[2/3] cxf git commit: Fixing some failing tests
Fixing some failing tests
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e17d0222
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e17d0222
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e17d0222
Branch: refs/heads/3.0.x-fixes
Commit: e17d02229227aaf308a599fabd682cfd18f85f48
Parents: 5553937
Author: Colm O hEigeartaigh
Authored: Thu Nov 19 17:52:27 2015 +
Committer: Colm O hEigeartaigh
Committed: Thu Nov 19 21:35:35 2015 +
--
.../jaxrs/security/certs/jwkPublicSet.txt| 6 +++---
.../src/test/resources/sts.jks | Bin 3980 -> 4121 bytes
2 files changed, 3 insertions(+), 3 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/e17d0222/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
--
diff --git
a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
index 87f5733..9313284 100644
---
a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
+++
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
@@ -16,15 +16,15 @@
"kty":"RSA",
"kid":"AliceCert",
"x5c": [
-
"MIIDojCCAoqgAwIBAgIBIDANBgkqhkiG9w0BAQsFADAzMRMwEQYDVQQKDAphcGFjaGUub3JnMQwwCgYDVQQLDANlbmcxDjAMBgNVBAMMBWN4ZmNhMB4XDTE1MTAyMDA5NTM1N1oXDTI1MTAxNzA5NTM1N1owMzETMBEGA1UEChMKYXBhY2hlLm9yZzEMMAoGA1UECxMDZW5nMQ4wDAYDVQQDEwVhbGljZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMSBK+IlFaDphtJa96Vjt5et9KMEw/dIzDe+OfZQjAUSkZ1FQoWDaIOkrnbXq/7jfz7dgOx0QS9AMrgh7sEMnd0NGm1tmQr12Zxb9CIkIVFKTBQseCnJGn4Qctt24GVROqlogXs8/Og2NeSa8XJhnUwJFPoVG1QDHswVANlE6jS9TOXZG6fN5TyRwZwrzRVrcbDfUxV+t+HOTBeI/hrFlrJLYfPohZsGIckZvO7AwT6BH9A32L04HfZLGHFwtIjFKTXueC2R8BJZl/HQ8ctwr50L4wytowcpiQT1viJU9gj01xMkRR9wJ+ybenpciQw22wNn2BQ48B3t749Xg8h6v1MCAwEAAaOBwDCBvTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUcKtIwhA3fgWTH49HUGN0W2Jlbj8wYwYDVR0jBFwwWoAUf9/5nypuX3z3t7Lo8QRpkvj2uGOhN6Q1MDMxEzARBgNVBAoMCmFwYWNoZS5vcmcxDDAKBgNVBAsMA2VuZzEOMAwGA1UEAwwFY3hmY2GCCQDr8Tla2IcxaDANBgkqhkiG9w0BAQsFAAOCAQEAPnReJBRXZHTyKTt1Z/k+nLjALGO5h8pejvmqoOt8/i9jMghS+5Pdjel8b9+RFofdC7i88pUHt+ZGrZ
vYEFXl/+UJFWjPt/X/QwrWKbDT95iFPJOSJxk0XL15HS7uKqEWaF2O9EOHndg5XR6YFYuSkHLA6PSsWVXsfgQ4WhTHgcSXz7pgeh7gdp8ItLJ7mBcqN1Jk94yd5BiEfo8Woyh+TVaFoWZcIgN2MfRTk9B75EWrkw5UsUoJ6/Dpq3+kqz+81DfUfTsmKgPWoT3y4UBSnPkFhF7uWguVKd/jUb6StXiNEIrwHYDxzJzBXK1nAFPnNQl+OzDE8J1BPf1pi/acAg=="
-]
+
"MIIDojCCAoqgAwIBAgIBIDANBgkqhkiG9w0BAQsFADAzMRMwEQYDVQQKEwphcGFjaGUub3JnMQwwCgYDVQQLEwNlbmcxDjAMBgNVBAMTBWN4ZmNhMB4XDTE1MTExOTE1MjExN1oXDTI1MTExNjE1MjExN1owMzETMBEGA1UEChMKYXBhY2hlLm9yZzEMMAoGA1UECxMDZW5nMQ4wDAYDVQQDEwVhbGljZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJEtSxj+Fj6DUu8pSm1PaQxWOQLfTjTS3f5S1xD+HZ23oQE9q0gJ1tmcmGoi8EGYd6uC2YTLo8mcAya9pvxiXNPhbkzm6XvQbmvKKjMVe3MOm0OMZu64UgbFcuDxQ5yTHbJbq/sODUUE+AzlvkEiSceibg8LjjVwhWApR39yTDyVoUwtWC3hKUgAaRh1pRkcGJY5/hu9zPiKWxpApvjcRKW8e6EDP5+HJtEfv4FAulXyuN3NWlA+BTzhU3vCcFeUSK8GyJ2EYe7jU7escnn6VOU31YiZlwf4L+nlcShrssBU+QS7t0e1tnx39XwYPnMMfk3IJ5XHrzWELamDFzJUANsCAwEAAaOBwDCBvTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUdtunjeY0on5gtDZ464z81hD/RR4wYwYDVR0jBFwwWoAUIU7wL46HJSo67vTRvPZ3mlfF54mhN6Q1MDMxEzARBgNVBAoTCmFwYWNoZS5vcmcxDDAKBgNVBAsTA2VuZzEOMAwGA1UEAxMFY3hmY2GCCQCs4D589C1IpDANBgkqhkiG9w0BAQsFAAOCAQEAH5/3uv40Hif/AjEgLtCNm+V8B2zszugwJWS/0aCJkb/Qj22XnOSJ6kmBHkBvlJ70el2SmrW+ZysZo+
II+qds663wsfrzBv4egnSNWRFBPeAhYdGNAAaqAbDduRHa4vUdmcYTHEl/EZCabQSr7VH1+L6yCvwbnhDf8LZVDrFLcTeNOqhQnN/vUaG1wu8csrTLuzZzEZ5YF8bBJQmlN9s7J1DzM60TgfrNJcCCYalFBQspQmnlFIqVoJC5n88GOUzcCCQ3YoT1zDqlVuJhasW2PoD3C0NRkFXdu9268xNG/lLgf+mcX2jEzfHAzb8+sxZKReBfE8T8QBIBd+GW6vRshA=="
+ ]
},
{
"kty":"RSA",
"kid":"BobCert",
"x5c": [
-
"MIIDoDCCAoigAwIBAgIBIjANBgkqhkiG9w0BAQsFADAzMRMwEQYDVQQKDAphcGFjaGUub3JnMQwwCgYDVQQLDANlbmcxDjAMBgNVBAMMBWN4ZmNhMB4XDTE1MTAyMDA5NTYyNloXDTI1MTAxNzA5NTYyNlowMTETMBEGA1UEChMKYXBhY2hlLm9yZzEMMAoGA1UECxMDZW5nMQwwCgYDVQQDEwNib2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCEjgfe3UUVEr7CVA+one1q/CCyU/1gN0jUpXf15hroR45Mhq0yEiStFMjIEfJJKyjRuwnfPrRf8FVMjRPLo9NLe1r1HMcVLaepZzhD1WgqRjAk0nymBN3zpFQDxyc5BGYiZLjgzmM7wlHW7XE+QSSlfjdH0EEoGXgHJitosQ78rq3iJlBgriN7OQuJynkHgRjMM9aKwHRs/y/03BmnMh1yq2PG1ptuWl/GspXrvgY9dfEGWppm1cC9FBPZcF8Y/l0I9kYArtbAGNcfcRpG2pQwSB+sKJAOHrm6ofzIEv+eJW7EX9GfQo5ab99CBDwC5iOSPPSfSW5eKn6+737tFTFPAgMBAAGjgcAwgb0wCQYDVR0TBAIwADAsBglgh
[3/3] cxf git commit: Recording .gitmergeinfo Changes
Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/db0775c4 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/db0775c4 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/db0775c4 Branch: refs/heads/3.0.x-fixes Commit: db0775c4fbadba4cd2d6f10200a159cd6e4f08e2 Parents: e17d022 Author: Colm O hEigeartaigh Authored: Thu Nov 19 21:35:37 2015 + Committer: Colm O hEigeartaigh Committed: Thu Nov 19 21:35:37 2015 + -- .gitmergeinfo | 4 1 file changed, 4 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/db0775c4/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index e104876..b7b2dee 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -145,6 +145,7 @@ B 456eff5885d85e2cfe30b639bd5a442929a3f9de B 46838d8a346687e9f8ff2f6e279e3ba83f99c5f3 B 46ce1778d9a4d6a30e38b393a08dd4ecae2dbb09 B 46f0d5fff8a4d846831b5e9d7ac0405fe06d2ccd +B 4702274c7a8bad71ab512744ad39f5207bfe86cd B 470bdcb40597dce5e5cf957000ab60b0b4c1fce4 B 478de215af2da2c03f439bbbd8341b234bb7bee8 B 47b1a4ae21cfc70cea3b48ebd2be72fd184f1370 @@ -279,6 +280,7 @@ B 7f7cc3c390b95f9d7589eb192538551416c313db B 7faee992154aadf83dde26942f424db4c764b5fd B 7fb966c9150652273c69852af79d90c3ed7b030e B 7fbbd1d13bbb7ccbbc1213ed86a456794583fd3e +B 7fdc34030bdcfaa4226c28ea8ce83f34563a5b6d B 80014cf0e6fb1ba62ffdb3766acffd2130eef9d6 B 80d7128a3ba1944a603c73e5e908d86c9bf27648 B 8176b1b0faad2de44a4ff85083c74b5a4b74918a @@ -374,6 +376,7 @@ B ab4eaac0be87291b7f053d144dc8fbf9d98634c3 B ac33a5b83e2c487a4e7c08c6c15539e64ceea24e B ad5763ef8ea1ff3c8ddea2c3a6fabdaae6acddd6 B ad700a5f6471f55680821f6d04b182f5d3a6054e +B ade622bf89a6d72d1aca4ab3a82dc4450cd5a603 B af100a919178b0938fcc04d9c8d1dd1269e351b9 B afd70f562f769c1f1ed26a275cbb3763b24cba43 B afeb2ab056a4a4377db11d597c675108eb780d16 @@ -429,6 +432,7 @@ B c5609a479c87ea75e016b61daeafe0021f693332 B c5c21d5b61fbd57e79f0bf39fa56ef9814c417fd B c5da4140da8fe63c4a10845b95258bbda9ab2058 B c750e54452bfa4cb9b0db018dad135b298847095 +B c8887c9b250d53148b7c0f59b5f55dbd34f02a80 B c933c0be9254f5858102aea69d306908ce8a1f0c B c9ec28df42e815b0771964fdae96b7ecb2e2281b B ca1f38bcbcc5097af7e537173cacb24806b4b490
[1/3] cxf git commit: Updating expired certs
Repository: cxf
Updated Branches:
refs/heads/3.0.x-fixes a4a755686 -> db0775c4f
Updating expired certs
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/5553937e
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/5553937e
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/5553937e
Branch: refs/heads/3.0.x-fixes
Commit: 5553937e8e08cd8cd39c88734e6d99dce322e25d
Parents: a4a7556
Author: Colm O hEigeartaigh
Authored: Thu Nov 19 16:41:29 2015 +
Committer: Colm O hEigeartaigh
Committed: Thu Nov 19 21:35:30 2015 +
--
.../saml/sso/SAMLResponseValidatorTest.java | 1 +
.../sso/saml/src/test/resources/alice.jks| Bin 1861 -> 4125 bytes
rt/rs/security/xml/src/test/resources/alice.jks | Bin 1861 -> 4125 bytes
rt/ws/security/src/test/resources/alice.jks | Bin 3984 -> 4125 bytes
rt/ws/security/src/test/resources/cxfca.jks | Bin 891 -> 961 bytes
.../src/test/resources/certs/alice.jks | Bin 2428 -> 4125 bytes
.../xkms-client/src/test/resources/certs/bob.jks | Bin 2422 -> 4122 bytes
.../src/test/resources/certs/cxfca.jks | Bin 1306 -> 961 bytes
systests/kerberos/src/test/resources/alice.jks | Bin 3984 -> 4125 bytes
systests/kerberos/src/test/resources/bob.jks | Bin 3979 -> 4122 bytes
.../cxf/systest/jaxrs/security/certs/alice.jks | Bin 3984 -> 4125 bytes
.../cxf/systest/jaxrs/security/certs/bob.jks | Bin 3979 -> 4122 bytes
.../cxf/systest/jaxrs/security/certs/cxfca.jks | Bin 891 -> 961 bytes
.../src/test/resources/certs/alice.jks | Bin 3984 -> 4125 bytes
.../src/test/resources/certs/bob.jks | Bin 3979 -> 4122 bytes
.../src/test/resources/certs/cxfca.jks | Bin 891 -> 961 bytes
.../src/test/resources/keys/alice.jks| Bin 3984 -> 4125 bytes
.../src/test/resources/keys/bob.jks | Bin 3979 -> 4122 bytes
.../src/test/resources/keys/cxfca.jks| Bin 891 -> 961 bytes
.../transports/src/test/resources/keys/alice.jks | Bin 3984 -> 4125 bytes
.../transports/src/test/resources/keys/bob.jks | Bin 3979 -> 4122 bytes
.../transports/src/test/resources/keys/cxfca.jks | Bin 891 -> 961 bytes
.../ws-rm/src/test/resources/certs/alice.jks | Bin 3984 -> 4125 bytes
systests/ws-rm/src/test/resources/certs/bob.jks | Bin 3979 -> 4122 bytes
.../src/test/resources/alice.jks | Bin 3984 -> 4125 bytes
.../src/test/resources/bob.jks | Bin 3979 -> 4122 bytes
.../src/test/resources/cxfca.jks | Bin 891 -> 961 bytes
.../src/test/resources/certs/alice.jks | Bin 3984 -> 4125 bytes
.../ws-security/src/test/resources/certs/bob.jks | Bin 3979 -> 4122 bytes
.../src/test/resources/certs/cxfca.jks | Bin 891 -> 961 bytes
.../src/test/resources/certs/xkms/bob.crt| Bin 932 -> 932 bytes
.../resources/certs/xkms/trusted_cas/cxfca.crt | Bin 829 -> 899 bytes
32 files changed, 1 insertion(+)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/5553937e/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
--
diff --git
a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
index 6717813..51b8f80 100644
---
a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
+++
b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
@@ -462,6 +462,7 @@ public class SAMLResponseValidatorTest extends
org.junit.Assert {
InputStream input = Merlin.loadInputStream(loader, "alice.jks");
keyStore.load(input, "password".toCharArray());
((Merlin)issuerCrypto).setKeyStore(keyStore);
+issuerCrypto.setDefaultX509Identifier("alice");
response.getAssertions().add(assertion.getSaml2());
signResponse(response, "alice", "password", issuerCrypto, false);
http://git-wip-us.apache.org/repos/asf/cxf/blob/5553937e/rt/rs/security/sso/saml/src/test/resources/alice.jks
--
diff --git a/rt/rs/security/sso/saml/src/test/resources/alice.jks
b/rt/rs/security/sso/saml/src/test/resources/alice.jks
index 3a788c2..213b26c 100644
Binary files a/rt/rs/security/sso/saml/src/test/resources/alice.jks and
b/rt/rs/security/sso/saml/src/test/resources/alice.jks differ
http://git-wip-us.apache.org/repos/asf/cxf/blob/5553937e/rt/rs/security/xml/src/test/resources/alice.jks
--
diff --git a/rt/rs
cxf git commit: [CXF-6676] Adding a test
Repository: cxf
Updated Branches:
refs/heads/3.0.x-fixes 358549e21 -> a4a755686
[CXF-6676] Adding a test
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a4a75568
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a4a75568
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a4a75568
Branch: refs/heads/3.0.x-fixes
Commit: a4a7556868a192ed514a18261ede914f9b0bf665
Parents: 358549e
Author: Sergey Beryozkin
Authored: Thu Nov 19 21:28:00 2015 +
Committer: Sergey Beryozkin
Committed: Thu Nov 19 21:30:21 2015 +
--
.../tools/wadlto/jaxrs/JAXRSContainerTest.java | 48
.../src/test/resources/wadl/testComplexPath.xml | 13 ++
2 files changed, 61 insertions(+)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/a4a75568/tools/wadlto/jaxrs/src/test/java/org/apache/cxf/tools/wadlto/jaxrs/JAXRSContainerTest.java
--
diff --git
a/tools/wadlto/jaxrs/src/test/java/org/apache/cxf/tools/wadlto/jaxrs/JAXRSContainerTest.java
b/tools/wadlto/jaxrs/src/test/java/org/apache/cxf/tools/wadlto/jaxrs/JAXRSContainerTest.java
index 5c0ab34..bbcde20 100644
---
a/tools/wadlto/jaxrs/src/test/java/org/apache/cxf/tools/wadlto/jaxrs/JAXRSContainerTest.java
+++
b/tools/wadlto/jaxrs/src/test/java/org/apache/cxf/tools/wadlto/jaxrs/JAXRSContainerTest.java
@@ -28,7 +28,10 @@ import java.net.URLClassLoader;
import java.util.List;
import javax.ws.rs.Consumes;
+import javax.ws.rs.GET;
import javax.ws.rs.PUT;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
import javax.ws.rs.QueryParam;
import org.apache.cxf.helpers.FileUtils;
@@ -405,6 +408,51 @@ public class JAXRSContainerTest extends ProcessorTestBase {
}
}
+@Test
+public void testComplexPath() {
+try {
+JAXRSContainer container = new JAXRSContainer(null);
+
+ToolContext context = new ToolContext();
+context.put(WadlToolConstants.CFG_OUTPUTDIR,
output.getCanonicalPath());
+context.put(WadlToolConstants.CFG_WADLURL,
getLocation("/wadl/testComplexPath.xml"));
+context.put(WadlToolConstants.CFG_COMPILE, "true");
+
+container.setContext(context);
+container.execute();
+
+assertNotNull(output.list());
+
+List files = FileUtils.getFilesRecurse(output, ".+\\." +
"class" + "$");
+assertEquals(1, files.size());
+assertTrue(checkContains(files, "application.Resource.class"));
+@SuppressWarnings("resource")
+ClassLoader loader = new URLClassLoader(new URL[]
{output.toURI().toURL() });
+
+Class test1 = loader.loadClass("application.Resource");
+Method[] test1Methods = test1.getDeclaredMethods();
+assertEquals(1, test1Methods.length);
+assertEquals(2, test1Methods[0].getAnnotations().length);
+assertNotNull(test1Methods[0].getAnnotation(GET.class));
+Path path = test1Methods[0].getAnnotation(Path.class);
+assertNotNull(path);
+assertEquals("/get-add-method", path.value());
+
+assertEquals("getGetaddmethod", test1Methods[0].getName());
+Class[] paramTypes = test1Methods[0].getParameterTypes();
+assertEquals(1, paramTypes.length);
+Annotation[][] paramAnns =
test1Methods[0].getParameterAnnotations();
+assertEquals(String.class, paramTypes[0]);
+assertEquals(1, paramAnns[0].length);
+PathParam test1PathParam1 = (PathParam)paramAnns[0][0];
+assertEquals("id", test1PathParam1.value());
+
+} catch (Exception e) {
+e.printStackTrace();
+fail();
+}
+}
+
@Test
public void testCodeGenWithImportedSchemaAndResourceSet() {
try {
http://git-wip-us.apache.org/repos/asf/cxf/blob/a4a75568/tools/wadlto/jaxrs/src/test/resources/wadl/testComplexPath.xml
--
diff --git a/tools/wadlto/jaxrs/src/test/resources/wadl/testComplexPath.xml
b/tools/wadlto/jaxrs/src/test/resources/wadl/testComplexPath.xml
new file mode 100644
index 000..372ca85
--- /dev/null
+++ b/tools/wadlto/jaxrs/src/test/resources/wadl/testComplexPath.xml
@@ -0,0 +1,13 @@
+http://wadl.dev.java.net/2009/02";
xmlns:xs="http://www.w3.org/2001/XMLSchema"; >
+
+
+
+
+
+
+
+
+
+
+
+
cxf git commit: [CXF-6676] Adding a test
Repository: cxf
Updated Branches:
refs/heads/3.1.x-fixes c8887c9b2 -> 296ce494a
[CXF-6676] Adding a test
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/296ce494
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/296ce494
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/296ce494
Branch: refs/heads/3.1.x-fixes
Commit: 296ce494aaca47e362fee3f736da20125a0ce1d8
Parents: c8887c9
Author: Sergey Beryozkin
Authored: Thu Nov 19 21:28:00 2015 +
Committer: Sergey Beryozkin
Committed: Thu Nov 19 21:29:18 2015 +
--
.../tools/wadlto/jaxrs/JAXRSContainerTest.java | 48
.../src/test/resources/wadl/testComplexPath.xml | 13 ++
2 files changed, 61 insertions(+)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/296ce494/tools/wadlto/jaxrs/src/test/java/org/apache/cxf/tools/wadlto/jaxrs/JAXRSContainerTest.java
--
diff --git
a/tools/wadlto/jaxrs/src/test/java/org/apache/cxf/tools/wadlto/jaxrs/JAXRSContainerTest.java
b/tools/wadlto/jaxrs/src/test/java/org/apache/cxf/tools/wadlto/jaxrs/JAXRSContainerTest.java
index 5c0ab34..bbcde20 100644
---
a/tools/wadlto/jaxrs/src/test/java/org/apache/cxf/tools/wadlto/jaxrs/JAXRSContainerTest.java
+++
b/tools/wadlto/jaxrs/src/test/java/org/apache/cxf/tools/wadlto/jaxrs/JAXRSContainerTest.java
@@ -28,7 +28,10 @@ import java.net.URLClassLoader;
import java.util.List;
import javax.ws.rs.Consumes;
+import javax.ws.rs.GET;
import javax.ws.rs.PUT;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
import javax.ws.rs.QueryParam;
import org.apache.cxf.helpers.FileUtils;
@@ -405,6 +408,51 @@ public class JAXRSContainerTest extends ProcessorTestBase {
}
}
+@Test
+public void testComplexPath() {
+try {
+JAXRSContainer container = new JAXRSContainer(null);
+
+ToolContext context = new ToolContext();
+context.put(WadlToolConstants.CFG_OUTPUTDIR,
output.getCanonicalPath());
+context.put(WadlToolConstants.CFG_WADLURL,
getLocation("/wadl/testComplexPath.xml"));
+context.put(WadlToolConstants.CFG_COMPILE, "true");
+
+container.setContext(context);
+container.execute();
+
+assertNotNull(output.list());
+
+List files = FileUtils.getFilesRecurse(output, ".+\\." +
"class" + "$");
+assertEquals(1, files.size());
+assertTrue(checkContains(files, "application.Resource.class"));
+@SuppressWarnings("resource")
+ClassLoader loader = new URLClassLoader(new URL[]
{output.toURI().toURL() });
+
+Class test1 = loader.loadClass("application.Resource");
+Method[] test1Methods = test1.getDeclaredMethods();
+assertEquals(1, test1Methods.length);
+assertEquals(2, test1Methods[0].getAnnotations().length);
+assertNotNull(test1Methods[0].getAnnotation(GET.class));
+Path path = test1Methods[0].getAnnotation(Path.class);
+assertNotNull(path);
+assertEquals("/get-add-method", path.value());
+
+assertEquals("getGetaddmethod", test1Methods[0].getName());
+Class[] paramTypes = test1Methods[0].getParameterTypes();
+assertEquals(1, paramTypes.length);
+Annotation[][] paramAnns =
test1Methods[0].getParameterAnnotations();
+assertEquals(String.class, paramTypes[0]);
+assertEquals(1, paramAnns[0].length);
+PathParam test1PathParam1 = (PathParam)paramAnns[0][0];
+assertEquals("id", test1PathParam1.value());
+
+} catch (Exception e) {
+e.printStackTrace();
+fail();
+}
+}
+
@Test
public void testCodeGenWithImportedSchemaAndResourceSet() {
try {
http://git-wip-us.apache.org/repos/asf/cxf/blob/296ce494/tools/wadlto/jaxrs/src/test/resources/wadl/testComplexPath.xml
--
diff --git a/tools/wadlto/jaxrs/src/test/resources/wadl/testComplexPath.xml
b/tools/wadlto/jaxrs/src/test/resources/wadl/testComplexPath.xml
new file mode 100644
index 000..372ca85
--- /dev/null
+++ b/tools/wadlto/jaxrs/src/test/resources/wadl/testComplexPath.xml
@@ -0,0 +1,13 @@
+http://wadl.dev.java.net/2009/02";
xmlns:xs="http://www.w3.org/2001/XMLSchema"; >
+
+
+
+
+
+
+
+
+
+
+
+
cxf git commit: [CXF-6676] Adding a test
Repository: cxf
Updated Branches:
refs/heads/master 826bf21ae -> bfe64272d
[CXF-6676] Adding a test
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/bfe64272
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/bfe64272
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/bfe64272
Branch: refs/heads/master
Commit: bfe64272daa1f32d40eeb0b16d000c54a134b1d2
Parents: 826bf21
Author: Sergey Beryozkin
Authored: Thu Nov 19 21:28:00 2015 +
Committer: Sergey Beryozkin
Committed: Thu Nov 19 21:28:00 2015 +
--
.../tools/wadlto/jaxrs/JAXRSContainerTest.java | 48
.../src/test/resources/wadl/testComplexPath.xml | 13 ++
2 files changed, 61 insertions(+)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/bfe64272/tools/wadlto/jaxrs/src/test/java/org/apache/cxf/tools/wadlto/jaxrs/JAXRSContainerTest.java
--
diff --git
a/tools/wadlto/jaxrs/src/test/java/org/apache/cxf/tools/wadlto/jaxrs/JAXRSContainerTest.java
b/tools/wadlto/jaxrs/src/test/java/org/apache/cxf/tools/wadlto/jaxrs/JAXRSContainerTest.java
index 5c0ab34..bbcde20 100644
---
a/tools/wadlto/jaxrs/src/test/java/org/apache/cxf/tools/wadlto/jaxrs/JAXRSContainerTest.java
+++
b/tools/wadlto/jaxrs/src/test/java/org/apache/cxf/tools/wadlto/jaxrs/JAXRSContainerTest.java
@@ -28,7 +28,10 @@ import java.net.URLClassLoader;
import java.util.List;
import javax.ws.rs.Consumes;
+import javax.ws.rs.GET;
import javax.ws.rs.PUT;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
import javax.ws.rs.QueryParam;
import org.apache.cxf.helpers.FileUtils;
@@ -405,6 +408,51 @@ public class JAXRSContainerTest extends ProcessorTestBase {
}
}
+@Test
+public void testComplexPath() {
+try {
+JAXRSContainer container = new JAXRSContainer(null);
+
+ToolContext context = new ToolContext();
+context.put(WadlToolConstants.CFG_OUTPUTDIR,
output.getCanonicalPath());
+context.put(WadlToolConstants.CFG_WADLURL,
getLocation("/wadl/testComplexPath.xml"));
+context.put(WadlToolConstants.CFG_COMPILE, "true");
+
+container.setContext(context);
+container.execute();
+
+assertNotNull(output.list());
+
+List files = FileUtils.getFilesRecurse(output, ".+\\." +
"class" + "$");
+assertEquals(1, files.size());
+assertTrue(checkContains(files, "application.Resource.class"));
+@SuppressWarnings("resource")
+ClassLoader loader = new URLClassLoader(new URL[]
{output.toURI().toURL() });
+
+Class test1 = loader.loadClass("application.Resource");
+Method[] test1Methods = test1.getDeclaredMethods();
+assertEquals(1, test1Methods.length);
+assertEquals(2, test1Methods[0].getAnnotations().length);
+assertNotNull(test1Methods[0].getAnnotation(GET.class));
+Path path = test1Methods[0].getAnnotation(Path.class);
+assertNotNull(path);
+assertEquals("/get-add-method", path.value());
+
+assertEquals("getGetaddmethod", test1Methods[0].getName());
+Class[] paramTypes = test1Methods[0].getParameterTypes();
+assertEquals(1, paramTypes.length);
+Annotation[][] paramAnns =
test1Methods[0].getParameterAnnotations();
+assertEquals(String.class, paramTypes[0]);
+assertEquals(1, paramAnns[0].length);
+PathParam test1PathParam1 = (PathParam)paramAnns[0][0];
+assertEquals("id", test1PathParam1.value());
+
+} catch (Exception e) {
+e.printStackTrace();
+fail();
+}
+}
+
@Test
public void testCodeGenWithImportedSchemaAndResourceSet() {
try {
http://git-wip-us.apache.org/repos/asf/cxf/blob/bfe64272/tools/wadlto/jaxrs/src/test/resources/wadl/testComplexPath.xml
--
diff --git a/tools/wadlto/jaxrs/src/test/resources/wadl/testComplexPath.xml
b/tools/wadlto/jaxrs/src/test/resources/wadl/testComplexPath.xml
new file mode 100644
index 000..372ca85
--- /dev/null
+++ b/tools/wadlto/jaxrs/src/test/resources/wadl/testComplexPath.xml
@@ -0,0 +1,13 @@
+http://wadl.dev.java.net/2009/02";
xmlns:xs="http://www.w3.org/2001/XMLSchema"; >
+
+
+
+
+
+
+
+
+
+
+
+
cxf git commit: Fixing failing STS test
Repository: cxf
Updated Branches:
refs/heads/3.1.x-fixes a9da42b02 -> c8887c9b2
Fixing failing STS test
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c8887c9b
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c8887c9b
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c8887c9b
Branch: refs/heads/3.1.x-fixes
Commit: c8887c9b250d53148b7c0f59b5f55dbd34f02a80
Parents: a9da42b
Author: Colm O hEigeartaigh
Authored: Thu Nov 19 20:18:12 2015 +
Committer: Colm O hEigeartaigh
Committed: Thu Nov 19 20:18:12 2015 +
--
.../test/java/org/apache/cxf/systest/sts/jwt/JaxrsJWTTest.java | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/c8887c9b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/JaxrsJWTTest.java
--
diff --git
a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/JaxrsJWTTest.java
b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/JaxrsJWTTest.java
index 890a111..76fcb6e 100644
---
a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/JaxrsJWTTest.java
+++
b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/JaxrsJWTTest.java
@@ -20,7 +20,7 @@ package org.apache.cxf.systest.sts.jwt;
import java.io.IOException;
import java.net.URL;
-import java.util.Collections;
+import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -91,7 +91,8 @@ public class JaxrsJWTTest extends
AbstractBusClientServerTestBase {
final String address = "https://localhost:"; + PORT +
"/doubleit/services/doubleit-rs";
final int numToDouble = 25;
-List providers = Collections.singletonList(new JwtOutFilter());
+List providers = new
ArrayList();
+providers.add(new JwtOutFilter());
WebClient client = WebClient.create(address, providers);
client.type("text/plain").accept("text/plain");
[5/5] cxf git commit: Fixing some failing tests
Fixing some failing tests
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a9da42b0
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a9da42b0
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a9da42b0
Branch: refs/heads/3.1.x-fixes
Commit: a9da42b02fdfb509db43425fc719318e0731beb6
Parents: 35bebef
Author: Colm O hEigeartaigh
Authored: Thu Nov 19 17:52:27 2015 +
Committer: Colm O hEigeartaigh
Committed: Thu Nov 19 17:53:26 2015 +
--
.../jaxrs/security/certs/jwkPublicSet.txt| 6 +++---
.../src/test/resources/sts.jks | Bin 3980 -> 4121 bytes
2 files changed, 3 insertions(+), 3 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/a9da42b0/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
--
diff --git
a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
index 87f5733..9313284 100644
---
a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
+++
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
@@ -16,15 +16,15 @@
"kty":"RSA",
"kid":"AliceCert",
"x5c": [
-
"MIIDojCCAoqgAwIBAgIBIDANBgkqhkiG9w0BAQsFADAzMRMwEQYDVQQKDAphcGFjaGUub3JnMQwwCgYDVQQLDANlbmcxDjAMBgNVBAMMBWN4ZmNhMB4XDTE1MTAyMDA5NTM1N1oXDTI1MTAxNzA5NTM1N1owMzETMBEGA1UEChMKYXBhY2hlLm9yZzEMMAoGA1UECxMDZW5nMQ4wDAYDVQQDEwVhbGljZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMSBK+IlFaDphtJa96Vjt5et9KMEw/dIzDe+OfZQjAUSkZ1FQoWDaIOkrnbXq/7jfz7dgOx0QS9AMrgh7sEMnd0NGm1tmQr12Zxb9CIkIVFKTBQseCnJGn4Qctt24GVROqlogXs8/Og2NeSa8XJhnUwJFPoVG1QDHswVANlE6jS9TOXZG6fN5TyRwZwrzRVrcbDfUxV+t+HOTBeI/hrFlrJLYfPohZsGIckZvO7AwT6BH9A32L04HfZLGHFwtIjFKTXueC2R8BJZl/HQ8ctwr50L4wytowcpiQT1viJU9gj01xMkRR9wJ+ybenpciQw22wNn2BQ48B3t749Xg8h6v1MCAwEAAaOBwDCBvTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUcKtIwhA3fgWTH49HUGN0W2Jlbj8wYwYDVR0jBFwwWoAUf9/5nypuX3z3t7Lo8QRpkvj2uGOhN6Q1MDMxEzARBgNVBAoMCmFwYWNoZS5vcmcxDDAKBgNVBAsMA2VuZzEOMAwGA1UEAwwFY3hmY2GCCQDr8Tla2IcxaDANBgkqhkiG9w0BAQsFAAOCAQEAPnReJBRXZHTyKTt1Z/k+nLjALGO5h8pejvmqoOt8/i9jMghS+5Pdjel8b9+RFofdC7i88pUHt+ZGrZ
vYEFXl/+UJFWjPt/X/QwrWKbDT95iFPJOSJxk0XL15HS7uKqEWaF2O9EOHndg5XR6YFYuSkHLA6PSsWVXsfgQ4WhTHgcSXz7pgeh7gdp8ItLJ7mBcqN1Jk94yd5BiEfo8Woyh+TVaFoWZcIgN2MfRTk9B75EWrkw5UsUoJ6/Dpq3+kqz+81DfUfTsmKgPWoT3y4UBSnPkFhF7uWguVKd/jUb6StXiNEIrwHYDxzJzBXK1nAFPnNQl+OzDE8J1BPf1pi/acAg=="
-]
+
"MIIDojCCAoqgAwIBAgIBIDANBgkqhkiG9w0BAQsFADAzMRMwEQYDVQQKEwphcGFjaGUub3JnMQwwCgYDVQQLEwNlbmcxDjAMBgNVBAMTBWN4ZmNhMB4XDTE1MTExOTE1MjExN1oXDTI1MTExNjE1MjExN1owMzETMBEGA1UEChMKYXBhY2hlLm9yZzEMMAoGA1UECxMDZW5nMQ4wDAYDVQQDEwVhbGljZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJEtSxj+Fj6DUu8pSm1PaQxWOQLfTjTS3f5S1xD+HZ23oQE9q0gJ1tmcmGoi8EGYd6uC2YTLo8mcAya9pvxiXNPhbkzm6XvQbmvKKjMVe3MOm0OMZu64UgbFcuDxQ5yTHbJbq/sODUUE+AzlvkEiSceibg8LjjVwhWApR39yTDyVoUwtWC3hKUgAaRh1pRkcGJY5/hu9zPiKWxpApvjcRKW8e6EDP5+HJtEfv4FAulXyuN3NWlA+BTzhU3vCcFeUSK8GyJ2EYe7jU7escnn6VOU31YiZlwf4L+nlcShrssBU+QS7t0e1tnx39XwYPnMMfk3IJ5XHrzWELamDFzJUANsCAwEAAaOBwDCBvTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUdtunjeY0on5gtDZ464z81hD/RR4wYwYDVR0jBFwwWoAUIU7wL46HJSo67vTRvPZ3mlfF54mhN6Q1MDMxEzARBgNVBAoTCmFwYWNoZS5vcmcxDDAKBgNVBAsTA2VuZzEOMAwGA1UEAxMFY3hmY2GCCQCs4D589C1IpDANBgkqhkiG9w0BAQsFAAOCAQEAH5/3uv40Hif/AjEgLtCNm+V8B2zszugwJWS/0aCJkb/Qj22XnOSJ6kmBHkBvlJ70el2SmrW+ZysZo+
II+qds663wsfrzBv4egnSNWRFBPeAhYdGNAAaqAbDduRHa4vUdmcYTHEl/EZCabQSr7VH1+L6yCvwbnhDf8LZVDrFLcTeNOqhQnN/vUaG1wu8csrTLuzZzEZ5YF8bBJQmlN9s7J1DzM60TgfrNJcCCYalFBQspQmnlFIqVoJC5n88GOUzcCCQ3YoT1zDqlVuJhasW2PoD3C0NRkFXdu9268xNG/lLgf+mcX2jEzfHAzb8+sxZKReBfE8T8QBIBd+GW6vRshA=="
+ ]
},
{
"kty":"RSA",
"kid":"BobCert",
"x5c": [
-
"MIIDoDCCAoigAwIBAgIBIjANBgkqhkiG9w0BAQsFADAzMRMwEQYDVQQKDAphcGFjaGUub3JnMQwwCgYDVQQLDANlbmcxDjAMBgNVBAMMBWN4ZmNhMB4XDTE1MTAyMDA5NTYyNloXDTI1MTAxNzA5NTYyNlowMTETMBEGA1UEChMKYXBhY2hlLm9yZzEMMAoGA1UECxMDZW5nMQwwCgYDVQQDEwNib2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCEjgfe3UUVEr7CVA+one1q/CCyU/1gN0jUpXf15hroR45Mhq0yEiStFMjIEfJJKyjRuwnfPrRf8FVMjRPLo9NLe1r1HMcVLaepZzhD1WgqRjAk0nymBN3zpFQDxyc5BGYiZLjgzmM7wlHW7XE+QSSlfjdH0EEoGXgHJitosQ78rq3iJlBgriN7OQuJynkHgRjMM9aKwHRs/y/03BmnMh1yq2PG1ptuWl/GspXrvgY9dfEGWppm1cC9FBPZcF8Y/l0I9kYArtbAGNcfcRpG2pQwSB+sKJAOHrm6ofzIEv+eJW7EX9GfQo5ab99CBDwC5iOSPPSfSW5eKn6+737tFTFPAgMBAAGjgcAwgb0wCQYDVR0TBAIwADAsBglgh
[2/5] cxf git commit: Adding a system test for a JAX-RS service and JWT/STS
Adding a system test for a JAX-RS service and JWT/STS
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/ade622bf
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/ade622bf
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/ade622bf
Branch: refs/heads/3.1.x-fixes
Commit: ade622bf89a6d72d1aca4ab3a82dc4450cd5a603
Parents: 7fdc340
Author: Colm O hEigeartaigh
Authored: Thu Nov 19 14:40:57 2015 +
Committer: Colm O hEigeartaigh
Committed: Thu Nov 19 17:53:20 2015 +
--
services/sts/systests/advanced/pom.xml | 6 +
.../systest/sts/jwt/DoubleItPortTypeImpl.java | 41 +
.../apache/cxf/systest/sts/jwt/JWTUnitTest.java | 2 +-
.../cxf/systest/sts/jwt/JaxrsJWTTest.java | 152 ++
.../org/apache/cxf/systest/sts/jwt/Server.java | 46 ++
.../cxf/systest/sts/deployment/cxf-sts.xml | 3 +-
.../apache/cxf/systest/sts/jwt/DoubleIt.wsdl| 157 +++
.../apache/cxf/systest/sts/jwt/cxf-client.xml | 39 +
.../apache/cxf/systest/sts/jwt/cxf-service.xml | 53 +++
.../cxf/systest/sts/jwt/cxf-unit-client.xml | 39 -
.../org/apache/cxf/systest/sts/jwt/jaxrs.xml| 26 +++
11 files changed, 522 insertions(+), 42 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/ade622bf/services/sts/systests/advanced/pom.xml
--
diff --git a/services/sts/systests/advanced/pom.xml
b/services/sts/systests/advanced/pom.xml
index bd288e5..96b1b7d 100644
--- a/services/sts/systests/advanced/pom.xml
+++ b/services/sts/systests/advanced/pom.xml
@@ -56,6 +56,12 @@
org.apache.cxf
+cxf-rt-rs-security-jose-jaxrs
+${project.version}
+test
+
+
+org.apache.cxf
cxf-rt-frontend-jaxws
${project.version}
test
http://git-wip-us.apache.org/repos/asf/cxf/blob/ade622bf/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/DoubleItPortTypeImpl.java
--
diff --git
a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/DoubleItPortTypeImpl.java
b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/DoubleItPortTypeImpl.java
new file mode 100644
index 000..e9b50aa
--- /dev/null
+++
b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/DoubleItPortTypeImpl.java
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.sts.jwt;
+
+import javax.annotation.Resource;
+import javax.jws.WebService;
+import javax.xml.ws.WebServiceContext;
+
+import org.apache.cxf.feature.Features;
+import org.example.contract.doubleit.DoubleItPortType;
+
+@WebService(targetNamespace = "http://www.example.org/contract/DoubleIt";,
+serviceName = "DoubleItService",
+endpointInterface =
"org.example.contract.doubleit.DoubleItPortType")
+@Features(features = "org.apache.cxf.feature.LoggingFeature")
+public class DoubleItPortTypeImpl implements DoubleItPortType {
+
+@Resource
+WebServiceContext wsContext;
+
+public int doubleIt(int numberToDouble) {
+return numberToDouble * 2;
+}
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/ade622bf/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/JWTUnitTest.java
--
diff --git
a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/JWTUnitTest.java
b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/JWTUnitTest.java
index 90da0c3..00ed2b1 100644
---
a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/JWTUnitTest.java
+++
b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/JWTUnitTest.java
@@ -61,7 +61,7 @@ pu
[4/5] cxf git commit: Updating expired certs
Updating expired certs
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/35bebef6
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/35bebef6
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/35bebef6
Branch: refs/heads/3.1.x-fixes
Commit: 35bebef60de1221475534d6b1e5eeba643db6a0b
Parents: 4702274
Author: Colm O hEigeartaigh
Authored: Thu Nov 19 16:41:29 2015 +
Committer: Colm O hEigeartaigh
Committed: Thu Nov 19 17:53:23 2015 +
--
.../saml/sso/SAMLResponseValidatorTest.java | 1 +
.../sso/saml/src/test/resources/alice.jks| Bin 1861 -> 4125 bytes
rt/rs/security/xml/src/test/resources/alice.jks | Bin 1861 -> 4125 bytes
rt/ws/security/src/test/resources/alice.jks | Bin 3984 -> 4125 bytes
rt/ws/security/src/test/resources/cxfca.jks | Bin 891 -> 961 bytes
.../src/test/resources/certs/alice.jks | Bin 2428 -> 4125 bytes
.../xkms-client/src/test/resources/certs/bob.jks | Bin 2422 -> 4122 bytes
.../src/test/resources/certs/cxfca.jks | Bin 1306 -> 961 bytes
systests/kerberos/src/test/resources/alice.jks | Bin 3984 -> 4125 bytes
systests/kerberos/src/test/resources/bob.jks | Bin 3979 -> 4122 bytes
.../cxf/systest/jaxrs/security/certs/alice.jks | Bin 3984 -> 4125 bytes
.../cxf/systest/jaxrs/security/certs/bob.jks | Bin 3979 -> 4122 bytes
.../cxf/systest/jaxrs/security/certs/cxfca.jks | Bin 891 -> 961 bytes
.../src/test/resources/certs/alice.jks | Bin 3984 -> 4125 bytes
.../src/test/resources/certs/bob.jks | Bin 3979 -> 4122 bytes
.../src/test/resources/certs/cxfca.jks | Bin 891 -> 961 bytes
.../src/test/resources/keys/alice.jks| Bin 3984 -> 4125 bytes
.../src/test/resources/keys/bob.jks | Bin 3979 -> 4122 bytes
.../src/test/resources/keys/cxfca.jks| Bin 891 -> 961 bytes
.../transports/src/test/resources/keys/alice.jks | Bin 3984 -> 4125 bytes
.../transports/src/test/resources/keys/bob.jks | Bin 3979 -> 4122 bytes
.../transports/src/test/resources/keys/cxfca.jks | Bin 891 -> 961 bytes
.../ws-rm/src/test/resources/certs/alice.jks | Bin 3984 -> 4125 bytes
systests/ws-rm/src/test/resources/certs/bob.jks | Bin 3979 -> 4122 bytes
.../src/test/resources/alice.jks | Bin 3984 -> 4125 bytes
.../src/test/resources/bob.jks | Bin 3979 -> 4122 bytes
.../src/test/resources/cxfca.jks | Bin 891 -> 961 bytes
.../src/test/resources/certs/alice.jks | Bin 3984 -> 4125 bytes
.../ws-security/src/test/resources/certs/bob.jks | Bin 3979 -> 4122 bytes
.../src/test/resources/certs/cxfca.jks | Bin 891 -> 961 bytes
.../src/test/resources/certs/xkms/bob.crt| Bin 932 -> 932 bytes
.../resources/certs/xkms/trusted_cas/cxfca.crt | Bin 829 -> 899 bytes
32 files changed, 1 insertion(+)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/35bebef6/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
--
diff --git
a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
index a5921c2..f33a63b 100644
---
a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
+++
b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
@@ -462,6 +462,7 @@ public class SAMLResponseValidatorTest extends
org.junit.Assert {
InputStream input = Merlin.loadInputStream(loader, "alice.jks");
keyStore.load(input, "password".toCharArray());
((Merlin)issuerCrypto).setKeyStore(keyStore);
+issuerCrypto.setDefaultX509Identifier("alice");
response.getAssertions().add(assertion.getSaml2());
signResponse(response, "alice", "password", issuerCrypto, false);
http://git-wip-us.apache.org/repos/asf/cxf/blob/35bebef6/rt/rs/security/sso/saml/src/test/resources/alice.jks
--
diff --git a/rt/rs/security/sso/saml/src/test/resources/alice.jks
b/rt/rs/security/sso/saml/src/test/resources/alice.jks
index 3a788c2..213b26c 100644
Binary files a/rt/rs/security/sso/saml/src/test/resources/alice.jks and
b/rt/rs/security/sso/saml/src/test/resources/alice.jks differ
http://git-wip-us.apache.org/repos/asf/cxf/blob/35bebef6/rt/rs/security/xml/src/test/resources/alice.jks
--
diff --git a/rt/rs/security/xml/src/test/resources/alice.jks
b/rt/rs/security/xml/src/test/resources/
[2/5] cxf git commit: Fixing failing test
Fixing failing test
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f196ceb4
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f196ceb4
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f196ceb4
Branch: refs/heads/master
Commit: f196ceb4a3fd77106e8de183bd0786f1d8dd780b
Parents: 52d2142
Author: Colm O hEigeartaigh
Authored: Thu Nov 19 16:41:19 2015 +
Committer: Colm O hEigeartaigh
Committed: Thu Nov 19 17:52:48 2015 +
--
.../test/java/org/apache/cxf/systest/sts/soap12/Soap12Test.java| 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/f196ceb4/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/soap12/Soap12Test.java
--
diff --git
a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/soap12/Soap12Test.java
b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/soap12/Soap12Test.java
index de2a9ae..beaf0ce 100644
---
a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/soap12/Soap12Test.java
+++
b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/soap12/Soap12Test.java
@@ -168,7 +168,7 @@ public class Soap12Test extends
AbstractBusClientServerTestBase {
try {
String badAddress =
-"https://localhost:"; + PORT +
"/doubleit/services/doubleitbadtransportsaml1";
+"https://localhost:"; + PORT +
"/doubleit/services/baddoubleittransportsaml1";
requestSecurityToken(SAML1_TOKEN_TYPE, BEARER_KEYTYPE, bus,
badAddress);
fail("Failure expected on a bad endpoint address");
} catch (SoapFault ex) {
[1/5] cxf git commit: Some changes to the STSTokenOutInterceptor to make it easier to subclass
Repository: cxf
Updated Branches:
refs/heads/master cd2c481ef -> 826bf21ae
Some changes to the STSTokenOutInterceptor to make it easier to subclass
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a24540a8
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a24540a8
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a24540a8
Branch: refs/heads/master
Commit: a24540a86cc014d3479541413378d53cb4dd
Parents: cd2c481
Author: Colm O hEigeartaigh
Authored: Thu Nov 19 14:27:39 2015 +
Committer: Colm O hEigeartaigh
Committed: Thu Nov 19 17:52:47 2015 +
--
.../policy/interceptors/STSTokenOutInterceptor.java | 12 +++-
1 file changed, 11 insertions(+), 1 deletion(-)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/a24540a8/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSTokenOutInterceptor.java
--
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSTokenOutInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSTokenOutInterceptor.java
index 14b8b5f..f0683e0 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSTokenOutInterceptor.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSTokenOutInterceptor.java
@@ -51,7 +51,11 @@ public class STSTokenOutInterceptor extends
AbstractPhaseInterceptor {
private TokenRequestParams tokenParams;
public STSTokenOutInterceptor(AuthParams authParams, String
stsWsdlLocation, Bus bus) {
-super(Phase.PREPARE_SEND);
+this(Phase.PREPARE_SEND, authParams, stsWsdlLocation, bus);
+}
+
+public STSTokenOutInterceptor(String phase, AuthParams authParams, String
stsWsdlLocation, Bus bus) {
+super(phase);
this.stsClient = configureBasicSTSClient(authParams, stsWsdlLocation,
bus);
this.tokenParams = new TokenRequestParams();
}
@@ -79,6 +83,12 @@ public class STSTokenOutInterceptor extends
AbstractPhaseInterceptor {
if (tok == null) {
LOG.warning("Security token was not retrieved from STS");
}
+processToken(message, tok);
+}
+
+// An extension point to allow custom processing of the token
+protected void processToken(Message message, SecurityToken tok) {
+
}
public STSClient getSTSClient() {
[3/5] cxf git commit: Fixing failing test
Fixing failing test
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4702274c
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4702274c
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4702274c
Branch: refs/heads/3.1.x-fixes
Commit: 4702274c7a8bad71ab512744ad39f5207bfe86cd
Parents: ade622b
Author: Colm O hEigeartaigh
Authored: Thu Nov 19 16:41:19 2015 +
Committer: Colm O hEigeartaigh
Committed: Thu Nov 19 17:53:21 2015 +
--
.../test/java/org/apache/cxf/systest/sts/soap12/Soap12Test.java| 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/4702274c/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/soap12/Soap12Test.java
--
diff --git
a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/soap12/Soap12Test.java
b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/soap12/Soap12Test.java
index de2a9ae..beaf0ce 100644
---
a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/soap12/Soap12Test.java
+++
b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/soap12/Soap12Test.java
@@ -168,7 +168,7 @@ public class Soap12Test extends
AbstractBusClientServerTestBase {
try {
String badAddress =
-"https://localhost:"; + PORT +
"/doubleit/services/doubleitbadtransportsaml1";
+"https://localhost:"; + PORT +
"/doubleit/services/baddoubleittransportsaml1";
requestSecurityToken(SAML1_TOKEN_TYPE, BEARER_KEYTYPE, bus,
badAddress);
fail("Failure expected on a bad endpoint address");
} catch (SoapFault ex) {
[4/5] cxf git commit: Fixing some failing tests
Fixing some failing tests
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/826bf21a
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/826bf21a
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/826bf21a
Branch: refs/heads/master
Commit: 826bf21ae919bc9f2375a798847340b9b0624577
Parents: 92c5c70
Author: Colm O hEigeartaigh
Authored: Thu Nov 19 17:52:27 2015 +
Committer: Colm O hEigeartaigh
Committed: Thu Nov 19 17:52:48 2015 +
--
.../jaxrs/security/certs/jwkPublicSet.txt| 6 +++---
.../src/test/resources/sts.jks | Bin 3980 -> 4121 bytes
2 files changed, 3 insertions(+), 3 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/826bf21a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
--
diff --git
a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
index 87f5733..9313284 100644
---
a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
+++
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/certs/jwkPublicSet.txt
@@ -16,15 +16,15 @@
"kty":"RSA",
"kid":"AliceCert",
"x5c": [
-
"MIIDojCCAoqgAwIBAgIBIDANBgkqhkiG9w0BAQsFADAzMRMwEQYDVQQKDAphcGFjaGUub3JnMQwwCgYDVQQLDANlbmcxDjAMBgNVBAMMBWN4ZmNhMB4XDTE1MTAyMDA5NTM1N1oXDTI1MTAxNzA5NTM1N1owMzETMBEGA1UEChMKYXBhY2hlLm9yZzEMMAoGA1UECxMDZW5nMQ4wDAYDVQQDEwVhbGljZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMSBK+IlFaDphtJa96Vjt5et9KMEw/dIzDe+OfZQjAUSkZ1FQoWDaIOkrnbXq/7jfz7dgOx0QS9AMrgh7sEMnd0NGm1tmQr12Zxb9CIkIVFKTBQseCnJGn4Qctt24GVROqlogXs8/Og2NeSa8XJhnUwJFPoVG1QDHswVANlE6jS9TOXZG6fN5TyRwZwrzRVrcbDfUxV+t+HOTBeI/hrFlrJLYfPohZsGIckZvO7AwT6BH9A32L04HfZLGHFwtIjFKTXueC2R8BJZl/HQ8ctwr50L4wytowcpiQT1viJU9gj01xMkRR9wJ+ybenpciQw22wNn2BQ48B3t749Xg8h6v1MCAwEAAaOBwDCBvTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUcKtIwhA3fgWTH49HUGN0W2Jlbj8wYwYDVR0jBFwwWoAUf9/5nypuX3z3t7Lo8QRpkvj2uGOhN6Q1MDMxEzARBgNVBAoMCmFwYWNoZS5vcmcxDDAKBgNVBAsMA2VuZzEOMAwGA1UEAwwFY3hmY2GCCQDr8Tla2IcxaDANBgkqhkiG9w0BAQsFAAOCAQEAPnReJBRXZHTyKTt1Z/k+nLjALGO5h8pejvmqoOt8/i9jMghS+5Pdjel8b9+RFofdC7i88pUHt+ZGrZ
vYEFXl/+UJFWjPt/X/QwrWKbDT95iFPJOSJxk0XL15HS7uKqEWaF2O9EOHndg5XR6YFYuSkHLA6PSsWVXsfgQ4WhTHgcSXz7pgeh7gdp8ItLJ7mBcqN1Jk94yd5BiEfo8Woyh+TVaFoWZcIgN2MfRTk9B75EWrkw5UsUoJ6/Dpq3+kqz+81DfUfTsmKgPWoT3y4UBSnPkFhF7uWguVKd/jUb6StXiNEIrwHYDxzJzBXK1nAFPnNQl+OzDE8J1BPf1pi/acAg=="
-]
+
"MIIDojCCAoqgAwIBAgIBIDANBgkqhkiG9w0BAQsFADAzMRMwEQYDVQQKEwphcGFjaGUub3JnMQwwCgYDVQQLEwNlbmcxDjAMBgNVBAMTBWN4ZmNhMB4XDTE1MTExOTE1MjExN1oXDTI1MTExNjE1MjExN1owMzETMBEGA1UEChMKYXBhY2hlLm9yZzEMMAoGA1UECxMDZW5nMQ4wDAYDVQQDEwVhbGljZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJEtSxj+Fj6DUu8pSm1PaQxWOQLfTjTS3f5S1xD+HZ23oQE9q0gJ1tmcmGoi8EGYd6uC2YTLo8mcAya9pvxiXNPhbkzm6XvQbmvKKjMVe3MOm0OMZu64UgbFcuDxQ5yTHbJbq/sODUUE+AzlvkEiSceibg8LjjVwhWApR39yTDyVoUwtWC3hKUgAaRh1pRkcGJY5/hu9zPiKWxpApvjcRKW8e6EDP5+HJtEfv4FAulXyuN3NWlA+BTzhU3vCcFeUSK8GyJ2EYe7jU7escnn6VOU31YiZlwf4L+nlcShrssBU+QS7t0e1tnx39XwYPnMMfk3IJ5XHrzWELamDFzJUANsCAwEAAaOBwDCBvTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUdtunjeY0on5gtDZ464z81hD/RR4wYwYDVR0jBFwwWoAUIU7wL46HJSo67vTRvPZ3mlfF54mhN6Q1MDMxEzARBgNVBAoTCmFwYWNoZS5vcmcxDDAKBgNVBAsTA2VuZzEOMAwGA1UEAxMFY3hmY2GCCQCs4D589C1IpDANBgkqhkiG9w0BAQsFAAOCAQEAH5/3uv40Hif/AjEgLtCNm+V8B2zszugwJWS/0aCJkb/Qj22XnOSJ6kmBHkBvlJ70el2SmrW+ZysZo+
II+qds663wsfrzBv4egnSNWRFBPeAhYdGNAAaqAbDduRHa4vUdmcYTHEl/EZCabQSr7VH1+L6yCvwbnhDf8LZVDrFLcTeNOqhQnN/vUaG1wu8csrTLuzZzEZ5YF8bBJQmlN9s7J1DzM60TgfrNJcCCYalFBQspQmnlFIqVoJC5n88GOUzcCCQ3YoT1zDqlVuJhasW2PoD3C0NRkFXdu9268xNG/lLgf+mcX2jEzfHAzb8+sxZKReBfE8T8QBIBd+GW6vRshA=="
+ ]
},
{
"kty":"RSA",
"kid":"BobCert",
"x5c": [
-
"MIIDoDCCAoigAwIBAgIBIjANBgkqhkiG9w0BAQsFADAzMRMwEQYDVQQKDAphcGFjaGUub3JnMQwwCgYDVQQLDANlbmcxDjAMBgNVBAMMBWN4ZmNhMB4XDTE1MTAyMDA5NTYyNloXDTI1MTAxNzA5NTYyNlowMTETMBEGA1UEChMKYXBhY2hlLm9yZzEMMAoGA1UECxMDZW5nMQwwCgYDVQQDEwNib2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCEjgfe3UUVEr7CVA+one1q/CCyU/1gN0jUpXf15hroR45Mhq0yEiStFMjIEfJJKyjRuwnfPrRf8FVMjRPLo9NLe1r1HMcVLaepZzhD1WgqRjAk0nymBN3zpFQDxyc5BGYiZLjgzmM7wlHW7XE+QSSlfjdH0EEoGXgHJitosQ78rq3iJlBgriN7OQuJynkHgRjMM9aKwHRs/y/03BmnMh1yq2PG1ptuWl/GspXrvgY9dfEGWppm1cC9FBPZcF8Y/l0I9kYArtbAGNcfcRpG2pQwSB+sKJAOHrm6ofzIEv+eJW7EX9GfQo5ab99CBDwC5iOSPPSfSW5eKn6+737tFTFPAgMBAAGjgcAwgb0wCQYDVR0TBAIwADAsBglghkgBhv
[3/5] cxf git commit: Updating expired certs
Updating expired certs
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/92c5c700
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/92c5c700
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/92c5c700
Branch: refs/heads/master
Commit: 92c5c700b49f1b7be698363629ccd0034f26a4a5
Parents: f196ceb
Author: Colm O hEigeartaigh
Authored: Thu Nov 19 16:41:29 2015 +
Committer: Colm O hEigeartaigh
Committed: Thu Nov 19 17:52:48 2015 +
--
.../saml/sso/SAMLResponseValidatorTest.java | 1 +
.../sso/saml/src/test/resources/alice.jks| Bin 1861 -> 4125 bytes
rt/rs/security/xml/src/test/resources/alice.jks | Bin 1861 -> 4125 bytes
rt/ws/security/src/test/resources/alice.jks | Bin 3984 -> 4125 bytes
rt/ws/security/src/test/resources/cxfca.jks | Bin 891 -> 961 bytes
.../src/test/resources/certs/alice.jks | Bin 2428 -> 4125 bytes
.../xkms-client/src/test/resources/certs/bob.jks | Bin 2422 -> 4122 bytes
.../src/test/resources/certs/cxfca.jks | Bin 1306 -> 961 bytes
systests/kerberos/src/test/resources/alice.jks | Bin 3984 -> 4125 bytes
systests/kerberos/src/test/resources/bob.jks | Bin 3979 -> 4122 bytes
.../cxf/systest/jaxrs/security/certs/alice.jks | Bin 3984 -> 4125 bytes
.../cxf/systest/jaxrs/security/certs/bob.jks | Bin 3979 -> 4122 bytes
.../cxf/systest/jaxrs/security/certs/cxfca.jks | Bin 891 -> 961 bytes
.../src/test/resources/certs/alice.jks | Bin 3984 -> 4125 bytes
.../src/test/resources/certs/bob.jks | Bin 3979 -> 4122 bytes
.../src/test/resources/certs/cxfca.jks | Bin 891 -> 961 bytes
.../src/test/resources/keys/alice.jks| Bin 3984 -> 4125 bytes
.../src/test/resources/keys/bob.jks | Bin 3979 -> 4122 bytes
.../src/test/resources/keys/cxfca.jks| Bin 891 -> 961 bytes
.../transports/src/test/resources/keys/alice.jks | Bin 3984 -> 4125 bytes
.../transports/src/test/resources/keys/bob.jks | Bin 3979 -> 4122 bytes
.../transports/src/test/resources/keys/cxfca.jks | Bin 891 -> 961 bytes
.../ws-rm/src/test/resources/certs/alice.jks | Bin 3984 -> 4125 bytes
systests/ws-rm/src/test/resources/certs/bob.jks | Bin 3979 -> 4122 bytes
.../src/test/resources/alice.jks | Bin 3984 -> 4125 bytes
.../src/test/resources/bob.jks | Bin 3979 -> 4122 bytes
.../src/test/resources/cxfca.jks | Bin 891 -> 961 bytes
.../src/test/resources/certs/alice.jks | Bin 3984 -> 4125 bytes
.../ws-security/src/test/resources/certs/bob.jks | Bin 3979 -> 4122 bytes
.../src/test/resources/certs/cxfca.jks | Bin 891 -> 961 bytes
.../src/test/resources/certs/xkms/bob.crt| Bin 932 -> 932 bytes
.../resources/certs/xkms/trusted_cas/cxfca.crt | Bin 829 -> 899 bytes
32 files changed, 1 insertion(+)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/92c5c700/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
--
diff --git
a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
index a5921c2..f33a63b 100644
---
a/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
+++
b/rt/rs/security/sso/saml/src/test/java/org/apache/cxf/rs/security/saml/sso/SAMLResponseValidatorTest.java
@@ -462,6 +462,7 @@ public class SAMLResponseValidatorTest extends
org.junit.Assert {
InputStream input = Merlin.loadInputStream(loader, "alice.jks");
keyStore.load(input, "password".toCharArray());
((Merlin)issuerCrypto).setKeyStore(keyStore);
+issuerCrypto.setDefaultX509Identifier("alice");
response.getAssertions().add(assertion.getSaml2());
signResponse(response, "alice", "password", issuerCrypto, false);
http://git-wip-us.apache.org/repos/asf/cxf/blob/92c5c700/rt/rs/security/sso/saml/src/test/resources/alice.jks
--
diff --git a/rt/rs/security/sso/saml/src/test/resources/alice.jks
b/rt/rs/security/sso/saml/src/test/resources/alice.jks
index 3a788c2..213b26c 100644
Binary files a/rt/rs/security/sso/saml/src/test/resources/alice.jks and
b/rt/rs/security/sso/saml/src/test/resources/alice.jks differ
http://git-wip-us.apache.org/repos/asf/cxf/blob/92c5c700/rt/rs/security/xml/src/test/resources/alice.jks
--
diff --git a/rt/rs/security/xml/src/test/resources/alice.jks
b/rt/rs/security/xml/src/test/resources/alice
[1/5] cxf git commit: Some changes to the STSTokenOutInterceptor to make it easier to subclass
Repository: cxf
Updated Branches:
refs/heads/3.1.x-fixes 9680acf2e -> a9da42b02
Some changes to the STSTokenOutInterceptor to make it easier to subclass
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7fdc3403
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7fdc3403
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7fdc3403
Branch: refs/heads/3.1.x-fixes
Commit: 7fdc34030bdcfaa4226c28ea8ce83f34563a5b6d
Parents: 9680acf
Author: Colm O hEigeartaigh
Authored: Thu Nov 19 14:27:39 2015 +
Committer: Colm O hEigeartaigh
Committed: Thu Nov 19 17:53:19 2015 +
--
.../policy/interceptors/STSTokenOutInterceptor.java | 12 +++-
1 file changed, 11 insertions(+), 1 deletion(-)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/7fdc3403/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSTokenOutInterceptor.java
--
diff --git
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSTokenOutInterceptor.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSTokenOutInterceptor.java
index 14b8b5f..f0683e0 100644
---
a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSTokenOutInterceptor.java
+++
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/STSTokenOutInterceptor.java
@@ -51,7 +51,11 @@ public class STSTokenOutInterceptor extends
AbstractPhaseInterceptor {
private TokenRequestParams tokenParams;
public STSTokenOutInterceptor(AuthParams authParams, String
stsWsdlLocation, Bus bus) {
-super(Phase.PREPARE_SEND);
+this(Phase.PREPARE_SEND, authParams, stsWsdlLocation, bus);
+}
+
+public STSTokenOutInterceptor(String phase, AuthParams authParams, String
stsWsdlLocation, Bus bus) {
+super(phase);
this.stsClient = configureBasicSTSClient(authParams, stsWsdlLocation,
bus);
this.tokenParams = new TokenRequestParams();
}
@@ -79,6 +83,12 @@ public class STSTokenOutInterceptor extends
AbstractPhaseInterceptor {
if (tok == null) {
LOG.warning("Security token was not retrieved from STS");
}
+processToken(message, tok);
+}
+
+// An extension point to allow custom processing of the token
+protected void processToken(Message message, SecurityToken tok) {
+
}
public STSClient getSTSClient() {
[5/5] cxf git commit: Adding a system test for a JAX-RS service and JWT/STS
Adding a system test for a JAX-RS service and JWT/STS
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/52d2142b
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/52d2142b
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/52d2142b
Branch: refs/heads/master
Commit: 52d2142beb8f4b343258e8c672cb1b241fcc4b2d
Parents: a24540a
Author: Colm O hEigeartaigh
Authored: Thu Nov 19 14:40:57 2015 +
Committer: Colm O hEigeartaigh
Committed: Thu Nov 19 17:52:48 2015 +
--
services/sts/systests/advanced/pom.xml | 6 +
.../systest/sts/jwt/DoubleItPortTypeImpl.java | 41 +
.../apache/cxf/systest/sts/jwt/JWTUnitTest.java | 2 +-
.../cxf/systest/sts/jwt/JaxrsJWTTest.java | 152 ++
.../org/apache/cxf/systest/sts/jwt/Server.java | 46 ++
.../cxf/systest/sts/deployment/cxf-sts.xml | 3 +-
.../apache/cxf/systest/sts/jwt/DoubleIt.wsdl| 157 +++
.../apache/cxf/systest/sts/jwt/cxf-client.xml | 39 +
.../apache/cxf/systest/sts/jwt/cxf-service.xml | 53 +++
.../cxf/systest/sts/jwt/cxf-unit-client.xml | 39 -
.../org/apache/cxf/systest/sts/jwt/jaxrs.xml| 26 +++
11 files changed, 522 insertions(+), 42 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/52d2142b/services/sts/systests/advanced/pom.xml
--
diff --git a/services/sts/systests/advanced/pom.xml
b/services/sts/systests/advanced/pom.xml
index c1aa190..27a76d1 100644
--- a/services/sts/systests/advanced/pom.xml
+++ b/services/sts/systests/advanced/pom.xml
@@ -56,6 +56,12 @@
org.apache.cxf
+cxf-rt-rs-security-jose-jaxrs
+${project.version}
+test
+
+
+org.apache.cxf
cxf-rt-frontend-jaxws
${project.version}
test
http://git-wip-us.apache.org/repos/asf/cxf/blob/52d2142b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/DoubleItPortTypeImpl.java
--
diff --git
a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/DoubleItPortTypeImpl.java
b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/DoubleItPortTypeImpl.java
new file mode 100644
index 000..e9b50aa
--- /dev/null
+++
b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/DoubleItPortTypeImpl.java
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.sts.jwt;
+
+import javax.annotation.Resource;
+import javax.jws.WebService;
+import javax.xml.ws.WebServiceContext;
+
+import org.apache.cxf.feature.Features;
+import org.example.contract.doubleit.DoubleItPortType;
+
+@WebService(targetNamespace = "http://www.example.org/contract/DoubleIt";,
+serviceName = "DoubleItService",
+endpointInterface =
"org.example.contract.doubleit.DoubleItPortType")
+@Features(features = "org.apache.cxf.feature.LoggingFeature")
+public class DoubleItPortTypeImpl implements DoubleItPortType {
+
+@Resource
+WebServiceContext wsContext;
+
+public int doubleIt(int numberToDouble) {
+return numberToDouble * 2;
+}
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/52d2142b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/JWTUnitTest.java
--
diff --git
a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/JWTUnitTest.java
b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/JWTUnitTest.java
index 90da0c3..00ed2b1 100644
---
a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/JWTUnitTest.java
+++
b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/jwt/JWTUnitTest.java
@@ -61,7 +61,7 @@ public
cxf-fediz git commit: Close the ApplicationContext
Repository: cxf-fediz
Updated Branches:
refs/heads/master 1f7749cec -> b241d3b5b
Close the ApplicationContext
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/b241d3b5
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/b241d3b5
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/b241d3b5
Branch: refs/heads/master
Commit: b241d3b5bfee7648e1fe592eb207263f70815efa
Parents: 1f7749c
Author: Colm O hEigeartaigh
Authored: Thu Nov 19 16:55:37 2015 +
Committer: Colm O hEigeartaigh
Committed: Thu Nov 19 16:56:07 2015 +
--
.../apache/cxf/fediz/service/oidc/HomeRealmCallbackHandler.java | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
--
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/b241d3b5/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/HomeRealmCallbackHandler.java
--
diff --git
a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/HomeRealmCallbackHandler.java
b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/HomeRealmCallbackHandler.java
index 7d85a9d..db93ca2 100644
---
a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/HomeRealmCallbackHandler.java
+++
b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/HomeRealmCallbackHandler.java
@@ -29,6 +29,7 @@ import javax.servlet.http.HttpServletRequest;
import org.apache.cxf.fediz.core.spi.HomeRealmCallback;
import org.apache.cxf.rs.security.oauth2.common.Client;
import org.springframework.context.ApplicationContext;
+import org.springframework.context.support.AbstractApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
public class HomeRealmCallbackHandler implements CallbackHandler {
@@ -38,7 +39,6 @@ public class HomeRealmCallbackHandler implements
CallbackHandler {
if (callbacks[i] instanceof HomeRealmCallback) {
HomeRealmCallback callback = (HomeRealmCallback) callbacks[i];
-@SuppressWarnings("resource")
ApplicationContext ctx = new
ClassPathXmlApplicationContext("data-manager.xml");
OAuthDataManager dataManager =
(OAuthDataManager)ctx.getBean("oauthProvider");
@@ -51,6 +51,8 @@ public class HomeRealmCallbackHandler implements
CallbackHandler {
callback.setHomeRealm(((FedizClient)client).getHomeRealm());
}
}
+
+((AbstractApplicationContext)ctx).close();
} else {
throw new UnsupportedCallbackException(callbacks[i],
"Unrecognized Callback");
}
cxf-fediz git commit: [FEDIZ-134] Making the nonce available to the data provider
Repository: cxf-fediz
Updated Branches:
refs/heads/master 355dceb1d -> 1f7749cec
[FEDIZ-134] Making the nonce available to the data provider
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/1f7749ce
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/1f7749ce
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/1f7749ce
Branch: refs/heads/master
Commit: 1f7749cec7eccb0c0bc33da783e233742102cb48
Parents: 355dceb
Author: Sergey Beryozkin
Authored: Thu Nov 19 16:46:36 2015 +
Committer: Sergey Beryozkin
Committed: Thu Nov 19 16:46:36 2015 +
--
.../service/oidc/LocalSamlTokenConverter.java | 7 +++-
.../fediz/service/oidc/OAuthDataManager.java| 39
.../fediz/service/oidc/SamlTokenConverter.java | 3 +-
.../WEB-INF/views/oAuthAuthorizationData.jsp| 8
4 files changed, 40 insertions(+), 17 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/1f7749ce/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/LocalSamlTokenConverter.java
--
diff --git
a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/LocalSamlTokenConverter.java
b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/LocalSamlTokenConverter.java
index 0c1bb1d..001c537 100644
---
a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/LocalSamlTokenConverter.java
+++
b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/LocalSamlTokenConverter.java
@@ -35,7 +35,8 @@ public class LocalSamlTokenConverter implements
SamlTokenConverter {
public IdToken convertToIdToken(Element samlToken,
String subjectName,
ClaimCollection claims,
-String clientId) {
+String clientId,
+String nonce) {
IdToken idToken = new IdToken();
idToken.setSubject(subjectName);
idToken.setAudience(clientId);
@@ -90,6 +91,10 @@ public class LocalSamlTokenConverter implements
SamlTokenConverter {
}
}
+if (nonce != null) {
+idToken.setNonce(nonce);
+}
+
return idToken;
}
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/1f7749ce/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataManager.java
--
diff --git
a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataManager.java
b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataManager.java
index a207b17..d9d90fb 100644
---
a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataManager.java
+++
b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataManager.java
@@ -30,11 +30,13 @@ import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer;
import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
import org.apache.cxf.rs.security.jose.jws.JwsUtils;
+import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;
import org.apache.cxf.rs.security.oauth2.common.Client;
import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
import org.apache.cxf.rs.security.oauth2.common.UserSubject;
import org.apache.cxf.rs.security.oauth2.grants.code.AbstractCodeDataProvider;
+import
org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeRegistration;
import
org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant;
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
import org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken;
@@ -81,17 +83,19 @@ public class OAuthDataManager extends
AbstractCodeDataProvider {
// Grants
@Override
-protected void saveCodeGrant(ServerAuthorizationCodeGrant grant) {
-createIdToken(grant.getClient(), grant.getSubject());
-doSaveCodeGrant(grant);
+public ServerAuthorizationCodeGrant
createCodeGrant(AuthorizationCodeRegistration reg)
+throws OAuthServiceException {
+ServerAuthorizationCodeGrant grant = super.createCodeGrant(reg);
+createIdToken(grant.getClient(), grant.getSubject(), reg.getNonce());
+return grant;
}
-
-protected void doSaveCodeGrant(ServerAuthorizationCodeGrant grant) {
+
+@Override
+protected void saveCodeGrant(ServerAuthorizationCodeGrant grant) {
codeGrants.put(grant.getCode(), grant);
-
}
-
+
cxf git commit: More nonce related updates and making sure the OAuthServiceException mappers can be reused in case of nonce/etc validation issues
Repository: cxf
Updated Branches:
refs/heads/3.1.x-fixes 8c09f501a -> 9680acf2e
More nonce related updates and making sure the OAuthServiceException mappers
can be reused in case of nonce/etc validation issues
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/9680acf2
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/9680acf2
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/9680acf2
Branch: refs/heads/3.1.x-fixes
Commit: 9680acf2ea8b7b9bb08d5db6a07f91a12f26ccee
Parents: 8c09f50
Author: Sergey Beryozkin
Authored: Thu Nov 19 16:34:10 2015 +
Committer: Sergey Beryozkin
Committed: Thu Nov 19 16:35:18 2015 +
--
.../security/oauth2/client/JoseClientCodeStateManager.java | 7 ---
.../security/oauth2/client/MemoryClientCodeStateManager.java | 4 +++-
.../cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java | 8 +---
3 files changed, 12 insertions(+), 7 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/9680acf2/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/JoseClientCodeStateManager.java
--
diff --git
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/JoseClientCodeStateManager.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/JoseClientCodeStateManager.java
index e269d19..18802b9 100644
---
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/JoseClientCodeStateManager.java
+++
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/JoseClientCodeStateManager.java
@@ -57,11 +57,13 @@ public class JoseClientCodeStateManager implements
ClientCodeStateManager {
if (theEncryptionProvider == null && theSigProvider == null) {
throw new OAuthServiceException("The state can not be protected");
}
+MultivaluedMap redirectMap = new MetadataMap();
if (generateNonce && theSigProvider != null) {
JwsCompactProducer nonceProducer = new
JwsCompactProducer(OAuthUtils.generateRandomTokenKey());
String nonceParam = nonceProducer.signWith(theSigProvider);
requestState.putSingle(OAuthConstants.NONCE, nonceParam);
+redirectMap.putSingle(OAuthConstants.NONCE, nonceParam);
}
Map stateMap = CastUtils.cast((Map)requestState);
String json = jsonp.toJson(stateMap);
@@ -75,15 +77,14 @@ public class JoseClientCodeStateManager implements
ClientCodeStateManager {
if (theEncryptionProvider != null) {
stateParam =
theEncryptionProvider.encrypt(StringUtils.toBytesUTF8(stateParam), null);
}
-MultivaluedMap map = new MetadataMap();
if (storeInSession) {
String sessionStateAttribute = OAuthUtils.generateRandomTokenKey();
OAuthUtils.setSessionToken(mc, stateParam, sessionStateAttribute,
0);
stateParam = sessionStateAttribute;
}
-map.putSingle(OAuthConstants.STATE, stateParam);
+redirectMap.putSingle(OAuthConstants.STATE, stateParam);
-return map;
+return redirectMap;
}
@Override
http://git-wip-us.apache.org/repos/asf/cxf/blob/9680acf2/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
--
diff --git
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
index 6403eda..33a95df 100644
---
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
+++
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
@@ -38,13 +38,15 @@ public class MemoryClientCodeStateManager implements
ClientCodeStateManager {
public MultivaluedMap toRedirectState(MessageContext mc,
MultivaluedMap requestState) {
String stateParam = OAuthUtils.generateRandomTokenKey();
+MultivaluedMap redirectMap = new MetadataMap();
+
if (generateNonce) {
String nonceParam =
MessageDigestUtils.generate(CryptoUtils.generateSecureRandomBytes(16));
requestState.putSingle(OAuthConstants.NONCE, nonceParam);
+redirectMap.putSingle(OAuthConstants.NONCE, nonceParam);
}
cxf git commit: More nonce related updates and making sure the OAuthServiceException mappers can be reused in case of nonce/etc validation issues
Repository: cxf
Updated Branches:
refs/heads/master db4f6b540 -> cd2c481ef
More nonce related updates and making sure the OAuthServiceException mappers
can be reused in case of nonce/etc validation issues
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/cd2c481e
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/cd2c481e
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/cd2c481e
Branch: refs/heads/master
Commit: cd2c481ef654e884aef3089152230e7016167248
Parents: db4f6b5
Author: Sergey Beryozkin
Authored: Thu Nov 19 16:34:10 2015 +
Committer: Sergey Beryozkin
Committed: Thu Nov 19 16:34:10 2015 +
--
.../security/oauth2/client/JoseClientCodeStateManager.java | 7 ---
.../security/oauth2/client/MemoryClientCodeStateManager.java | 4 +++-
.../cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java | 8 +---
3 files changed, 12 insertions(+), 7 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/cd2c481e/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/JoseClientCodeStateManager.java
--
diff --git
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/JoseClientCodeStateManager.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/JoseClientCodeStateManager.java
index e269d19..18802b9 100644
---
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/JoseClientCodeStateManager.java
+++
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/JoseClientCodeStateManager.java
@@ -57,11 +57,13 @@ public class JoseClientCodeStateManager implements
ClientCodeStateManager {
if (theEncryptionProvider == null && theSigProvider == null) {
throw new OAuthServiceException("The state can not be protected");
}
+MultivaluedMap redirectMap = new MetadataMap();
if (generateNonce && theSigProvider != null) {
JwsCompactProducer nonceProducer = new
JwsCompactProducer(OAuthUtils.generateRandomTokenKey());
String nonceParam = nonceProducer.signWith(theSigProvider);
requestState.putSingle(OAuthConstants.NONCE, nonceParam);
+redirectMap.putSingle(OAuthConstants.NONCE, nonceParam);
}
Map stateMap = CastUtils.cast((Map)requestState);
String json = jsonp.toJson(stateMap);
@@ -75,15 +77,14 @@ public class JoseClientCodeStateManager implements
ClientCodeStateManager {
if (theEncryptionProvider != null) {
stateParam =
theEncryptionProvider.encrypt(StringUtils.toBytesUTF8(stateParam), null);
}
-MultivaluedMap map = new MetadataMap();
if (storeInSession) {
String sessionStateAttribute = OAuthUtils.generateRandomTokenKey();
OAuthUtils.setSessionToken(mc, stateParam, sessionStateAttribute,
0);
stateParam = sessionStateAttribute;
}
-map.putSingle(OAuthConstants.STATE, stateParam);
+redirectMap.putSingle(OAuthConstants.STATE, stateParam);
-return map;
+return redirectMap;
}
@Override
http://git-wip-us.apache.org/repos/asf/cxf/blob/cd2c481e/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
--
diff --git
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
index 6403eda..33a95df 100644
---
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
+++
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
@@ -38,13 +38,15 @@ public class MemoryClientCodeStateManager implements
ClientCodeStateManager {
public MultivaluedMap toRedirectState(MessageContext mc,
MultivaluedMap requestState) {
String stateParam = OAuthUtils.generateRandomTokenKey();
+MultivaluedMap redirectMap = new MetadataMap();
+
if (generateNonce) {
String nonceParam =
MessageDigestUtils.generate(CryptoUtils.generateSecureRandomBytes(16));
requestState.putSingle(OAuthConstants.NONCE, nonceParam);
+redirectMap.putSingle(OAuthConstants.NONCE, nonceParam);
}
map.
cxf git commit: Making it easier to validate the nonce flows with the Memory provider
Repository: cxf
Updated Branches:
refs/heads/3.1.x-fixes 4b577dc98 -> 8c09f501a
Making it easier to validate the nonce flows with the Memory provider
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/8c09f501
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/8c09f501
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/8c09f501
Branch: refs/heads/3.1.x-fixes
Commit: 8c09f501af1d7fe77219396f1e0a5de65146bbe6
Parents: 4b577dc
Author: Sergey Beryozkin
Authored: Thu Nov 19 14:13:01 2015 +
Committer: Sergey Beryozkin
Committed: Thu Nov 19 14:14:24 2015 +
--
.../oauth2/client/JoseClientCodeStateManager.java| 2 +-
.../oauth2/client/MemoryClientCodeStateManager.java | 11 ++-
.../org/apache/cxf/rs/security/oidc/common/IdToken.java | 3 ++-
.../rs/security/oidc/rp/OidcClientCodeRequestFilter.java | 2 +-
4 files changed, 14 insertions(+), 4 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/8c09f501/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/JoseClientCodeStateManager.java
--
diff --git
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/JoseClientCodeStateManager.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/JoseClientCodeStateManager.java
index afc5c96..e269d19 100644
---
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/JoseClientCodeStateManager.java
+++
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/JoseClientCodeStateManager.java
@@ -61,7 +61,7 @@ public class JoseClientCodeStateManager implements
ClientCodeStateManager {
if (generateNonce && theSigProvider != null) {
JwsCompactProducer nonceProducer = new
JwsCompactProducer(OAuthUtils.generateRandomTokenKey());
String nonceParam = nonceProducer.signWith(theSigProvider);
-requestState.putSingle("nonce", nonceParam);
+requestState.putSingle(OAuthConstants.NONCE, nonceParam);
}
Map stateMap = CastUtils.cast((Map)requestState);
String json = jsonp.toJson(stateMap);
http://git-wip-us.apache.org/repos/asf/cxf/blob/8c09f501/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
--
diff --git
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
index 727839b..6403eda 100644
---
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
+++
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
@@ -27,15 +27,21 @@ import org.apache.cxf.jaxrs.impl.MetadataMap;
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
+import org.apache.cxf.rt.security.crypto.CryptoUtils;
+import org.apache.cxf.rt.security.crypto.MessageDigestUtils;
public class MemoryClientCodeStateManager implements ClientCodeStateManager {
private ConcurrentHashMap> map =
new ConcurrentHashMap>();
-
+private boolean generateNonce;
@Override
public MultivaluedMap toRedirectState(MessageContext mc,
MultivaluedMap requestState) {
String stateParam = OAuthUtils.generateRandomTokenKey();
+if (generateNonce) {
+String nonceParam =
MessageDigestUtils.generate(CryptoUtils.generateSecureRandomBytes(16));
+requestState.putSingle(OAuthConstants.NONCE, nonceParam);
+}
map.put(stateParam, requestState);
OAuthUtils.setSessionToken(mc, stateParam, "state", 0);
MultivaluedMap redirectMap = new MetadataMap();
@@ -53,4 +59,7 @@ public class MemoryClientCodeStateManager implements
ClientCodeStateManager {
}
return map.remove(stateParam);
}
+public void setGenerateNonce(boolean generateNonce) {
+this.generateNonce = generateNonce;
+}
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/8c09f501/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/IdToken.java
--
diff --
cxf git commit: Making it easier to validate the nonce flows with the Memory provider
Repository: cxf
Updated Branches:
refs/heads/master 8c49fffad -> db4f6b540
Making it easier to validate the nonce flows with the Memory provider
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/db4f6b54
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/db4f6b54
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/db4f6b54
Branch: refs/heads/master
Commit: db4f6b540889d7d66e665f03dc562fc31eec60b4
Parents: 8c49fff
Author: Sergey Beryozkin
Authored: Thu Nov 19 14:13:01 2015 +
Committer: Sergey Beryozkin
Committed: Thu Nov 19 14:13:01 2015 +
--
.../oauth2/client/JoseClientCodeStateManager.java| 2 +-
.../oauth2/client/MemoryClientCodeStateManager.java | 11 ++-
.../org/apache/cxf/rs/security/oidc/common/IdToken.java | 3 ++-
.../rs/security/oidc/rp/OidcClientCodeRequestFilter.java | 2 +-
4 files changed, 14 insertions(+), 4 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/db4f6b54/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/JoseClientCodeStateManager.java
--
diff --git
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/JoseClientCodeStateManager.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/JoseClientCodeStateManager.java
index afc5c96..e269d19 100644
---
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/JoseClientCodeStateManager.java
+++
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/JoseClientCodeStateManager.java
@@ -61,7 +61,7 @@ public class JoseClientCodeStateManager implements
ClientCodeStateManager {
if (generateNonce && theSigProvider != null) {
JwsCompactProducer nonceProducer = new
JwsCompactProducer(OAuthUtils.generateRandomTokenKey());
String nonceParam = nonceProducer.signWith(theSigProvider);
-requestState.putSingle("nonce", nonceParam);
+requestState.putSingle(OAuthConstants.NONCE, nonceParam);
}
Map stateMap = CastUtils.cast((Map)requestState);
String json = jsonp.toJson(stateMap);
http://git-wip-us.apache.org/repos/asf/cxf/blob/db4f6b54/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
--
diff --git
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
index 727839b..6403eda 100644
---
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
+++
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
@@ -27,15 +27,21 @@ import org.apache.cxf.jaxrs.impl.MetadataMap;
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
+import org.apache.cxf.rt.security.crypto.CryptoUtils;
+import org.apache.cxf.rt.security.crypto.MessageDigestUtils;
public class MemoryClientCodeStateManager implements ClientCodeStateManager {
private ConcurrentHashMap> map =
new ConcurrentHashMap>();
-
+private boolean generateNonce;
@Override
public MultivaluedMap toRedirectState(MessageContext mc,
MultivaluedMap requestState) {
String stateParam = OAuthUtils.generateRandomTokenKey();
+if (generateNonce) {
+String nonceParam =
MessageDigestUtils.generate(CryptoUtils.generateSecureRandomBytes(16));
+requestState.putSingle(OAuthConstants.NONCE, nonceParam);
+}
map.put(stateParam, requestState);
OAuthUtils.setSessionToken(mc, stateParam, "state", 0);
MultivaluedMap redirectMap = new MetadataMap();
@@ -53,4 +59,7 @@ public class MemoryClientCodeStateManager implements
ClientCodeStateManager {
}
return map.remove(stateParam);
}
+public void setGenerateNonce(boolean generateNonce) {
+this.generateNonce = generateNonce;
+}
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/db4f6b54/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/IdToken.java
--
diff --git
a/rt/
cxf git commit: Sorry, 1 more nonce update
Repository: cxf
Updated Branches:
refs/heads/3.1.x-fixes 20076a8c3 -> 4b577dc98
Sorry, 1 more nonce update
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4b577dc9
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4b577dc9
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4b577dc9
Branch: refs/heads/3.1.x-fixes
Commit: 4b577dc98cc61e4aead2f0bdff6d017c8a7679df
Parents: 20076a8
Author: Sergey Beryozkin
Authored: Thu Nov 19 13:48:30 2015 +
Committer: Sergey Beryozkin
Committed: Thu Nov 19 13:49:11 2015 +
--
.../cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/4b577dc9/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java
--
diff --git
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java
index a6a1c4c..fd25fa7 100644
---
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java
+++
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java
@@ -164,7 +164,7 @@ public class JoseSessionTokenProvider implements
SessionAuthenticityTokenProvide
state.setRedirectUri(parts[5]);
}
if (!StringUtils.isEmpty(parts[6])) {
-state.setRedirectUri(parts[6]);
+state.setNonce(parts[6]);
}
return state;
}
cxf git commit: Sorry, 1 more nonce update
Repository: cxf
Updated Branches:
refs/heads/master e954491e7 -> 8c49fffad
Sorry, 1 more nonce update
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/8c49fffa
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/8c49fffa
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/8c49fffa
Branch: refs/heads/master
Commit: 8c49fffad8ba5f448c00441afae1c933d1625f69
Parents: e954491
Author: Sergey Beryozkin
Authored: Thu Nov 19 13:48:30 2015 +
Committer: Sergey Beryozkin
Committed: Thu Nov 19 13:48:30 2015 +
--
.../cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/8c49fffa/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java
--
diff --git
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java
index a6a1c4c..fd25fa7 100644
---
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java
+++
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java
@@ -164,7 +164,7 @@ public class JoseSessionTokenProvider implements
SessionAuthenticityTokenProvide
state.setRedirectUri(parts[5]);
}
if (!StringUtils.isEmpty(parts[6])) {
-state.setRedirectUri(parts[6]);
+state.setNonce(parts[6]);
}
return state;
}
cxf git commit: One more nonce related update
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 29dbad4a9 -> 20076a8c3 One more nonce related update Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/20076a8c Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/20076a8c Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/20076a8c Branch: refs/heads/3.1.x-fixes Commit: 20076a8c3ee335121dcb580640d8d98f5f48a6d7 Parents: 29dbad4 Author: Sergey Beryozkin Authored: Thu Nov 19 13:42:22 2015 + Committer: Sergey Beryozkin Committed: Thu Nov 19 13:43:23 2015 + -- .../rs/security/oauth2/services/RedirectionBasedGrantService.java | 1 + 1 file changed, 1 insertion(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/20076a8c/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java -- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java index 4d96f9a..cc9baba 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java @@ -248,6 +248,7 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService state.setAudience(params.getFirst(OAuthConstants.CLIENT_AUDIENCE)); state.setProposedScope(params.getFirst(OAuthConstants.SCOPE)); state.setState(params.getFirst(OAuthConstants.STATE)); +state.setNonce(params.getFirst(OAuthConstants.NONCE)); } return state; }
cxf git commit: One more nonce related update
Repository: cxf Updated Branches: refs/heads/master 4b0ba1a12 -> e954491e7 One more nonce related update Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e954491e Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e954491e Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e954491e Branch: refs/heads/master Commit: e954491e7065ce2b50e3e0870f2897daba6b1d20 Parents: 4b0ba1a Author: Sergey Beryozkin Authored: Thu Nov 19 13:42:22 2015 + Committer: Sergey Beryozkin Committed: Thu Nov 19 13:42:22 2015 + -- .../rs/security/oauth2/services/RedirectionBasedGrantService.java | 1 + 1 file changed, 1 insertion(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/e954491e/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java -- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java index 4d96f9a..cc9baba 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java @@ -248,6 +248,7 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService state.setAudience(params.getFirst(OAuthConstants.CLIENT_AUDIENCE)); state.setProposedScope(params.getFirst(OAuthConstants.SCOPE)); state.setState(params.getFirst(OAuthConstants.STATE)); +state.setNonce(params.getFirst(OAuthConstants.NONCE)); } return state; }
cxf git commit: Making sure an implicit or code nonce is available to OAuthDataProviders
Repository: cxf
Updated Branches:
refs/heads/3.1.x-fixes 577eb154c -> 29dbad4a9
Making sure an implicit or code nonce is available to OAuthDataProviders
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/29dbad4a
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/29dbad4a
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/29dbad4a
Branch: refs/heads/3.1.x-fixes
Commit: 29dbad4a995ba09d97b131807585b46cb02c43af
Parents: 577eb15
Author: Sergey Beryozkin
Authored: Thu Nov 19 13:16:06 2015 +
Committer: Sergey Beryozkin
Committed: Thu Nov 19 13:20:11 2015 +
--
.../security/oauth2/common/AccessTokenRegistration.java | 9 +
.../rs/security/oauth2/common/OAuthRedirectionState.java | 11 +++
.../grants/code/AuthorizationCodeRegistration.java | 7 +++
.../oauth2/provider/JoseSessionTokenProvider.java| 7 +++
.../oauth2/services/AbstractImplicitGrantService.java| 1 +
.../oauth2/services/AuthorizationCodeGrantService.java | 1 +
.../oauth2/services/RedirectionBasedGrantService.java| 1 +
.../cxf/rs/security/oauth2/utils/OAuthConstants.java | 1 +
8 files changed, 38 insertions(+)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/29dbad4a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenRegistration.java
--
diff --git
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenRegistration.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenRegistration.java
index b2641fc..db443da 100644
---
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenRegistration.java
+++
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenRegistration.java
@@ -31,6 +31,7 @@ public class AccessTokenRegistration {
private String grantType;
private UserSubject subject;
private String audience;
+private String nonce;
private String clientCodeVerifier;
/**
@@ -129,5 +130,13 @@ public class AccessTokenRegistration {
public void setClientCodeVerifier(String clientCodeVerifier) {
this.clientCodeVerifier = clientCodeVerifier;
}
+
+public String getNonce() {
+return nonce;
+}
+
+public void setNonce(String nonce) {
+this.nonce = nonce;
+}
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/29dbad4a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthRedirectionState.java
--
diff --git
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthRedirectionState.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthRedirectionState.java
index 0f05abd..4acc109 100644
---
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthRedirectionState.java
+++
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthRedirectionState.java
@@ -28,6 +28,7 @@ public class OAuthRedirectionState implements Serializable {
private String state;
private String proposedScope;
private String audience;
+private String nonce;
private String clientCodeChallenge;
public OAuthRedirectionState() {
@@ -112,4 +113,14 @@ public class OAuthRedirectionState implements Serializable
{
public void setClientCodeChallenge(String clientCodeChallenge) {
this.clientCodeChallenge = clientCodeChallenge;
}
+
+
+public String getNonce() {
+return nonce;
+}
+
+
+public void setNonce(String nonce) {
+this.nonce = nonce;
+}
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/29dbad4a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
--
diff --git
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
index a7126b4..1319cad 100644
---
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
+++
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration
cxf git commit: Making sure an implicit or code nonce is available to OAuthDataProviders
Repository: cxf
Updated Branches:
refs/heads/master 248c8f045 -> 4b0ba1a12
Making sure an implicit or code nonce is available to OAuthDataProviders
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4b0ba1a1
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4b0ba1a1
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4b0ba1a1
Branch: refs/heads/master
Commit: 4b0ba1a1207ea1e73f08266e64ae42268b9f1797
Parents: 248c8f0
Author: Sergey Beryozkin
Authored: Thu Nov 19 13:16:06 2015 +
Committer: Sergey Beryozkin
Committed: Thu Nov 19 13:16:06 2015 +
--
.../security/oauth2/common/AccessTokenRegistration.java | 9 +
.../rs/security/oauth2/common/OAuthRedirectionState.java | 11 +++
.../grants/code/AuthorizationCodeRegistration.java | 7 +++
.../oauth2/provider/JoseSessionTokenProvider.java| 7 +++
.../oauth2/services/AbstractImplicitGrantService.java| 1 +
.../oauth2/services/AuthorizationCodeGrantService.java | 1 +
.../oauth2/services/RedirectionBasedGrantService.java| 1 +
.../cxf/rs/security/oauth2/utils/OAuthConstants.java | 1 +
8 files changed, 38 insertions(+)
--
http://git-wip-us.apache.org/repos/asf/cxf/blob/4b0ba1a1/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenRegistration.java
--
diff --git
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenRegistration.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenRegistration.java
index b2641fc..db443da 100644
---
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenRegistration.java
+++
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenRegistration.java
@@ -31,6 +31,7 @@ public class AccessTokenRegistration {
private String grantType;
private UserSubject subject;
private String audience;
+private String nonce;
private String clientCodeVerifier;
/**
@@ -129,5 +130,13 @@ public class AccessTokenRegistration {
public void setClientCodeVerifier(String clientCodeVerifier) {
this.clientCodeVerifier = clientCodeVerifier;
}
+
+public String getNonce() {
+return nonce;
+}
+
+public void setNonce(String nonce) {
+this.nonce = nonce;
+}
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/4b0ba1a1/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthRedirectionState.java
--
diff --git
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthRedirectionState.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthRedirectionState.java
index 0f05abd..4acc109 100644
---
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthRedirectionState.java
+++
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthRedirectionState.java
@@ -28,6 +28,7 @@ public class OAuthRedirectionState implements Serializable {
private String state;
private String proposedScope;
private String audience;
+private String nonce;
private String clientCodeChallenge;
public OAuthRedirectionState() {
@@ -112,4 +113,14 @@ public class OAuthRedirectionState implements Serializable
{
public void setClientCodeChallenge(String clientCodeChallenge) {
this.clientCodeChallenge = clientCodeChallenge;
}
+
+
+public String getNonce() {
+return nonce;
+}
+
+
+public void setNonce(String nonce) {
+this.nonce = nonce;
+}
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/4b0ba1a1/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
--
diff --git
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
index a7126b4..1319cad 100644
---
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
+++
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
@@ -
cxf-fediz git commit: [FEDIZ-134] Making sure the id token is set on UserSubject if the implicit grant is used
Repository: cxf-fediz
Updated Branches:
refs/heads/master 22d7bdc04 -> 355dceb1d
[FEDIZ-134] Making sure the id token is set on UserSubject if the implicit
grant is used
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/355dceb1
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/355dceb1
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/355dceb1
Branch: refs/heads/master
Commit: 355dceb1d2788dba9741fd683929c36d76bb3155
Parents: 22d7bdc
Author: Sergey Beryozkin
Authored: Thu Nov 19 11:02:19 2015 +
Committer: Sergey Beryozkin
Committed: Thu Nov 19 11:02:19 2015 +
--
.../fediz/service/oidc/OAuthDataManager.java| 73
1 file changed, 43 insertions(+), 30 deletions(-)
--
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/355dceb1/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataManager.java
--
diff --git
a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataManager.java
b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataManager.java
index 5e3ff4f..a207b17 100644
---
a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataManager.java
+++
b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataManager.java
@@ -33,6 +33,7 @@ import org.apache.cxf.rs.security.jose.jws.JwsUtils;
import org.apache.cxf.rs.security.oauth2.common.Client;
import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
+import org.apache.cxf.rs.security.oauth2.common.UserSubject;
import org.apache.cxf.rs.security.oauth2.grants.code.AbstractCodeDataProvider;
import
org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant;
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
@@ -81,14 +82,7 @@ public class OAuthDataManager extends
AbstractCodeDataProvider {
// Grants
@Override
protected void saveCodeGrant(ServerAuthorizationCodeGrant grant) {
-Principal principal =
messageContext.getSecurityContext().getUserPrincipal();
-
-if (principal instanceof FedizPrincipal) {
-String joseIdToken = getJoseIdToken((FedizPrincipal)principal,
grant.getClient());
-grant.getSubject().getProperties().put(OidcUtils.ID_TOKEN,
joseIdToken);
-} else {
-throw new OAuthServiceException("Unsupported principal");
-}
+createIdToken(grant.getClient(), grant.getSubject());
doSaveCodeGrant(grant);
}
@@ -96,24 +90,7 @@ public class OAuthDataManager extends
AbstractCodeDataProvider {
codeGrants.put(grant.getCode(), grant);
}
-
-protected String getJoseIdToken(FedizPrincipal principal, Client client) {
-IdToken idToken =
tokenConverter.convertToIdToken(principal.getLoginToken(),
- principal.getName(),
-
principal.getClaims(),
-
client.getClientId());
-JwsJwtCompactProducer p = new JwsJwtCompactProducer(idToken);
-return p.signWith(getJwsSignatureProvider(client));
-// the JWS compact output may also need to be encrypted
-}
-
-protected JwsSignatureProvider getJwsSignatureProvider(Client client) {
-if (signIdTokenWithClientSecret && client.isConfidential()) {
-return
OAuthUtils.getClientSecretSignatureProvider(client.getClientSecret());
-}
-return JwsUtils.loadSignatureProvider(true);
-
-}
+
@Override
public ServerAuthorizationCodeGrant removeCodeGrant(String code) throws
OAuthServiceException {
@@ -123,6 +100,11 @@ public class OAuthDataManager extends
AbstractCodeDataProvider {
// Access Tokens
@Override
protected void saveAccessToken(ServerAccessToken token) {
+createIdToken(token.getClient(), token.getSubject());
+doSaveAccessToken(token);
+}
+
+protected void doSaveAccessToken(ServerAccessToken token) {
accessTokens.put(token.getTokenKey(), token);
}
@@ -174,10 +156,6 @@ public class OAuthDataManager extends
AbstractCodeDataProvider {
this.messageContext = messageContext;
}
-public void setTokenConverter(SamlTokenConverter tokenConverter) {
-this.tokenConverter = tokenConverter;
-}
-
public void setScopes(Map scopes) {
for (Map.Entry entry : scopes.entrySet()) {
OAuthPermission permission = new OAuthPermission(entry.getKey(),
entry.getValue());
@@ -188,6 +166,36 @@ public cl
