cxf git commit: Make finding the ID of an issued token a bit more robust

Wed, 29 Apr 2015 06:10:27 -0700 

Repository: cxf
Updated Branches:
  refs/heads/master ac133b9f0 -> 71e20b4f5


Make finding the ID of an issued token a bit more robust


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/71e20b4f
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/71e20b4f
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/71e20b4f

Branch: refs/heads/master
Commit: 71e20b4f5b918005055589b47e40f37733721676
Parents: ac133b9
Author: Colm O hEigeartaigh <[email protected]>
Authored: Wed Apr 29 14:07:21 2015 +0100
Committer: Colm O hEigeartaigh <[email protected]>
Committed: Wed Apr 29 14:09:42 2015 +0100

----------------------------------------------------------------------
 .../cxf/ws/security/trust/AbstractSTSClient.java   | 17 +++++++++++++----
 .../policyhandlers/AbstractBindingBuilder.java     | 12 +++++++-----
 2 files changed, 20 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/71e20b4f/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
----------------------------------------------------------------------
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
index a9678a1..8cec92e 100755
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/trust/AbstractSTSClient.java
@@ -1609,18 +1609,27 @@ public abstract class AbstractSTSClient implements 
Configurable, InterceptorProv
                 && rst.hasAttributeNS(null, "ID")) {
                 id = rst.getAttributeNS(null, "ID");
             }
-            if (id == null) {
+            if (id == null || "".equals(id)) {
                 id = this.getIDFromSTR(rst);
             }
         }
-        if (id == null && rar != null) {
+        if ((id == null || "".equals(id)) && rar != null) {
             id = this.getIDFromSTR(rar);
         }
-        if (id == null && rur != null) {
+        if ((id == null || "".equals(id)) && rur != null) {
             id = this.getIDFromSTR(rur);
         }
-        if (id == null && rst != null) {
+        if ((id == null || "".equals(id)) && rst != null) {
             id = rst.getAttributeNS(WSConstants.WSU_NS, "Id");
+            if (id == null || "".equals(id)) {
+                QName elName = DOMUtils.getElementQName(rst);
+                if (elName.equals(new QName(WSConstants.SAML2_NS, 
"EncryptedAssertion"))) {
+                    Element child = DOMUtils.getFirstElement(rst);
+                    if (child != null) {
+                        id = child.getAttributeNS(WSConstants.WSU_NS, "Id");
+                    }
+                }
+            }
         }
         return id;
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/71e20b4f/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
----------------------------------------------------------------------
diff --git 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
index 52affe2..1e85cc1 100644
--- 
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
+++ 
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/policyhandlers/AbstractBindingBuilder.java
@@ -643,11 +643,13 @@ public abstract class AbstractBindingBuilder extends 
AbstractCommonBindingHandle
                     Document doc = token.getToken().getOwnerDocument();
                     boolean saml1 = 
WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType)
                         || WSConstants.SAML_NS.equals(tokenType);
-                    String id = null;
-                    if (saml1) {
-                        id = token.getToken().getAttributeNS(null, 
"AssertionID");
-                    } else {
-                        id = token.getToken().getAttributeNS(null, "ID");
+                    String id = token.getId();
+                    if (id == null || "".equals(id)) {
+                        if (saml1) {
+                            id = token.getToken().getAttributeNS(null, 
"AssertionID");
+                        } else {
+                            id = token.getToken().getAttributeNS(null, "ID");
+                        }
                     }
                     SecurityTokenReference secRef = 
                         createSTRForSamlAssertion(doc, id, saml1, false);

Reply via email to