cxf-fediz git commit: Update the converter to use the original assertion's time properties if available
Repository: cxf-fediz Updated Branches: refs/heads/master 6068e648c -> d56d64742 Update the converter to use the original assertion's time properties if available Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/d56d6474 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/d56d6474 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/d56d6474 Branch: refs/heads/master Commit: d56d6474227d15fac434d510bd76a85f0a2e0452 Parents: 6068e64 Author: Sergey BeryozkinAuthored: Tue Dec 15 17:21:42 2015 + Committer: Sergey Beryozkin Committed: Tue Dec 15 17:21:42 2015 + -- .../fediz/service/oidc/SamlTokenConverter.java | 93 +++- 1 file changed, 69 insertions(+), 24 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/d56d6474/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/SamlTokenConverter.java -- diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/SamlTokenConverter.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/SamlTokenConverter.java index 4178017..2d0e31d 100644 --- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/SamlTokenConverter.java +++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/SamlTokenConverter.java @@ -27,6 +27,7 @@ import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException; import org.apache.cxf.rs.security.oidc.common.IdToken; import org.apache.wss4j.common.ext.WSSecurityException; import org.apache.wss4j.common.saml.SamlAssertionWrapper; +import org.joda.time.DateTime; import org.opensaml.saml.saml2.core.Assertion; import org.opensaml.saml.saml2.core.Issuer; @@ -34,33 +35,69 @@ import org.opensaml.saml.saml2.core.Issuer; public class SamlTokenConverter { private String issuer; +private long defaultTimeToLive = 3600L; public IdToken convertToIdToken(Element samlToken, String subjectName, ClaimCollection claims, String clientId) { +// The current SAML Assertion represents an authentication record. +// It has to be translated into IdToken (JWT) so that it can be returned +// to client applications participating in various OIDC flows. + IdToken idToken = new IdToken(); +// Subject name is provided by FedizPrincipal which is initialized from the current SAML token idToken.setSubject(subjectName); +// SAML assertion audiences might be added if needed given that JWT can hold an array of audiences idToken.setAudience(clientId); -long currentTimeInSeconds = System.currentTimeMillis() / 1000L; -idToken.setIssuedAt(currentTimeInSeconds); -idToken.setExpiryTime(currentTimeInSeconds + 6L); - -Assertion saml2Assertion = null; -// Set the authInstant -try { -SamlAssertionWrapper wrapper = new SamlAssertionWrapper(samlToken); -saml2Assertion = wrapper.getSaml2(); -if (saml2Assertion != null && !saml2Assertion.getAuthnStatements().isEmpty()) { -long authInstant = - saml2Assertion.getAuthnStatements().get(0).getAuthnInstant().getMillis(); -idToken.setAuthenticationTime(authInstant / 1000L); +Assertion saml2Assertion = getSaml2Assertion(samlToken); +if (saml2Assertion != null) { +// Issuer +Issuer assertionIssuer = saml2Assertion.getIssuer(); +if (assertionIssuer != null) { +idToken.setIssuer(assertionIssuer.getValue()); } -} catch (WSSecurityException ex) { -throw new OAuthServiceException("Error converting SAML token", ex); +// issueInstant +DateTime issueInstant = saml2Assertion.getIssueInstant(); +if (issueInstant != null) { +idToken.setIssuedAt(issueInstant.getMillis() / 1000); +} + +// expiryTime +if (saml2Assertion.getConditions() != null) { +DateTime expires = saml2Assertion.getConditions().getNotOnOrAfter(); +if (expires != null) { +idToken.setExpiryTime(expires.getMillis() / 1000); +} +} + +// authInstant +if (!saml2Assertion.getAuthnStatements().isEmpty()) { +DateTime authInstant = + saml2Assertion.getAuthnStatements().get(0).getAuthnInstant(); +
cxf-fediz git commit: Preferring the local/configured issuer as it was done before
Repository: cxf-fediz Updated Branches: refs/heads/master d56d64742 -> 5d7f9d5be Preferring the local/configured issuer as it was done before Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/5d7f9d5b Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/5d7f9d5b Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/5d7f9d5b Branch: refs/heads/master Commit: 5d7f9d5be7ba313a09a10199613e70b09ff0cc47 Parents: d56d647 Author: Sergey BeryozkinAuthored: Tue Dec 15 17:24:47 2015 + Committer: Sergey Beryozkin Committed: Tue Dec 15 17:24:47 2015 + -- .../org/apache/cxf/fediz/service/oidc/SamlTokenConverter.java | 5 - 1 file changed, 5 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/5d7f9d5b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/SamlTokenConverter.java -- diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/SamlTokenConverter.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/SamlTokenConverter.java index 2d0e31d..fe55736 100644 --- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/SamlTokenConverter.java +++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/SamlTokenConverter.java @@ -53,11 +53,6 @@ public class SamlTokenConverter { Assertion saml2Assertion = getSaml2Assertion(samlToken); if (saml2Assertion != null) { -// Issuer -Issuer assertionIssuer = saml2Assertion.getIssuer(); -if (assertionIssuer != null) { -idToken.setIssuer(assertionIssuer.getValue()); -} // issueInstant DateTime issueInstant = saml2Assertion.getIssueInstant(); if (issueInstant != null) {
[1/2] cxf git commit: Trivial .gitignore change, mostly so that I can type:
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes bbfe35e46 -> 9f746c97a Trivial .gitignore change, mostly so that I can type: Closes #102. Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/6e2c3553 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/6e2c3553 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/6e2c3553 Branch: refs/heads/3.1.x-fixes Commit: 6e2c3553816cecfa1fa009910b6cea0aabb3331a Parents: 1dea643 Author: Benson MarguliesAuthored: Mon Dec 14 13:00:06 2015 -0500 Committer: Benson Margulies Committed: Mon Dec 14 13:00:06 2015 -0500 -- .gitignore | 1 + 1 file changed, 1 insertion(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/6e2c3553/.gitignore -- diff --git a/.gitignore b/.gitignore index 9329527..51c4cdd 100644 --- a/.gitignore +++ b/.gitignore @@ -16,3 +16,4 @@ target/ velocity.log bin/ +*~
[2/2] cxf git commit: Merge branch '3.1.x-fixes' of https://git-wip-us.apache.org/repos/asf/cxf into 3.1.x-fixes
Merge branch '3.1.x-fixes' of https://git-wip-us.apache.org/repos/asf/cxf into 3.1.x-fixes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/9f746c97 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/9f746c97 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/9f746c97 Branch: refs/heads/3.1.x-fixes Commit: 9f746c97ad9566f5c9410c9d600df237c97beae0 Parents: 6e2c355 bbfe35e Author: Benson MarguliesAuthored: Tue Dec 15 18:26:17 2015 +0200 Committer: Benson Margulies Committed: Tue Dec 15 18:26:17 2015 +0200 -- .../cxf/rs/security/oidc/common/UserInfo.java | 7 --- .../cxf/rs/security/oidc/rp/IdTokenContext.java | 25 + .../oidc/rp/IdTokenContextProvider.java | 35 - .../oidc/rp/OidcClientTokenContext.java | 7 +-- .../security/oidc/rp/OidcIdTokenProvider.java | 19 +-- .../oidc/rp/OidcIdTokenRequestFilter.java | 3 ++ .../oidc/rp/OidcRpAuthenticationFilter.java | 8 ++- .../security/oidc/rp/OidcUserInfoProvider.java | 55 .../rs/security/oidc/rp/UserInfoContext.java| 25 + .../oidc/rp/UserInfoContextProvider.java| 39 -- 10 files changed, 131 insertions(+), 92 deletions(-) --
[1/2] cxf git commit: Fix another bad import version for javax.validation.
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 015d7a6dd -> 601c0060e Fix another bad import version for javax.validation. Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e3edee61 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e3edee61 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e3edee61 Branch: refs/heads/3.1.x-fixes Commit: e3edee617edfef541385cd0043ca88ab2e6456d7 Parents: 9f746c9 Author: Benson MarguliesAuthored: Tue Dec 15 20:55:34 2015 +0200 Committer: Benson Margulies Committed: Tue Dec 15 20:55:34 2015 +0200 -- rt/frontend/jaxrs/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/e3edee61/rt/frontend/jaxrs/pom.xml -- diff --git a/rt/frontend/jaxrs/pom.xml b/rt/frontend/jaxrs/pom.xml index 4d78cd6..bbca8a4 100644 --- a/rt/frontend/jaxrs/pom.xml +++ b/rt/frontend/jaxrs/pom.xml @@ -35,7 +35,7 @@ javax.servlet*;version="${cxf.osgi.javax.servlet.version}", org.apache.aries*;version="${cxf.aries.version.range}";resolution:=optional, org.springframework*;resolution:="optional";version="${cxf.osgi.spring.version}", - javax.validation*;resolution:=optional;version="${cxf.validation.api.version}", + javax.validation*;resolution:=optional;version="${cxf.validation.api.package.version}", javax.ws.rs.client;version="[2.0,3)", javax.ws.rs*;version="[1.0,3)",
cxf git commit: Making sure OIDC RP validation errors can be caught by OAuthServiceException mappers, a specialized exception subclass might need to be introduced
Repository: cxf Updated Branches: refs/heads/master 3fb5e2464 -> dd76961dc Making sure OIDC RP validation errors can be caught by OAuthServiceException mappers, a specialized exception subclass might need to be introduced Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/dd76961d Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/dd76961d Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/dd76961d Branch: refs/heads/master Commit: dd76961dcd50dfb07dd95d37ecf9a2f457db18bf Parents: 3fb5e24 Author: Sergey BeryozkinAuthored: Tue Dec 15 17:43:58 2015 + Committer: Sergey Beryozkin Committed: Tue Dec 15 17:43:58 2015 + -- .../oidc/rp/AbstractTokenValidator.java | 34 ++-- .../cxf/rs/security/oidc/rp/UserInfoClient.java | 3 +- .../cxf/rs/security/oidc/utils/OidcUtils.java | 5 +-- 3 files changed, 30 insertions(+), 12 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/dd76961d/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/AbstractTokenValidator.java -- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/AbstractTokenValidator.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/AbstractTokenValidator.java index 0db3541..9e305e3 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/AbstractTokenValidator.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/AbstractTokenValidator.java @@ -29,9 +29,11 @@ import org.apache.cxf.rs.security.jose.jwk.JwkUtils; import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier; import org.apache.cxf.rs.security.jose.jws.JwsUtils; import org.apache.cxf.rs.security.jose.jwt.JwtClaims; +import org.apache.cxf.rs.security.jose.jwt.JwtException; import org.apache.cxf.rs.security.jose.jwt.JwtToken; import org.apache.cxf.rs.security.jose.jwt.JwtUtils; import org.apache.cxf.rs.security.oauth2.provider.AbstractOAuthJoseJwtConsumer; +import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException; public abstract class AbstractTokenValidator extends AbstractOAuthJoseJwtConsumer { private static final String SELF_ISSUED_ISSUER = "https://self-issued.me;; @@ -54,44 +56,58 @@ public abstract class AbstractTokenValidator extends AbstractOAuthJoseJwtConsume // validate the issuer String issuer = claims.getIssuer(); if (issuer == null && validateClaimsAlways) { -throw new SecurityException("Invalid provider"); +throw new OAuthServiceException("Invalid issuer"); } if (supportSelfIssuedProvider && issuerId == null && issuer != null && SELF_ISSUED_ISSUER.equals(issuer)) { -//TODO: self-issued provider token validation +validateSelfIssuedProvider(claims, clientId, validateClaimsAlways); } else { if (issuer != null && !issuer.equals(issuerId)) { -throw new SecurityException("Invalid provider"); +throw new OAuthServiceException("Invalid issuer"); } // validate subject if (claims.getSubject() == null) { -throw new SecurityException("Invalid subject"); +throw new OAuthServiceException("Invalid subject"); } // validate audience List audiences = claims.getAudiences(); if (StringUtils.isEmpty(audiences) && validateClaimsAlways || !StringUtils.isEmpty(audiences) && !audiences.contains(clientId)) { -throw new SecurityException("Invalid audience"); +throw new OAuthServiceException("Invalid audience"); } // If strict time validation: if no issuedTime claim is set then an expiresAt claim must be set // Otherwise: validate only if expiresAt claim is set boolean expiredRequired = validateClaimsAlways || strictTimeValidation && claims.getIssuedAt() == null; -JwtUtils.validateJwtExpiry(claims, clockOffset, expiredRequired); +try { +JwtUtils.validateJwtExpiry(claims, clockOffset, expiredRequired); +} catch (JwtException ex) { +throw new OAuthServiceException("ID Token has expired", ex); +} // If strict time validation: If no expiresAt claim is set then an issuedAt claim must be set // Otherwise: validate only if issuedAt claim is set boolean issuedAtRequired = validateClaimsAlways ||
cxf git commit: Making sure OIDC RP validation errors can be caught by OAuthServiceException mappers, a specialized exception subclass might need to be introduced
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 9f746c97a -> 015d7a6dd Making sure OIDC RP validation errors can be caught by OAuthServiceException mappers, a specialized exception subclass might need to be introduced Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/015d7a6d Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/015d7a6d Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/015d7a6d Branch: refs/heads/3.1.x-fixes Commit: 015d7a6dde4e201aaf8eaa90343b6ca9a20f6856 Parents: 9f746c9 Author: Sergey BeryozkinAuthored: Tue Dec 15 17:43:58 2015 + Committer: Sergey Beryozkin Committed: Tue Dec 15 17:44:56 2015 + -- .../oidc/rp/AbstractTokenValidator.java | 34 ++-- .../cxf/rs/security/oidc/rp/UserInfoClient.java | 3 +- .../cxf/rs/security/oidc/utils/OidcUtils.java | 5 +-- 3 files changed, 30 insertions(+), 12 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/015d7a6d/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/AbstractTokenValidator.java -- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/AbstractTokenValidator.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/AbstractTokenValidator.java index 0db3541..9e305e3 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/AbstractTokenValidator.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/AbstractTokenValidator.java @@ -29,9 +29,11 @@ import org.apache.cxf.rs.security.jose.jwk.JwkUtils; import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier; import org.apache.cxf.rs.security.jose.jws.JwsUtils; import org.apache.cxf.rs.security.jose.jwt.JwtClaims; +import org.apache.cxf.rs.security.jose.jwt.JwtException; import org.apache.cxf.rs.security.jose.jwt.JwtToken; import org.apache.cxf.rs.security.jose.jwt.JwtUtils; import org.apache.cxf.rs.security.oauth2.provider.AbstractOAuthJoseJwtConsumer; +import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException; public abstract class AbstractTokenValidator extends AbstractOAuthJoseJwtConsumer { private static final String SELF_ISSUED_ISSUER = "https://self-issued.me;; @@ -54,44 +56,58 @@ public abstract class AbstractTokenValidator extends AbstractOAuthJoseJwtConsume // validate the issuer String issuer = claims.getIssuer(); if (issuer == null && validateClaimsAlways) { -throw new SecurityException("Invalid provider"); +throw new OAuthServiceException("Invalid issuer"); } if (supportSelfIssuedProvider && issuerId == null && issuer != null && SELF_ISSUED_ISSUER.equals(issuer)) { -//TODO: self-issued provider token validation +validateSelfIssuedProvider(claims, clientId, validateClaimsAlways); } else { if (issuer != null && !issuer.equals(issuerId)) { -throw new SecurityException("Invalid provider"); +throw new OAuthServiceException("Invalid issuer"); } // validate subject if (claims.getSubject() == null) { -throw new SecurityException("Invalid subject"); +throw new OAuthServiceException("Invalid subject"); } // validate audience List audiences = claims.getAudiences(); if (StringUtils.isEmpty(audiences) && validateClaimsAlways || !StringUtils.isEmpty(audiences) && !audiences.contains(clientId)) { -throw new SecurityException("Invalid audience"); +throw new OAuthServiceException("Invalid audience"); } // If strict time validation: if no issuedTime claim is set then an expiresAt claim must be set // Otherwise: validate only if expiresAt claim is set boolean expiredRequired = validateClaimsAlways || strictTimeValidation && claims.getIssuedAt() == null; -JwtUtils.validateJwtExpiry(claims, clockOffset, expiredRequired); +try { +JwtUtils.validateJwtExpiry(claims, clockOffset, expiredRequired); +} catch (JwtException ex) { +throw new OAuthServiceException("ID Token has expired", ex); +} // If strict time validation: If no expiresAt claim is set then an issuedAt claim must be set // Otherwise: validate only if issuedAt claim is set boolean issuedAtRequired = validateClaimsAlways ||
[2/2] cxf git commit: Merge branch '3.1.x-fixes' of https://git-wip-us.apache.org/repos/asf/cxf into 3.1.x-fixes
Merge branch '3.1.x-fixes' of https://git-wip-us.apache.org/repos/asf/cxf into 3.1.x-fixes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/601c0060 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/601c0060 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/601c0060 Branch: refs/heads/3.1.x-fixes Commit: 601c0060eef8c5792133c0c5a6561eb399fb28d0 Parents: e3edee6 015d7a6 Author: Benson MarguliesAuthored: Tue Dec 15 20:55:50 2015 +0200 Committer: Benson Margulies Committed: Tue Dec 15 20:55:50 2015 +0200 -- .../oidc/rp/AbstractTokenValidator.java | 34 ++-- .../cxf/rs/security/oidc/rp/UserInfoClient.java | 3 +- .../cxf/rs/security/oidc/utils/OidcUtils.java | 5 +-- 3 files changed, 30 insertions(+), 12 deletions(-) --
cxf-fediz git commit: Fixing checkstyle error
Repository: cxf-fediz Updated Branches: refs/heads/1.2.x-fixes 9afddd75f -> 6bdaf927b Fixing checkstyle error Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/6bdaf927 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/6bdaf927 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/6bdaf927 Branch: refs/heads/1.2.x-fixes Commit: 6bdaf927ba697fced8d7d70fda771238ebf0b834 Parents: 9afddd7 Author: Colm O hEigeartaighAuthored: Tue Dec 15 10:53:13 2015 + Committer: Colm O hEigeartaigh Committed: Tue Dec 15 10:53:13 2015 + -- .../fediz/integrationtests/AbstractAttackTests.java| 13 +++-- 1 file changed, 7 insertions(+), 6 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6bdaf927/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractAttackTests.java -- diff --git a/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractAttackTests.java b/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractAttackTests.java index 4c5c41f..213a60f 100644 --- a/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractAttackTests.java +++ b/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractAttackTests.java @@ -21,12 +21,6 @@ package org.apache.cxf.fediz.integrationtests; import java.net.URLEncoder; -import org.apache.http.auth.AuthScope; -import org.apache.http.auth.UsernamePasswordCredentials; -import org.apache.wss4j.dom.WSSConfig; -import org.junit.Assert; -import org.junit.Test; - import com.gargoylesoftware.htmlunit.CookieManager; import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException; import com.gargoylesoftware.htmlunit.WebClient; @@ -36,6 +30,13 @@ import com.gargoylesoftware.htmlunit.html.HtmlForm; import com.gargoylesoftware.htmlunit.html.HtmlPage; import com.gargoylesoftware.htmlunit.html.HtmlSubmitInput; +import org.apache.http.auth.AuthScope; +import org.apache.http.auth.UsernamePasswordCredentials; +import org.apache.wss4j.dom.WSSConfig; +import org.junit.Assert; +import org.junit.Test; + + /** * Some negative/attack tests for the IdP/RP */
cxf git commit: Removing a duplicate IdToken context provider, leeping the form stream available
Repository: cxf Updated Branches: refs/heads/master c1eaf69cb -> 332551899 Removing a duplicate IdToken context provider, leeping the form stream available Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/33255189 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/33255189 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/33255189 Branch: refs/heads/master Commit: 332551899eac231fb1d6d5bd91474bdfe241972b Parents: c1eaf69 Author: Sergey BeryozkinAuthored: Tue Dec 15 11:09:37 2015 + Committer: Sergey Beryozkin Committed: Tue Dec 15 11:09:37 2015 + -- .../oidc/rp/IdTokenContextProvider.java | 35 -- .../oidc/rp/OidcIdTokenRequestFilter.java | 3 ++ .../oidc/rp/OidcRpAuthenticationFilter.java | 8 +++- .../security/oidc/rp/OidcUserInfoProvider.java | 39 .../oidc/rp/UserInfoContextProvider.java| 39 5 files changed, 49 insertions(+), 75 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/33255189/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenContextProvider.java -- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenContextProvider.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenContextProvider.java deleted file mode 100644 index 0955b8e..000 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenContextProvider.java +++ /dev/null @@ -1,35 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.cxf.rs.security.oidc.rp; - -import org.apache.cxf.jaxrs.ext.ContextProvider; -import org.apache.cxf.message.Message; -import org.apache.cxf.rs.security.oauth2.client.ClientTokenContext; -import org.apache.cxf.rs.security.oidc.common.IdToken; - -public class IdTokenContextProvider implements ContextProvider { - -@Override -public IdToken createContext(Message m) { -OidcClientTokenContext ctx = (OidcClientTokenContext) -m.getContent(ClientTokenContext.class); -return ctx != null ? ctx.getIdToken() : null; -} - -} http://git-wip-us.apache.org/repos/asf/cxf/blob/33255189/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenRequestFilter.java -- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenRequestFilter.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenRequestFilter.java index 7026c9c..1babee7 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenRequestFilter.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenRequestFilter.java @@ -18,6 +18,7 @@ */ package org.apache.cxf.rs.security.oidc.rp; +import java.io.ByteArrayInputStream; import java.io.IOException; import java.nio.charset.StandardCharsets; @@ -27,6 +28,7 @@ import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MultivaluedMap; import javax.ws.rs.core.Response; +import org.apache.cxf.common.util.StringUtils; import org.apache.cxf.jaxrs.impl.MetadataMap; import org.apache.cxf.jaxrs.utils.FormUtils; import org.apache.cxf.jaxrs.utils.JAXRSUtils; @@ -58,6 +60,7 @@ public class OidcIdTokenRequestFilter implements ContainerRequestFilter { String body = FormUtils.readBody(rc.getEntityStream(), StandardCharsets.UTF_8.name()); FormUtils.populateMapFromString(requestState, JAXRSUtils.getCurrentMessage(), body, StandardCharsets.UTF_8.name(), false); +rc.setEntityStream(new ByteArrayInputStream(StringUtils.toBytesUTF8(body))); } return requestState; }
cxf git commit: [CXF-6711] Remove old deserialization code which was very difficult to enable and didn't work correctly anyway.
Repository: cxf Updated Branches: refs/heads/master dd76961dc -> 4373cb1a8 [CXF-6711] Remove old deserialization code which was very difficult to enable and didn't work correctly anyway. Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4373cb1a Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4373cb1a Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4373cb1a Branch: refs/heads/master Commit: 4373cb1a8063e5a9b612d84974b6c87b60a69891 Parents: dd76961 Author: Daniel KulpAuthored: Tue Dec 15 16:14:24 2015 -0500 Committer: Daniel Kulp Committed: Tue Dec 15 16:15:17 2015 -0500 -- .../apache/cxf/aegis/type/basic/ObjectType.java | 30 .../cxf/aegis/type/encoded/TrailingBlocks.java | 1 - 2 files changed, 31 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/4373cb1a/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java -- diff --git a/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java b/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java index 435c2f8..8bf15de 100644 --- a/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java +++ b/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java @@ -54,7 +54,6 @@ public class ObjectType extends AegisType { private static final QName XSI_NIL = new QName(Constants.URI_2001_SCHEMA_XSI, "nil"); private Set dependencies; -private boolean serializedWhenUnknown; private boolean readToDocument; @SuppressWarnings("unchecked") @@ -67,14 +66,8 @@ public class ObjectType extends AegisType { this(dependencies, false); } -@SuppressWarnings("unchecked") -public ObjectType(boolean serializeWhenUnknown) { -this(Collections.EMPTY_SET, serializeWhenUnknown); -} - public ObjectType(Set dependencies, boolean serializeWhenUnknown) { this.dependencies = dependencies; -this.serializedWhenUnknown = serializeWhenUnknown; } @Override @@ -132,11 +125,6 @@ public class ObjectType extends AegisType { } if (null == type) { -// TODO should check namespace as well.. -if (serializedWhenUnknown && "serializedJavaObject".equals(typeName)) { -return reconstituteJavaObject(reader); -} - throw new DatabindingException("No mapped type for '" + typeName + "' (" + typeQName + ")"); } @@ -241,14 +229,6 @@ public class ObjectType extends AegisType { this.readToDocument = readToDocument; } -public boolean isSerializedWhenUnknown() { -return serializedWhenUnknown; -} - -public void setSerializedWhenUnknown(boolean serializedWhenUnknown) { -this.serializedWhenUnknown = serializedWhenUnknown; -} - public void setDependencies(Set dependencies) { this.dependencies = dependencies; } @@ -263,14 +243,4 @@ public class ObjectType extends AegisType { return true; } -@Override -public void writeSchema(XmlSchema root) { -if (serializedWhenUnknown) { -XmlSchemaSimpleType simple = new XmlSchemaSimpleType(root, true); -simple.setName("serializedJavaObject"); -XmlSchemaSimpleTypeRestriction restriction = new XmlSchemaSimpleTypeRestriction(); -simple.setContent(restriction); -restriction.setBaseTypeName(Constants.XSD_BASE64); -} -} } http://git-wip-us.apache.org/repos/asf/cxf/blob/4373cb1a/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/encoded/TrailingBlocks.java -- diff --git a/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/encoded/TrailingBlocks.java b/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/encoded/TrailingBlocks.java index 2c95897..b7cdee3 100644 --- a/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/encoded/TrailingBlocks.java +++ b/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/encoded/TrailingBlocks.java @@ -48,7 +48,6 @@ public class TrailingBlocks { // we only work with mapped types objectType = new ObjectType(); objectType.setReadToDocument(false); -objectType.setSerializedWhenUnknown(false); } public TrailingBlocks(TypeMapping typeMapping) {
[3/3] cxf git commit: Recording .gitmergeinfo Changes
Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b3c5afdb Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b3c5afdb Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b3c5afdb Branch: refs/heads/3.1.x-fixes Commit: b3c5afdbb8b7f78a23392bc3c751664a82fbe8bd Parents: e0cd1e3 Author: Daniel KulpAuthored: Tue Dec 15 16:21:59 2015 -0500 Committer: Daniel Kulp Committed: Tue Dec 15 16:21:59 2015 -0500 -- .gitmergeinfo | 1 + 1 file changed, 1 insertion(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/b3c5afdb/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index 9523e45..3ef4a7f 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -1,4 +1,5 @@ origin/master +B 0234c09c11c0f89bd17f9b82695daa12af1fad09 B 0d4cd0bbcaa6a4f80552d6b38f2a5e721ab20de9 B 39851b83af116611ce0efe70c4b9a32ee8491523 B 59b8615053ddcad353fbebcd9a5b1109ae0897a1
[1/3] cxf git commit: Exclude artifacts not available in central
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 601c0060e -> b3c5afdbb Exclude artifacts not available in central Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/80a1247d Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/80a1247d Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/80a1247d Branch: refs/heads/3.1.x-fixes Commit: 80a1247de3735319858d0a24792b2647256f78ac Parents: 601c006 Author: Daniel KulpAuthored: Fri Dec 11 11:18:48 2015 -0500 Committer: Daniel Kulp Committed: Tue Dec 15 16:21:56 2015 -0500 -- parent/pom.xml | 22 ++ 1 file changed, 22 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/80a1247d/parent/pom.xml -- diff --git a/parent/pom.xml b/parent/pom.xml index 52c225b..7378dcb 100644 --- a/parent/pom.xml +++ b/parent/pom.xml @@ -1350,6 +1350,28 @@ org.springframework.osgi spring-osgi-core ${cxf.spring.osgi.version} + + + org.springframework + org.springframework.aop + + + org.springframework + com.springsource.org.aopalliance + + + org.springframework + org.springframework.core + + + org.springframework + org.springframework.context + + + org.springframework + org.springframework.beans + + commons-codec
[2/3] cxf git commit: [CXF-6711] Remove old deserialization code which was very difficult to enable and didn't work correctly anyway.
[CXF-6711] Remove old deserialization code which was very difficult to enable and didn't work correctly anyway. Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e0cd1e38 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e0cd1e38 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e0cd1e38 Branch: refs/heads/3.1.x-fixes Commit: e0cd1e384faa3ee593102d5920cf4f7a54161573 Parents: 80a1247 Author: Daniel KulpAuthored: Tue Dec 15 16:14:24 2015 -0500 Committer: Daniel Kulp Committed: Tue Dec 15 16:21:58 2015 -0500 -- .../apache/cxf/aegis/type/basic/ObjectType.java | 30 .../cxf/aegis/type/encoded/TrailingBlocks.java | 1 - 2 files changed, 31 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/e0cd1e38/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java -- diff --git a/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java b/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java index 435c2f8..8bf15de 100644 --- a/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java +++ b/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java @@ -54,7 +54,6 @@ public class ObjectType extends AegisType { private static final QName XSI_NIL = new QName(Constants.URI_2001_SCHEMA_XSI, "nil"); private Set dependencies; -private boolean serializedWhenUnknown; private boolean readToDocument; @SuppressWarnings("unchecked") @@ -67,14 +66,8 @@ public class ObjectType extends AegisType { this(dependencies, false); } -@SuppressWarnings("unchecked") -public ObjectType(boolean serializeWhenUnknown) { -this(Collections.EMPTY_SET, serializeWhenUnknown); -} - public ObjectType(Set dependencies, boolean serializeWhenUnknown) { this.dependencies = dependencies; -this.serializedWhenUnknown = serializeWhenUnknown; } @Override @@ -132,11 +125,6 @@ public class ObjectType extends AegisType { } if (null == type) { -// TODO should check namespace as well.. -if (serializedWhenUnknown && "serializedJavaObject".equals(typeName)) { -return reconstituteJavaObject(reader); -} - throw new DatabindingException("No mapped type for '" + typeName + "' (" + typeQName + ")"); } @@ -241,14 +229,6 @@ public class ObjectType extends AegisType { this.readToDocument = readToDocument; } -public boolean isSerializedWhenUnknown() { -return serializedWhenUnknown; -} - -public void setSerializedWhenUnknown(boolean serializedWhenUnknown) { -this.serializedWhenUnknown = serializedWhenUnknown; -} - public void setDependencies(Set dependencies) { this.dependencies = dependencies; } @@ -263,14 +243,4 @@ public class ObjectType extends AegisType { return true; } -@Override -public void writeSchema(XmlSchema root) { -if (serializedWhenUnknown) { -XmlSchemaSimpleType simple = new XmlSchemaSimpleType(root, true); -simple.setName("serializedJavaObject"); -XmlSchemaSimpleTypeRestriction restriction = new XmlSchemaSimpleTypeRestriction(); -simple.setContent(restriction); -restriction.setBaseTypeName(Constants.XSD_BASE64); -} -} } http://git-wip-us.apache.org/repos/asf/cxf/blob/e0cd1e38/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/encoded/TrailingBlocks.java -- diff --git a/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/encoded/TrailingBlocks.java b/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/encoded/TrailingBlocks.java index 2c95897..b7cdee3 100644 --- a/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/encoded/TrailingBlocks.java +++ b/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/encoded/TrailingBlocks.java @@ -48,7 +48,6 @@ public class TrailingBlocks { // we only work with mapped types objectType = new ObjectType(); objectType.setReadToDocument(false); -objectType.setSerializedWhenUnknown(false); } public TrailingBlocks(TypeMapping typeMapping) {
[2/2] cxf git commit: [CXF-6711] Remove old deserialization code which was very difficult to enable and didn't work correctly anyway.
[CXF-6711] Remove old deserialization code which was very difficult to enable and didn't work correctly anyway. Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/894a1b17 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/894a1b17 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/894a1b17 Branch: refs/heads/3.0.x-fixes Commit: 894a1b175217f90de1279429243241db5d026539 Parents: b3ccbb9 Author: Daniel KulpAuthored: Tue Dec 15 16:14:24 2015 -0500 Committer: Daniel Kulp Committed: Tue Dec 15 16:24:01 2015 -0500 -- .../apache/cxf/aegis/type/basic/ObjectType.java | 30 .../cxf/aegis/type/encoded/TrailingBlocks.java | 1 - 2 files changed, 31 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/894a1b17/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java -- diff --git a/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java b/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java index 435c2f8..8bf15de 100644 --- a/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java +++ b/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java @@ -54,7 +54,6 @@ public class ObjectType extends AegisType { private static final QName XSI_NIL = new QName(Constants.URI_2001_SCHEMA_XSI, "nil"); private Set dependencies; -private boolean serializedWhenUnknown; private boolean readToDocument; @SuppressWarnings("unchecked") @@ -67,14 +66,8 @@ public class ObjectType extends AegisType { this(dependencies, false); } -@SuppressWarnings("unchecked") -public ObjectType(boolean serializeWhenUnknown) { -this(Collections.EMPTY_SET, serializeWhenUnknown); -} - public ObjectType(Set dependencies, boolean serializeWhenUnknown) { this.dependencies = dependencies; -this.serializedWhenUnknown = serializeWhenUnknown; } @Override @@ -132,11 +125,6 @@ public class ObjectType extends AegisType { } if (null == type) { -// TODO should check namespace as well.. -if (serializedWhenUnknown && "serializedJavaObject".equals(typeName)) { -return reconstituteJavaObject(reader); -} - throw new DatabindingException("No mapped type for '" + typeName + "' (" + typeQName + ")"); } @@ -241,14 +229,6 @@ public class ObjectType extends AegisType { this.readToDocument = readToDocument; } -public boolean isSerializedWhenUnknown() { -return serializedWhenUnknown; -} - -public void setSerializedWhenUnknown(boolean serializedWhenUnknown) { -this.serializedWhenUnknown = serializedWhenUnknown; -} - public void setDependencies(Set dependencies) { this.dependencies = dependencies; } @@ -263,14 +243,4 @@ public class ObjectType extends AegisType { return true; } -@Override -public void writeSchema(XmlSchema root) { -if (serializedWhenUnknown) { -XmlSchemaSimpleType simple = new XmlSchemaSimpleType(root, true); -simple.setName("serializedJavaObject"); -XmlSchemaSimpleTypeRestriction restriction = new XmlSchemaSimpleTypeRestriction(); -simple.setContent(restriction); -restriction.setBaseTypeName(Constants.XSD_BASE64); -} -} } http://git-wip-us.apache.org/repos/asf/cxf/blob/894a1b17/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/encoded/TrailingBlocks.java -- diff --git a/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/encoded/TrailingBlocks.java b/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/encoded/TrailingBlocks.java index 2c95897..b7cdee3 100644 --- a/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/encoded/TrailingBlocks.java +++ b/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/encoded/TrailingBlocks.java @@ -48,7 +48,6 @@ public class TrailingBlocks { // we only work with mapped types objectType = new ObjectType(); objectType.setReadToDocument(false); -objectType.setSerializedWhenUnknown(false); } public TrailingBlocks(TypeMapping typeMapping) {
cxf git commit: [CXF-6704]Upgrade to httpclient 4.5.1
Repository: cxf Updated Branches: refs/heads/master 4373cb1a8 -> b3627c1f9 [CXF-6704]Upgrade to httpclient 4.5.1 Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b3627c1f Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b3627c1f Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b3627c1f Branch: refs/heads/master Commit: b3627c1f94ec34adc3944c53da88f8f0c66a31a2 Parents: 4373cb1 Author: Freeman FangAuthored: Wed Dec 16 13:33:27 2015 +0800 Committer: Freeman Fang Committed: Wed Dec 16 13:33:27 2015 +0800 -- parent/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/b3627c1f/parent/pom.xml -- diff --git a/parent/pom.xml b/parent/pom.xml index e1bcaff..d50212d 100644 --- a/parent/pom.xml +++ b/parent/pom.xml @@ -88,7 +88,7 @@ 1.9.4 4.1 [4.0,4.2) - 4.4.1 + 4.5.1 4.4.1 [4.3,4.5.0) 2.4.6
cxf git commit: make checkstyle and pmd happy
Repository: cxf Updated Branches: refs/heads/master b3627c1f9 -> 4034e6fad make checkstyle and pmd happy Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4034e6fa Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4034e6fa Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4034e6fa Branch: refs/heads/master Commit: 4034e6fadf17f2083a89c313353b9a407eee616c Parents: b3627c1 Author: Freeman FangAuthored: Wed Dec 16 13:37:59 2015 +0800 Committer: Freeman Fang Committed: Wed Dec 16 13:37:59 2015 +0800 -- .../org/apache/cxf/aegis/type/basic/ObjectType.java | 16 1 file changed, 16 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/4034e6fa/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java -- diff --git a/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java b/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java index 8bf15de..0eefc78 100644 --- a/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java +++ b/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java @@ -18,8 +18,6 @@ */ package org.apache.cxf.aegis.type.basic; -import java.io.ByteArrayInputStream; -import java.io.ObjectInputStream; import java.util.Collections; import java.util.Set; @@ -33,10 +31,6 @@ import org.apache.cxf.aegis.type.AegisType; import org.apache.cxf.aegis.type.TypeMapping; import org.apache.cxf.aegis.xml.MessageReader; import org.apache.cxf.aegis.xml.MessageWriter; -import org.apache.cxf.common.util.Base64Utility; -import org.apache.ws.commons.schema.XmlSchema; -import org.apache.ws.commons.schema.XmlSchemaSimpleType; -import org.apache.ws.commons.schema.XmlSchemaSimpleTypeRestriction; import org.apache.ws.commons.schema.constants.Constants; /** @@ -142,16 +136,6 @@ public class ObjectType extends AegisType { } } -private Object reconstituteJavaObject(MessageReader reader) throws DatabindingException { - -try { -ByteArrayInputStream in = new ByteArrayInputStream(Base64Utility - .decode(reader.getValue().trim())); -return new ObjectInputStream(in).readObject(); -} catch (Exception e) { -throw new DatabindingException("Unable to reconstitute serialized object", e); -} -} private boolean isNil(MessageReader reader) { return null != reader && "true".equals(reader.getValue() == null ? "" : reader.getValue());
cxf git commit: make checkstyle and pmd happy
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 5ab86e5dd -> e982b671a make checkstyle and pmd happy (cherry picked from commit 4034e6fadf17f2083a89c313353b9a407eee616c) Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e982b671 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e982b671 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e982b671 Branch: refs/heads/3.1.x-fixes Commit: e982b671ab804ab49b7986aa243837f5ad9dd1ae Parents: 5ab86e5 Author: Freeman FangAuthored: Wed Dec 16 13:37:59 2015 +0800 Committer: Freeman Fang Committed: Wed Dec 16 13:39:26 2015 +0800 -- .../org/apache/cxf/aegis/type/basic/ObjectType.java | 16 1 file changed, 16 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/e982b671/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java -- diff --git a/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java b/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java index 8bf15de..0eefc78 100644 --- a/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java +++ b/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java @@ -18,8 +18,6 @@ */ package org.apache.cxf.aegis.type.basic; -import java.io.ByteArrayInputStream; -import java.io.ObjectInputStream; import java.util.Collections; import java.util.Set; @@ -33,10 +31,6 @@ import org.apache.cxf.aegis.type.AegisType; import org.apache.cxf.aegis.type.TypeMapping; import org.apache.cxf.aegis.xml.MessageReader; import org.apache.cxf.aegis.xml.MessageWriter; -import org.apache.cxf.common.util.Base64Utility; -import org.apache.ws.commons.schema.XmlSchema; -import org.apache.ws.commons.schema.XmlSchemaSimpleType; -import org.apache.ws.commons.schema.XmlSchemaSimpleTypeRestriction; import org.apache.ws.commons.schema.constants.Constants; /** @@ -142,16 +136,6 @@ public class ObjectType extends AegisType { } } -private Object reconstituteJavaObject(MessageReader reader) throws DatabindingException { - -try { -ByteArrayInputStream in = new ByteArrayInputStream(Base64Utility - .decode(reader.getValue().trim())); -return new ObjectInputStream(in).readObject(); -} catch (Exception e) { -throw new DatabindingException("Unable to reconstitute serialized object", e); -} -} private boolean isNil(MessageReader reader) { return null != reader && "true".equals(reader.getValue() == null ? "" : reader.getValue());
cxf git commit: make checkstyle and pmd happy
Repository: cxf Updated Branches: refs/heads/3.0.x-fixes d4c3089c5 -> a4e6bafac make checkstyle and pmd happy (cherry picked from commit 4034e6fadf17f2083a89c313353b9a407eee616c) (cherry picked from commit e982b671ab804ab49b7986aa243837f5ad9dd1ae) Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a4e6bafa Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a4e6bafa Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a4e6bafa Branch: refs/heads/3.0.x-fixes Commit: a4e6bafac9fdfa084a9b91640d0bb96934fd3083 Parents: d4c3089 Author: Freeman FangAuthored: Wed Dec 16 13:37:59 2015 +0800 Committer: Freeman Fang Committed: Wed Dec 16 13:52:58 2015 +0800 -- .../org/apache/cxf/aegis/type/basic/ObjectType.java | 16 1 file changed, 16 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/a4e6bafa/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java -- diff --git a/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java b/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java index 8bf15de..0eefc78 100644 --- a/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java +++ b/rt/databinding/aegis/src/main/java/org/apache/cxf/aegis/type/basic/ObjectType.java @@ -18,8 +18,6 @@ */ package org.apache.cxf.aegis.type.basic; -import java.io.ByteArrayInputStream; -import java.io.ObjectInputStream; import java.util.Collections; import java.util.Set; @@ -33,10 +31,6 @@ import org.apache.cxf.aegis.type.AegisType; import org.apache.cxf.aegis.type.TypeMapping; import org.apache.cxf.aegis.xml.MessageReader; import org.apache.cxf.aegis.xml.MessageWriter; -import org.apache.cxf.common.util.Base64Utility; -import org.apache.ws.commons.schema.XmlSchema; -import org.apache.ws.commons.schema.XmlSchemaSimpleType; -import org.apache.ws.commons.schema.XmlSchemaSimpleTypeRestriction; import org.apache.ws.commons.schema.constants.Constants; /** @@ -142,16 +136,6 @@ public class ObjectType extends AegisType { } } -private Object reconstituteJavaObject(MessageReader reader) throws DatabindingException { - -try { -ByteArrayInputStream in = new ByteArrayInputStream(Base64Utility - .decode(reader.getValue().trim())); -return new ObjectInputStream(in).readObject(); -} catch (Exception e) { -throw new DatabindingException("Unable to reconstitute serialized object", e); -} -} private boolean isNil(MessageReader reader) { return null != reader && "true".equals(reader.getValue() == null ? "" : reader.getValue());
cxf git commit: Making it easier to inject IdToken/UserInfo as context proxies
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes d7fd946ab -> d4bfacb8c Making it easier to inject IdToken/UserInfo as context proxies Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/d4bfacb8 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/d4bfacb8 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/d4bfacb8 Branch: refs/heads/3.1.x-fixes Commit: d4bfacb8cc5ed8247ff74eb52061070c0457cbf3 Parents: d7fd946 Author: Sergey BeryozkinAuthored: Tue Dec 15 12:41:23 2015 + Committer: Sergey Beryozkin Committed: Tue Dec 15 12:42:58 2015 + -- .../cxf/rs/security/oidc/rp/IdTokenContext.java | 25 .../oidc/rp/OidcClientTokenContext.java | 7 ++ .../security/oidc/rp/OidcIdTokenProvider.java | 19 +++ .../security/oidc/rp/OidcUserInfoProvider.java | 22 + .../rs/security/oidc/rp/UserInfoContext.java| 25 5 files changed, 83 insertions(+), 15 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/d4bfacb8/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenContext.java -- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenContext.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenContext.java new file mode 100644 index 000..7e4cc2f --- /dev/null +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenContext.java @@ -0,0 +1,25 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.cxf.rs.security.oidc.rp; + +import org.apache.cxf.rs.security.oidc.common.IdToken; + +public interface IdTokenContext { +IdToken getIdToken(); +} http://git-wip-us.apache.org/repos/asf/cxf/blob/d4bfacb8/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientTokenContext.java -- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientTokenContext.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientTokenContext.java index 5a1e136..5187392 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientTokenContext.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientTokenContext.java @@ -19,10 +19,7 @@ package org.apache.cxf.rs.security.oidc.rp; import org.apache.cxf.rs.security.oauth2.client.ClientTokenContext; -import org.apache.cxf.rs.security.oidc.common.IdToken; -import org.apache.cxf.rs.security.oidc.common.UserInfo; -public interface OidcClientTokenContext extends ClientTokenContext { -IdToken getIdToken(); -UserInfo getUserInfo(); +public interface OidcClientTokenContext extends ClientTokenContext, +IdTokenContext, UserInfoContext { } http://git-wip-us.apache.org/repos/asf/cxf/blob/d4bfacb8/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenProvider.java -- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenProvider.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenProvider.java index fab9ae8..b87ea2c 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenProvider.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenProvider.java @@ -23,14 +23,23 @@ import org.apache.cxf.message.Message; import org.apache.cxf.rs.security.oauth2.client.ClientTokenContext; import org.apache.cxf.rs.security.oidc.common.IdToken; -public class OidcIdTokenProvider implements ContextProvider { +public class OidcIdTokenProvider implements ContextProvider {
cxf git commit: Removing IdToken property from UserInfo
Repository: cxf Updated Branches: refs/heads/master b316007cc -> 3fb5e2464 Removing IdToken property from UserInfo Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/3fb5e246 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/3fb5e246 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/3fb5e246 Branch: refs/heads/master Commit: 3fb5e246440f0c269c9c248a22f1b5a7f41f7db0 Parents: b316007 Author: Sergey BeryozkinAuthored: Tue Dec 15 13:02:40 2015 + Committer: Sergey Beryozkin Committed: Tue Dec 15 13:02:40 2015 + -- .../apache/cxf/rs/security/oidc/common/UserInfo.java| 7 --- .../cxf/rs/security/oidc/rp/OidcClientTokenContext.java | 2 +- .../cxf/rs/security/oidc/rp/OidcUserInfoProvider.java | 12 .../apache/cxf/rs/security/oidc/rp/UserInfoContext.java | 2 +- 4 files changed, 10 insertions(+), 13 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/3fb5e246/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/UserInfo.java -- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/UserInfo.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/UserInfo.java index 06b4e96..1ac2986 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/UserInfo.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/UserInfo.java @@ -24,7 +24,6 @@ import java.util.Map; import org.apache.cxf.rs.security.jose.jwt.JwtClaims; public class UserInfo extends AbstractUserInfo { -private IdToken idToken; public UserInfo() { } public UserInfo(JwtClaims claims) { @@ -33,10 +32,4 @@ public class UserInfo extends AbstractUserInfo { public UserInfo(Map claims) { super(new LinkedHashMap (claims)); } -public IdToken getIdToken() { -return idToken; -} -public void setIdToken(IdToken idToken) { -this.idToken = idToken; -} } http://git-wip-us.apache.org/repos/asf/cxf/blob/3fb5e246/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientTokenContext.java -- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientTokenContext.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientTokenContext.java index 5187392..5f430be 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientTokenContext.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientTokenContext.java @@ -21,5 +21,5 @@ package org.apache.cxf.rs.security.oidc.rp; import org.apache.cxf.rs.security.oauth2.client.ClientTokenContext; public interface OidcClientTokenContext extends ClientTokenContext, -IdTokenContext, UserInfoContext { +UserInfoContext { } http://git-wip-us.apache.org/repos/asf/cxf/blob/3fb5e246/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcUserInfoProvider.java -- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcUserInfoProvider.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcUserInfoProvider.java index 822d13b..386dd5e 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcUserInfoProvider.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcUserInfoProvider.java @@ -21,24 +21,28 @@ package org.apache.cxf.rs.security.oidc.rp; import org.apache.cxf.jaxrs.ext.ContextProvider; import org.apache.cxf.message.Message; import org.apache.cxf.rs.security.oauth2.client.ClientTokenContext; +import org.apache.cxf.rs.security.oidc.common.IdToken; import org.apache.cxf.rs.security.oidc.common.UserInfo; public class OidcUserInfoProvider implements ContextProvider { @Override public UserInfoContext createContext(Message m) { -OidcClientTokenContext ctx = (OidcClientTokenContext) +final OidcClientTokenContext ctx = (OidcClientTokenContext) m.getContent(ClientTokenContext.class); final UserInfo userInfo = ctx != null ? ctx.getUserInfo() : m.getContent(UserInfo.class); if (userInfo != null) { -if (ctx != null) { -userInfo.setIdToken(ctx.getIdToken()); -} +final IdToken idToken = ctx != null ? ctx.getIdToken() : m.getContent(IdToken.class);
[1/2] cxf-fediz git commit: Fixing checkstyle issue
Repository: cxf-fediz Updated Branches: refs/heads/master 85eb8cc50 -> 6068e648c Fixing checkstyle issue Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/743930a0 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/743930a0 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/743930a0 Branch: refs/heads/master Commit: 743930a0e62acadb426e6e1c9ba1d9db66b33c33 Parents: 85eb8cc Author: Colm O hEigeartaighAuthored: Tue Dec 15 12:23:46 2015 + Committer: Colm O hEigeartaigh Committed: Tue Dec 15 12:23:46 2015 + -- .../cxf/fediz/integrationtests/AbstractAttackTests.java | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/743930a0/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractAttackTests.java -- diff --git a/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractAttackTests.java b/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractAttackTests.java index be8ca4d..7bec646 100644 --- a/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractAttackTests.java +++ b/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractAttackTests.java @@ -21,12 +21,6 @@ package org.apache.cxf.fediz.integrationtests; import java.net.URLEncoder; -import org.apache.http.auth.AuthScope; -import org.apache.http.auth.UsernamePasswordCredentials; -import org.apache.wss4j.dom.engine.WSSConfig; -import org.junit.Assert; -import org.junit.Test; - import com.gargoylesoftware.htmlunit.CookieManager; import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException; import com.gargoylesoftware.htmlunit.WebClient; @@ -36,6 +30,12 @@ import com.gargoylesoftware.htmlunit.html.HtmlForm; import com.gargoylesoftware.htmlunit.html.HtmlPage; import com.gargoylesoftware.htmlunit.html.HtmlSubmitInput; +import org.apache.http.auth.AuthScope; +import org.apache.http.auth.UsernamePasswordCredentials; +import org.apache.wss4j.dom.engine.WSSConfig; +import org.junit.Assert; +import org.junit.Test; + /** * Some negative/attack tests for the IdP/RP */
[2/2] cxf-fediz git commit: Updating PMD
Updating PMD Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/6068e648 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/6068e648 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/6068e648 Branch: refs/heads/master Commit: 6068e648cf5cf4416f179fff88f8b813809ae5d4 Parents: 743930a Author: Colm O hEigeartaighAuthored: Tue Dec 15 13:04:09 2015 + Committer: Colm O hEigeartaigh Committed: Tue Dec 15 13:04:09 2015 + -- .../apache/cxf/fediz/core/saml/SAMLTokenValidator.java | 12 +++- .../org/apache/cxf/fediz/core/util/CookieUtils.java | 6 +- .../org/apache/cxf/fediz/core/util/StringUtils.java | 5 + pom.xml | 7 +-- .../idp/kerberos/KerberosServiceRequestToken.java | 2 +- .../jpa/ApplicationIdpProtocolSupportValidator.java | 6 +- .../service/jpa/TrustedIdpProtocolSupportValidator.java | 6 +- 7 files changed, 9 insertions(+), 35 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6068e648/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java -- diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java index 4e07e76..2344ecb 100644 --- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java +++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java @@ -71,20 +71,14 @@ public class SAMLTokenValidator implements TokenValidator { @Override public boolean canHandleTokenType(String tokenType) { -if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType) || WSConstants.SAML2_NS.equals(tokenType) -|| WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType) || WSConstants.SAML_NS.equals(tokenType)) { -return true; -} -return false; +return WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType) || WSConstants.SAML2_NS.equals(tokenType) +|| WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType) || WSConstants.SAML_NS.equals(tokenType); } @Override public boolean canHandleToken(Element token) { String ns = token.getNamespaceURI(); -if (WSConstants.SAML2_NS.equals(ns) || WSConstants.SAML_NS.equals(ns)) { -return true; -} -return false; +return WSConstants.SAML2_NS.equals(ns) || WSConstants.SAML_NS.equals(ns); } public TokenValidatorResponse validateAndProcessToken(TokenValidatorRequest request, http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6068e648/plugins/core/src/main/java/org/apache/cxf/fediz/core/util/CookieUtils.java -- diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/util/CookieUtils.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/util/CookieUtils.java index d99a9c2..232514d 100644 --- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/util/CookieUtils.java +++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/util/CookieUtils.java @@ -80,11 +80,7 @@ public final class CookieUtils { return true; } -if (detectExpiredTokens && expiresAt > 0 && currentTime.after(new Date(expiresAt))) { -return true; -} - -return false; +return detectExpiredTokens && expiresAt > 0 && currentTime.after(new Date(expiresAt)); } } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6068e648/plugins/core/src/main/java/org/apache/cxf/fediz/core/util/StringUtils.java -- diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/util/StringUtils.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/util/StringUtils.java index 9ece30b..04f2112 100644 --- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/util/StringUtils.java +++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/util/StringUtils.java @@ -89,10 +89,7 @@ public final class StringUtils { if (list == null || list.size() == 0) { return true; } -if (list.size() == 1 && isEmpty(list.get(0))) { -return true; -} -return false; +return list.size() == 1 && isEmpty(list.get(0)); } public static boolean isEqualUri(String uri1, String uri2) { http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6068e648/pom.xml
cxf git commit: Making it easier to inject IdToken/UserInfo as context proxies
Repository: cxf Updated Branches: refs/heads/master 332551899 -> b316007cc Making it easier to inject IdToken/UserInfo as context proxies Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b316007c Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b316007c Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b316007c Branch: refs/heads/master Commit: b316007cc8c78508b006dcfc99c8398f516cc37a Parents: 3325518 Author: Sergey BeryozkinAuthored: Tue Dec 15 12:41:23 2015 + Committer: Sergey Beryozkin Committed: Tue Dec 15 12:41:23 2015 + -- .../cxf/rs/security/oidc/rp/IdTokenContext.java | 25 .../oidc/rp/OidcClientTokenContext.java | 7 ++ .../security/oidc/rp/OidcIdTokenProvider.java | 19 +++ .../security/oidc/rp/OidcUserInfoProvider.java | 22 + .../rs/security/oidc/rp/UserInfoContext.java| 25 5 files changed, 83 insertions(+), 15 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/b316007c/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenContext.java -- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenContext.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenContext.java new file mode 100644 index 000..7e4cc2f --- /dev/null +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenContext.java @@ -0,0 +1,25 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.cxf.rs.security.oidc.rp; + +import org.apache.cxf.rs.security.oidc.common.IdToken; + +public interface IdTokenContext { +IdToken getIdToken(); +} http://git-wip-us.apache.org/repos/asf/cxf/blob/b316007c/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientTokenContext.java -- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientTokenContext.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientTokenContext.java index 5a1e136..5187392 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientTokenContext.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientTokenContext.java @@ -19,10 +19,7 @@ package org.apache.cxf.rs.security.oidc.rp; import org.apache.cxf.rs.security.oauth2.client.ClientTokenContext; -import org.apache.cxf.rs.security.oidc.common.IdToken; -import org.apache.cxf.rs.security.oidc.common.UserInfo; -public interface OidcClientTokenContext extends ClientTokenContext { -IdToken getIdToken(); -UserInfo getUserInfo(); +public interface OidcClientTokenContext extends ClientTokenContext, +IdTokenContext, UserInfoContext { } http://git-wip-us.apache.org/repos/asf/cxf/blob/b316007c/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenProvider.java -- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenProvider.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenProvider.java index fab9ae8..b87ea2c 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenProvider.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenProvider.java @@ -23,14 +23,23 @@ import org.apache.cxf.message.Message; import org.apache.cxf.rs.security.oauth2.client.ClientTokenContext; import org.apache.cxf.rs.security.oidc.common.IdToken; -public class OidcIdTokenProvider implements ContextProvider { +public class OidcIdTokenProvider implements ContextProvider {
[1/2] cxf git commit: Recording .gitmergeinfo Changes
Repository: cxf Updated Branches: refs/heads/3.0.x-fixes b3ccbb9a0 -> d4c3089c5 Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/d4c3089c Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/d4c3089c Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/d4c3089c Branch: refs/heads/3.0.x-fixes Commit: d4c3089c5921f11092a6380f1441988a47830a25 Parents: 894a1b1 Author: Daniel KulpAuthored: Tue Dec 15 16:24:01 2015 -0500 Committer: Daniel Kulp Committed: Tue Dec 15 16:24:01 2015 -0500 -- .gitmergeinfo | 20 1 file changed, 20 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/d4c3089c/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index 4064cc2..4d4310c 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -4,6 +4,7 @@ B 004321a2e955665005b9c5bfe304feaf9cb622b0 B 005ee936d42897f7083fd9fe26addec4779d4764 B 013eb89d0453bf897d219b762e50ab5232f6ca00 B 015419bf394e219cbb07ca7706b4bd8e2942e856 +B 033815a0e180b8e1abfcc0c1acdbeb0219ad256d B 035154fb466fb9c833804d1bc747804df9e9992b B 03bd1b4f0beaddf4df112f7c08d5749862805dfa B 03d63bca6fd9497ddeba1a0657929150d02827d2 @@ -36,11 +37,13 @@ B 131c3fdba9c4825b739adc3d149d0297175b8a86 B 13b9b012a31fdf1a7e35757a336fecc3c688848e B 13dfe0f9fcaa0aee4c603072436d85861a0ab734 B 13e01e23ea87ea5b06953f18bef4b173fca55b4d +B 105de684d0a266cbbfbb415e09121412d577 B 1487fccd43c3bcc463f12cdc1573cde68323f8b6 B 159089a4c0bcf4d30ed819f064f0e31c6c3dc2af B 161e10bb2d87573974b8a1748f023c47ebbe5d49 B 162bbb5ea63cfeb6c258d750627c77c9e694f928 B 1674e7fb3353fc9e5d2b81deb2d02617cc09a373 +B 16d789c4a913e0cac51bcf929331abe84010ce1e B 17d710cdb3b4d3cd5d07321051ac42753c4817b2 B 1805027c9ce9925fb875e92fc5314aa826632151 B 18204e5bb0173ccea83c0afd10e4450f370287a0 @@ -80,6 +83,7 @@ B 28a4e2ea5a35247cc50a2013371bcc178ff1d390 B 28e185b27e8c80cd773cac46d1b9b19529c4fab0 B 28e8f04af96d3e353f0da5018a4531d45592c663 B 292fe2541e32bb31a59955975972cd6adfa1a9dc +B 29a9b9e96582602565286099ac3965424372370d B 29f0620a9a025afcd2057cdf97c7d93caf6c179f B 2a2ed67576b525f9708fcb8bd9e8387a277a1f4f B 2a5d201be1b85344585094d0f044e9bf1b605fac @@ -91,6 +95,8 @@ B 2d3592e667e0ed5c2345b8fe1ae248a6b0fb1b43 B 2d41042ebc1ee81b61aad4b08938c1c73626b968 B 2d7e7939c5a0e27eae861ea58aba598ba95c5f41 B 2e19b7549462aa8aafc9df7684327375fd4cd673 +B 2e221ea50c22d528b6b23dd0c0f0cc862e2d0fa4 +B 2ec875978a50cd34d07bd7d3bbfc8583fd30250b B 2f0b3e38212674883d610cfcfbd76b901bd3d997 B 2f164ec218a1e850d8cc4a6a9ffdb6dba248895f B 2fd8103535c1246a3a243e0fd7bcea86947e6b14 @@ -100,6 +106,7 @@ B 3051c2a54adc909be8d63c690b1444eb2f9e5e35 B 30853113b4c4d47200bcf5305e5e88735f32cc8f B 315e357e850407e9f3233259bab33ea765633271 B 321b2f8b66bf6b9d1fa68aba086c8cddf18070e3 +B 3240a6a27e48f41e15ab75ed2c1735a1f5056668 B 33083c0682d2bdf2f42df7f4021d18bd7ccc34a4 B 3309231e467225b18b24d90d77153a0c572a17e0 B 33c7781f4f847431a7bbdc9335657d3281cd525e @@ -140,6 +147,7 @@ B 43babb8fc1bfd034657eb44fe82fab960034c85d B 43c65b07658b8041f6689d16a34ff98132b8a424 B 441cd2cecdd8a88d42e41324643f06a2fccf5a25 B 449a10ca63d5b3507861eb4da9f56c215eddccfb +B 44a2a45027c51d005a725ad95ca8a57288e29e49 B 44d7b57b7cbab26767eb3e485674210214d87673 B 44ddee3a98918261f18699b895295b53785bb9a7 B 450e3ff7725e1d9fa51ad2aa01d927343e9520da @@ -238,6 +246,7 @@ B 6a9b6a5ebae8a1810374457eca74d09005a920cc B 6aa73265ae179bb4ebc3d826c1661ecab387067b B 6bdc9257b691e140f435a567e0b4f566c71be6cf B 6c58f0c8861c9e9a922d337da4ea8282c75255c1 +B 6c67f878e2c210e7f03c4aea52b2ba2eec7d611a B 6c9fb62220345bce0b19561d95b38d5507f75e71 B 6d44bab6a03832c3fb73b57ae68edc5bda2029ea B 6d637dcb21bb4a17b9c581748e85bf5a82f6c9f8 @@ -290,6 +299,7 @@ B 7fbbd1d13bbb7ccbbc1213ed86a456794583fd3e B 7fdc34030bdcfaa4226c28ea8ce83f34563a5b6d B 80014cf0e6fb1ba62ffdb3766acffd2130eef9d6 B 8075975a5ceddbdb610677e485fec5717af2cff6 +B 80a1247de3735319858d0a24792b2647256f78ac B 80d7128a3ba1944a603c73e5e908d86c9bf27648 B 8176b1b0faad2de44a4ff85083c74b5a4b74918a B 817727ddca9aad39a66f7001bf5f1c959dc7f581 @@ -360,11 +370,14 @@ B a04a1e06f7fffc5f145e33c6832f31b04782516b B a0f0667ad6ef136ed32707d361732617bc152c2e B a1487f2cd460028608a693ee6136d62803a633c6 B a16abff276542979aef91f7e56cd8e67a695db14 +B a1bd8bd7f0f3877c63c9491fe4c423f43bc58720 +B a2398cad82a549f9068351baf8185f2a1da4bcb4 B a2855695896d5084ea288b0fa47457e4b7bfac38 B a293c4db64e0136011afea865eac646f4129ce60 B a2e1e40d3c185f53741c937e7b861bab2808d70f B a2e5fae3a093965b75361210ef475abb9e6abf56 B a3347f0378b49b6db6ca6ec274098f4b52fd17cd +B a3e1065d4c2a600f63585a6c892e636f5740cf73 B a4222c930f7d69608f826c14e4bc7bc9f670097c B
cxf git commit: [CXF-6704]Upgrade to httpclient 4.5.1
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes b3c5afdbb -> 5ab86e5dd [CXF-6704]Upgrade to httpclient 4.5.1 Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/5ab86e5d Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/5ab86e5d Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/5ab86e5d Branch: refs/heads/3.1.x-fixes Commit: 5ab86e5dd81d68814a12e9c94a6a1b83fdc14f37 Parents: b3c5afd Author: Freeman FangAuthored: Wed Dec 16 10:14:52 2015 +0800 Committer: Freeman Fang Committed: Wed Dec 16 10:14:52 2015 +0800 -- parent/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/5ab86e5d/parent/pom.xml -- diff --git a/parent/pom.xml b/parent/pom.xml index 7378dcb..8d2fb44 100644 --- a/parent/pom.xml +++ b/parent/pom.xml @@ -88,7 +88,7 @@ 1.9.4 4.1 [4.0,4.2) - 4.4.1 + 4.5.1 4.4.1 [4.3,4.5.0) 2.4.6
cxf-fediz git commit: Fixing PMD
Repository: cxf-fediz Updated Branches: refs/heads/1.2.x-fixes 6bdaf927b -> b6026725d Fixing PMD Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/b6026725 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/b6026725 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/b6026725 Branch: refs/heads/1.2.x-fixes Commit: b6026725d38dcd9040a024c76bf2e7809ab61290 Parents: 6bdaf92 Author: Colm O hEigeartaighAuthored: Tue Dec 15 13:04:09 2015 + Committer: Colm O hEigeartaigh Committed: Tue Dec 15 14:53:18 2015 + -- .../apache/cxf/fediz/core/saml/SAMLTokenValidator.java | 12 +++- .../org/apache/cxf/fediz/core/util/CookieUtils.java | 6 +- .../org/apache/cxf/fediz/core/util/StringUtils.java | 5 + pom.xml | 5 - .../idp/kerberos/KerberosServiceRequestToken.java | 2 +- 5 files changed, 6 insertions(+), 24 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/b6026725/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java -- diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java index 81f73f8..7174afc 100644 --- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java +++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/saml/SAMLTokenValidator.java @@ -71,20 +71,14 @@ public class SAMLTokenValidator implements TokenValidator { @Override public boolean canHandleTokenType(String tokenType) { -if (WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType) || WSConstants.SAML2_NS.equals(tokenType) -|| WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType) || WSConstants.SAML_NS.equals(tokenType)) { -return true; -} -return false; +return WSConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType) || WSConstants.SAML2_NS.equals(tokenType) +|| WSConstants.WSS_SAML_TOKEN_TYPE.equals(tokenType) || WSConstants.SAML_NS.equals(tokenType); } @Override public boolean canHandleToken(Element token) { String ns = token.getNamespaceURI(); -if (WSConstants.SAML2_NS.equals(ns) || WSConstants.SAML_NS.equals(ns)) { -return true; -} -return false; +return WSConstants.SAML2_NS.equals(ns) || WSConstants.SAML_NS.equals(ns); } public TokenValidatorResponse validateAndProcessToken(TokenValidatorRequest request, http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/b6026725/plugins/core/src/main/java/org/apache/cxf/fediz/core/util/CookieUtils.java -- diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/util/CookieUtils.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/util/CookieUtils.java index d99a9c2..232514d 100644 --- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/util/CookieUtils.java +++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/util/CookieUtils.java @@ -80,11 +80,7 @@ public final class CookieUtils { return true; } -if (detectExpiredTokens && expiresAt > 0 && currentTime.after(new Date(expiresAt))) { -return true; -} - -return false; +return detectExpiredTokens && expiresAt > 0 && currentTime.after(new Date(expiresAt)); } } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/b6026725/plugins/core/src/main/java/org/apache/cxf/fediz/core/util/StringUtils.java -- diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/util/StringUtils.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/util/StringUtils.java index 6f5d0b3..cb07403 100644 --- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/util/StringUtils.java +++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/util/StringUtils.java @@ -89,10 +89,7 @@ public final class StringUtils { if (list == null || list.size() == 0) { return true; } -if (list.size() == 1 && isEmpty(list.get(0))) { -return true; -} -return false; +return list.size() == 1 && isEmpty(list.get(0)); } public static boolean isEqualUri(String uri1, String uri2) { http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/b6026725/pom.xml -- diff --git a/pom.xml b/pom.xml index
cxf git commit: Removing IdToken property from UserInfo
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes d4bfacb8c -> bbfe35e46 Removing IdToken property from UserInfo Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/bbfe35e4 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/bbfe35e4 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/bbfe35e4 Branch: refs/heads/3.1.x-fixes Commit: bbfe35e464e2f4a6a4783420104d0d90c287fff7 Parents: d4bfacb Author: Sergey BeryozkinAuthored: Tue Dec 15 13:02:40 2015 + Committer: Sergey Beryozkin Committed: Tue Dec 15 14:23:30 2015 + -- .../apache/cxf/rs/security/oidc/common/UserInfo.java| 7 --- .../cxf/rs/security/oidc/rp/OidcClientTokenContext.java | 2 +- .../cxf/rs/security/oidc/rp/OidcUserInfoProvider.java | 12 .../apache/cxf/rs/security/oidc/rp/UserInfoContext.java | 2 +- 4 files changed, 10 insertions(+), 13 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/bbfe35e4/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/UserInfo.java -- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/UserInfo.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/UserInfo.java index 06b4e96..1ac2986 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/UserInfo.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/UserInfo.java @@ -24,7 +24,6 @@ import java.util.Map; import org.apache.cxf.rs.security.jose.jwt.JwtClaims; public class UserInfo extends AbstractUserInfo { -private IdToken idToken; public UserInfo() { } public UserInfo(JwtClaims claims) { @@ -33,10 +32,4 @@ public class UserInfo extends AbstractUserInfo { public UserInfo(Map claims) { super(new LinkedHashMap (claims)); } -public IdToken getIdToken() { -return idToken; -} -public void setIdToken(IdToken idToken) { -this.idToken = idToken; -} } http://git-wip-us.apache.org/repos/asf/cxf/blob/bbfe35e4/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientTokenContext.java -- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientTokenContext.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientTokenContext.java index 5187392..5f430be 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientTokenContext.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientTokenContext.java @@ -21,5 +21,5 @@ package org.apache.cxf.rs.security.oidc.rp; import org.apache.cxf.rs.security.oauth2.client.ClientTokenContext; public interface OidcClientTokenContext extends ClientTokenContext, -IdTokenContext, UserInfoContext { +UserInfoContext { } http://git-wip-us.apache.org/repos/asf/cxf/blob/bbfe35e4/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcUserInfoProvider.java -- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcUserInfoProvider.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcUserInfoProvider.java index 822d13b..386dd5e 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcUserInfoProvider.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcUserInfoProvider.java @@ -21,24 +21,28 @@ package org.apache.cxf.rs.security.oidc.rp; import org.apache.cxf.jaxrs.ext.ContextProvider; import org.apache.cxf.message.Message; import org.apache.cxf.rs.security.oauth2.client.ClientTokenContext; +import org.apache.cxf.rs.security.oidc.common.IdToken; import org.apache.cxf.rs.security.oidc.common.UserInfo; public class OidcUserInfoProvider implements ContextProvider { @Override public UserInfoContext createContext(Message m) { -OidcClientTokenContext ctx = (OidcClientTokenContext) +final OidcClientTokenContext ctx = (OidcClientTokenContext) m.getContent(ClientTokenContext.class); final UserInfo userInfo = ctx != null ? ctx.getUserInfo() : m.getContent(UserInfo.class); if (userInfo != null) { -if (ctx != null) { -userInfo.setIdToken(ctx.getIdToken()); -} +final IdToken idToken = ctx != null ? ctx.getIdToken() :