Repository: cxf Updated Branches: refs/heads/master 2e6ca288a -> 8f033131b
Adding pluggable TokenWrapper Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/8f033131 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/8f033131 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/8f033131 Branch: refs/heads/master Commit: 8f033131bd7eff927546b25bc27d8c0cc28d2b82 Parents: 2e6ca28 Author: Colm O hEigeartaigh <[email protected]> Authored: Mon Feb 15 11:01:34 2016 +0000 Committer: Colm O hEigeartaigh <[email protected]> Committed: Mon Feb 15 11:01:34 2016 +0000 ---------------------------------------------------------------------- .../cxf/sts/operation/AbstractOperation.java | 9 ++++ .../cxf/sts/operation/DefaultTokenWrapper.java | 49 ++++++++++++++++++++ .../cxf/sts/operation/TokenIssueOperation.java | 13 +----- .../sts/operation/TokenValidateOperation.java | 13 +----- .../apache/cxf/sts/operation/TokenWrapper.java | 35 ++++++++++++++ 5 files changed, 95 insertions(+), 24 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/8f033131/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java ---------------------------------------------------------------------- diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java index 6133816..82f739c 100644 --- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java +++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/AbstractOperation.java @@ -102,7 +102,16 @@ public abstract class AbstractOperation { protected ClaimsManager claimsManager = new ClaimsManager(); protected STSEventListener eventPublisher; protected List<TokenDelegationHandler> delegationHandlers = new ArrayList<>(); + protected TokenWrapper tokenWrapper = new DefaultTokenWrapper(); + public TokenWrapper getTokenWrapper() { + return tokenWrapper; + } + + public void setTokenWrapper(TokenWrapper tokenWrapper) { + this.tokenWrapper = tokenWrapper; + } + public boolean isReturnReferences() { return returnReferences; } http://git-wip-us.apache.org/repos/asf/cxf/blob/8f033131/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/DefaultTokenWrapper.java ---------------------------------------------------------------------- diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/DefaultTokenWrapper.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/DefaultTokenWrapper.java new file mode 100644 index 0000000..fe88ba3 --- /dev/null +++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/DefaultTokenWrapper.java @@ -0,0 +1,49 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.cxf.sts.operation; + +import org.w3c.dom.Document; +import org.w3c.dom.Element; + +import org.apache.cxf.helpers.DOMUtils; +import org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType; + +/** + * The default implementation of TokenWrapper. For DOM Elements it just set the token directly on the + * RSTT. If it's a String (as per the case of JWT Tokens), it puts a "TokenWrapper" wrapper around the + * token. + */ +public class DefaultTokenWrapper implements TokenWrapper { + + /** + * Wrap the Token parameter and set it on the RequestedSecurityTokenType parameter + */ + public void wrapToken(Object token, RequestedSecurityTokenType requestedTokenType) { + if (token instanceof String) { + Document doc = DOMUtils.newDocument(); + Element tokenWrapper = doc.createElementNS(null, "TokenWrapper"); + tokenWrapper.setTextContent((String)token); + requestedTokenType.setAny(tokenWrapper); + } else { + requestedTokenType.setAny(token); + } + } + +} http://git-wip-us.apache.org/repos/asf/cxf/blob/8f033131/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java ---------------------------------------------------------------------- diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java index d6fb5e8..455a9ae 100644 --- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java +++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenIssueOperation.java @@ -29,12 +29,8 @@ import java.util.logging.Logger; import javax.xml.bind.JAXBElement; -import org.w3c.dom.Document; -import org.w3c.dom.Element; - import org.apache.cxf.common.logging.LogUtils; import org.apache.cxf.helpers.CastUtils; -import org.apache.cxf.helpers.DOMUtils; import org.apache.cxf.sts.QNameConstants; import org.apache.cxf.sts.event.STSIssueFailureEvent; import org.apache.cxf.sts.event.STSIssueSuccessEvent; @@ -281,14 +277,7 @@ public class TokenIssueOperation extends AbstractOperation implements IssueOpera QNameConstants.WS_TRUST_FACTORY.createRequestedSecurityTokenType(); JAXBElement<RequestedSecurityTokenType> requestedToken = QNameConstants.WS_TRUST_FACTORY.createRequestedSecurityToken(requestedTokenType); - if (tokenResponse.getToken() instanceof String) { - Document doc = DOMUtils.newDocument(); - Element tokenWrapper = doc.createElementNS(null, "TokenWrapper"); - tokenWrapper.setTextContent((String)tokenResponse.getToken()); - requestedTokenType.setAny(tokenWrapper); - } else { - requestedTokenType.setAny(tokenResponse.getToken()); - } + tokenWrapper.wrapToken(tokenResponse.getToken(), requestedTokenType); response.getAny().add(requestedToken); if (returnReferences) { http://git-wip-us.apache.org/repos/asf/cxf/blob/8f033131/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenValidateOperation.java ---------------------------------------------------------------------- diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenValidateOperation.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenValidateOperation.java index c029809..e74cd65 100644 --- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenValidateOperation.java +++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenValidateOperation.java @@ -26,11 +26,7 @@ import java.util.logging.Logger; import javax.xml.bind.JAXBElement; -import org.w3c.dom.Document; -import org.w3c.dom.Element; - import org.apache.cxf.common.logging.LogUtils; -import org.apache.cxf.helpers.DOMUtils; import org.apache.cxf.sts.QNameConstants; import org.apache.cxf.sts.RealmParser; import org.apache.cxf.sts.STSConstants; @@ -229,14 +225,7 @@ public class TokenValidateOperation extends AbstractOperation implements Validat QNameConstants.WS_TRUST_FACTORY.createRequestedSecurityTokenType(); JAXBElement<RequestedSecurityTokenType> requestedToken = QNameConstants.WS_TRUST_FACTORY.createRequestedSecurityToken(requestedTokenType); - if (tokenProviderResponse.getToken() instanceof String) { - Document doc = DOMUtils.newDocument(); - Element tokenWrapper = doc.createElementNS(null, "TokenWrapper"); - tokenWrapper.setTextContent((String)tokenProviderResponse.getToken()); - requestedTokenType.setAny(tokenWrapper); - } else { - requestedTokenType.setAny(tokenProviderResponse.getToken()); - } + tokenWrapper.wrapToken(tokenProviderResponse.getToken(), requestedTokenType); response.getAny().add(requestedToken); // Lifetime http://git-wip-us.apache.org/repos/asf/cxf/blob/8f033131/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenWrapper.java ---------------------------------------------------------------------- diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenWrapper.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenWrapper.java new file mode 100644 index 0000000..3b0f60e --- /dev/null +++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/operation/TokenWrapper.java @@ -0,0 +1,35 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.cxf.sts.operation; + +import org.apache.cxf.ws.security.sts.provider.model.RequestedSecurityTokenType; + +/** + * This interface defines a pluggable way of "wrapping" tokens that are issued by the STS. Some Tokens may be issued + * in a format that needs to be wrapped as part of the JAXB response. + */ +public interface TokenWrapper { + + /** + * Wrap the Token parameter and set it on the RequestedSecurityTokenType parameter + */ + void wrapToken(Object token, RequestedSecurityTokenType requestedTokenType); + +}
