cxf git commit: remove DOS CRs from spring.schemas
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 2d7e7939c -> 0dfe3a614 remove DOS CRs from spring.schemas Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/0dfe3a61 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/0dfe3a61 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/0dfe3a61 Branch: refs/heads/3.1.x-fixes Commit: 0dfe3a614763d4cd64b00fd6441f2520a0ab8d53 Parents: 2d7e793 Author: Akitoshi YoshidaAuthored: Fri Dec 11 12:32:58 2015 +0100 Committer: Akitoshi Yoshida Committed: Fri Dec 11 13:19:25 2015 +0100 -- core/src/main/resources/META-INF/spring.schemas | 64 ++-- .../src/main/resources/META-INF/spring.schemas | 42 ++--- .../src/main/resources/META-INF/spring.schemas | 42 ++--- .../src/main/resources/META-INF/spring.schemas | 44 +++--- .../src/main/resources/META-INF/spring.schemas | 42 ++--- .../src/main/resources/META-INF/spring.handlers | 48 +++ .../src/main/resources/META-INF/spring.schemas | 58 +- .../src/main/resources/META-INF/spring.schemas | 44 +++--- 8 files changed, 192 insertions(+), 192 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/0dfe3a61/core/src/main/resources/META-INF/spring.schemas -- diff --git a/core/src/main/resources/META-INF/spring.schemas b/core/src/main/resources/META-INF/spring.schemas index 7eb3bc4..5a89b09 100644 --- a/core/src/main/resources/META-INF/spring.schemas +++ b/core/src/main/resources/META-INF/spring.schemas @@ -1,32 +1,32 @@ -# -# -#Licensed to the Apache Software Foundation (ASF) under one -#or more contributor license agreements. See the NOTICE file -#distributed with this work for additional information -#regarding copyright ownership. The ASF licenses this file -#to you under the Apache License, Version 2.0 (the -#"License"); you may not use this file except in compliance -#with the License. You may obtain a copy of the License at -# -#http://www.apache.org/licenses/LICENSE-2.0 -# -#Unless required by applicable law or agreed to in writing, -#software distributed under the License is distributed on an -#"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -#KIND, either express or implied. See the License for the -#specific language governing permissions and limitations -#under the License. -# -# -http\://cxf.apache.org/schemas/configuration/cxf-beans.xsd=schemas/configuration/cxf-beans.xsd -http\://cxf.apache.org/configuration/parameterized-types=schemas/configuration/parameterized-types.xsd - -http\://schemas.xmlsoap.org/wsdl/=schemas/wsdl/wsdl.xsd -http\://schemas.xmlsoap.org/wsdl/2003-02-11.xsd=schemas/wsdl/wsdl.xsd -http\://schemas.xmlsoap.org/wsdl/http/=schemas/wsdl/http.xsd -http\://schemas.xmlsoap.org/ws/2004/08/addressing=schemas/wsdl/addressing.xsd - -http\://cxf.apache.org/schemas/configuration/security.xsd=schemas/configuration/security.xsd -http\://cxf.apache.org/schemas/configuration/parameterized-types.xsd=schemas/configuration/parameterized-types.xsd - -http\://cxf.apache.org/schemas/core.xsd=schemas/core.xsd +# +# +#Licensed to the Apache Software Foundation (ASF) under one +#or more contributor license agreements. See the NOTICE file +#distributed with this work for additional information +#regarding copyright ownership. The ASF licenses this file +#to you under the Apache License, Version 2.0 (the +#"License"); you may not use this file except in compliance +#with the License. You may obtain a copy of the License at +# +#http://www.apache.org/licenses/LICENSE-2.0 +# +#Unless required by applicable law or agreed to in writing, +#software distributed under the License is distributed on an +#"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +#KIND, either express or implied. See the License for the +#specific language governing permissions and limitations +#under the License. +# +# +http\://cxf.apache.org/schemas/configuration/cxf-beans.xsd=schemas/configuration/cxf-beans.xsd +http\://cxf.apache.org/configuration/parameterized-types=schemas/configuration/parameterized-types.xsd + +http\://schemas.xmlsoap.org/wsdl/=schemas/wsdl/wsdl.xsd +http\://schemas.xmlsoap.org/wsdl/2003-02-11.xsd=schemas/wsdl/wsdl.xsd +http\://schemas.xmlsoap.org/wsdl/http/=schemas/wsdl/http.xsd +http\://schemas.xmlsoap.org/ws/2004/08/addressing=schemas/wsdl/addressing.xsd + +http\://cxf.apache.org/schemas/configuration/security.xsd=schemas/configuration/security.xsd +http\://cxf.apache.org/schemas/configuration/parameterized-types.xsd=schemas/configuration/parameterized-types.xsd +
cxf git commit: remove DOS CRs from spring.schemas
Repository: cxf Updated Branches: refs/heads/3.0.x-fixes 8eaedc6fa -> 13bb88a8f remove DOS CRs from spring.schemas Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/13bb88a8 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/13bb88a8 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/13bb88a8 Branch: refs/heads/3.0.x-fixes Commit: 13bb88a8f00e02eb66d8b410cbec50eecda4bbe3 Parents: 8eaedc6 Author: Akitoshi YoshidaAuthored: Fri Dec 11 12:32:58 2015 +0100 Committer: Akitoshi Yoshida Committed: Fri Dec 11 13:20:49 2015 +0100 -- core/src/main/resources/META-INF/spring.schemas | 64 ++-- .../src/main/resources/META-INF/spring.schemas | 42 ++--- .../src/main/resources/META-INF/spring.schemas | 42 ++--- .../src/main/resources/META-INF/spring.schemas | 44 +++--- .../src/main/resources/META-INF/spring.schemas | 42 ++--- .../src/main/resources/META-INF/spring.handlers | 48 +++ .../src/main/resources/META-INF/spring.schemas | 58 +- .../src/main/resources/META-INF/spring.schemas | 44 +++--- 8 files changed, 192 insertions(+), 192 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/13bb88a8/core/src/main/resources/META-INF/spring.schemas -- diff --git a/core/src/main/resources/META-INF/spring.schemas b/core/src/main/resources/META-INF/spring.schemas index 7eb3bc4..5a89b09 100644 --- a/core/src/main/resources/META-INF/spring.schemas +++ b/core/src/main/resources/META-INF/spring.schemas @@ -1,32 +1,32 @@ -# -# -#Licensed to the Apache Software Foundation (ASF) under one -#or more contributor license agreements. See the NOTICE file -#distributed with this work for additional information -#regarding copyright ownership. The ASF licenses this file -#to you under the Apache License, Version 2.0 (the -#"License"); you may not use this file except in compliance -#with the License. You may obtain a copy of the License at -# -#http://www.apache.org/licenses/LICENSE-2.0 -# -#Unless required by applicable law or agreed to in writing, -#software distributed under the License is distributed on an -#"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -#KIND, either express or implied. See the License for the -#specific language governing permissions and limitations -#under the License. -# -# -http\://cxf.apache.org/schemas/configuration/cxf-beans.xsd=schemas/configuration/cxf-beans.xsd -http\://cxf.apache.org/configuration/parameterized-types=schemas/configuration/parameterized-types.xsd - -http\://schemas.xmlsoap.org/wsdl/=schemas/wsdl/wsdl.xsd -http\://schemas.xmlsoap.org/wsdl/2003-02-11.xsd=schemas/wsdl/wsdl.xsd -http\://schemas.xmlsoap.org/wsdl/http/=schemas/wsdl/http.xsd -http\://schemas.xmlsoap.org/ws/2004/08/addressing=schemas/wsdl/addressing.xsd - -http\://cxf.apache.org/schemas/configuration/security.xsd=schemas/configuration/security.xsd -http\://cxf.apache.org/schemas/configuration/parameterized-types.xsd=schemas/configuration/parameterized-types.xsd - -http\://cxf.apache.org/schemas/core.xsd=schemas/core.xsd +# +# +#Licensed to the Apache Software Foundation (ASF) under one +#or more contributor license agreements. See the NOTICE file +#distributed with this work for additional information +#regarding copyright ownership. The ASF licenses this file +#to you under the Apache License, Version 2.0 (the +#"License"); you may not use this file except in compliance +#with the License. You may obtain a copy of the License at +# +#http://www.apache.org/licenses/LICENSE-2.0 +# +#Unless required by applicable law or agreed to in writing, +#software distributed under the License is distributed on an +#"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +#KIND, either express or implied. See the License for the +#specific language governing permissions and limitations +#under the License. +# +# +http\://cxf.apache.org/schemas/configuration/cxf-beans.xsd=schemas/configuration/cxf-beans.xsd +http\://cxf.apache.org/configuration/parameterized-types=schemas/configuration/parameterized-types.xsd + +http\://schemas.xmlsoap.org/wsdl/=schemas/wsdl/wsdl.xsd +http\://schemas.xmlsoap.org/wsdl/2003-02-11.xsd=schemas/wsdl/wsdl.xsd +http\://schemas.xmlsoap.org/wsdl/http/=schemas/wsdl/http.xsd +http\://schemas.xmlsoap.org/ws/2004/08/addressing=schemas/wsdl/addressing.xsd + +http\://cxf.apache.org/schemas/configuration/security.xsd=schemas/configuration/security.xsd +http\://cxf.apache.org/schemas/configuration/parameterized-types.xsd=schemas/configuration/parameterized-types.xsd +
cxf git commit: remove DOS CRs from spring.schemas
Repository: cxf Updated Branches: refs/heads/master f346c8054 -> 70ae6e209 remove DOS CRs from spring.schemas Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/70ae6e20 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/70ae6e20 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/70ae6e20 Branch: refs/heads/master Commit: 70ae6e20936c2f424de95ce368e8b6209d426579 Parents: f346c80 Author: Akitoshi YoshidaAuthored: Fri Dec 11 12:32:58 2015 +0100 Committer: Akitoshi Yoshida Committed: Fri Dec 11 13:18:16 2015 +0100 -- core/src/main/resources/META-INF/spring.schemas | 64 ++-- .../src/main/resources/META-INF/spring.schemas | 42 ++--- .../src/main/resources/META-INF/spring.schemas | 42 ++--- .../src/main/resources/META-INF/spring.schemas | 44 +++--- .../src/main/resources/META-INF/spring.schemas | 42 ++--- .../src/main/resources/META-INF/spring.handlers | 48 +++ .../src/main/resources/META-INF/spring.schemas | 58 +- .../src/main/resources/META-INF/spring.schemas | 44 +++--- 8 files changed, 192 insertions(+), 192 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/70ae6e20/core/src/main/resources/META-INF/spring.schemas -- diff --git a/core/src/main/resources/META-INF/spring.schemas b/core/src/main/resources/META-INF/spring.schemas index 7eb3bc4..5a89b09 100644 --- a/core/src/main/resources/META-INF/spring.schemas +++ b/core/src/main/resources/META-INF/spring.schemas @@ -1,32 +1,32 @@ -# -# -#Licensed to the Apache Software Foundation (ASF) under one -#or more contributor license agreements. See the NOTICE file -#distributed with this work for additional information -#regarding copyright ownership. The ASF licenses this file -#to you under the Apache License, Version 2.0 (the -#"License"); you may not use this file except in compliance -#with the License. You may obtain a copy of the License at -# -#http://www.apache.org/licenses/LICENSE-2.0 -# -#Unless required by applicable law or agreed to in writing, -#software distributed under the License is distributed on an -#"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -#KIND, either express or implied. See the License for the -#specific language governing permissions and limitations -#under the License. -# -# -http\://cxf.apache.org/schemas/configuration/cxf-beans.xsd=schemas/configuration/cxf-beans.xsd -http\://cxf.apache.org/configuration/parameterized-types=schemas/configuration/parameterized-types.xsd - -http\://schemas.xmlsoap.org/wsdl/=schemas/wsdl/wsdl.xsd -http\://schemas.xmlsoap.org/wsdl/2003-02-11.xsd=schemas/wsdl/wsdl.xsd -http\://schemas.xmlsoap.org/wsdl/http/=schemas/wsdl/http.xsd -http\://schemas.xmlsoap.org/ws/2004/08/addressing=schemas/wsdl/addressing.xsd - -http\://cxf.apache.org/schemas/configuration/security.xsd=schemas/configuration/security.xsd -http\://cxf.apache.org/schemas/configuration/parameterized-types.xsd=schemas/configuration/parameterized-types.xsd - -http\://cxf.apache.org/schemas/core.xsd=schemas/core.xsd +# +# +#Licensed to the Apache Software Foundation (ASF) under one +#or more contributor license agreements. See the NOTICE file +#distributed with this work for additional information +#regarding copyright ownership. The ASF licenses this file +#to you under the Apache License, Version 2.0 (the +#"License"); you may not use this file except in compliance +#with the License. You may obtain a copy of the License at +# +#http://www.apache.org/licenses/LICENSE-2.0 +# +#Unless required by applicable law or agreed to in writing, +#software distributed under the License is distributed on an +#"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +#KIND, either express or implied. See the License for the +#specific language governing permissions and limitations +#under the License. +# +# +http\://cxf.apache.org/schemas/configuration/cxf-beans.xsd=schemas/configuration/cxf-beans.xsd +http\://cxf.apache.org/configuration/parameterized-types=schemas/configuration/parameterized-types.xsd + +http\://schemas.xmlsoap.org/wsdl/=schemas/wsdl/wsdl.xsd +http\://schemas.xmlsoap.org/wsdl/2003-02-11.xsd=schemas/wsdl/wsdl.xsd +http\://schemas.xmlsoap.org/wsdl/http/=schemas/wsdl/http.xsd +http\://schemas.xmlsoap.org/ws/2004/08/addressing=schemas/wsdl/addressing.xsd + +http\://cxf.apache.org/schemas/configuration/security.xsd=schemas/configuration/security.xsd +http\://cxf.apache.org/schemas/configuration/parameterized-types.xsd=schemas/configuration/parameterized-types.xsd +
cxf git commit: update rt/ws/policy's spring.schemas to avoid remote access
Repository: cxf Updated Branches: refs/heads/master 70ae6e209 -> 974280aae update rt/ws/policy's spring.schemas to avoid remote access Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/974280aa Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/974280aa Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/974280aa Branch: refs/heads/master Commit: 974280aaeecf67b540d2924809a4ed516f793677 Parents: 70ae6e2 Author: Akitoshi YoshidaAuthored: Fri Dec 11 13:25:28 2015 +0100 Committer: Akitoshi Yoshida Committed: Fri Dec 11 13:25:28 2015 +0100 -- rt/ws/policy/src/main/resources/META-INF/spring.schemas | 2 ++ 1 file changed, 2 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/974280aa/rt/ws/policy/src/main/resources/META-INF/spring.schemas -- diff --git a/rt/ws/policy/src/main/resources/META-INF/spring.schemas b/rt/ws/policy/src/main/resources/META-INF/spring.schemas index f1d0787..b3f7597 100644 --- a/rt/ws/policy/src/main/resources/META-INF/spring.schemas +++ b/rt/ws/policy/src/main/resources/META-INF/spring.schemas @@ -26,4 +26,6 @@ http\://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0. http\://www.w3.org/2001/xml.xsd=schemas/xml.xsd http\://cxf.apache.org/schemas/policy.xsd=schemas/policy.xsd http\://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd=schemas/xmldsig-core-schema.xsd +http\://www.w3.org/2001/XMLSchema.dtd=schemas/XMLSchema.dtd +http\://www.w3.org/2001/datatypes.dtd=schemas/datatypes.dtd
cxf git commit: cxf-6705: Fix versions used to import javax.validation packages.
Repository: cxf Updated Branches: refs/heads/master 974280aae -> e5fa40503 cxf-6705: Fix versions used to import javax.validation packages. Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e5fa4050 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e5fa4050 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e5fa4050 Branch: refs/heads/master Commit: e5fa40503b793514708fdc6289671dd9718670ef Parents: 974280a Author: Benson MarguliesAuthored: Fri Dec 11 09:02:36 2015 -0500 Committer: Benson Margulies Committed: Fri Dec 11 09:02:36 2015 -0500 -- core/pom.xml | 2 +- parent/pom.xml | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/e5fa4050/core/pom.xml -- diff --git a/core/pom.xml b/core/pom.xml index ab6ccbd..cda420d 100644 --- a/core/pom.xml +++ b/core/pom.xml @@ -56,7 +56,7 @@ javax.annotation;version="${cxf.osgi.javax.annotation.version}", javax.xml.bind*;version="${cxf.osgi.javax.bind.version}", javax.xml.stream*;version="${cxf.osgi.javax.stream.version}", - javax.validation*;resolution:=optional;version="${cxf.validation.api.version}", + javax.validation*;resolution:=optional;version="${cxf.validation.api.package.version}", com.sun.xml.bind.api;resolution:=optional, com.sun.xml.bind.api.impl;resolution:=optional, com.sun.xml.internal.bind.api;resolution:=optional, http://git-wip-us.apache.org/repos/asf/cxf/blob/e5fa4050/parent/pom.xml -- diff --git a/parent/pom.xml b/parent/pom.xml index 3df4832..ee45d8a 100644 --- a/parent/pom.xml +++ b/parent/pom.xml @@ -156,6 +156,9 @@ 2.2.1 1.1.4c_6 1.1.0.Final + + 1.0.0 1.1 1.0 2.1.2.Final
cxf git commit: cxf-6705: Fix versions used to import javax.validation packages.
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 0dfe3a614 -> 358589c33 cxf-6705: Fix versions used to import javax.validation packages. Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/358589c3 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/358589c3 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/358589c3 Branch: refs/heads/3.1.x-fixes Commit: 358589c33f44d747f5a924f0b1cdedfcb7018a22 Parents: 0dfe3a6 Author: Benson MarguliesAuthored: Fri Dec 11 09:02:36 2015 -0500 Committer: Benson Margulies Committed: Fri Dec 11 09:06:00 2015 -0500 -- core/pom.xml | 2 +- parent/pom.xml | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/358589c3/core/pom.xml -- diff --git a/core/pom.xml b/core/pom.xml index 3cebe9f..8bc295e 100644 --- a/core/pom.xml +++ b/core/pom.xml @@ -56,7 +56,7 @@ javax.annotation;version="${cxf.osgi.javax.annotation.version}", javax.xml.bind*;version="${cxf.osgi.javax.bind.version}", javax.xml.stream*;version="${cxf.osgi.javax.stream.version}", - javax.validation*;resolution:=optional;version="${cxf.validation.api.version}", + javax.validation*;resolution:=optional;version="${cxf.validation.api.package.version}", com.sun.xml.bind.api;resolution:=optional, com.sun.xml.bind.api.impl;resolution:=optional, com.sun.xml.internal.bind.api;resolution:=optional, http://git-wip-us.apache.org/repos/asf/cxf/blob/358589c3/parent/pom.xml -- diff --git a/parent/pom.xml b/parent/pom.xml index 8ca9fdb..7e62766 100644 --- a/parent/pom.xml +++ b/parent/pom.xml @@ -156,6 +156,9 @@ 2.2.1 1.1.4c_6 1.1.0.Final + + 1.0.0 1.1 1.0 2.1.2.Final
cxf git commit: Adding negative tests for SAML authentication in OAuth
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 2ec0130e0 -> 706ddbcb9 Adding negative tests for SAML authentication in OAuth Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/706ddbcb Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/706ddbcb Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/706ddbcb Branch: refs/heads/3.1.x-fixes Commit: 706ddbcb9e02d26545d2814e823bb5328321a4a7 Parents: 2ec0130 Author: Colm O hEigeartaighAuthored: Fri Dec 11 16:35:13 2015 + Committer: Colm O hEigeartaigh Committed: Fri Dec 11 16:36:12 2015 + -- .../jaxrs/security/oauth2/JAXRSOAuth2Test.java | 188 ++- .../security/oauth2/SamlCallbackHandler.java| 17 +- 2 files changed, 200 insertions(+), 5 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/706ddbcb/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java -- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java index d20d3ff..90c8cbb 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java @@ -54,13 +54,19 @@ import org.apache.cxf.rs.security.oauth2.common.AccessTokenGrant; import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken; import org.apache.cxf.rs.security.oauth2.grants.jwt.JwtBearerGrant; import org.apache.cxf.rs.security.oauth2.grants.saml.Saml2BearerGrant; +import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException; import org.apache.cxf.rs.security.oauth2.saml.Constants; import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants; import org.apache.cxf.rs.security.saml.SAMLUtils; import org.apache.cxf.rs.security.saml.SAMLUtils.SelfSignInfo; import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; import org.apache.wss4j.common.crypto.Crypto; +import org.apache.wss4j.common.ext.WSSecurityException; +import org.apache.wss4j.common.saml.SAMLCallback; +import org.apache.wss4j.common.saml.SAMLUtil; import org.apache.wss4j.common.saml.SamlAssertionWrapper; +import org.apache.wss4j.common.saml.builder.SAML1Constants; +import org.apache.wss4j.common.saml.builder.SAML2Constants; import org.apache.wss4j.common.util.DOM2Writer; import org.junit.BeforeClass; import org.junit.Test; @@ -75,7 +81,7 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase { assertTrue("server did not launch correctly", launchServer(BookServerOAuth2.class, true)); } - + @Test public void testSAML2BearerGrant() throws Exception { String address = "https://localhost:; + PORT + "/oauth2/token"; @@ -181,6 +187,160 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase { extraParams); assertNotNull(at.getTokenKey()); } + +// +// Some negative tests for authentication +// + +@Test +public void testSAML11() throws Exception { +String address = "https://localhost:; + PORT + "/oauth2-auth/token"; +WebClient wc = createWebClient(address); + +String audienceURI = "https://localhost:; + PORT + "/oauth2-auth/token"; +String assertion = createToken(audienceURI, false, true); +String encodedAssertion = Base64UrlUtility.encode(assertion); + +Map extraParams = new HashMap (); +extraParams.put(Constants.CLIENT_AUTH_ASSERTION_TYPE, Constants.CLIENT_AUTH_SAML2_BEARER); +extraParams.put(Constants.CLIENT_AUTH_ASSERTION_PARAM, encodedAssertion); + +try { +OAuthClientUtils.getAccessToken(wc, new CustomGrant(), extraParams); +fail("Failure expected on a SAML 1.1 Assertion"); +} catch (OAuthServiceException ex) { +// expected +} +} + +@Test +public void testSAMLAudRestr() throws Exception { +String address = "https://localhost:; + PORT + "/oauth2-auth/token"; +WebClient wc = createWebClient(address); + +String audienceURI = "https://localhost:; + PORT + "/oauth2-auth/token2"; +String assertion = createToken(audienceURI, true, true); +String encodedAssertion = Base64UrlUtility.encode(assertion); + +Map extraParams = new HashMap (); +
[2/3] cxf git commit: Adding negative tests for SAML authentication in OAuth
Adding negative tests for SAML authentication in OAuth # Conflicts: # systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/87c7e02a Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/87c7e02a Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/87c7e02a Branch: refs/heads/3.0.x-fixes Commit: 87c7e02a9f9ed689e7b7dbbc569e46024bdcb77c Parents: 80e4f1f Author: Colm O hEigeartaighAuthored: Fri Dec 11 16:35:13 2015 + Committer: Colm O hEigeartaigh Committed: Fri Dec 11 16:37:14 2015 + -- .../jaxrs/security/oauth2/JAXRSOAuth2Test.java | 277 ++- .../security/oauth2/SamlCallbackHandler.java| 17 +- 2 files changed, 289 insertions(+), 5 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/87c7e02a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java -- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java index 664752f..2bb18c5 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java @@ -38,12 +38,23 @@ import org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils; import org.apache.cxf.rs.security.oauth2.common.AccessTokenGrant; import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken; import org.apache.cxf.rs.security.oauth2.grants.saml.Saml2BearerGrant; +import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException; import org.apache.cxf.rs.security.oauth2.saml.Constants; import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants; import org.apache.cxf.rs.security.saml.SAMLUtils; import org.apache.cxf.rs.security.saml.SAMLUtils.SelfSignInfo; import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; import org.apache.wss4j.common.crypto.Crypto; +<<< HEAD +=== +import org.apache.wss4j.common.ext.WSSecurityException; +import org.apache.wss4j.common.saml.SAMLCallback; +import org.apache.wss4j.common.saml.SAMLUtil; +import org.apache.wss4j.common.saml.SamlAssertionWrapper; +import org.apache.wss4j.common.saml.builder.SAML1Constants; +import org.apache.wss4j.common.saml.builder.SAML2Constants; +import org.apache.wss4j.common.util.DOM2Writer; +>>> 706ddbc... Adding negative tests for SAML authentication in OAuth import org.junit.BeforeClass; import org.junit.Test; @@ -57,7 +68,7 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase { assertTrue("server did not launch correctly", launchServer(BookServerOAuth2.class, true)); } - + @Test public void testSAML2BearerGrant() throws Exception { String address = "https://localhost:; + PORT + "/oauth2/token"; @@ -122,6 +133,198 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase { assertNotNull(at.getTokenKey()); } +<<< HEAD +=== +@Test +public void testJWTBearerGrant() throws Exception { +String address = "https://localhost:; + PORT + "/oauth2/token"; +WebClient wc = createWebClient(address); + +// Create the JWT Token +String token = createToken("resourceOwner", "alice", address, true, true); + +JwtBearerGrant grant = new JwtBearerGrant(token); +ClientAccessToken at = OAuthClientUtils.getAccessToken(wc, +new Consumer("alice", "alice"), +grant, +false); +assertNotNull(at.getTokenKey()); +} + +@Test +public void testJWTBearerAuthenticationDirect() throws Exception { +String address = "https://localhost:; + PORT + "/oauth2-auth-jwt/token"; +WebClient wc = createWebClient(address); + +// Create the JWT Token +String token = createToken("resourceOwner", "alice", address, true, true); + +Map extraParams = new HashMap (); +extraParams.put(Constants.CLIENT_AUTH_ASSERTION_TYPE, + "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"); +extraParams.put(Constants.CLIENT_AUTH_ASSERTION_PARAM, token); + +ClientAccessToken at = OAuthClientUtils.getAccessToken(wc, +
[2/2] cxf git commit: Merge branch 'master' of https://git-wip-us.apache.org/repos/asf/cxf
Merge branch 'master' of https://git-wip-us.apache.org/repos/asf/cxf Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/af717517 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/af717517 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/af717517 Branch: refs/heads/master Commit: af7175171ade0017e77a8deb17ee90849b9ace1b Parents: 4bb552c 08068c8 Author: Benson MarguliesAuthored: Fri Dec 11 11:14:27 2015 -0500 Committer: Benson Margulies Committed: Fri Dec 11 11:14:27 2015 -0500 -- .../oauth2/client/OAuthClientUtils.java | 11 +-- .../oauth2/common/ServerAccessToken.java| 9 +++ .../oauth2/grants/AbstractGrantHandler.java | 66 .../grants/code/AbstractCodeDataProvider.java | 1 + .../code/AuthorizationCodeGrantHandler.java | 38 +++-- .../code/ServerAuthorizationCodeGrant.java | 9 +++ .../provider/AbstractOAuthDataProvider.java | 1 + .../oauth2/services/AbstractOAuthService.java | 9 ++- .../oauth2/services/AbstractTokenService.java | 81 .../oauth2/services/AccessTokenService.java | 3 +- .../services/DirectAuthorizationService.java| 41 ++ .../services/RedirectionBasedGrantService.java | 79 ++- .../oauth2/services/TokenRevocationService.java | 3 +- .../oidc/idp/IdTokenResponseFilter.java | 3 + 14 files changed, 222 insertions(+), 132 deletions(-) --
[1/2] cxf git commit: CXF-6705: supply hibernate with all of its dependencies.
Repository: cxf Updated Branches: refs/heads/master 08068c8a6 -> af7175171 CXF-6705: supply hibernate with all of its dependencies. Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4bb552ce Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4bb552ce Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4bb552ce Branch: refs/heads/master Commit: 4bb552ce8b079c7553881e6ad7fd009d4732052f Parents: e5fa405 Author: Benson MarguliesAuthored: Fri Dec 11 11:13:38 2015 -0500 Committer: Benson Margulies Committed: Fri Dec 11 11:14:08 2015 -0500 -- .../features/src/main/resources/features.xml | 19 ++- parent/pom.xml | 7 --- 2 files changed, 22 insertions(+), 4 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/4bb552ce/osgi/karaf/features/src/main/resources/features.xml -- diff --git a/osgi/karaf/features/src/main/resources/features.xml b/osgi/karaf/features/src/main/resources/features.xml index dafdbea..0f39e10 100644 --- a/osgi/karaf/features/src/main/resources/features.xml +++ b/osgi/karaf/features/src/main/resources/features.xml @@ -442,7 +442,24 @@ mvn:org.apache.servicemix.specs/org.apache.servicemix.specs.jsr303-api-${cxf.osgi.validation.api.version}/${cxf.servicemix.specs.version} -mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.hibernate-validator/${cxf.hibernate-validator.bundle.version} +mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.hibernate-validator/${cxf.hibernate-validator.bundle.version} + +mvn:javax.validation/validation-api/1.1.0.Final + +mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.joda-time/2.3_1 + +mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.jsoup/1.5.2_2 + +mvn:org.jboss.logging/jboss-logging/3.1.3.GA + +mvn:com.fasterxml/classmate/1.1.0 + +mvn:org.apache.servicemix.specs/org.apache.servicemix.specs.stax-api-1.2/2.4.0 +mvn:org.codehaus.woodstox/stax2-api/4.0.0 +mvn:org.codehaus.woodstox/woodstox/5.0.2 +mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.cglib/3.2.0_1 +mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.aspectj/1.8.7_2 http://git-wip-us.apache.org/repos/asf/cxf/blob/4bb552ce/parent/pom.xml -- diff --git a/parent/pom.xml b/parent/pom.xml index ee45d8a..1e6b9f5 100644 --- a/parent/pom.xml +++ b/parent/pom.xml @@ -156,9 +156,10 @@ 2.2.1 1.1.4c_6 1.1.0.Final - - 1.0.0 + + [1.0.0,2) 1.1 1.0 2.1.2.Final
[1/2] cxf git commit: CXF-6705: supply hibernate with all of its dependencies.
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 6a328a5c0 -> 2ec0130e0 CXF-6705: supply hibernate with all of its dependencies. Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c87aa760 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c87aa760 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c87aa760 Branch: refs/heads/3.1.x-fixes Commit: c87aa76033ddec5a738851117191da098706e494 Parents: 358589c Author: Benson MarguliesAuthored: Fri Dec 11 11:13:38 2015 -0500 Committer: Benson Margulies Committed: Fri Dec 11 11:13:38 2015 -0500 -- .../features/src/main/resources/features.xml | 19 ++- parent/pom.xml | 7 --- 2 files changed, 22 insertions(+), 4 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/c87aa760/osgi/karaf/features/src/main/resources/features.xml -- diff --git a/osgi/karaf/features/src/main/resources/features.xml b/osgi/karaf/features/src/main/resources/features.xml index dafdbea..0f39e10 100644 --- a/osgi/karaf/features/src/main/resources/features.xml +++ b/osgi/karaf/features/src/main/resources/features.xml @@ -442,7 +442,24 @@ mvn:org.apache.servicemix.specs/org.apache.servicemix.specs.jsr303-api-${cxf.osgi.validation.api.version}/${cxf.servicemix.specs.version} -mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.hibernate-validator/${cxf.hibernate-validator.bundle.version} +mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.hibernate-validator/${cxf.hibernate-validator.bundle.version} + +mvn:javax.validation/validation-api/1.1.0.Final + +mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.joda-time/2.3_1 + +mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.jsoup/1.5.2_2 + +mvn:org.jboss.logging/jboss-logging/3.1.3.GA + +mvn:com.fasterxml/classmate/1.1.0 + +mvn:org.apache.servicemix.specs/org.apache.servicemix.specs.stax-api-1.2/2.4.0 +mvn:org.codehaus.woodstox/stax2-api/4.0.0 +mvn:org.codehaus.woodstox/woodstox/5.0.2 +mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.cglib/3.2.0_1 +mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.aspectj/1.8.7_2 http://git-wip-us.apache.org/repos/asf/cxf/blob/c87aa760/parent/pom.xml -- diff --git a/parent/pom.xml b/parent/pom.xml index 7e62766..e0666c4 100644 --- a/parent/pom.xml +++ b/parent/pom.xml @@ -156,9 +156,10 @@ 2.2.1 1.1.4c_6 1.1.0.Final - - 1.0.0 + + [1.0.0,2) 1.1 1.0 2.1.2.Final
[1/3] cxf git commit: Recording .gitmergeinfo Changes
Repository: cxf Updated Branches: refs/heads/3.0.x-fixes 80e4f1f75 -> 20d4c1486 Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/5027ceaf Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/5027ceaf Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/5027ceaf Branch: refs/heads/3.0.x-fixes Commit: 5027ceaf662ef1570975aa26f3d8063981f1c3d0 Parents: 87c7e02 Author: Colm O hEigeartaighAuthored: Fri Dec 11 16:37:14 2015 + Committer: Colm O hEigeartaigh Committed: Fri Dec 11 16:37:14 2015 + -- .gitmergeinfo | 1 + 1 file changed, 1 insertion(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/5027ceaf/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index 61208c2..4fcdb7f 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -687,6 +687,7 @@ M 6d830354143f91f317d9faf2463c9ceeab44 M 6e3224606ecf56b821dac537241f18a59b44e3e3 M 6fd3ada7af5af1fcb0de337c379e34e7bdb44a56 M 702a4c1759263d25ab62c0804ed61a1f099a +M 706ddbcb9e02d26545d2814e823bb5328321a4a7 M 70b568a3390bec3498c427264a5f3f4cbcb7f1cc M 717018e84f3ed41f0c9ca5ca550593c6c3352866 M 71a1d1425c7cbfb6d410e6655f3579131d1fab3e
[3/3] cxf git commit: Fixing merge
Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/20d4c148 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/20d4c148 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/20d4c148 Branch: refs/heads/3.0.x-fixes Commit: 20d4c14869c30f3dc3135d727dcb202c33df68b3 Parents: 5027cea Author: Colm O hEigeartaighAuthored: Fri Dec 11 16:48:45 2015 + Committer: Colm O hEigeartaigh Committed: Fri Dec 11 16:48:45 2015 + -- .../jaxrs/security/oauth2/JAXRSOAuth2Test.java | 88 1 file changed, 88 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/20d4c148/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java -- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java index 2bb18c5..0452c19 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java @@ -45,16 +45,12 @@ import org.apache.cxf.rs.security.saml.SAMLUtils; import org.apache.cxf.rs.security.saml.SAMLUtils.SelfSignInfo; import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; import org.apache.wss4j.common.crypto.Crypto; -<<< HEAD -=== import org.apache.wss4j.common.ext.WSSecurityException; import org.apache.wss4j.common.saml.SAMLCallback; import org.apache.wss4j.common.saml.SAMLUtil; import org.apache.wss4j.common.saml.SamlAssertionWrapper; import org.apache.wss4j.common.saml.builder.SAML1Constants; import org.apache.wss4j.common.saml.builder.SAML2Constants; -import org.apache.wss4j.common.util.DOM2Writer; ->>> 706ddbc... Adding negative tests for SAML authentication in OAuth import org.junit.BeforeClass; import org.junit.Test; @@ -133,43 +129,6 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase { assertNotNull(at.getTokenKey()); } -<<< HEAD -=== -@Test -public void testJWTBearerGrant() throws Exception { -String address = "https://localhost:; + PORT + "/oauth2/token"; -WebClient wc = createWebClient(address); - -// Create the JWT Token -String token = createToken("resourceOwner", "alice", address, true, true); - -JwtBearerGrant grant = new JwtBearerGrant(token); -ClientAccessToken at = OAuthClientUtils.getAccessToken(wc, -new Consumer("alice", "alice"), -grant, -false); -assertNotNull(at.getTokenKey()); -} - -@Test -public void testJWTBearerAuthenticationDirect() throws Exception { -String address = "https://localhost:; + PORT + "/oauth2-auth-jwt/token"; -WebClient wc = createWebClient(address); - -// Create the JWT Token -String token = createToken("resourceOwner", "alice", address, true, true); - -Map extraParams = new HashMap (); -extraParams.put(Constants.CLIENT_AUTH_ASSERTION_TYPE, - "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"); -extraParams.put(Constants.CLIENT_AUTH_ASSERTION_PARAM, token); - -ClientAccessToken at = OAuthClientUtils.getAccessToken(wc, - new CustomGrant(), - extraParams); -assertNotNull(at.getTokenKey()); -} - // // Some negative tests for authentication // @@ -324,7 +283,6 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase { } } ->>> 706ddbc... Adding negative tests for SAML authentication in OAuth private WebClient createWebClient(String address) { JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean(); bean.setAddress(address); @@ -369,8 +327,6 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase { return wc; } -<<< HEAD -=== private String createToken(String audRestr, boolean saml2, boolean sign) throws WSSecurityException { SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(sign); samlCallbackHandler.setAudience(audRestr); @@ -397,50 +353,6 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
cxf git commit: Adding negative tests for SAML authentication in OAuth
Repository: cxf Updated Branches: refs/heads/master af7175171 -> d191c4995 Adding negative tests for SAML authentication in OAuth Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/d191c499 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/d191c499 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/d191c499 Branch: refs/heads/master Commit: d191c4995dcdc198d6d9abc980afb078e4d86e5c Parents: af71751 Author: Colm O hEigeartaighAuthored: Fri Dec 11 16:35:13 2015 + Committer: Colm O hEigeartaigh Committed: Fri Dec 11 16:35:47 2015 + -- .../jaxrs/security/oauth2/JAXRSOAuth2Test.java | 188 ++- .../security/oauth2/SamlCallbackHandler.java| 17 +- 2 files changed, 200 insertions(+), 5 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/d191c499/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java -- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java index d20d3ff..90c8cbb 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java @@ -54,13 +54,19 @@ import org.apache.cxf.rs.security.oauth2.common.AccessTokenGrant; import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken; import org.apache.cxf.rs.security.oauth2.grants.jwt.JwtBearerGrant; import org.apache.cxf.rs.security.oauth2.grants.saml.Saml2BearerGrant; +import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException; import org.apache.cxf.rs.security.oauth2.saml.Constants; import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants; import org.apache.cxf.rs.security.saml.SAMLUtils; import org.apache.cxf.rs.security.saml.SAMLUtils.SelfSignInfo; import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; import org.apache.wss4j.common.crypto.Crypto; +import org.apache.wss4j.common.ext.WSSecurityException; +import org.apache.wss4j.common.saml.SAMLCallback; +import org.apache.wss4j.common.saml.SAMLUtil; import org.apache.wss4j.common.saml.SamlAssertionWrapper; +import org.apache.wss4j.common.saml.builder.SAML1Constants; +import org.apache.wss4j.common.saml.builder.SAML2Constants; import org.apache.wss4j.common.util.DOM2Writer; import org.junit.BeforeClass; import org.junit.Test; @@ -75,7 +81,7 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase { assertTrue("server did not launch correctly", launchServer(BookServerOAuth2.class, true)); } - + @Test public void testSAML2BearerGrant() throws Exception { String address = "https://localhost:; + PORT + "/oauth2/token"; @@ -181,6 +187,160 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase { extraParams); assertNotNull(at.getTokenKey()); } + +// +// Some negative tests for authentication +// + +@Test +public void testSAML11() throws Exception { +String address = "https://localhost:; + PORT + "/oauth2-auth/token"; +WebClient wc = createWebClient(address); + +String audienceURI = "https://localhost:; + PORT + "/oauth2-auth/token"; +String assertion = createToken(audienceURI, false, true); +String encodedAssertion = Base64UrlUtility.encode(assertion); + +Map extraParams = new HashMap (); +extraParams.put(Constants.CLIENT_AUTH_ASSERTION_TYPE, Constants.CLIENT_AUTH_SAML2_BEARER); +extraParams.put(Constants.CLIENT_AUTH_ASSERTION_PARAM, encodedAssertion); + +try { +OAuthClientUtils.getAccessToken(wc, new CustomGrant(), extraParams); +fail("Failure expected on a SAML 1.1 Assertion"); +} catch (OAuthServiceException ex) { +// expected +} +} + +@Test +public void testSAMLAudRestr() throws Exception { +String address = "https://localhost:; + PORT + "/oauth2-auth/token"; +WebClient wc = createWebClient(address); + +String audienceURI = "https://localhost:; + PORT + "/oauth2-auth/token2"; +String assertion = createToken(audienceURI, true, true); +String encodedAssertion = Base64UrlUtility.encode(assertion); + +Map extraParams = new HashMap (); +
cxf-fediz git commit: Improve Client Registration Service (Look)
Repository: cxf-fediz Updated Branches: refs/heads/master 8f55d7417 -> f1a7b9684 Improve Client Registration Service (Look) Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/f1a7b968 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/f1a7b968 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/f1a7b968 Branch: refs/heads/master Commit: f1a7b968446b1cf0eadb7e4281fc7cd0d3eea1b2 Parents: 8f55d74 Author: Jan BernhardtAuthored: Fri Dec 11 16:17:02 2015 +0100 Committer: Jan Bernhardt Committed: Fri Dec 11 16:24:36 2015 +0100 -- .../service/oidc/ClientRegistrationService.java | 8 +- .../webapp/WEB-INF/views/registerClient.jsp | 215 +-- 2 files changed, 112 insertions(+), 111 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f1a7b968/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java -- diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java index 7fb0f35..8c4babb 100644 --- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java +++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java @@ -71,9 +71,11 @@ public class ClientRegistrationService { @Consumes(MediaType.APPLICATION_FORM_URLENCODED) @Produces(MediaType.TEXT_HTML) @Path("/") -public Collection registerForm(@FormParam("appName") String appName, -@FormParam("appDescription") String appDesc, @FormParam("appType") String appType, -@FormParam("redirectURI") String redirectURI, @FormParam("homeRealm") String homeRealm) { +public Collection registerForm(@FormParam("client_name") String appName, +@FormParam("client_description") String appDesc, @FormParam("client_type") String appType, +@FormParam("client_redirectURI") String redirectURI, @FormParam("client_homeRealm") String homeRealm) { +//TODO Check for mandatory parameters + String clientId = generateClientId(); boolean isConfidential = "confidential".equals(appType); String clientSecret = isConfidential http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f1a7b968/services/oidc/src/main/webapp/WEB-INF/views/registerClient.jsp -- diff --git a/services/oidc/src/main/webapp/WEB-INF/views/registerClient.jsp b/services/oidc/src/main/webapp/WEB-INF/views/registerClient.jsp index 99e8ff8..e29d77f 100644 --- a/services/oidc/src/main/webapp/WEB-INF/views/registerClient.jsp +++ b/services/oidc/src/main/webapp/WEB-INF/views/registerClient.jsp @@ -1,4 +1,5 @@ -<%@ page import="javax.servlet.http.HttpServletRequest,java.util.Map,java.util.Iterator,org.apache.cxf.fediz.service.oidc.RegisterClient" %> +<%@ page + import="javax.servlet.http.HttpServletRequest,java.util.Map,java.util.Iterator,org.apache.cxf.fediz.service.oidc.RegisterClient"%> <% RegisterClient reg = (RegisterClient)request.getAttribute("data"); String basePath = request.getContextPath() + request.getServletPath(); @@ -8,114 +9,112 @@ %> http://www.w3.org/1999/xhtml;> -Client Registration Form - - - +Client Registration Form + + + -API Client Registration Form - - - - - - -Client Name: - - - - - - - - -Client Description: - - -
[2/2] cxf git commit: Merge branch '3.1.x-fixes' of https://git-wip-us.apache.org/repos/asf/cxf into 3.1.x-fixes
Merge branch '3.1.x-fixes' of https://git-wip-us.apache.org/repos/asf/cxf into 3.1.x-fixes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/2ec0130e Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/2ec0130e Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/2ec0130e Branch: refs/heads/3.1.x-fixes Commit: 2ec0130e033f59c1e5e36529a9cfb4a0b1c82b12 Parents: c87aa76 6a328a5 Author: Benson MarguliesAuthored: Fri Dec 11 11:14:58 2015 -0500 Committer: Benson Margulies Committed: Fri Dec 11 11:14:58 2015 -0500 -- .../oauth2/client/OAuthClientUtils.java | 11 +-- .../oauth2/common/ServerAccessToken.java| 9 +++ .../oauth2/grants/AbstractGrantHandler.java | 67 .../grants/code/AbstractCodeDataProvider.java | 1 + .../code/AuthorizationCodeGrantHandler.java | 40 -- .../code/ServerAuthorizationCodeGrant.java | 9 +++ .../provider/AbstractOAuthDataProvider.java | 1 + .../oauth2/services/AbstractOAuthService.java | 9 ++- .../oauth2/services/AbstractTokenService.java | 81 .../oauth2/services/AccessTokenService.java | 3 +- .../services/DirectAuthorizationService.java| 41 ++ .../services/RedirectionBasedGrantService.java | 79 ++- .../oauth2/services/TokenRevocationService.java | 3 +- .../oidc/idp/IdTokenResponseFilter.java | 3 + 14 files changed, 225 insertions(+), 132 deletions(-) --
[2/2] cxf git commit: Store the nonce + include it in the IdToken
Store the nonce + include it in the IdToken Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/68af1967 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/68af1967 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/68af1967 Branch: refs/heads/master Commit: 68af1967f1e90f95c979490f5501031ebbacec7a Parents: e5fa405 Author: Colm O hEigeartaighAuthored: Fri Dec 11 11:55:52 2015 + Committer: Colm O hEigeartaigh Committed: Fri Dec 11 15:24:06 2015 + -- .../oauth2/common/ServerAccessToken.java| 9 +++ .../oauth2/grants/AbstractGrantHandler.java | 66 +++- .../grants/code/AbstractCodeDataProvider.java | 1 + .../code/AuthorizationCodeGrantHandler.java | 38 --- .../code/ServerAuthorizationCodeGrant.java | 9 +++ .../provider/AbstractOAuthDataProvider.java | 1 + .../oidc/idp/IdTokenResponseFilter.java | 3 + 7 files changed, 90 insertions(+), 37 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/68af1967/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java -- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java index d5cc449..7c64a51 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java @@ -37,6 +37,7 @@ public abstract class ServerAccessToken extends AccessToken { private UserSubject subject; private String audience; private String clientCodeVerifier; +private String nonce; protected ServerAccessToken() { @@ -158,4 +159,12 @@ public abstract class ServerAccessToken extends AccessToken { public void setClientCodeVerifier(String clientCodeVerifier) { this.clientCodeVerifier = clientCodeVerifier; } + +public String getNonce() { +return nonce; +} + +public void setNonce(String nonce) { +this.nonce = nonce; +} } http://git-wip-us.apache.org/repos/asf/cxf/blob/68af1967/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java -- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java index 38ab690..f107de7 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java @@ -100,51 +100,39 @@ public abstract class AbstractGrantHandler implements AccessTokenGrantHandler { return doCreateAccessToken(client, subject, OAuthUtils.parseScope(params.getFirst(OAuthConstants.SCOPE)), - null, params.getFirst(OAuthConstants.CLIENT_AUDIENCE)); } protected ServerAccessToken doCreateAccessToken(Client client, UserSubject subject, -List requestedScope) { +List requestedScopes) { -return doCreateAccessToken(client, subject, getSingleGrantType(), requestedScope); +return doCreateAccessToken(client, subject, getSingleGrantType(), requestedScopes); } protected ServerAccessToken doCreateAccessToken(Client client, UserSubject subject, -List requestedScope, -List approvedScope, +List requestedScopes, String audience) { -return doCreateAccessToken(client, subject, getSingleGrantType(), requestedScope, - approvedScope, audience, null); +return doCreateAccessToken(client, subject, getSingleGrantType(), requestedScopes, +
[1/2] cxf git commit: Make sure the State is always returned to the client on an error
Repository: cxf Updated Branches: refs/heads/master e5fa40503 -> 08068c8a6 Make sure the State is always returned to the client on an error Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/08068c8a Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/08068c8a Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/08068c8a Branch: refs/heads/master Commit: 08068c8a6c784e866ba9bb9b2b16e5b35d569e1b Parents: 68af196 Author: Colm O hEigeartaighAuthored: Fri Dec 11 15:10:31 2015 + Committer: Colm O hEigeartaigh Committed: Fri Dec 11 15:24:06 2015 + -- .../oauth2/client/OAuthClientUtils.java | 11 +-- .../oauth2/services/AbstractOAuthService.java | 9 ++- .../oauth2/services/AbstractTokenService.java | 81 .../oauth2/services/AccessTokenService.java | 3 +- .../services/DirectAuthorizationService.java| 41 ++ .../services/RedirectionBasedGrantService.java | 79 ++- .../oauth2/services/TokenRevocationService.java | 3 +- 7 files changed, 132 insertions(+), 95 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/08068c8a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java -- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java index e00ce0b..0f6807d 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java @@ -68,18 +68,11 @@ public final class OAuthClientUtils { String redirectUri, String state, String scope) { -UriBuilder ub = getAuthorizationURIBuilder(authorizationServiceURI, +return getAuthorizationURIBuilder(authorizationServiceURI, clientId, redirectUri, state, - scope); -if (redirectUri != null) { -ub.queryParam(OAuthConstants.REDIRECT_URI, redirectUri); -} -if (state != null) { -ub.queryParam(OAuthConstants.STATE, state); -} -return ub.build(); + scope).build(); } public static UriBuilder getAuthorizationURIBuilder(String authorizationServiceURI, http://git-wip-us.apache.org/repos/asf/cxf/blob/08068c8a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java -- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java index 994f0d7..56121d3 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java @@ -123,13 +123,14 @@ public abstract class AbstractOAuthService { } } -protected void reportInvalidRequestError(String errorDescription) { -reportInvalidRequestError(errorDescription, MediaType.APPLICATION_JSON_TYPE); +protected void reportInvalidRequestError(String errorDescription, String state) { +reportInvalidRequestError(errorDescription, state, MediaType.APPLICATION_JSON_TYPE); } -protected void reportInvalidRequestError(String errorDescription, MediaType mt) { +protected void reportInvalidRequestError(String errorDescription, String state, MediaType mt) { OAuthError error = new OAuthError(OAuthConstants.INVALID_REQUEST, errorDescription); +error.setState(state); reportInvalidRequestError(error, mt); } @@ -144,7 +145,7 @@ public abstract class AbstractOAuthService { } throw ExceptionUtils.toBadRequestException(null, rb.entity(entity).build()); } - + /** * HTTPS is the default transport for OAuth 2.0 services, this property
cxf git commit: Recording .gitmergeinfo Changes
Repository: cxf Updated Branches: refs/heads/3.0.x-fixes 13bb88a8f -> 80e4f1f75 Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/80e4f1f7 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/80e4f1f7 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/80e4f1f7 Branch: refs/heads/3.0.x-fixes Commit: 80e4f1f75e5c8c4f5a5f5e4a224eef6408d2bcb1 Parents: 13bb88a Author: Colm O hEigeartaighAuthored: Fri Dec 11 15:44:09 2015 + Committer: Colm O hEigeartaigh Committed: Fri Dec 11 15:44:09 2015 + -- .gitmergeinfo | 3 +++ 1 file changed, 3 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/80e4f1f7/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index 0b226a3..61208c2 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -124,6 +124,7 @@ B 3aec3e286e4732918589c239ea1b8f7e1d3a9836 B 3b1a8cc3a8c1b213a8f6728ae9154cf14c9c1300 B 3c2092b369f06d4f71134397240092a659bcbca1 B 3cf195384c2175085c7840dc4469837a347c7d0a +B 3d373ea991a8415f6161468f36947143411e2cf1 B 3d747fa0847db2798f6662a2540d4f3a79d83edd B 3ea1c784f248e29dcda46b16b82ad0e923c4b6e1 B 40c9bfd5ee0ba7cccd7abc7e7d19db531e212c97 @@ -228,6 +229,7 @@ B 69176e3dd7c69901d03f6d93bb365df784f06525 B 698227f4a2a9341e2d4de2de6a7d827f1958fd90 B 698cd0483b99f9638ce05557e1137ffce86d4185 B 6994a35eaf0a71dc392dcb094a6f418ef37a12f4 +B 6a328a5c03cf04330293221fb1bb44173afa790f B 6a778890e91542ce0f8b92c6bbf3c3d403fa7aaa B 6a77cd049fc39bfd27dfe364fc7c1970e58cc455 B 6a9b6a5ebae8a1810374457eca74d09005a920cc @@ -296,6 +298,7 @@ B 857b55796dc7fc2b302e26d99f84df1712ff9c58 B 85c06fc4d6a642627434785a2d228d3c08d68768 B 85d6e1a63c95088917853436fe1adcce4863ce6c B 85fdb62d0a3bb7c2e1616702204c2bc33f7356e4 +B 868304818c7b687d33cdf0ae1a620d06f2b9028f B 87e146fd90e8f860eb7f2a8e99ad792e7fba175b B 884e8a2bf207a92719a770f138e9ae0edede896a B 88adfaf2ad97b4968b0dc47194b29c717b138d7a
[3/3] cxf git commit: Fixing merge
Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/6a328a5c Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/6a328a5c Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/6a328a5c Branch: refs/heads/3.1.x-fixes Commit: 6a328a5c03cf04330293221fb1bb44173afa790f Parents: 3d373ea Author: Colm O hEigeartaighAuthored: Fri Dec 11 15:41:56 2015 + Committer: Colm O hEigeartaigh Committed: Fri Dec 11 15:41:56 2015 + -- .../cxf/rs/security/oauth2/grants/AbstractGrantHandler.java | 3 ++- .../oauth2/grants/code/AuthorizationCodeGrantHandler.java| 4 +++- 2 files changed, 5 insertions(+), 2 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/6a328a5c/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java -- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java index f107de7..c3c34af 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java @@ -143,7 +143,8 @@ public abstract class AbstractGrantHandler implements AccessTokenGrantHandler { reg.setGrantType(requestedGrant); reg.setSubject(subject); reg.setRequestedScope(requestedScopes); -reg.setApprovedScope(Collections.emptyList()); +List approvedScopes = Collections.emptyList(); +reg.setApprovedScope(approvedScopes); reg.setAudience(audience); return dataProvider.createAccessToken(reg); } http://git-wip-us.apache.org/repos/asf/cxf/blob/6a328a5c/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java -- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java index 6d7fc1a..72021f0 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java @@ -20,6 +20,7 @@ package org.apache.cxf.rs.security.oauth2.grants.code; import java.util.Collections; +import java.util.List; import javax.ws.rs.core.MultivaluedMap; @@ -104,7 +105,8 @@ public class AuthorizationCodeGrantHandler extends AbstractGrantHandler { if (grant.getApprovedScopes() != null) { reg.setApprovedScope(grant.getApprovedScopes()); } else { -reg.setApprovedScope(Collections.emptyList()); +List approvedScopes = Collections.emptyList(); +reg.setApprovedScope(approvedScopes); } reg.setAudience(grant.getAudience()); reg.setClientCodeVerifier(codeVerifier);
[1/3] cxf git commit: Store the nonce + include it in the IdToken
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 358589c33 -> 6a328a5c0 Store the nonce + include it in the IdToken Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/86830481 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/86830481 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/86830481 Branch: refs/heads/3.1.x-fixes Commit: 868304818c7b687d33cdf0ae1a620d06f2b9028f Parents: 358589c Author: Colm O hEigeartaighAuthored: Fri Dec 11 11:55:52 2015 + Committer: Colm O hEigeartaigh Committed: Fri Dec 11 15:24:41 2015 + -- .../oauth2/common/ServerAccessToken.java| 9 +++ .../oauth2/grants/AbstractGrantHandler.java | 66 +++- .../grants/code/AbstractCodeDataProvider.java | 1 + .../code/AuthorizationCodeGrantHandler.java | 38 --- .../code/ServerAuthorizationCodeGrant.java | 9 +++ .../provider/AbstractOAuthDataProvider.java | 1 + .../oidc/idp/IdTokenResponseFilter.java | 3 + 7 files changed, 90 insertions(+), 37 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/86830481/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java -- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java index d5cc449..7c64a51 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java @@ -37,6 +37,7 @@ public abstract class ServerAccessToken extends AccessToken { private UserSubject subject; private String audience; private String clientCodeVerifier; +private String nonce; protected ServerAccessToken() { @@ -158,4 +159,12 @@ public abstract class ServerAccessToken extends AccessToken { public void setClientCodeVerifier(String clientCodeVerifier) { this.clientCodeVerifier = clientCodeVerifier; } + +public String getNonce() { +return nonce; +} + +public void setNonce(String nonce) { +this.nonce = nonce; +} } http://git-wip-us.apache.org/repos/asf/cxf/blob/86830481/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java -- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java index 38ab690..f107de7 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java @@ -100,51 +100,39 @@ public abstract class AbstractGrantHandler implements AccessTokenGrantHandler { return doCreateAccessToken(client, subject, OAuthUtils.parseScope(params.getFirst(OAuthConstants.SCOPE)), - null, params.getFirst(OAuthConstants.CLIENT_AUDIENCE)); } protected ServerAccessToken doCreateAccessToken(Client client, UserSubject subject, -List requestedScope) { +List requestedScopes) { -return doCreateAccessToken(client, subject, getSingleGrantType(), requestedScope); +return doCreateAccessToken(client, subject, getSingleGrantType(), requestedScopes); } protected ServerAccessToken doCreateAccessToken(Client client, UserSubject subject, -List requestedScope, -List approvedScope, +List requestedScopes, String audience) { -return doCreateAccessToken(client, subject, getSingleGrantType(), requestedScope, - approvedScope, audience, null); +
[2/3] cxf git commit: Make sure the State is always returned to the client on an error
Make sure the State is always returned to the client on an error Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/3d373ea9 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/3d373ea9 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/3d373ea9 Branch: refs/heads/3.1.x-fixes Commit: 3d373ea991a8415f6161468f36947143411e2cf1 Parents: 8683048 Author: Colm O hEigeartaighAuthored: Fri Dec 11 15:10:31 2015 + Committer: Colm O hEigeartaigh Committed: Fri Dec 11 15:24:43 2015 + -- .../oauth2/client/OAuthClientUtils.java | 11 +-- .../oauth2/services/AbstractOAuthService.java | 9 ++- .../oauth2/services/AbstractTokenService.java | 81 .../oauth2/services/AccessTokenService.java | 3 +- .../services/DirectAuthorizationService.java| 41 ++ .../services/RedirectionBasedGrantService.java | 79 ++- .../oauth2/services/TokenRevocationService.java | 3 +- 7 files changed, 132 insertions(+), 95 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/3d373ea9/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java -- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java index e00ce0b..0f6807d 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java @@ -68,18 +68,11 @@ public final class OAuthClientUtils { String redirectUri, String state, String scope) { -UriBuilder ub = getAuthorizationURIBuilder(authorizationServiceURI, +return getAuthorizationURIBuilder(authorizationServiceURI, clientId, redirectUri, state, - scope); -if (redirectUri != null) { -ub.queryParam(OAuthConstants.REDIRECT_URI, redirectUri); -} -if (state != null) { -ub.queryParam(OAuthConstants.STATE, state); -} -return ub.build(); + scope).build(); } public static UriBuilder getAuthorizationURIBuilder(String authorizationServiceURI, http://git-wip-us.apache.org/repos/asf/cxf/blob/3d373ea9/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java -- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java index 994f0d7..56121d3 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java @@ -123,13 +123,14 @@ public abstract class AbstractOAuthService { } } -protected void reportInvalidRequestError(String errorDescription) { -reportInvalidRequestError(errorDescription, MediaType.APPLICATION_JSON_TYPE); +protected void reportInvalidRequestError(String errorDescription, String state) { +reportInvalidRequestError(errorDescription, state, MediaType.APPLICATION_JSON_TYPE); } -protected void reportInvalidRequestError(String errorDescription, MediaType mt) { +protected void reportInvalidRequestError(String errorDescription, String state, MediaType mt) { OAuthError error = new OAuthError(OAuthConstants.INVALID_REQUEST, errorDescription); +error.setState(state); reportInvalidRequestError(error, mt); } @@ -144,7 +145,7 @@ public abstract class AbstractOAuthService { } throw ExceptionUtils.toBadRequestException(null, rb.entity(entity).build()); } - + /** * HTTPS is the default transport for OAuth 2.0 services, this property * can be used to block all the requests issued over HTTP
cxf-fediz git commit: Include OIDC Service in normal build
Repository: cxf-fediz Updated Branches: refs/heads/master d9e97341d -> 8f55d7417 Include OIDC Service in normal build Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/8f55d741 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/8f55d741 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/8f55d741 Branch: refs/heads/master Commit: 8f55d7417eb16de988db855be80443d43e447d78 Parents: d9e9734 Author: Jan BernhardtAuthored: Fri Dec 11 10:17:29 2015 +0100 Committer: Jan Bernhardt Committed: Fri Dec 11 10:17:29 2015 +0100 -- services/pom.xml | 1 + 1 file changed, 1 insertion(+) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/8f55d741/services/pom.xml -- diff --git a/services/pom.xml b/services/pom.xml index 4240f03..5911385 100644 --- a/services/pom.xml +++ b/services/pom.xml @@ -33,5 +33,6 @@ sts idp + oidc
cxf git commit: neaten up version numbers in hibernate features.
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 706ddbcb9 -> 7b4c14f1a neaten up version numbers in hibernate features. Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7b4c14f1 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7b4c14f1 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7b4c14f1 Branch: refs/heads/3.1.x-fixes Commit: 7b4c14f1aadb810d5b91fa0adfa2a6bc70e45a76 Parents: 706ddbc Author: Benson MarguliesAuthored: Fri Dec 11 14:53:19 2015 -0500 Committer: Benson Margulies Committed: Fri Dec 11 14:53:19 2015 -0500 -- .../features/src/main/resources/features.xml| 20 ++-- parent/pom.xml | 6 ++ 2 files changed, 16 insertions(+), 10 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/7b4c14f1/osgi/karaf/features/src/main/resources/features.xml -- diff --git a/osgi/karaf/features/src/main/resources/features.xml b/osgi/karaf/features/src/main/resources/features.xml index 0f39e10..ebd32d1 100644 --- a/osgi/karaf/features/src/main/resources/features.xml +++ b/osgi/karaf/features/src/main/resources/features.xml @@ -445,21 +445,21 @@ mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.hibernate-validator/${cxf.hibernate-validator.bundle.version} -mvn:javax.validation/validation-api/1.1.0.Final +mvn:javax.validation/validation-api/${cxf.validation.api.version} -mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.joda-time/2.3_1 +mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.joda-time/${cxf.servicemix.jodatime.version} -mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.jsoup/1.5.2_2 +mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.jsoup/${cxf.servicemix.jsoup.version} -mvn:org.jboss.logging/jboss-logging/3.1.3.GA +mvn:org.jboss.logging/jboss-logging/${cxf.jboss.logging.version} -mvn:com.fasterxml/classmate/1.1.0 +mvn:com.fasterxml/classmate/${cxf.classmate.version} -mvn:org.apache.servicemix.specs/org.apache.servicemix.specs.stax-api-1.2/2.4.0 -mvn:org.codehaus.woodstox/stax2-api/4.0.0 -mvn:org.codehaus.woodstox/woodstox/5.0.2 -mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.cglib/3.2.0_1 -mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.aspectj/1.8.7_2 +mvn:org.apache.servicemix.specs/org.apache.servicemix.specs.stax-api-1.2/${cxf.servicemix.specs.version} +mvn:org.codehaus.woodstox/stax2-api/${cxf.woodstox.stax2-api.version} +mvn:org.codehaus.woodstox/woodstox-core-asl/${cxf.woodstox.core.version} +mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.cglib/${cxf.servicemix.cglib.version} +mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.aspectj/${cxf.servicemix.aspectj.version} http://git-wip-us.apache.org/repos/asf/cxf/blob/7b4c14f1/parent/pom.xml -- diff --git a/parent/pom.xml b/parent/pom.xml index e0666c4..f417940 100644 --- a/parent/pom.xml +++ b/parent/pom.xml @@ -75,6 +75,7 @@ 1.53 2.2_2 [2.1.3,3.0.0) +1.1.0 1.10 3.2.2 2.6 @@ -163,6 +164,7 @@ 1.1 1.0 2.1.2.Final +3.1.3.GA 1.1.0 5.0.2.Final 1.0.4 @@ -179,6 +181,10 @@ 2.0.5 1.2.4 2.6.0_2 + 1.8.7_2 +3.2.0_1 + 2.3_1 +1.5.2_2 2.4.0 2.4.0 1.4.4
cxf git commit: neaten up version numbers in hibernate features.
Repository: cxf Updated Branches: refs/heads/master aa729bc6c -> a8553871e neaten up version numbers in hibernate features. Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a8553871 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a8553871 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a8553871 Branch: refs/heads/master Commit: a8553871e0d6663efdac08503c49b14a4b685393 Parents: aa729bc Author: Benson MarguliesAuthored: Fri Dec 11 14:53:19 2015 -0500 Committer: Benson Margulies Committed: Fri Dec 11 14:54:28 2015 -0500 -- .../features/src/main/resources/features.xml| 20 ++-- parent/pom.xml | 6 ++ 2 files changed, 16 insertions(+), 10 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/a8553871/osgi/karaf/features/src/main/resources/features.xml -- diff --git a/osgi/karaf/features/src/main/resources/features.xml b/osgi/karaf/features/src/main/resources/features.xml index 0f39e10..ebd32d1 100644 --- a/osgi/karaf/features/src/main/resources/features.xml +++ b/osgi/karaf/features/src/main/resources/features.xml @@ -445,21 +445,21 @@ mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.hibernate-validator/${cxf.hibernate-validator.bundle.version} -mvn:javax.validation/validation-api/1.1.0.Final +mvn:javax.validation/validation-api/${cxf.validation.api.version} -mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.joda-time/2.3_1 +mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.joda-time/${cxf.servicemix.jodatime.version} -mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.jsoup/1.5.2_2 +mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.jsoup/${cxf.servicemix.jsoup.version} -mvn:org.jboss.logging/jboss-logging/3.1.3.GA +mvn:org.jboss.logging/jboss-logging/${cxf.jboss.logging.version} -mvn:com.fasterxml/classmate/1.1.0 +mvn:com.fasterxml/classmate/${cxf.classmate.version} -mvn:org.apache.servicemix.specs/org.apache.servicemix.specs.stax-api-1.2/2.4.0 -mvn:org.codehaus.woodstox/stax2-api/4.0.0 -mvn:org.codehaus.woodstox/woodstox/5.0.2 -mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.cglib/3.2.0_1 -mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.aspectj/1.8.7_2 +mvn:org.apache.servicemix.specs/org.apache.servicemix.specs.stax-api-1.2/${cxf.servicemix.specs.version} +mvn:org.codehaus.woodstox/stax2-api/${cxf.woodstox.stax2-api.version} +mvn:org.codehaus.woodstox/woodstox-core-asl/${cxf.woodstox.core.version} +mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.cglib/${cxf.servicemix.cglib.version} +mvn:org.apache.servicemix.bundles/org.apache.servicemix.bundles.aspectj/${cxf.servicemix.aspectj.version} http://git-wip-us.apache.org/repos/asf/cxf/blob/a8553871/parent/pom.xml -- diff --git a/parent/pom.xml b/parent/pom.xml index 4b5504e..eb783ae 100644 --- a/parent/pom.xml +++ b/parent/pom.xml @@ -75,6 +75,7 @@ 1.53 2.2_2 [2.1.3,3.0.0) +1.1.0 1.10 3.2.2 2.6 @@ -163,6 +164,7 @@ 1.1 1.0 2.1.2.Final +3.1.3.GA 1.1.0 5.0.2.Final 1.0.4 @@ -179,6 +181,10 @@ 2.0.5 1.2.4 2.6.0_2 + 1.8.7_2 +3.2.0_1 + 2.3_1 +1.5.2_2 2.4.0 2.4.0 1.4.4
[1/2] cxf git commit: Fix an eclipse warning
Repository: cxf Updated Branches: refs/heads/master d191c4995 -> aa729bc6c Fix an eclipse warning Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/0234c09c Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/0234c09c Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/0234c09c Branch: refs/heads/master Commit: 0234c09c11c0f89bd17f9b82695daa12af1fad09 Parents: d191c49 Author: Daniel KulpAuthored: Fri Dec 11 11:18:31 2015 -0500 Committer: Daniel Kulp Committed: Fri Dec 11 12:06:50 2015 -0500 -- .../org/apache/cxf/sts/token/validator/JWTTokenValidatorTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/0234c09c/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/JWTTokenValidatorTest.java -- diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/JWTTokenValidatorTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/JWTTokenValidatorTest.java index 13a60b8..03aad63 100644 --- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/JWTTokenValidatorTest.java +++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/JWTTokenValidatorTest.java @@ -441,7 +441,7 @@ public class JWTTokenValidatorTest extends org.junit.Assert { private String role; -public RoleJWTClaimsProvider(String role) { +RoleJWTClaimsProvider(String role) { this.role = role; }