More refactoring of the caching code

Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/4538aca7
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/4538aca7
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/4538aca7

Branch: refs/heads/master
Commit: 4538aca7cd22a4ab56587c113e6c96f91d2a4502
Parents: 5a0c0b7
Author: Colm O hEigeartaigh <cohei...@apache.org>
Authored: Thu Dec 1 16:41:03 2016 +0000
Committer: Colm O hEigeartaigh <cohei...@apache.org>
Committed: Thu Dec 1 16:41:03 2016 +0000

----------------------------------------------------------------------
 .../idp/beans/SigninParametersCacheAction.java  | 115 ++++++++++---------
 .../WEB-INF/flows/federation-signin-request.xml |   3 +-
 .../flows/federation-validate-request.xml       |   2 +
 .../WEB-INF/flows/saml-signin-request.xml       |   3 +-
 .../WEB-INF/flows/saml-validate-request.xml     |   2 +
 .../webapp/WEB-INF/flows/signin-response.xml    |   3 +-
 6 files changed, 73 insertions(+), 55 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/4538aca7/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/SigninParametersCacheAction.java
----------------------------------------------------------------------
diff --git 
a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/SigninParametersCacheAction.java
 
b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/SigninParametersCacheAction.java
index e3e055e..18216e7 100644
--- 
a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/SigninParametersCacheAction.java
+++ 
b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/SigninParametersCacheAction.java
@@ -44,35 +44,40 @@ public class SigninParametersCacheAction {
 
     private static final Logger LOG = 
LoggerFactory.getLogger(SigninParametersCacheAction.class);
 
-    public void store(RequestContext context) {
+    public void store(RequestContext context, String protocol) {
         Map<String, Object> signinParams = new HashMap<>();
         String uuidKey = UUID.randomUUID().toString();
         
-        Object value = WebUtils.getAttributeFromFlowScope(context, 
FederationConstants.PARAM_REPLY);
-        if (value != null) {
-            signinParams.put(FederationConstants.PARAM_REPLY, value);
-        }
-        value = WebUtils.getAttributeFromFlowScope(context, 
FederationConstants.PARAM_TREALM);
-        if (value != null) {
-            signinParams.put(FederationConstants.PARAM_TREALM, value);
-        }
-        value = WebUtils.getAttributeFromFlowScope(context, 
IdpConstants.HOME_REALM);
+        Object value = WebUtils.getAttributeFromFlowScope(context, 
IdpConstants.HOME_REALM);
         if (value != null) {
             signinParams.put(IdpConstants.HOME_REALM, value);
         }
-        value = WebUtils.getAttributeFromFlowScope(context, 
FederationConstants.PARAM_CONTEXT);
-        if (value != null) {
-            signinParams.put(FederationConstants.PARAM_CONTEXT, value);
-        }
-        // TODO
-        value = WebUtils.getAttributeFromFlowScope(context, "RelayState");
-        if (value != null) {
-            signinParams.put("RelayState", value);
-        }
-        value = WebUtils.getAttributeFromFlowScope(context, 
IdpConstants.SAML_AUTHN_REQUEST);
-        if (value != null) {
-            signinParams.put(IdpConstants.SAML_AUTHN_REQUEST, value);
+        
+        if ("wsfed".equals(protocol)) {
+            value = WebUtils.getAttributeFromFlowScope(context, 
FederationConstants.PARAM_REPLY);
+            if (value != null) {
+                signinParams.put(FederationConstants.PARAM_REPLY, value);
+            }
+            value = WebUtils.getAttributeFromFlowScope(context, 
FederationConstants.PARAM_TREALM);
+            if (value != null) {
+                signinParams.put(FederationConstants.PARAM_TREALM, value);
+            }
+            value = WebUtils.getAttributeFromFlowScope(context, 
FederationConstants.PARAM_CONTEXT);
+            if (value != null) {
+                signinParams.put(FederationConstants.PARAM_CONTEXT, value);
+            }
+        } else if ("samlsso".equals(protocol)) {
+            // TODO
+            value = WebUtils.getAttributeFromFlowScope(context, "RelayState");
+            if (value != null) {
+                signinParams.put("RelayState", value);
+            }
+            value = WebUtils.getAttributeFromFlowScope(context, 
IdpConstants.SAML_AUTHN_REQUEST);
+            if (value != null) {
+                signinParams.put(IdpConstants.SAML_AUTHN_REQUEST, value);
+            }
         }
+        
         WebUtils.putAttributeInExternalContext(context, uuidKey, signinParams);
         
         LOG.debug("SignIn parameters cached: {}", signinParams.toString());
@@ -80,7 +85,7 @@ public class SigninParametersCacheAction {
         LOG.info("SignIn parameters cached and context set to [" + uuidKey + 
"].");
     }
     
-    public void restore(RequestContext context, String contextKey) {
+    public void restore(RequestContext context, String contextKey, String 
protocol) {
         
         if (contextKey != null) {
             @SuppressWarnings("unchecked")
@@ -88,44 +93,50 @@ public class SigninParametersCacheAction {
                 (Map<String, 
Object>)WebUtils.getAttributeFromExternalContext(context, contextKey);
             
             if (signinParams != null) {
-                String value = 
(String)signinParams.get(FederationConstants.PARAM_REPLY);
-                if (value != null) {
-                    WebUtils.putAttributeInFlowScope(context, 
FederationConstants.PARAM_REPLY, value);
-                }
-                value = 
(String)signinParams.get(FederationConstants.PARAM_TREALM);
-                if (value != null) {
-                    WebUtils.putAttributeInFlowScope(context, 
FederationConstants.PARAM_TREALM, value);
-                }
-                value = (String)signinParams.get(IdpConstants.HOME_REALM);
-                if (value != null) {
-                    WebUtils.putAttributeInFlowScope(context, 
IdpConstants.HOME_REALM, value);
-                }
-                
-                SAMLAuthnRequest authnRequest = 
-                    
(SAMLAuthnRequest)signinParams.get(IdpConstants.SAML_AUTHN_REQUEST);
-                if (authnRequest != null) {
-                    WebUtils.putAttributeInFlowScope(context, 
IdpConstants.SAML_AUTHN_REQUEST, authnRequest);
-                }
+                LOG.debug("SignIn parameters restored: {}", 
signinParams.toString());
                 
-                // TODO
-                value = (String)signinParams.get("RelayState");
+                String value = 
(String)signinParams.get(IdpConstants.HOME_REALM);
                 if (value != null) {
-                    WebUtils.putAttributeInFlowScope(context, "RelayState", 
value);
+                    WebUtils.putAttributeInFlowScope(context, 
IdpConstants.HOME_REALM, value);
                 }
                 
-                LOG.debug("SignIn parameters restored: {}", 
signinParams.toString());
-                WebUtils.removeAttributeFromFlowScope(context, 
FederationConstants.PARAM_CONTEXT);
-                LOG.info("SignIn parameters restored and " + 
FederationConstants.PARAM_CONTEXT + "[" 
-                    + contextKey + "] cleared.");
-                
-                value = 
(String)signinParams.get(FederationConstants.PARAM_CONTEXT);
-                if (value != null) {
-                    WebUtils.putAttributeInFlowScope(context, 
FederationConstants.PARAM_CONTEXT, value);
+                if ("wsfed".equals(protocol)) {
+                    value = 
(String)signinParams.get(FederationConstants.PARAM_REPLY);
+                    if (value != null) {
+                        WebUtils.putAttributeInFlowScope(context, 
FederationConstants.PARAM_REPLY, value);
+                    }
+                    value = 
(String)signinParams.get(FederationConstants.PARAM_TREALM);
+                    if (value != null) {
+                        WebUtils.putAttributeInFlowScope(context, 
FederationConstants.PARAM_TREALM, value);
+                    }
+                    
+                    WebUtils.removeAttributeFromFlowScope(context, 
FederationConstants.PARAM_CONTEXT);
+                    LOG.info("SignIn parameters restored and " + 
FederationConstants.PARAM_CONTEXT + "[" 
+                        + contextKey + "] cleared.");
+                    
+                    value = 
(String)signinParams.get(FederationConstants.PARAM_CONTEXT);
+                    if (value != null) {
+                        WebUtils.putAttributeInFlowScope(context, 
FederationConstants.PARAM_CONTEXT, value);
+                    }
+                } else if ("samlsso".equals(protocol)) {
+                    SAMLAuthnRequest authnRequest = 
+                        
(SAMLAuthnRequest)signinParams.get(IdpConstants.SAML_AUTHN_REQUEST);
+                    if (authnRequest != null) {
+                        WebUtils.putAttributeInFlowScope(context, 
IdpConstants.SAML_AUTHN_REQUEST, authnRequest);
+                    }
+                    
+                    // TODO
+                    value = (String)signinParams.get("RelayState");
+                    if (value != null) {
+                        WebUtils.putAttributeInFlowScope(context, 
"RelayState", value);
+                    }
                 }
                 
             }  else {
                 LOG.debug("Error in restoring security context");
             }
+            
+            WebUtils.removeAttributeFromFlowScope(context, contextKey);
         } else {
             LOG.debug("Error in restoring security context");
         }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/4538aca7/services/idp/src/main/webapp/WEB-INF/flows/federation-signin-request.xml
----------------------------------------------------------------------
diff --git 
a/services/idp/src/main/webapp/WEB-INF/flows/federation-signin-request.xml 
b/services/idp/src/main/webapp/WEB-INF/flows/federation-signin-request.xml
index 59c2a67..d62c115 100644
--- a/services/idp/src/main/webapp/WEB-INF/flows/federation-signin-request.xml
+++ b/services/idp/src/main/webapp/WEB-INF/flows/federation-signin-request.xml
@@ -30,6 +30,7 @@
     <input name="wfresh" />
     <input name="wauth" />
     <input name="home_realm" />
+    <input name="protocol" />
 
     <decision-state id="processHRDSExpression">
         <on-entry>
@@ -166,7 +167,7 @@
     <!-- redirects to requestor idp -->
     <end-state id="redirectToTrustedIDP">
         <on-entry>
-            <evaluate 
expression="signinParametersCacheAction.store(flowRequestContext)" />
+            <evaluate 
expression="signinParametersCacheAction.store(flowRequestContext, protocol)" />
         </on-entry>
         <output name="home_realm" value="flowScope.home_realm" />
         <output name="trusted_idp_context" 
value="flowScope.trusted_idp_context" />

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/4538aca7/services/idp/src/main/webapp/WEB-INF/flows/federation-validate-request.xml
----------------------------------------------------------------------
diff --git 
a/services/idp/src/main/webapp/WEB-INF/flows/federation-validate-request.xml 
b/services/idp/src/main/webapp/WEB-INF/flows/federation-validate-request.xml
index e0d86aa..e42c7ee 100644
--- a/services/idp/src/main/webapp/WEB-INF/flows/federation-validate-request.xml
+++ b/services/idp/src/main/webapp/WEB-INF/flows/federation-validate-request.xml
@@ -99,6 +99,7 @@
         <input name="wfresh" value="flowScope.wfresh" />
         <input name="wauth" value="flowScope.wauth" />
         <input name="home_realm" value="flowScope.whr" />
+        <input name="protocol" value="'wsfed'" />
 
         <output name="home_realm" />
         <output name="wctx" />
@@ -131,6 +132,7 @@
         <input name="state" value="flowScope.state" />
         <input name="code" value="flowScope.code" />
         <input name="home_realm" value="flowScope.whr" />
+        <input name="protocol" value="'wsfed'" />
 
         <output name="wtrealm" />
         <output name="wreply" />

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/4538aca7/services/idp/src/main/webapp/WEB-INF/flows/saml-signin-request.xml
----------------------------------------------------------------------
diff --git a/services/idp/src/main/webapp/WEB-INF/flows/saml-signin-request.xml 
b/services/idp/src/main/webapp/WEB-INF/flows/saml-signin-request.xml
index 446aa8e..e385a25 100644
--- a/services/idp/src/main/webapp/WEB-INF/flows/saml-signin-request.xml
+++ b/services/idp/src/main/webapp/WEB-INF/flows/saml-signin-request.xml
@@ -27,6 +27,7 @@
     <input name="SAMLRequest" />
     <input name="RelayState" />
     <input name="Signature" />
+    <input name="protocol" />
     
     <action-state id="parseAuthnRequest">
         <evaluate 
expression="authnRequestParser.parseSAMLRequest(flowRequestContext, 
flowScope.idpConfig,
@@ -180,7 +181,7 @@
     <!-- redirects to requestor idp -->
     <end-state id="redirectToTrustedIDP">
         <on-entry>
-            <evaluate 
expression="signinParametersCacheAction.store(flowRequestContext)" />
+            <evaluate 
expression="signinParametersCacheAction.store(flowRequestContext, protocol)" />
         </on-entry>
         <output name="home_realm" value="flowScope.home_realm" />
         <output name="trusted_idp_context" 
value="flowScope.trusted_idp_context" />

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/4538aca7/services/idp/src/main/webapp/WEB-INF/flows/saml-validate-request.xml
----------------------------------------------------------------------
diff --git 
a/services/idp/src/main/webapp/WEB-INF/flows/saml-validate-request.xml 
b/services/idp/src/main/webapp/WEB-INF/flows/saml-validate-request.xml
index d45a48b..2816487 100644
--- a/services/idp/src/main/webapp/WEB-INF/flows/saml-validate-request.xml
+++ b/services/idp/src/main/webapp/WEB-INF/flows/saml-validate-request.xml
@@ -67,6 +67,7 @@
         <input name="SAMLRequest" value="flowScope.SAMLRequest" />
         <input name="RelayState" value="flowScope.RelayState" />
         <input name="Signature" value="flowScope.Signature" />
+        <input name="protocol" value="'samlsso'" />
 
         <output name="home_realm" />
         <output name="idpToken" />
@@ -99,6 +100,7 @@
         <input name="state" value="flowScope.state" />
         <input name="code" value="flowScope.code" />
         <input name="home_realm" value="flowScope.whr" />
+        <input name="protocol" value="'samlsso'" />
 
         <output name="wtrealm" />
         <output name="wreply" />

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/4538aca7/services/idp/src/main/webapp/WEB-INF/flows/signin-response.xml
----------------------------------------------------------------------
diff --git a/services/idp/src/main/webapp/WEB-INF/flows/signin-response.xml 
b/services/idp/src/main/webapp/WEB-INF/flows/signin-response.xml
index 1a2aa2e..38c4392 100644
--- a/services/idp/src/main/webapp/WEB-INF/flows/signin-response.xml
+++ b/services/idp/src/main/webapp/WEB-INF/flows/signin-response.xml
@@ -36,10 +36,11 @@ subflow to get a RP token from the STS.
     <input name="state" />
     <input name="code" />
     <input name="home_realm" />
+    <input name="protocol" />
 
     <on-start>
         <!-- restore the original request parameters for the current context 
-->
-        <evaluate 
expression="signinParametersCacheAction.restore(flowRequestContext, 
request_context)" />
+        <evaluate 
expression="signinParametersCacheAction.restore(flowRequestContext, 
request_context, protocol)" />
     </on-start>
     
     <!-- validate token issued by requestor IDP given its home realm -->

Reply via email to