Repository: cxf Updated Branches: refs/heads/master a40ffd06e -> f8f93728f
[CXF-6487] Updating UserInfo client to use form params if needed Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f8f93728 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f8f93728 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f8f93728 Branch: refs/heads/master Commit: f8f93728f9fce5be87166975b32ae158eb5c59fe Parents: a40ffd0 Author: Sergey Beryozkin <[email protected]> Authored: Tue Jul 28 13:38:59 2015 +0300 Committer: Sergey Beryozkin <[email protected]> Committed: Tue Jul 28 13:38:59 2015 +0300 ---------------------------------------------------------------------- .../cxf/rs/security/oidc/rp/UserInfoClient.java | 32 +++++++++++++++----- 1 file changed, 25 insertions(+), 7 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/f8f93728/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/UserInfoClient.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/UserInfoClient.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/UserInfoClient.java index b9281b8..f1d0998 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/UserInfoClient.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/UserInfoClient.java @@ -18,6 +18,8 @@ */ package org.apache.cxf.rs.security.oidc.rp; +import javax.ws.rs.core.Form; + import org.apache.cxf.jaxrs.client.WebClient; import org.apache.cxf.rs.security.jose.jwt.JwtToken; import org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils; @@ -27,19 +29,32 @@ import org.apache.cxf.rs.security.oidc.common.UserInfo; public class UserInfoClient extends IdTokenReader { private boolean encryptedOnly; + private boolean sendTokenAsFormParameter; private WebClient profileClient; public UserInfo getUserInfo(ClientAccessToken at, IdToken idToken) { return getUserInfo(at, idToken, false); } public UserInfo getUserInfo(ClientAccessToken at, IdToken idToken, boolean asJwt) { - OAuthClientUtils.setAuthorizationHeader(profileClient, at); - if (asJwt) { - String jwt = profileClient.get(String.class); - return getUserInfoFromJwt(jwt, idToken); + if (!sendTokenAsFormParameter) { + OAuthClientUtils.setAuthorizationHeader(profileClient, at); + if (asJwt) { + String jwt = profileClient.get(String.class); + return getUserInfoFromJwt(jwt, idToken); + } else { + UserInfo profile = profileClient.get(UserInfo.class); + validateUserInfo(profile, idToken); + return profile; + } } else { - UserInfo profile = profileClient.get(UserInfo.class); - validateUserInfo(profile, idToken); - return profile; + Form form = new Form().param("access_token", at.getTokenKey()); + if (asJwt) { + String jwt = profileClient.form(form).readEntity(String.class); + return getUserInfoFromJwt(jwt, idToken); + } else { + UserInfo profile = profileClient.form(form).readEntity(UserInfo.class); + validateUserInfo(profile, idToken); + return profile; + } } } public UserInfo getUserInfoFromJwt(String profileJwtToken, IdToken idToken) { @@ -67,5 +82,8 @@ public class UserInfoClient extends IdTokenReader { public void setUserInfoServiceClient(WebClient client) { this.profileClient = client; } + public void setSendTokenAsFormParameter(boolean sendTokenAsFormParameter) { + this.sendTokenAsFormParameter = sendTokenAsFormParameter; + } }
