
-        // REVISIT:
-        // Can it be allocated on per-session basis or is it something that is supposed to be created
-        // by the authentication system (IDP/STS) once and reported every time a given user signs in ?
-        oidcSub.setId(Base64UrlUtility.encode(CryptoUtils.generateSecureRandomBytes(16)));
+        // REVISIT: use fedizPrincipal.getId() to guarantee the uniqueness once FEDIZ-207 is resolved
+        oidcSub.setId(fedizPrincipal.getName());
 
         IdToken idToken = convertToIdToken(mc,
                                            fedizPrincipal.getLoginToken(),