[cxf] Git Push Summary
Repository: cxf Updated Branches: refs/heads/origin/3.1.x-fixes [deleted] 45a7c4ac5
[2/3] cxf git commit: Only log namespacehandler reg on debug level
Only log namespacehandler reg on debug level Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/43f440bb Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/43f440bb Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/43f440bb Branch: refs/heads/3.1.x-fixes Commit: 43f440bb4705eddaa29907239372205702f32853 Parents: 7b1168e Author: Christian Schneider Authored: Fri Apr 29 15:49:02 2016 +0200 Committer: Daniel Kulp Committed: Wed May 18 23:09:19 2016 -0400 -- .../org/apache/cxf/bus/blueprint/NamespaceHandlerRegisterer.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/43f440bb/core/src/main/java/org/apache/cxf/bus/blueprint/NamespaceHandlerRegisterer.java -- diff --git a/core/src/main/java/org/apache/cxf/bus/blueprint/NamespaceHandlerRegisterer.java b/core/src/main/java/org/apache/cxf/bus/blueprint/NamespaceHandlerRegisterer.java index 400dfd9..463236f 100644 --- a/core/src/main/java/org/apache/cxf/bus/blueprint/NamespaceHandlerRegisterer.java +++ b/core/src/main/java/org/apache/cxf/bus/blueprint/NamespaceHandlerRegisterer.java @@ -41,7 +41,7 @@ public final class NamespaceHandlerRegisterer { Dictionary properties = new Hashtable(); properties.put("osgi.service.blueprint.namespace", namespace); bc.registerService(NamespaceHandler.class.getName(), handler, properties); -LOG.info("Registered blueprint namespace handler for " + namespace); +LOG.fine("Registered blueprint namespace handler for " + namespace); } } catch (Throwable e) { String msg = "Aries Blueprint packages not available. So namespaces will not be registered";
[1/3] cxf git commit: [CXF-6887] Handle multiple busses and avoid NPE
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 4def8e9db -> 90a963f18 [CXF-6887] Handle multiple busses and avoid NPE Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7b1168ef Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7b1168ef Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7b1168ef Branch: refs/heads/3.1.x-fixes Commit: 7b1168ef760b89aa5fe92dbf2da328b1316d4ccd Parents: 4def8e9 Author: Christian Schneider Authored: Fri Apr 29 15:45:42 2016 +0200 Committer: Daniel Kulp Committed: Wed May 18 23:09:08 2016 -0400 -- .../transport/http/asyncclient/Activator.java | 56 +++- 1 file changed, 30 insertions(+), 26 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/7b1168ef/rt/transports/http-hc/src/main/java/org/apache/cxf/transport/http/asyncclient/Activator.java -- diff --git a/rt/transports/http-hc/src/main/java/org/apache/cxf/transport/http/asyncclient/Activator.java b/rt/transports/http-hc/src/main/java/org/apache/cxf/transport/http/asyncclient/Activator.java index 32f4321..13d1f52 100644 --- a/rt/transports/http-hc/src/main/java/org/apache/cxf/transport/http/asyncclient/Activator.java +++ b/rt/transports/http-hc/src/main/java/org/apache/cxf/transport/http/asyncclient/Activator.java @@ -25,47 +25,36 @@ import java.util.Hashtable; import java.util.Map; import org.apache.cxf.Bus; -import org.apache.cxf.transport.http.HTTPConduitFactory; import org.osgi.framework.BundleActivator; import org.osgi.framework.BundleContext; import org.osgi.framework.Constants; -import org.osgi.framework.ServiceRegistration; +import org.osgi.framework.ServiceReference; import org.osgi.service.cm.ConfigurationException; import org.osgi.service.cm.ManagedService; import org.osgi.util.tracker.ServiceTracker; public class Activator implements BundleActivator { - -private ServiceTracker tracker; +private ConduitConfigurer conduitConfigurer; @Override public void start(BundleContext context) throws Exception { -tracker = new ServiceTracker(context, Bus.class.getName(), null); -tracker.open(); -ConduitConfigurer conduitConfigurer = new ConduitConfigurer(context, tracker); -registerManagedService(context, conduitConfigurer, "org.apache.cxf.transport.http.async"); -} - -private void registerManagedService(BundleContext context, ConduitConfigurer conduitConfigurer, String servicePid) { +conduitConfigurer = new ConduitConfigurer(context); +conduitConfigurer.open(); Dictionary properties = new Hashtable(); -properties.put(Constants.SERVICE_PID, servicePid); +properties.put(Constants.SERVICE_PID, "org.apache.cxf.transport.http.async"); context.registerService(ManagedService.class.getName(), conduitConfigurer, properties); } @Override public void stop(BundleContext context) throws Exception { -tracker.close(); +conduitConfigurer.close(); } -class ConduitConfigurer implements ManagedService { -private AsyncHTTPConduitFactory conduitFactory; -private ServiceTracker busTracker; -private BundleContext context; -private ServiceRegistration reg; +public class ConduitConfigurer extends ServiceTracker implements ManagedService { +private Map currentConfig; -ConduitConfigurer(BundleContext context, ServiceTracker busTracker) { -this.context = context; -this.busTracker = busTracker; +public ConduitConfigurer(BundleContext context) { +super(context, Bus.class.getName(), null); } @SuppressWarnings({ @@ -73,12 +62,21 @@ public class Activator implements BundleActivator { }) @Override public void updated(Dictionary properties) throws ConfigurationException { -if (reg != null) { -reg.unregister(); +this.currentConfig = toMap(properties); +Bus[] buses = (Bus[])getServices(); +if (buses == null) { +return; } -conduitFactory = new AsyncHTTPConduitFactory((Bus)this.busTracker.getService()); -conduitFactory.update(toMap(properties)); -reg = context.registerService(HTTPConduitFactory.class.getName(), conduitFactory, null); +for (Bus bus : buses) { +configureConduitFactory(bus); +} +} + +@Override +public Object addingService(ServiceReference reference) { +Bus bus = (Bus)super.addingService(reference); +configureConduitFactory(bus); +return bus; }
[3/3] cxf git commit: Formatting issues in impl.vm. Closes #88
Formatting issues in impl.vm. Closes #88 Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/90a963f1 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/90a963f1 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/90a963f1 Branch: refs/heads/3.1.x-fixes Commit: 90a963f185119376329b07735ca06c51e34d9564 Parents: 43f440b Author: Dustin R. Heart Authored: Thu Sep 10 18:14:55 2015 -0700 Committer: Daniel Kulp Committed: Wed May 18 23:09:26 2016 -0400 -- .../org/apache/cxf/tools/wsdlto/frontend/jaxws/template/impl.vm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/90a963f1/tools/wsdlto/frontend/jaxws/src/main/java/org/apache/cxf/tools/wsdlto/frontend/jaxws/template/impl.vm -- diff --git a/tools/wsdlto/frontend/jaxws/src/main/java/org/apache/cxf/tools/wsdlto/frontend/jaxws/template/impl.vm b/tools/wsdlto/frontend/jaxws/src/main/java/org/apache/cxf/tools/wsdlto/frontend/jaxws/template/impl.vm index e24f7cd..d9fe1b7 100644 --- a/tools/wsdlto/frontend/jaxws/src/main/java/org/apache/cxf/tools/wsdlto/frontend/jaxws/template/impl.vm +++ b/tools/wsdlto/frontend/jaxws/src/main/java/org/apache/cxf/tools/wsdlto/frontend/jaxws/template/impl.vm @@ -64,12 +64,12 @@ public class ${implName} implements $intf.Name { #foreach ($method in $intf.Methods) /* (non-Javadoc) - * @see $intf.PackageName.$intf.Name#${method.Name}(#foreach ($parameter in $method.Parameters)$parameter.ClassName $parameter.Name #if ($velocityCount != $method.getParameters().size()),#end)#end* + * @see $intf.PackageName.$intf.Name#${method.Name}(#foreach ($parameter in $method.Parameters)$parameter.ClassName $parameter.Name#if ($velocityCount != $method.getParameters().size()), #end#end)* */ #if ($mark-generated == "true") @Generated(value = "org.apache.cxf.tools.wsdlto.WSDLToJava", date = "$currentdate") #end -public $method.return.ClassName ${method.Name}(#if($method.ParameterListWithoutAnnotation.size() == 0))#end#if($method.ParameterListWithoutAnnotation.size() != 0)#foreach($param in ${method.ParameterListWithoutAnnotation})$param#end)#end#if($method.Exceptions.size() > 0) throws #foreach($exception in $method.Exceptions)$exception.ClassName #if($velocityCount != $method.Exceptions.size()),#end #end #end { +public $method.return.ClassName ${method.Name}(#if($method.ParameterListWithoutAnnotation.size() == 0))#end#if($method.ParameterListWithoutAnnotation.size() != 0)#foreach($param in ${method.ParameterListWithoutAnnotation})$param#if($velocityCount != $method.ParameterListWithoutAnnotation.size()) #end#end)#end#if($method.Exceptions.size() > 0) throws #foreach($exception in $method.Exceptions)$exception.ClassName#if($velocityCount != $method.Exceptions.size()), #end #end #end { #if ($method.Async) return null; /* not called */
svn commit: r988543 - in /websites/production/cxf/content: cache/docs.pageCache docs/jax-rs-jose.html
Author: buildbot Date: Wed May 18 16:47:35 2016 New Revision: 988543 Log: Production update by buildbot for cxf Modified: websites/production/cxf/content/cache/docs.pageCache websites/production/cxf/content/docs/jax-rs-jose.html Modified: websites/production/cxf/content/cache/docs.pageCache == Binary files - no diff available. Modified: websites/production/cxf/content/docs/jax-rs-jose.html == --- websites/production/cxf/content/docs/jax-rs-jose.html (original) +++ websites/production/cxf/content/docs/jax-rs-jose.html Wed May 18 16:47:35 2016 @@ -119,14 +119,14 @@ Apache CXF -- JAX-RS JOSE /**/ -IntroductionMaven DependenciesJOSE Overview and Implementation +/*]]>*/ +IntroductionMaven DependenciesJava and JCE Policy JOSE Overview and Implementation JWA AlgorithmsJWK KeysJWS Signature -Signature and Verification ProvidersJWS CompactJWS JSONJWS with Clear Payload +Signature and Verification ProvidersJWS CompactJWS JSONJWS with Detached ContentJWS with Clear Payload JWE Encryption Key and Content Encryption ProvidersJWE CompactJWE JSON JSON Web Token @@ -149,7 +149,14 @@ div.rbtoc1463582822610 li {margin-left:3.1.7 - JOSE Overview and ImplementationJOSE consists of the following key parts:https://tools.ietf.org/html/rfc7518"; rel="nofollow">JWA - JSON Web Algorithms where all supported signature and encryption algorithms are listedhttps://tools.ietf.org/html/rfc7517"; rel="nofollow">JWK - JSON Web Keys - introduces a JSON format for describing the public and private keys used by JWA algorithmshttps://tools.ietf.org/html/rfc7515"; rel="nofollow">JWS - JSON Web Signature - describes how the data can be signed or validated and introduces compact and JSON JWS formats for representing the signed datahttps://tools.ietf.org/html/rfc7516"; rel="nofollow">JWE - JSON Web Encryption - describes how the data can be encrypted or decrypted and introduces compact and JSON JWE formats for representing the encrypted data Additionally, https://tools.ietf.org/html/rfc7519"; rel="nofollow">JWT (JSON Web Token), while technically being not part of JOSE, is often used as an input material to JWS and JWE processors, especially in OAuth2 flows (example: OAuth2 access tokens can be represented internally as JWT, OpenIdConnect IdToken and UserInfo are effectively JWTs). https://tools.ietf.org/html/rfc7519"; rel="nofollow">JWT describes how a set of claims in JSON format can be either JWS-signed and/or JWE-enctypted. JWA AlgorithmsAll JOSE signature and encryption algorithms are grouped and described in the https://tools.ietf.org/html/rfc7518"; rel="nofollow">JWA (JSON Web Algori thms) specification.The algorithms are split into 3 categories: signature algorithms (HMAC, RSA, Elliptic Curve), algorithms for supporting the encryption of content encryption keys (RSA-OAEP, AES Key Wrap, etc), and algorithms for encrypting the actual content (AES GCM, etc).The specification lists all the algorithms that can be used either for signing or encrypting and also describes how some of these algorithms work in caseswhere JCA (or BouncyCastle) does not support them directly, example, AES-CBC-HMAC-SHA2.Algorithm name is a type + hint, example: HS256 (HMAC with SHA-256), RSA-OAEP-256 (RSA OAEP key encryption with SHA-256), etc.All JWS and JWE algorithms process not only the actual data but also the meta-data (the algorithm properties) thus ensuring the algorithm properties are integrity-protected, additionally JWE algorithms produce authentication tags which ensure the already encrypted content won't be manipulated.Pleas e refer to https://tools.ietf.org/html/rfc7518"; rel="nofollow">the specification to get all the information needed (with the follow up links to the corresponding RFC when applicable) about a particular signature or encryption algorithm: the properties, recommended key sizes, other security considerations related to all of or some specific algorithms. CXF JOSE code already enforces a number of the recommended constraints.CXF offers the utility support for working with JWA algorithms in https://github.com/apache/cxf/tree/master/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa"; rel="nofollow">this package.Typically one would supply an algorithm property in a type-safe way either to JWS or JWE processor, for example, SignatureAlgorithm.HS256 for JWS, KeyAlgorit
cxf git commit: Recording .gitmergeinfo Changes
Repository: cxf Updated Branches: refs/heads/3.0.x-fixes 8e43d5324 -> ad9cf579e Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/ad9cf579 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/ad9cf579 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/ad9cf579 Branch: refs/heads/3.0.x-fixes Commit: ad9cf579e0cc3f3d8cb31b747ce78b31fd7842d7 Parents: 8e43d53 Author: Colm O hEigeartaigh Authored: Wed May 18 17:06:37 2016 +0100 Committer: Colm O hEigeartaigh Committed: Wed May 18 17:06:37 2016 +0100 -- .gitmergeinfo | 1 + 1 file changed, 1 insertion(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/ad9cf579/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index 471475b..f4781a4 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -282,6 +282,7 @@ B 42361582ab5e785d5ae616af9e58a40c9828 B 4d0c6df1e561f5e6d118430349a09360c9dd754f B 4d49814ba85310599ee76e41742208383f3f6450 B 4da4d2300433e7e115f095becb1149b22ceb31ca +B 4def8e9dbf56b0bab43afcb6b805ee945c31b03c B 4e4e3994af68ead60c226f89891412d8aca0ac85 B 4e5ef7d769e67d5bd6e6d8c85b2bf01f09d7aca0 B 4e60f32c9c370b99d9574fa54d546badf647db53
cxf git commit: Another test
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 8fc16041a -> 4def8e9db Another test Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4def8e9d Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4def8e9d Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4def8e9d Branch: refs/heads/3.1.x-fixes Commit: 4def8e9dbf56b0bab43afcb6b805ee945c31b03c Parents: 8fc1604 Author: Colm O hEigeartaigh Authored: Wed May 18 17:04:49 2016 +0100 Committer: Colm O hEigeartaigh Committed: Wed May 18 17:05:14 2016 +0100 -- .../jaxrs/security/oidc/OIDCFlowTest.java | 1 - .../jaxrs/security/oidc/OIDCNegativeTest.java | 54 2 files changed, 54 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/4def8e9d/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java -- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java index 16a37ec..d4ebb9c 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java @@ -480,7 +480,6 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase { // JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(idToken); // JwtToken jwt = jwtConsumer.getJwtToken(); // TODO Assert.assertNotNull(jwt.getClaims().getClaim(IdToken.AUTH_CODE_HASH_CLAIM)); -// TODO Assert.assertNull(jwt.getClaims().getClaim(IdToken.ACCESS_TOKEN_HASH_CLAIM)); } @org.junit.Test http://git-wip-us.apache.org/repos/asf/cxf/blob/4def8e9d/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java -- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java index ce3dd30..3f5d247 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java @@ -181,6 +181,60 @@ public class OIDCNegativeTest extends AbstractBusClientServerTestBase { } @org.junit.Test +public void testImplicitFlowNoATHash() throws Exception { +URL busFile = OIDCFlowTest.class.getResource("client.xml"); + +String address = "https://localhost:"; + PORT + "/services/"; +WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(), +"alice", "security", busFile.toString()); +// Save the Cookie for the second request... +WebClient.getConfig(client).getRequestContext().put( +org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE); + +// Get Access Token +client.type("application/json").accept("application/json"); +client.query("client_id", "consumer-id"); +client.query("redirect_uri", "http://www.blah.apache.org";); +client.query("scope", "openid"); +client.query("response_type", "id_token"); +client.query("nonce", "1234565635"); +client.query("max_age", "300"); +client.path("authorize-implicit/"); +Response response = client.get(); + +OAuthAuthorizationData authzData = response.readEntity(OAuthAuthorizationData.class); + +// Now call "decision" to get the access token +client.path("decision"); +client.type("application/x-www-form-urlencoded"); + +Form form = new Form(); +form.param("session_authenticity_token", authzData.getAuthenticityToken()); +form.param("client_id", authzData.getClientId()); +form.param("redirect_uri", authzData.getRedirectUri()); +form.param("scope", authzData.getProposedScope()); +if (authzData.getResponseType() != null) { +form.param("response_type", authzData.getResponseType()); +} +if (authzData.getNonce() != null) { +form.param("nonce", authzData.getNonce()); +} +form.param("oauthDecision", "allow"); + +response = client.post(form); + +String location = response.getHeaderString("Location"); + +// Check IdToken +String idToken =
cxf git commit: Another test
Repository: cxf Updated Branches: refs/heads/master be273b0e3 -> 62130bce8 Another test Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/62130bce Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/62130bce Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/62130bce Branch: refs/heads/master Commit: 62130bce80cd5615bfd5e901a35beba50c10be69 Parents: be273b0 Author: Colm O hEigeartaigh Authored: Wed May 18 17:04:49 2016 +0100 Committer: Colm O hEigeartaigh Committed: Wed May 18 17:04:49 2016 +0100 -- .../jaxrs/security/oidc/OIDCFlowTest.java | 1 - .../jaxrs/security/oidc/OIDCNegativeTest.java | 54 2 files changed, 54 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/62130bce/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java -- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java index 16a37ec..d4ebb9c 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java @@ -480,7 +480,6 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase { // JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(idToken); // JwtToken jwt = jwtConsumer.getJwtToken(); // TODO Assert.assertNotNull(jwt.getClaims().getClaim(IdToken.AUTH_CODE_HASH_CLAIM)); -// TODO Assert.assertNull(jwt.getClaims().getClaim(IdToken.ACCESS_TOKEN_HASH_CLAIM)); } @org.junit.Test http://git-wip-us.apache.org/repos/asf/cxf/blob/62130bce/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java -- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java index ce3dd30..3f5d247 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java @@ -181,6 +181,60 @@ public class OIDCNegativeTest extends AbstractBusClientServerTestBase { } @org.junit.Test +public void testImplicitFlowNoATHash() throws Exception { +URL busFile = OIDCFlowTest.class.getResource("client.xml"); + +String address = "https://localhost:"; + PORT + "/services/"; +WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(), +"alice", "security", busFile.toString()); +// Save the Cookie for the second request... +WebClient.getConfig(client).getRequestContext().put( +org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE); + +// Get Access Token +client.type("application/json").accept("application/json"); +client.query("client_id", "consumer-id"); +client.query("redirect_uri", "http://www.blah.apache.org";); +client.query("scope", "openid"); +client.query("response_type", "id_token"); +client.query("nonce", "1234565635"); +client.query("max_age", "300"); +client.path("authorize-implicit/"); +Response response = client.get(); + +OAuthAuthorizationData authzData = response.readEntity(OAuthAuthorizationData.class); + +// Now call "decision" to get the access token +client.path("decision"); +client.type("application/x-www-form-urlencoded"); + +Form form = new Form(); +form.param("session_authenticity_token", authzData.getAuthenticityToken()); +form.param("client_id", authzData.getClientId()); +form.param("redirect_uri", authzData.getRedirectUri()); +form.param("scope", authzData.getProposedScope()); +if (authzData.getResponseType() != null) { +form.param("response_type", authzData.getResponseType()); +} +if (authzData.getNonce() != null) { +form.param("nonce", authzData.getNonce()); +} +form.param("oauthDecision", "allow"); + +response = client.post(form); + +String location = response.getHeaderString("Location"); + +// Check IdToken +String idToken = OAuth2Test
cxf git commit: Recording .gitmergeinfo Changes
Repository: cxf Updated Branches: refs/heads/3.0.x-fixes 13eec16d2 -> 8e43d5324 Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/8e43d532 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/8e43d532 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/8e43d532 Branch: refs/heads/3.0.x-fixes Commit: 8e43d53240cc9f7a7e86a7e9a3e23ccd3e3bba1c Parents: 13eec16 Author: Colm O hEigeartaigh Authored: Wed May 18 16:51:29 2016 +0100 Committer: Colm O hEigeartaigh Committed: Wed May 18 16:51:29 2016 +0100 -- .gitmergeinfo | 2 ++ 1 file changed, 2 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/8e43d532/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index 41a26f7..471475b 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -42,6 +42,7 @@ B 0c0555f4ac850ec8e38302d73207170affe4376a B 0c542f82652995db0d7ce6681dafab086c178b13 B 0cad194ee50841f1c740097430780044fa1e9eaf B 0cdd2c03fed0ca51386312e1772ac49edccf1ae3 +B 0ceb6a1d93195310c3a9325bf80e4c88d6920755 B 0d0bc938103b0ea9311c3b73f6c385aa3e12260c B 0d2a6ccabc752708484e2b2c44deb5b48e71b76e B 0d72569d3fdd360e60d1fcea59c354b754f2a386 @@ -508,6 +509,7 @@ B 8eeef8c9f10795c856ce81d98557d81bf853b6df B 8f138f5a57736de2c78044bc6c01eed5e3725c68 B 8f226d9ed11a582b2e3eaf9147fa14bb932844e8 B 8f967643447ceec89e58b079d8d8fc00cf232a02 +B 8fc16041a43d53965bc0ed794cc8ac13580f429f B 8fd8c552f4c2a980a5138de19a2b74104776a4ba B 90312bc48f6e564bcafdaaebc3cd596c966ee674 B 90cbb21a4068a3b9859a3c67f34896eaa38caa09
[3/3] cxf git commit: Adding a few more OIDC tests
Adding a few more OIDC tests Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/8fc16041 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/8fc16041 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/8fc16041 Branch: refs/heads/3.1.x-fixes Commit: 8fc16041a43d53965bc0ed794cc8ac13580f429f Parents: 80a05be Author: Colm O hEigeartaigh Authored: Wed May 18 16:47:46 2016 +0100 Committer: Colm O hEigeartaigh Committed: Wed May 18 16:49:59 2016 +0100 -- .../jaxrs/security/oidc/OIDCFlowTest.java | 10 ++ .../jaxrs/security/oidc/OIDCNegativeTest.java | 124 +++ 2 files changed, 134 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/8fc16041/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java -- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java index 2bccdc6..16a37ec 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java @@ -476,6 +476,11 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase { idToken = accessToken.getParameters().get("id_token"); assertNotNull(idToken); validateIdToken(idToken, null); + +// JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(idToken); +// JwtToken jwt = jwtConsumer.getJwtToken(); +// TODO Assert.assertNotNull(jwt.getClaims().getClaim(IdToken.AUTH_CODE_HASH_CLAIM)); +// TODO Assert.assertNull(jwt.getClaims().getClaim(IdToken.ACCESS_TOKEN_HASH_CLAIM)); } @org.junit.Test @@ -543,6 +548,11 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase { // Check Access Token String accessToken = OAuth2TestUtils.getSubstring(location, "access_token"); assertNotNull(accessToken); + +JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(idToken); +JwtToken jwt = jwtConsumer.getJwtToken(); + Assert.assertNotNull(jwt.getClaims().getClaim(IdToken.ACCESS_TOKEN_HASH_CLAIM)); +// TODO Assert.assertNotNull(jwt.getClaims().getClaim(IdToken.AUTH_CODE_HASH_CLAIM)); } @org.junit.Test http://git-wip-us.apache.org/repos/asf/cxf/blob/8fc16041/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java -- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java index 5538344..ce3dd30 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java @@ -28,15 +28,19 @@ import javax.ws.rs.core.Response; import org.apache.cxf.jaxrs.client.WebClient; import org.apache.cxf.rs.security.jose.jws.JwsHeaders; +import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer; import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer; import org.apache.cxf.rs.security.jose.jwt.JwtClaims; import org.apache.cxf.rs.security.jose.jwt.JwtToken; import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken; +import org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData; +import org.apache.cxf.rs.security.oidc.common.IdToken; import org.apache.cxf.rs.security.oidc.common.UserInfo; import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils; import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils.AuthorizationCodeParameters; import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; import org.apache.cxf.testutil.common.TestUtil; +import org.junit.Assert; import org.junit.BeforeClass; /** @@ -56,6 +60,126 @@ public class OIDCNegativeTest extends AbstractBusClientServerTestBase { ); } +// TODO +@org.junit.Test +@org.junit.Ignore +public void testImplicitFlowPromptNone() throws Exception { +URL busFile = OIDCFlowTest.class.getResource("client.xml"); + +String address = "https://localhost:"; + PORT + "/services/"; +WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(), +"alice", "security", busFile.toString())
[2/3] cxf git commit: Updating test
Updating test Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/80a05be5 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/80a05be5 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/80a05be5 Branch: refs/heads/3.1.x-fixes Commit: 80a05be5e1340d25d5bb3b869caca188ab426f83 Parents: a58edd7 Author: Colm O hEigeartaigh Authored: Wed May 18 14:56:08 2016 +0100 Committer: Colm O hEigeartaigh Committed: Wed May 18 16:49:58 2016 +0100 -- .../apache/cxf/ws/security/wss4j/AbstractSecurityTest.java| 7 ++- .../org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java | 3 ++- 2 files changed, 8 insertions(+), 2 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/80a05be5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java -- diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java index 38bc2be..10bb9df 100644 --- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java +++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java @@ -32,6 +32,7 @@ import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; import javax.xml.soap.MessageFactory; +import javax.xml.soap.SOAPConstants; import javax.xml.soap.SOAPMessage; import javax.xml.soap.SOAPPart; import javax.xml.stream.XMLStreamReader; @@ -81,7 +82,11 @@ public abstract class AbstractSecurityTest extends AbstractCXFTest { * @param doc the document containing the SOAP content. */ protected SoapMessage getSoapMessageForDom(Document doc) throws Exception { -SOAPMessage saajMsg = MessageFactory.newInstance().createMessage(); +return getSoapMessageForDom(doc, SOAPConstants.SOAP_1_1_PROTOCOL); +} + +protected SoapMessage getSoapMessageForDom(Document doc, String protocol) throws Exception { +SOAPMessage saajMsg = MessageFactory.newInstance(protocol).createMessage(); SOAPPart part = saajMsg.getSOAPPart(); SAAJStreamWriter writer = new SAAJStreamWriter(part); StaxUtils.copy(doc, writer); http://git-wip-us.apache.org/repos/asf/cxf/blob/80a05be5/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java -- diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java index bd1b526..1393ef8 100644 --- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java +++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java @@ -23,6 +23,7 @@ import java.io.ByteArrayInputStream; import javax.xml.namespace.QName; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.soap.SOAPConstants; import javax.xml.soap.SOAPMessage; import javax.xml.stream.XMLStreamReader; @@ -225,7 +226,7 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest { public void testSignedEncryptedSOAP12Fault() throws Exception { Document doc = readDocument("wsse-response-fault.xml"); -SoapMessage msg = getSoapMessageForDom(doc); +SoapMessage msg = getSoapMessageForDom(doc, SOAPConstants.SOAP_1_2_PROTOCOL); SOAPMessage saajMsg = msg.getContent(SOAPMessage.class); doc = saajMsg.getSOAPPart();
[1/3] cxf git commit: Checkstyle fix
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 01bf5f841 -> 8fc16041a Checkstyle fix Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a58edd7d Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a58edd7d Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a58edd7d Branch: refs/heads/3.1.x-fixes Commit: a58edd7df323217534197cf35aca734948d8da1b Parents: 01bf5f8 Author: Colm O hEigeartaigh Authored: Wed May 18 11:16:13 2016 +0100 Committer: Colm O hEigeartaigh Committed: Wed May 18 16:49:57 2016 +0100 -- .../apache/cxf/ws/security/wss4j/CryptoCoverageCheckerTest.java | 3 --- 1 file changed, 3 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/a58edd7d/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageCheckerTest.java -- diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageCheckerTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageCheckerTest.java index 879ec0d..71e7bb3 100644 --- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageCheckerTest.java +++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageCheckerTest.java @@ -27,8 +27,6 @@ import java.util.Map; import java.util.SortedSet; import java.util.TreeSet; -import javax.xml.soap.SOAPMessage; - import org.w3c.dom.Document; import org.apache.cxf.binding.soap.SoapMessage; import org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor; @@ -39,7 +37,6 @@ import org.apache.cxf.message.Message; import org.apache.cxf.phase.Phase; import org.apache.cxf.phase.PhaseInterceptor; import org.apache.cxf.phase.PhaseInterceptorChain; -import org.apache.cxf.staxutils.StaxUtils; import org.apache.cxf.ws.security.wss4j.CryptoCoverageChecker.XPathExpression; import org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil.CoverageScope; import org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil.CoverageType;
cxf git commit: Adding a few more OIDC tests
Repository: cxf Updated Branches: refs/heads/master 0879404be -> be273b0e3 Adding a few more OIDC tests Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/be273b0e Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/be273b0e Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/be273b0e Branch: refs/heads/master Commit: be273b0e36831e919ed3f3823165fba74aca8f93 Parents: 0879404 Author: Colm O hEigeartaigh Authored: Wed May 18 16:47:46 2016 +0100 Committer: Colm O hEigeartaigh Committed: Wed May 18 16:47:46 2016 +0100 -- .../jaxrs/security/oidc/OIDCFlowTest.java | 10 ++ .../jaxrs/security/oidc/OIDCNegativeTest.java | 124 +++ 2 files changed, 134 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/be273b0e/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java -- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java index 2bccdc6..16a37ec 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCFlowTest.java @@ -476,6 +476,11 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase { idToken = accessToken.getParameters().get("id_token"); assertNotNull(idToken); validateIdToken(idToken, null); + +// JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(idToken); +// JwtToken jwt = jwtConsumer.getJwtToken(); +// TODO Assert.assertNotNull(jwt.getClaims().getClaim(IdToken.AUTH_CODE_HASH_CLAIM)); +// TODO Assert.assertNull(jwt.getClaims().getClaim(IdToken.ACCESS_TOKEN_HASH_CLAIM)); } @org.junit.Test @@ -543,6 +548,11 @@ public class OIDCFlowTest extends AbstractBusClientServerTestBase { // Check Access Token String accessToken = OAuth2TestUtils.getSubstring(location, "access_token"); assertNotNull(accessToken); + +JwsJwtCompactConsumer jwtConsumer = new JwsJwtCompactConsumer(idToken); +JwtToken jwt = jwtConsumer.getJwtToken(); + Assert.assertNotNull(jwt.getClaims().getClaim(IdToken.ACCESS_TOKEN_HASH_CLAIM)); +// TODO Assert.assertNotNull(jwt.getClaims().getClaim(IdToken.AUTH_CODE_HASH_CLAIM)); } @org.junit.Test http://git-wip-us.apache.org/repos/asf/cxf/blob/be273b0e/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java -- diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java index 5538344..ce3dd30 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oidc/OIDCNegativeTest.java @@ -28,15 +28,19 @@ import javax.ws.rs.core.Response; import org.apache.cxf.jaxrs.client.WebClient; import org.apache.cxf.rs.security.jose.jws.JwsHeaders; +import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer; import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer; import org.apache.cxf.rs.security.jose.jwt.JwtClaims; import org.apache.cxf.rs.security.jose.jwt.JwtToken; import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken; +import org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData; +import org.apache.cxf.rs.security.oidc.common.IdToken; import org.apache.cxf.rs.security.oidc.common.UserInfo; import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils; import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils.AuthorizationCodeParameters; import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; import org.apache.cxf.testutil.common.TestUtil; +import org.junit.Assert; import org.junit.BeforeClass; /** @@ -56,6 +60,126 @@ public class OIDCNegativeTest extends AbstractBusClientServerTestBase { ); } +// TODO +@org.junit.Test +@org.junit.Ignore +public void testImplicitFlowPromptNone() throws Exception { +URL busFile = OIDCFlowTest.class.getResource("client.xml"); + +String address = "https://localhost:"; + PORT + "/services/"; +WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(), +
[2/4] cxf git commit: [CXF-6900] More SAAJ fixes
[CXF-6900] More SAAJ fixes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/1046894b Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/1046894b Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/1046894b Branch: refs/heads/3.1.x-fixes Commit: 1046894b83582303820c1b43b03bbdf2b4cbe571 Parents: a1e4b88 Author: Daniel Kulp Authored: Tue May 17 13:26:31 2016 -0400 Committer: Alessio Soldano Committed: Wed May 18 14:36:09 2016 +0200 -- .../apache/cxf/staxutils/OverlayW3CDOMStreamWriter.java | 2 +- .../apache/cxf/binding/soap/saaj/SAAJStreamWriter.java| 10 ++ .../cxf/ws/security/wss4j/AbstractPolicySecurityTest.java | 5 ++--- .../cxf/ws/security/wss4j/AbstractSecurityTest.java | 8 .../cxf/ws/security/wss4j/CryptoCoverageCheckerTest.java | 3 +++ 5 files changed, 20 insertions(+), 8 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/1046894b/core/src/main/java/org/apache/cxf/staxutils/OverlayW3CDOMStreamWriter.java -- diff --git a/core/src/main/java/org/apache/cxf/staxutils/OverlayW3CDOMStreamWriter.java b/core/src/main/java/org/apache/cxf/staxutils/OverlayW3CDOMStreamWriter.java index 74de7a3..d30bf4f 100644 --- a/core/src/main/java/org/apache/cxf/staxutils/OverlayW3CDOMStreamWriter.java +++ b/core/src/main/java/org/apache/cxf/staxutils/OverlayW3CDOMStreamWriter.java @@ -38,9 +38,9 @@ import org.apache.cxf.common.util.StringUtils; * location, it will just walk into it instead of creating a new element */ public class OverlayW3CDOMStreamWriter extends W3CDOMStreamWriter { +protected boolean isOverlaid = true; List isOverlaidStack = new LinkedList(); -boolean isOverlaid = true; Boolean textOverlay; public OverlayW3CDOMStreamWriter(Document document) { http://git-wip-us.apache.org/repos/asf/cxf/blob/1046894b/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/saaj/SAAJStreamWriter.java -- diff --git a/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/saaj/SAAJStreamWriter.java b/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/saaj/SAAJStreamWriter.java index d29276c..393a553 100644 --- a/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/saaj/SAAJStreamWriter.java +++ b/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/saaj/SAAJStreamWriter.java @@ -40,6 +40,10 @@ public final class SAAJStreamWriter extends OverlayW3CDOMStreamWriter { public SAAJStreamWriter(SOAPPart part) { super(part); this.part = part; +Node nd = part.getFirstChild(); +if (nd == null) { +isOverlaid = false; +} } public SAAJStreamWriter(SOAPPart part, Element current) { super(part, current); @@ -69,8 +73,14 @@ public final class SAAJStreamWriter extends OverlayW3CDOMStreamWriter { if ("Envelope".equals(local)) { setChild(adjustPrefix(part.getEnvelope(), prefix), false); adjustPrefix(part.getEnvelope().getHeader(), prefix); +adjustPrefix(part.getEnvelope().getBody(), prefix); + part.getEnvelope().removeChild(part.getEnvelope().getHeader()); + part.getEnvelope().removeChild(part.getEnvelope().getBody()); return; } else if ("Body".equals(local)) { +if (part.getEnvelope().getBody() == null) { +part.getEnvelope().addBody(); +} setChild(adjustPrefix(part.getEnvelope().getBody(), prefix), false); return; } else if ("Header".equals(local)) { http://git-wip-us.apache.org/repos/asf/cxf/blob/1046894b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractPolicySecurityTest.java -- diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractPolicySecurityTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractPolicySecurityTest.java index 5702b5e..b627081 100644 --- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractPolicySecurityTest.java +++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractPolicySecurityTest.java @@ -30,7 +30,6 @@ import java.util.concurrent.Executor; import javax.xml.namespace.NamespaceContext; import javax.xml.namespace.QName; import javax.xml.soap.Node; -import javax.xml.soap.SOAPException; import javax.xml.soap.SOAPMessage; import javax.xml.xpath.XPath; import javax.xml.xpath.XPathConstants; @@ -405,7 +404,7 @@ pub
[4/4] cxf git commit: Recording .gitmergeinfo Changes
Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/01bf5f84 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/01bf5f84 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/01bf5f84 Branch: refs/heads/3.1.x-fixes Commit: 01bf5f841d27d94485018912a575e4d9b50caab9 Parents: fa2c624 Author: Alessio Soldano Authored: Wed May 18 17:34:55 2016 +0200 Committer: Alessio Soldano Committed: Wed May 18 17:34:55 2016 +0200 -- .gitmergeinfo | 3 +++ 1 file changed, 3 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/01bf5f84/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index cd299ef..d93b361 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -54,8 +54,10 @@ B f98785bd8490c4717353f1a9688cae3e7a823ec2 B fb30f8bffc85fcc3208fcc0e1eda4b54a89b5d37 M 0222768baf6b60742c4a8332308edf2be0f4a2e4 M 0578e16146527b0782530c40ba2db17531756d96 +M 0e5fd5a54cb271ba494e7e30b45d4228b33364a9 M 1184e08f0d1c40c754e39fd5d6340d1057fbdd17 M 1afeea8bdc0ef96df1d52ea343957dc396723f8c +M 2538ae42fb0c774023deed5264291b2fe6658cb8 M 26edcd457ea507075a4c82e2787f11f11a432876 M 2e8219cf3d047abc3a7e2611bf284aadbc20b7d6 M 386805560479b35276d88605c5acf805e3004aa5 @@ -78,5 +80,6 @@ M a1710bdd783afcd667d9e72ccb031480d3806850 M abcc137cb9b27e0da0b4270a18ac2a32df1e9990 M b2b6f0137cd9f1bafff5d487e8383453692a2ff0 M b2e5fb6583d64deeb8a42d2eeb6935c5f33dc0c6 +M cf8ac102e728b8745da265ec969f7b5160829fdb M fa973bd7ab43099151f83beea351b80c7140eaab M fe89bf0fb8379428667f66312e6942e906142d6f
[3/4] cxf git commit: Fix unused imports
Fix unused imports Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/fa2c6249 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/fa2c6249 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/fa2c6249 Branch: refs/heads/3.1.x-fixes Commit: fa2c6249224db7107ca0b92a60851310fdb6dfdf Parents: 1046894 Author: Daniel Kulp Authored: Tue May 17 12:24:18 2016 -0400 Committer: Alessio Soldano Committed: Wed May 18 17:33:27 2016 +0200 -- .../test/java/org/apache/cxf/binding/soap/saaj/ParseBodyTest.java | 2 -- 1 file changed, 2 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/fa2c6249/rt/bindings/soap/src/test/java/org/apache/cxf/binding/soap/saaj/ParseBodyTest.java -- diff --git a/rt/bindings/soap/src/test/java/org/apache/cxf/binding/soap/saaj/ParseBodyTest.java b/rt/bindings/soap/src/test/java/org/apache/cxf/binding/soap/saaj/ParseBodyTest.java index 1f6eeb4..c6b2087 100644 --- a/rt/bindings/soap/src/test/java/org/apache/cxf/binding/soap/saaj/ParseBodyTest.java +++ b/rt/bindings/soap/src/test/java/org/apache/cxf/binding/soap/saaj/ParseBodyTest.java @@ -30,7 +30,6 @@ import javax.xml.soap.SOAPMessage; import javax.xml.soap.SOAPPart; import javax.xml.stream.XMLStreamReader; import javax.xml.stream.XMLStreamWriter; -import javax.xml.transform.Source; import javax.xml.transform.dom.DOMSource; import org.w3c.dom.Document; @@ -40,7 +39,6 @@ import org.apache.cxf.helpers.DOMUtils.NullResolver; import org.apache.cxf.message.Exchange; import org.apache.cxf.message.ExchangeImpl; import org.apache.cxf.message.MessageImpl; -import org.apache.cxf.staxutils.StaxSource; import org.apache.cxf.staxutils.StaxUtils; import org.junit.Assert; import org.junit.Test;
[1/4] cxf git commit: [CXF-6900] Get Colm's tests working....
Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 0ceb6a1d9 -> 01bf5f841 [CXF-6900] Get Colm's tests working Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a1e4b880 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a1e4b880 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a1e4b880 Branch: refs/heads/3.1.x-fixes Commit: a1e4b88063404e25e75db25d1022a484300a8ca1 Parents: 0ceb6a1 Author: Daniel Kulp Authored: Tue May 17 12:13:14 2016 -0400 Committer: Alessio Soldano Committed: Wed May 18 14:35:52 2016 +0200 -- .../cxf/binding/soap/saaj/SAAJStreamWriter.java | 4 .../apache/cxf/binding/soap/saaj/ParseBodyTest.java | 14 ++ 2 files changed, 14 insertions(+), 4 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/a1e4b880/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/saaj/SAAJStreamWriter.java -- diff --git a/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/saaj/SAAJStreamWriter.java b/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/saaj/SAAJStreamWriter.java index 14b5c2e..d29276c 100644 --- a/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/saaj/SAAJStreamWriter.java +++ b/rt/bindings/soap/src/main/java/org/apache/cxf/binding/soap/saaj/SAAJStreamWriter.java @@ -52,6 +52,9 @@ public final class SAAJStreamWriter extends OverlayW3CDOMStreamWriter { if (namespace != null && namespace.equals(part.getEnvelope().getElementName().getURI())) { adjustPrefix((SOAPElement)nd2, pfx); +if ("Envelope".equals(nd2.getLocalName())) { +adjustPrefix(part.getEnvelope().getHeader(), pfx); +} } } catch (SOAPException e) { //ignore, fallback @@ -146,6 +149,7 @@ public final class SAAJStreamWriter extends OverlayW3CDOMStreamWriter { el = ((SOAPElement)cur).addChildElement(local, "", ""); } else { el = ((SOAPElement)cur).addChildElement(local, pfx == null ? "" : pfx, ns); +adjustPrefix((SOAPElement)el, pfx); } cur.removeChild(el); return el; http://git-wip-us.apache.org/repos/asf/cxf/blob/a1e4b880/rt/bindings/soap/src/test/java/org/apache/cxf/binding/soap/saaj/ParseBodyTest.java -- diff --git a/rt/bindings/soap/src/test/java/org/apache/cxf/binding/soap/saaj/ParseBodyTest.java b/rt/bindings/soap/src/test/java/org/apache/cxf/binding/soap/saaj/ParseBodyTest.java index bcdb6f9..1f6eeb4 100644 --- a/rt/bindings/soap/src/test/java/org/apache/cxf/binding/soap/saaj/ParseBodyTest.java +++ b/rt/bindings/soap/src/test/java/org/apache/cxf/binding/soap/saaj/ParseBodyTest.java @@ -30,6 +30,7 @@ import javax.xml.soap.SOAPMessage; import javax.xml.soap.SOAPPart; import javax.xml.stream.XMLStreamReader; import javax.xml.stream.XMLStreamWriter; +import javax.xml.transform.Source; import javax.xml.transform.dom.DOMSource; import org.w3c.dom.Document; @@ -39,6 +40,7 @@ import org.apache.cxf.helpers.DOMUtils.NullResolver; import org.apache.cxf.message.Exchange; import org.apache.cxf.message.ExchangeImpl; import org.apache.cxf.message.MessageImpl; +import org.apache.cxf.staxutils.StaxSource; import org.apache.cxf.staxutils.StaxUtils; import org.junit.Assert; import org.junit.Test; @@ -87,26 +89,30 @@ public class ParseBodyTest extends Assert { // TODO - See CXF-6900 @Test -@org.junit.Ignore public void testReadSOAPFault() throws Exception { InputStream inStream = getClass().getResourceAsStream("soap12-fault.xml"); Document doc = StaxUtils.read(inStream); - + SoapMessage msg = new SoapMessage(new MessageImpl()); Exchange ex = new ExchangeImpl(); ex.setInMessage(msg); SOAPMessage saajMsg = MessageFactory.newInstance(SOAPConstants.SOAP_1_2_PROTOCOL).createMessage(); SOAPPart part = saajMsg.getSOAPPart(); -part.setContent(new DOMSource(doc)); +SAAJStreamWriter writer = new SAAJStreamWriter(part); +StaxUtils.copy(doc, writer); +//Source s = new StaxSource(StaxUtils.createXMLStreamReader(doc)); +//part.setContent(s); saajMsg.saveChanges(); - + msg.setContent(SOAPMessage.class, saajMsg); doc = part; // System.out.println("OUTPUT: " + StaxUtils.toString(doc)); byte[] docbytes = getMessageBytes(doc); + +// System.out.println("OUTPUT: " + new String(docbytes)); XMLStreamReader reader = StaxUtil
svn commit: r988536 - in /websites/production/cxf/content: cache/docs.pageCache docs/jax-rs-jose.html
Author: buildbot Date: Wed May 18 14:47:37 2016 New Revision: 988536 Log: Production update by buildbot for cxf Modified: websites/production/cxf/content/cache/docs.pageCache websites/production/cxf/content/docs/jax-rs-jose.html Modified: websites/production/cxf/content/cache/docs.pageCache == Binary files - no diff available. Modified: websites/production/cxf/content/docs/jax-rs-jose.html == --- websites/production/cxf/content/docs/jax-rs-jose.html (original) +++ websites/production/cxf/content/docs/jax-rs-jose.html Wed May 18 14:47:37 2016 @@ -119,11 +119,11 @@ Apache CXF -- JAX-RS JOSE /**/ +/*]]>*/ IntroductionMaven DependenciesJOSE Overview and Implementation JWA AlgorithmsJWK KeysJWS Signature Signature and Verification ProvidersJWS CompactJWS JSONJWS with Clear Payload @@ -201,7 +201,7 @@ JwtToken token = jws.getJwtToken(); JoseHeaders headers = token.getHeaders(); assertEquals(SignatureAlgorithm.HS256, headers.getAlgorithm()); validateClaims(token.getClaims()); -JWS JSONJWS with Clear PayloadJWE Encryptionhttps://tools.ietf.org/html/rfc7516"; rel="nofollow">JWE (JSON Web Encryption) document describes how a document content, and, when applicable, a content encryption key, can be encrypted. For example, https://tools.ietf.org/html/rfc7516#appendix-A.1"; rel="nofollow">Appendix A1 shows how the content can be encrypted with a secret key using AesGcm with the actual content encryption key being encrypted using RSA-OAEP.CXF ships JWE related classes in https://github.com/apache/cxf/tree/master/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe"; rel="nofollow">this package and offers a support for all of JWA https://tools.ietf.org/html/rfc7518#section-4"; rel="nofollow">key encryption and https://tools.ietf.org/html/rfc7518#section-5"; rel="nofollow">content encryption algorithms.Key and Content Encryption ProvidersJWE Encryption process typically involves a content-encryption key being generated with this key being subsequently encrypted/wrapped with a key known to the consumer. Thus CXF offers the providers for supporting the key-encryption algorithms and providers for supporting the content-encryption algorithms. Direct key encryption (where the content-encryption key is established out of band) is also supported.https://github.com/apache/cxf/blob/master/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/KeyEncryptionProvider.java"; rel="nofollow">KeyEncryptionProvider suppo rts encrypting a content-encryption key, https://github.com/apache/cxf/blob/master/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/KeyDecryptionProvider.java"; rel="nofollow">KeyDecryptionProvider - decrypting it.The following table shows the key encryption algorithms and the corresponding providers:RSAKeyEncryptionAlgorithm KeyEncryptionProviderKeyDecryptionProviderhttps://tools.ietf.org/html/rfc7518#section-4.2"; rel="nofollow">RSAES-PKCS1-v1_5RSAKeyEncryptionA lgorithmRSAKeyDecryptionAlgorithmhttps://tools.ietf.org/html/rfc7518#section-4.3"; rel="nofollow">RSAES OAEPRSAKeyEncryptionAlgorithmRSAKeyDecryptionAlgorithmhttps://tools.ietf.org/html/rfc7518#section-4.4"; rel="nofollow">AES Key WrapEcDsaJwsSignatureProviderEcDsaJwsSignatureVerifierhttps://tools.ietf.org/html/rfc7518#section-3.5"; rel="nofollow">RSASSA-PSSPrivateKeyJwsSignatureProviderPublicKeyJwsSignatureVerifierhttps://tools.ietf.org/html/rfc7518#section-3.6"; rel="nofollow">NoneNoneJwsSignatureProviderNoneJwsSignatureVerifierEither of these providers can be initialized with the keys loaded from JWK or JCA stores or from the in-memory representations.JWE Compacthttps://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f=rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweEncryptionProvider.java;h=615212b1622abb1c0a8b06a3b5498d8b6199d0cc;hb=HEAD";>JweEncryptionProvider supports encrypting t he content, https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f=rt/rs/security/jose/src/main/java/org/apache/cxf/rs/security/jose/jwe/JweDecryptionProvider.java;h=1f4861a2d78df5514ff74c40330c1a5f5933f47d;hb=HEAD";>JweDecryptionProvider - decrypting the content. Encryptors and Decryptors for all of JWE algorithms are shipped.Here is the example of doing AES CBC HMAC and AES Key Wrap in CXF:CXF Jwe AesWrapAesCbcHMac +JWS JSONJWS with Clear PayloadJWE Encryptionhttps://tools.ie
cxf git commit: Updating test
Repository: cxf Updated Branches: refs/heads/master 9c5bf8a06 -> 0879404be Updating test Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/0879404b Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/0879404b Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/0879404b Branch: refs/heads/master Commit: 0879404be5bf124c75f48aa67e4305ad76abd14b Parents: 9c5bf8a Author: Colm O hEigeartaigh Authored: Wed May 18 14:56:08 2016 +0100 Committer: Colm O hEigeartaigh Committed: Wed May 18 14:56:08 2016 +0100 -- .../apache/cxf/ws/security/wss4j/AbstractSecurityTest.java| 7 ++- .../org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java | 3 ++- 2 files changed, 8 insertions(+), 2 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/0879404b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java -- diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java index 38bc2be..10bb9df 100644 --- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java +++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/AbstractSecurityTest.java @@ -32,6 +32,7 @@ import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; import javax.xml.parsers.ParserConfigurationException; import javax.xml.soap.MessageFactory; +import javax.xml.soap.SOAPConstants; import javax.xml.soap.SOAPMessage; import javax.xml.soap.SOAPPart; import javax.xml.stream.XMLStreamReader; @@ -81,7 +82,11 @@ public abstract class AbstractSecurityTest extends AbstractCXFTest { * @param doc the document containing the SOAP content. */ protected SoapMessage getSoapMessageForDom(Document doc) throws Exception { -SOAPMessage saajMsg = MessageFactory.newInstance().createMessage(); +return getSoapMessageForDom(doc, SOAPConstants.SOAP_1_1_PROTOCOL); +} + +protected SoapMessage getSoapMessageForDom(Document doc, String protocol) throws Exception { +SOAPMessage saajMsg = MessageFactory.newInstance(protocol).createMessage(); SOAPPart part = saajMsg.getSOAPPart(); SAAJStreamWriter writer = new SAAJStreamWriter(part); StaxUtils.copy(doc, writer); http://git-wip-us.apache.org/repos/asf/cxf/blob/0879404b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java -- diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java index bd1b526..1393ef8 100644 --- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java +++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/WSS4JFaultCodeTest.java @@ -23,6 +23,7 @@ import java.io.ByteArrayInputStream; import javax.xml.namespace.QName; import javax.xml.parsers.DocumentBuilder; import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.soap.SOAPConstants; import javax.xml.soap.SOAPMessage; import javax.xml.stream.XMLStreamReader; @@ -225,7 +226,7 @@ public class WSS4JFaultCodeTest extends AbstractSecurityTest { public void testSignedEncryptedSOAP12Fault() throws Exception { Document doc = readDocument("wsse-response-fault.xml"); -SoapMessage msg = getSoapMessageForDom(doc); +SoapMessage msg = getSoapMessageForDom(doc, SOAPConstants.SOAP_1_2_PROTOCOL); SOAPMessage saajMsg = msg.getContent(SOAPMessage.class); doc = saajMsg.getSOAPPart();
svn commit: r988533 - in /websites/production/cxf/content: cache/docs.pageCache docs/jax-rs-jose.html
Author: buildbot Date: Wed May 18 13:47:35 2016 New Revision: 988533 Log: Production update by buildbot for cxf Modified: websites/production/cxf/content/cache/docs.pageCache websites/production/cxf/content/docs/jax-rs-jose.html Modified: websites/production/cxf/content/cache/docs.pageCache == Binary files - no diff available. Modified: websites/production/cxf/content/docs/jax-rs-jose.html == --- websites/production/cxf/content/docs/jax-rs-jose.html (original) +++ websites/production/cxf/content/docs/jax-rs-jose.html Wed May 18 13:47:35 2016 @@ -119,17 +119,19 @@ Apache CXF -- JAX-RS JOSE /**/ +/*]]>*/ IntroductionMaven DependenciesJOSE Overview and Implementation JWA AlgorithmsJWK KeysJWS Signature Signature and Verification ProvidersJWS CompactJWS JSONJWS with Clear Payload -JWE EncryptionJSON Web Token +JWE Encryption +Key and Content Encryption ProvidersJWE CompactJWE JSON +JSON Web Token JOSE JAX-RS Filters -JWEJWSLinking JWT authentications to JWS or JWE content +JWSJWELinking JWT authentications to JWS or JWE content Configuration Configuration that applies to both encryption and signatureConfiguration that applies to signature onlyConfiguration that applies to encryption onlyConfiguration that applies to JWT tokens only OAuth2 and JoseOIDC and JoseFuture WorkThird-Party Alternatives @@ -173,7 +175,7 @@ String thumbprint = JwkUtils.getThumbpri assertEquals("NzbLsXh8uDCcd-6MNwXF4W_7noWXFZAfHkxZsRGC9Xs", thumbprint); KeyType keyType = key.getKeyType(); assertEquals(KeyType.RSA, thumbprint); -JWS Signaturehttps://tools.ietf.org/html/rfc7515"; rel="nofollow">JWS (JSON Web Signature) document describes how a document content can be signed. For example, https://tools.ietf.org/html/rfc7515#appendix-A.1"; rel="nofollow">Appendix A1 shows how the content can be signed with an HMAC keyCXF ships JWS related classes in https://github.com/apache/cxf/tree/master/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws"; rel="nofollow">this package and offers a support for all of https://tools.ietf.org/html/rfc7518#section-3"; rel="nofollow">JWA signature algorithms.Signature and Verification ProvidersJwsSignatureProvider supports signing the content, https://github.com/apache/cxf/blob/master/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsSignatureVerifier.java"; rel="nofollow">JwsSignatureVerifier - validating the signatures. These providers can be initialized from the keys or certificates loaded from JWK or JCA stores.Note the signature and verification capabilities are represented by 2 different interfaces - it was done to keep the interfaces minimalistic and have the concerns separated which can be appreciated most in the cases where the code only signs or only validates.The following table shows the algorithms and the corresponding providers: JwsSignatureProviderJwsSignatureVerifierhttps://tools.ietf.org/html/rfc7518#section-3.2"; rel="nofollow">HMACHmacJwsSignatureProviderHmacJwsSignatureVerifierhttps://tools.ietf.org/html/rfc7518#section-3.3"; rel="nofollow">RSASSA-PKCS1PrivateKeyJwsSignarureProviderPublicKeyJwsSignatureVerifierhttps://tools.ietf.org/html/rfc7518#section-3.4"; rel="nofollow">ECDSAEcDsaJwsSignarureProviderEcDsaJwsSignatureVerifierhttps://tools.ietf.org/html/rfc7518#section-3.5"; rel="nofollow">RSASSA-PSSPrivateKeyJwsSignarureProviderPublicKeyJwsSignatureVerifierhttps://tools.ietf.org/html/rfc7518#section-3.6"; rel="nofollow">NoneNoneJwsSignarureProviderNoneJwsSignatureVerifierEither of these providers (except for None) can be initialized with the keys loaded from JWK or JCA stores or from the in-memory representations.JWS Compacthttps://tools.ietf.org/html/rfc7515#section-3.3"; rel="nofollow">JWS Compact representation is the most often used JOSE sequence. It is the concatenation of Base64URL-encoded sequence if JWS headers (algorithm and other properties), Base64URL-encoded sequence of the actual data being protected and Base64URL-encoded sequence of the signature algorithm output bytes.https://github.com/apache/cxf/blob/master/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/JwsCompactProducer.java"; rel="nofollow">JwsCompactProducer and https://github.com/apache/cxf/blob/master/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jos e/jws/JwsCompactConsumer.java" rel="no
cxf-fediz git commit: Updating some dependencies
Repository: cxf-fediz Updated Branches: refs/heads/master 571d322ea -> 1c7e6f7d1 Updating some dependencies Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/1c7e6f7d Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/1c7e6f7d Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/1c7e6f7d Branch: refs/heads/master Commit: 1c7e6f7d178b8793d53dd7a8b28cf769fa3225a7 Parents: 571d322 Author: Colm O hEigeartaigh Authored: Wed May 18 14:30:33 2016 +0100 Committer: Colm O hEigeartaigh Committed: Wed May 18 14:30:33 2016 +0100 -- pom.xml | 8 services/idp/pom.xml | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/1c7e6f7d/pom.xml -- diff --git a/pom.xml b/pom.xml index acaf2fa..43cda64 100644 --- a/pom.xml +++ b/pom.xml @@ -43,24 +43,24 @@ 3.4 1.2 2.5 -1.5.0 +1.5.1 3.1.7-SNAPSHOT 3.2.0 3.4 4.5.1 2.9.0 4.3.5 -2.3.3 +2.3.4 2.21 3.16.1-GA 2.2 1.1.0.Final 3.3 8.1.19.v20160209 -9.3.7.v20160115 +9.3.8.v20160314 4.12 1.2.17 -3.1.4 +3.1.5 2.4.1 2.5 1.7.21 http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/1c7e6f7d/services/idp/pom.xml -- diff --git a/services/idp/pom.xml b/services/idp/pom.xml index 9105332..36febf4 100644 --- a/services/idp/pom.xml +++ b/services/idp/pom.xml @@ -203,7 +203,7 @@ cglib cglib-nodep -3.2.0 +3.2.2
svn commit: r988530 - in /websites/production/cxf/content: cache/docs.pageCache docs/jax-rs-jose.html
Author: buildbot Date: Wed May 18 12:47:42 2016 New Revision: 988530 Log: Production update by buildbot for cxf Modified: websites/production/cxf/content/cache/docs.pageCache websites/production/cxf/content/docs/jax-rs-jose.html Modified: websites/production/cxf/content/cache/docs.pageCache == Binary files - no diff available. Modified: websites/production/cxf/content/docs/jax-rs-jose.html == --- websites/production/cxf/content/docs/jax-rs-jose.html (original) +++ websites/production/cxf/content/docs/jax-rs-jose.html Wed May 18 12:47:42 2016 @@ -119,13 +119,15 @@ Apache CXF -- JAX-RS JOSE /**/ -IntroductionMaven DependenciesJOSE Overview -JWA AlgorithmsJWK KeysJWS SignatureJWE EncryptionJSON Web Token +/*]]>*/ +IntroductionMaven DependenciesJOSE Overview and Implementation +JWA AlgorithmsJWK KeysJWS Signature +Signature and Verification ProvidersJWS CompactJWS JSONJWS with Clear Payload +JWE EncryptionJSON Web Token JOSE JAX-RS Filters JWEJWSLinking JWT authentications to JWS or JWE content Configuration @@ -145,7 +147,7 @@ div.rbtoc1463568424611 li {margin-left:3.1.7 - JOSE OverviewJOSE consists of the following key parts:https://tools.ietf.org/html/rfc7518"; rel="nofollow">JWA - JSON Web Algorithms where all supported signature and encryption algorithms are listedhttps://tools.ietf.org/html/rfc7517"; rel="nofollow">JWK - JSON Web Keys - introduces a JSON format for describing the public and private keys used by JWA algorithmshttps://tools.ietf.org/html/rfc7515"; rel="nofollow">JWS - JSON Web Signature - describes how the data can be signed or validated and introduces compact and JSON JWS formats for representing the signed datahttps://tools.ietf.org/html/rfc7516"; rel="nofollow">JWE - JSON Web Encryption - describes how the data can be encrypted or decryp ted and introduces compact and JSON JWE formats for representing the encrypted data Additionally, https://tools.ietf.org/html/rfc7519"; rel="nofollow">JWT (JSON Web Token), while technically being not part of JOSE, is often used as an input material to JWS and JWE processors, especially in OAuth2 flows (example: OAuth2 access tokens can be represented internally as JWT, OpenIdConnect IdToken and UserInfo are effectively JWTs). https://tools.ietf.org/html/rfc7519"; rel="nofollow">JWT describes how a set of claims in JSON format can be either JWS-signed and/or JWE-enctypted. JWA AlgorithmsAll JOSE signature and encryption algorithms are grouped and described in the https://tools.ietf.org/html/rfc7518"; rel="nofollow">JWA (JSON Web Algorithms) specification.The algor ithms are split into 3 categories: signature algorithms (HMAC, RSA, Elliptic Curve), algorithms for supporting the encryption of content encryption keys (RSA-OAEP, AES Key Wrap, etc), and algorithms for encrypting the actual content (AES GCM, etc).The specification lists all the algorithms that can be used either for signing or encrypting and also describes how some of these algorithms work in caseswhere JCA (or BouncyCastle) does not support them directly, example, AES-CBC-HMAC-SHA2.Algorithm name is a type + hint, example: HS256 (HMAC with SHA-256), RSA-OAEP-256 (RSA OAEP key encryption with SHA-256), etc.All JWS and JWE algorithms process not only the actual data but also the meta-data (the algorithm properties) thus ensuring the algorithm properties are integrity-protected, additionally JWE algorithms produce authentication tags which ensure the already encrypted content won't be manipulated.Please refer to https://tools.ietf.org/html/rfc7518"; rel="nofollow">the specification to get all the information needed (with the follow up links to the corresponding RFC when applicable) about a particular signature or encryption algorithm: the properties, recommended key sizes, other security considerations related to all of or some specific algorithms. CXF JOSE code already enforces a number of the recommended constraints.CXF offers the utility support for working with JWA algorithms in https://github.com/apache/cxf/tree/master/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jwa"; rel="nofollow">this package.Typically one would supply an algorithm property in a type-safe way either to JWS or JWE processor, for example, SignatureAlgorithm.HS256 (HMAC signature) for JWS, KeyAlgorithm.A256KW (key encryption wrap) plus ContentAlgorithm.A
svn commit: r988524 - in /websites/production/cxf/content: cache/docs.pageCache docs/jax-rs-jose.html
Author: buildbot Date: Wed May 18 10:47:40 2016 New Revision: 988524 Log: Production update by buildbot for cxf Modified: websites/production/cxf/content/cache/docs.pageCache websites/production/cxf/content/docs/jax-rs-jose.html Modified: websites/production/cxf/content/cache/docs.pageCache == Binary files - no diff available. Modified: websites/production/cxf/content/docs/jax-rs-jose.html == --- websites/production/cxf/content/docs/jax-rs-jose.html (original) +++ websites/production/cxf/content/docs/jax-rs-jose.html Wed May 18 10:47:40 2016 @@ -119,19 +119,19 @@ Apache CXF -- JAX-RS JOSE /**/ +/*]]>*/ IntroductionMaven DependenciesJOSE Overview -JWA AlgorithmsJWK KeysJWS SignatureJWE EncryptionJSON Web Tokens -Linking JWT authentications to JWS or JWE contentJOSE JAX-RS Filters -JWEJWS +JWA AlgorithmsJWK KeysJWS SignatureJWE EncryptionJSON Web Token +JOSE JAX-RS Filters +JWEJWSLinking JWT authentications to JWS or JWE content Configuration Configuration that applies to both encryption and signatureConfiguration that applies to signature onlyConfiguration that applies to encryption onlyConfiguration that applies to JWT tokens only -Encrypting JWK storesOAuth2 and JoseOIDC and JoseFuture WorkThird-Party Alternatives -Introductionhttps://datatracker.ietf.org/wg/jose/documents/"; rel="nofollow">JOSE is a set of high quality specifications that specify how data payloads can be signed/validated and/or encrypted/decrypted with the cryptographic properties set in the JSON-formatted metadata (headers). The data to be secured can be in JSON or some other format (plain text, XML, binary data).https://datatracker.ietf.org/wg/jose/documents/"; rel="nofollow">JOSE is a key piece of the advanced OAuth2-based applications such as OpenIdConnect but can also be successfully used for securing the regular HTTP web service communications.CXF 3.1.x and 3.2.0 provides a complete implementation of https://datatracker.ietf.org/wg/jose/documents/"; rel="nofollow">JOSE.M aven Dependencies Having the following dependency will let the developers write JOSE code: creating and securing JSON Web Tokens (JWT), and securing the arbitrary data (not only JSON) +OAuth2 and JoseOIDC and JoseFuture WorkThird-Party Alternatives +Introductionhttps://datatracker.ietf.org/wg/jose/documents/"; rel="nofollow">JOSE is a set of high quality specifications that specify how data payloads can be signed/validated and/or encrypted/decrypted with the cryptographic properties set in the JSON-formatted metadata (headers). The data to be secured can be in JSON or other format (plain text, XML, binary data).https://datatracker.ietf.org/wg/jose/documents/"; rel="nofollow">JOSE is a key piece of the advanced OAuth2-based applications such as OpenIdConnect but can also be successfully used for securing the regular HTTP web service communications.CXF 3.1.x and 3.2.0 provides a complete implementation of https://datatracker.ietf.org/wg/jose/documents/"; rel="nofollow">JOSE.Maven Dependencies Having the following dependency will let the developers write JOSE code: creating and securing JSON Web Tokens (JWT), and securing the arbitrary data (not only JSON)- JOSE OverviewJOSE consists of the following key parts:https://tools.ietf.org/html/rfc7518"; rel="nofollow">JWA - JSON Web Algorithms where all supported signature and encryption algorithms are listedhttps://tools.ietf.org/html/rfc7517"; rel="nofollow">JWK - JSON Web Keys - introduces a JSON format for describing the public and private keys used by JWA algorithmshttps://tools.ietf.org/html/rfc7515"; rel="nofollow">JWS - JSON Web Signature - describes how the data can be signed or validated and introduces compact and JSON JWS formats for representing the signed datahttps://tools.ietf.org/html/rfc7516"; rel="nofollow">JWE - JSON Web Encryption - describes how the data can be encrypted or decryp ted and introduces compact and JSON JWE formats for representing the encrypted data Additionally, https://tools.ietf.org/html/rfc7519"; rel="nofollow">JWT (JSON Web Token), while technically being not part of JOSE, is often used as an input material to JWS and JWE processors, especially in OAuth2 flows (example: OAuth2 ac org.apache.cxf cxf-rt-rs-security-jose @@ -145,7 +145,7 @@ div.rbtoc1463503618227 li {margin-left:3.1.7
cxf git commit: Checkstyle fix
Repository: cxf Updated Branches: refs/heads/master dfc84b0fa -> 9c5bf8a06 Checkstyle fix Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/9c5bf8a0 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/9c5bf8a0 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/9c5bf8a0 Branch: refs/heads/master Commit: 9c5bf8a061bff7cc956d092a1a02261f37aceca2 Parents: dfc84b0 Author: Colm O hEigeartaigh Authored: Wed May 18 11:16:13 2016 +0100 Committer: Colm O hEigeartaigh Committed: Wed May 18 11:16:13 2016 +0100 -- .../apache/cxf/ws/security/wss4j/CryptoCoverageCheckerTest.java | 3 --- 1 file changed, 3 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/9c5bf8a0/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageCheckerTest.java -- diff --git a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageCheckerTest.java b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageCheckerTest.java index 879ec0d..71e7bb3 100644 --- a/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageCheckerTest.java +++ b/rt/ws/security/src/test/java/org/apache/cxf/ws/security/wss4j/CryptoCoverageCheckerTest.java @@ -27,8 +27,6 @@ import java.util.Map; import java.util.SortedSet; import java.util.TreeSet; -import javax.xml.soap.SOAPMessage; - import org.w3c.dom.Document; import org.apache.cxf.binding.soap.SoapMessage; import org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor; @@ -39,7 +37,6 @@ import org.apache.cxf.message.Message; import org.apache.cxf.phase.Phase; import org.apache.cxf.phase.PhaseInterceptor; import org.apache.cxf.phase.PhaseInterceptorChain; -import org.apache.cxf.staxutils.StaxUtils; import org.apache.cxf.ws.security.wss4j.CryptoCoverageChecker.XPathExpression; import org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil.CoverageScope; import org.apache.cxf.ws.security.wss4j.CryptoCoverageUtil.CoverageType;