Repository: cxf Updated Branches: refs/heads/3.1.x-fixes cec8828bd -> 13184062c
[FEDIZ-134] Making sure a code challenge is available to the code service Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/753368bb Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/753368bb Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/753368bb Branch: refs/heads/3.1.x-fixes Commit: 753368bb25f851d858c39b9f2ece764f81e14c2a Parents: 5e5470e Author: Sergey Beryozkin <[email protected]> Authored: Tue Nov 17 16:03:15 2015 +0000 Committer: Sergey Beryozkin <[email protected]> Committed: Tue Nov 17 16:03:15 2015 +0000 ---------------------------------------------------------------------- .../oauth2/client/ClientCodeRequestFilter.java | 26 ++++++++++++-------- 1 file changed, 16 insertions(+), 10 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/753368bb/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java index ac09dfc..f712ab6 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java @@ -155,8 +155,9 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter { } protected void setCodeVerifier(UriBuilder ub, MultivaluedMap<String, String> redirectState) { if (codeVerifierTransformer != null) { + String codeVerifier = redirectState.getFirst(OAuthConstants.AUTHORIZATION_CODE_VERIFIER); ub.queryParam(OAuthConstants.AUTHORIZATION_CODE_CHALLENGE, - redirectState.getFirst(OAuthConstants.AUTHORIZATION_CODE_VERIFIER)); + codeVerifierTransformer.transformCodeVerifier(codeVerifier)); ub.queryParam(OAuthConstants.AUTHORIZATION_CODE_CHALLENGE_METHOD, codeVerifierTransformer.getChallengeMethod()); } @@ -222,17 +223,22 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter { if (clientStateManager == null) { return null; } - return clientStateManager.toRedirectState(mc, - toCodeRequestState(rc, ui)); - } - protected MultivaluedMap<String, String> toCodeRequestState(ContainerRequestContext rc, UriInfo ui) { - MultivaluedMap<String, String> state = toRequestState(rc, ui); + String codeVerifier = null; + MultivaluedMap<String, String> codeRequestState = toCodeRequestState(rc, ui); if (codeVerifierTransformer != null) { - String codeVerifier = Base64UrlUtility.encode(CryptoUtils.generateSecureRandomBytes(32)); - state.putSingle(OAuthConstants.AUTHORIZATION_CODE_VERIFIER, - codeVerifierTransformer.transformCodeVerifier(codeVerifier)); + codeVerifier = Base64UrlUtility.encode(CryptoUtils.generateSecureRandomBytes(32)); + codeRequestState.putSingle(OAuthConstants.AUTHORIZATION_CODE_VERIFIER, + codeVerifier); } - return state; + MultivaluedMap<String, String> redirectState = + clientStateManager.toRedirectState(mc, codeRequestState); + if (redirectState != null) { + redirectState.putSingle(OAuthConstants.AUTHORIZATION_CODE_VERIFIER, codeVerifier); + } + return redirectState; + } + protected MultivaluedMap<String, String> toCodeRequestState(ContainerRequestContext rc, UriInfo ui) { + return toRequestState(rc, ui); } protected MultivaluedMap<String, String> toRequestState(ContainerRequestContext rc, UriInfo ui) { MultivaluedMap<String, String> requestState = new MetadataMap<String, String>();
