[GitHub] gonzalad closed pull request #348: [CXF-7572] default port in OAuth discovery doc

Wed, 29 Nov 2017 00:16:44 -0800 

gonzalad closed pull request #348: [CXF-7572] default port in OAuth discovery 
doc
URL: https://github.com/apache/cxf/pull/348
 
 
   

This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:

As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):

diff --git 
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationMetadataService.java
 
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationMetadataService.java
index 71d33d4d53d..1b8dba4224a 100644
--- 
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationMetadataService.java
+++ 
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationMetadataService.java
@@ -19,6 +19,7 @@
 package org.apache.cxf.rs.security.oauth2.services;
 
 import java.net.URI;
+import java.net.URISyntaxException;
 import java.util.LinkedHashMap;
 import java.util.Map;
 
@@ -49,61 +50,69 @@
     // Optional
     private boolean dynamicRegistrationEndpointNotAvailable;
     private String dynamicRegistrationEndpointAddress;
-    
+
     @GET
     @Produces("application/json")
     public String getConfiguration(@Context UriInfo ui) {
         Map<String, Object> cfg = new LinkedHashMap<String, Object>();
         String baseUri = getBaseUri(ui);
         prepareConfigurationData(cfg, baseUri);
-        
+
         JsonMapObjectReaderWriter writer = new JsonMapObjectReaderWriter();
         writer.setFormat(true);
         return writer.toJson(cfg);
     }
-    
+
     protected void prepareConfigurationData(Map<String, Object> cfg, String 
baseUri) {
         // Issuer
         cfg.put("issuer", buildIssuerUri(baseUri));
         // Authorization Endpoint
-        String theAuthorizationEndpointAddress = 
-            calculateEndpointAddress(authorizationEndpointAddress, baseUri, 
"/idp/authorize");
+        String theAuthorizationEndpointAddress =
+                calculateEndpointAddress(authorizationEndpointAddress, 
baseUri, "/idp/authorize");
         cfg.put("authorization_endpoint", theAuthorizationEndpointAddress);
         // Token Endpoint
         if (!isTokenEndpointNotAvailable()) {
-            String theTokenEndpointAddress = 
-                calculateEndpointAddress(tokenEndpointAddress, baseUri, 
"/oauth2/token");
+            String theTokenEndpointAddress =
+                    calculateEndpointAddress(tokenEndpointAddress, baseUri, 
"/oauth2/token");
             cfg.put("token_endpoint", theTokenEndpointAddress);
         }
         // Token Revocation Endpoint
         if (!isTokenRevocationEndpointNotAvailable()) {
-            String theTokenRevocationEndpointAddress = 
-                calculateEndpointAddress(tokenRevocationEndpointAddress, 
baseUri, "/oauth2/revoke");
+            String theTokenRevocationEndpointAddress =
+                    calculateEndpointAddress(tokenRevocationEndpointAddress, 
baseUri, "/oauth2/revoke");
             cfg.put("revocation_endpoint", theTokenRevocationEndpointAddress);
         }
         // Jwks Uri Endpoint
         if (!isJwkEndpointNotAvailable()) {
-            String theJwkEndpointAddress = 
-                calculateEndpointAddress(jwkEndpointAddress, baseUri, 
"/jwk/keys");
+            String theJwkEndpointAddress =
+                    calculateEndpointAddress(jwkEndpointAddress, baseUri, 
"/jwk/keys");
             cfg.put("jwks_uri", theJwkEndpointAddress);
         }
         // Dynamic Registration Endpoint
         if (!isDynamicRegistrationEndpointNotAvailable()) {
-            String theDynamicRegistrationEndpointAddress = 
-                calculateEndpointAddress(dynamicRegistrationEndpointAddress, 
baseUri, "/dynamic/register");
+            String theDynamicRegistrationEndpointAddress =
+                    
calculateEndpointAddress(dynamicRegistrationEndpointAddress, baseUri, 
"/dynamic/register");
             cfg.put("registration_endpoint", 
theDynamicRegistrationEndpointAddress);
         }
     }
 
     protected static String calculateEndpointAddress(String endpointAddress, 
String baseUri, String defRelAddress) {
         endpointAddress = endpointAddress != null ? endpointAddress : 
defRelAddress;
-        if (endpointAddress.startsWith("https")) {
+        if (isAbsoluteUri(endpointAddress)) {
             return endpointAddress;
         } else {
-            return 
UriBuilder.fromUri(baseUri).path(endpointAddress).build().toString(); 
+            URI uri = 
UriBuilder.fromUri(baseUri).path(endpointAddress).build();
+            return removeDefaultPort(uri).toString();
         }
     }
 
+    private static boolean isAbsoluteUri(String endpointAddress) {
+        if (endpointAddress == null) {
+            return false;
+        }
+        return endpointAddress.startsWith("http://";) || 
endpointAddress.startsWith("https://";);
+    }
+
     private String getBaseUri(UriInfo ui) {
         String requestUri = ui.getRequestUri().toString();
         int ind = requestUri.lastIndexOf(".well-known");
@@ -143,7 +152,7 @@ public boolean isTokenRevocationEndpointNotAvailable() {
     public void setJwkEndpointNotAvailable(boolean jwkEndpointNotAvailable) {
         this.jwkEndpointNotAvailable = jwkEndpointNotAvailable;
     }
-    
+
     public boolean isJwkEndpointNotAvailable() {
         return jwkEndpointNotAvailable;
     }
@@ -173,8 +182,14 @@ public void setDynamicRegistrationEndpointAddress(String 
dynamicRegistrationEndp
     }
 
     private String buildIssuerUri(String baseUri) {
-        URI uri = issuer == null || !issuer.startsWith("/") ? 
URI.create(baseUri) 
-            : UriBuilder.fromUri(baseUri).path(issuer).build();
+        URI uri;
+        if (isAbsoluteUri(issuer)) {
+            uri = UriBuilder.fromUri(issuer).build();
+        } else {
+            uri = issuer == null || !issuer.startsWith("/") ? 
URI.create(baseUri)
+                    : UriBuilder.fromUri(baseUri).path(issuer).build();
+        }
+        uri = removeDefaultPort(uri);
         if (stripPathFromIssuerUri) {
             StringBuilder sb = new StringBuilder();
             sb.append(uri.getScheme()).append("://").append(uri.getHost());
@@ -187,8 +202,22 @@ private String buildIssuerUri(String baseUri) {
         }
     }
 
+    private static URI removeDefaultPort(URI uri) {
+        if ((uri.getPort() == 80 && "http".equals(uri.getScheme()))
+                || (uri.getPort() == 443 && "https".equals(uri.getScheme()))) {
+            try {
+                URI newURI = new URI(uri.getScheme(), uri.getUserInfo(), 
uri.getHost(), -1,
+                        uri.getPath(), uri.getQuery(), uri.getFragment());
+                return newURI;
+            } catch (URISyntaxException e) {
+                throw new IllegalArgumentException("Invalid URI " + uri + " : 
" + e.toString(), e);
+            }
+        }
+        return uri;
+    }
+
     public void setStripPathFromIssuerUri(boolean stripPathFromIssuerUri) {
         this.stripPathFromIssuerUri = stripPathFromIssuerUri;
     }
 
-}
+}
\ No newline at end of file


 

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
[email protected]


With regards,
Apache Git Services

Reply via email to