Fixing merge
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/84187a30 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/84187a30 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/84187a30 Branch: refs/heads/3.0.x-fixes Commit: 84187a3033dcba9e1be3d6ec40b8140f47ae0ef6 Parents: 8d70e69 Author: Colm O hEigeartaigh <[email protected]> Authored: Thu Dec 3 14:24:13 2015 +0000 Committer: Colm O hEigeartaigh <[email protected]> Committed: Thu Dec 3 14:24:13 2015 +0000 ---------------------------------------------------------------------- .../java/org/apache/cxf/rs/security/jose/jwt/JwtUtils.java | 6 +----- .../java/org/apache/cxf/rs/security/oidc/rp/IdTokenReader.java | 6 ------ 2 files changed, 1 insertion(+), 11 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/84187a30/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtUtils.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtUtils.java b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtUtils.java index 68bcef9..1e39e68 100644 --- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtUtils.java +++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwt/JwtUtils.java @@ -112,7 +112,6 @@ public final class JwtUtils { } } } -<<<<<<< HEAD public static void validateJwtTimeClaims(JwtClaims claims, int clockOffset, int issuedAtRange, boolean claimsRequired) { @@ -137,9 +136,6 @@ public final class JwtUtils { validateJwtTimeClaims(claims, 0, 0, false); } - public static void validateTokenClaims(JwtClaims claims, int timeToLive, int clockOffset) { -======= - public static void validateJwtAudienceRestriction(JwtClaims claims, Message message) { // Get the endpoint URL String requestURL = null; @@ -161,9 +157,9 @@ public final class JwtUtils { } } + public static void validateTokenClaims(JwtClaims claims, int timeToLive, int clockOffset, boolean validateAudienceRestriction) { ->>>>>>> 21bbc38... Adding support for validating audiences for JWT tokens as well as supporting multiple audiences // If we have no issued time then we need to have an expiry boolean expiredRequired = claims.getIssuedAt() == null; validateJwtExpiry(claims, clockOffset, expiredRequired); http://git-wip-us.apache.org/repos/asf/cxf/blob/84187a30/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenReader.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenReader.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenReader.java index c46505f..7cbb392 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenReader.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenReader.java @@ -40,18 +40,12 @@ public class IdTokenReader extends AbstractTokenValidator { OidcUtils.validateAccessTokenHash(at, jwt, requireAtHash); return jwt; } -<<<<<<< HEAD public JwtToken getIdJwtToken(String idJwtToken, OAuthClientUtils.Consumer client) { - JwtToken jwt = getJwtToken(idJwtToken, client.getSecret()); - validateJwtClaims(jwt.getClaims(), client.getKey(), true); -======= - public JwtToken getIdJwtToken(String idJwtToken, Consumer client) { JwtToken jwt = getJwtToken(idJwtToken, client.getClientSecret()); if (jwt.getClaims().getAudiences().size() > 1) { throw new SecurityException("Invalid audience"); } validateJwtClaims(jwt.getClaims(), client.getClientId(), true); ->>>>>>> 21bbc38... Adding support for validating audiences for JWT tokens as well as supporting multiple audiences return jwt; } private IdToken getIdTokenFromJwt(JwtToken jwt) {
