buildbot success in on cxf-site-production
The Buildbot has detected a restored build on builder cxf-site-production while building . Full details are available at: https://ci.apache.org/builders/cxf-site-production/builds/34534 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: bb-cms-slave Build Reason: The Nightly scheduler named 'cxf-site-production' triggered this build Build Source Stamp: [branch cxf/web] HEAD Blamelist: Build succeeded! Sincerely, -The Buildbot
[cxf] branch CXF-7601_microProfileOpenApi deleted (was 64915c3)
This is an automated email from the ASF dual-hosted git repository. deki pushed a change to branch CXF-7601_microProfileOpenApi in repository https://gitbox.apache.org/repos/asf/cxf.git. was 64915c3 update parent to 3.4.0-SNAPSHOT The revisions that were on this branch are still contained in other references; therefore, this change does not discard any commits from the repository.
[cxf] branch master updated (563b1ec -> bf81196)
This is an automated email from the ASF dual-hosted git repository.
deki pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git.
from 563b1ec Adding OAuth PKCE Digest tests
add 7b333d0 [CXF-7601] Add support for Microprofile OpenAPI
implementation (as an alternative to Swagger Core 2.0)
add 1c55f92 update new module to 3.3.1-SNAPSHOT
add 3886940 update to latest geronimo-openapi-impl release
add 3b96065 [CXF-7601] Add support for Microprofile OpenAPI
implementation (as an alternative to Swagger Core 2.0)
add 5aa0660 Rebased against latest master, added a sample project for
OpenAPI v3.0 using microprofile implementation
add 09ddfde Upgrading Apache Johnzon dependencies to 1.1.11
add 0c7ab09 update to latest geronimo-openapi-impl release
add e1b8126 Accomodate recent microprofile OpenApi changes
add bb6a56e Merge branch 'master-apache' into CXF-7601_microProfileOpenApi
add 64915c3 update parent to 3.4.0-SNAPSHOT
new bf81196 Merge pull request #571 from
apache/CXF-7601_microProfileOpenApi
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../README.txt | 32 ++
.../pom.xml| 22 +-
.../java/demo/jaxrs/openapi/server/AppConfig.java | 35 ++
.../main/java/demo/jaxrs/openapi/server/Item.java | 0
.../java/demo/jaxrs/openapi/server/Sample.java | 81 ++--
.../java/demo/jaxrs/openapi/server/Server.java | 18 +-
.../resources/META-INF/cxf/org.apache.cxf.Logger | 0
.../src/main/resources/logback.xml | 0
distribution/src/main/release/samples/pom.xml | 1 +
osgi/itests-felix/pom.xml | 2 +-
parent/pom.xml | 25 +-
.../pom.xml| 49 ++-
.../microprofile/openapi/OpenApiEndpoint.java | 23 +-
.../jaxrs/microprofile/openapi/OpenApiFeature.java | 455 +
.../cxf/jaxrs/microprofile}/openapi/SwaggerUi.java | 13 +-
rt/rs/pom.xml | 1 +
rt/rs/security/jcs-parent/jcs/pom.xml | 2 +-
rt/rs/security/jcs-parent/pom.xml | 2 +-
.../wsdl_maven/codegen/src/it/cxf-4004/pom.xml | 2 +-
.../wsdl_maven/codegen/src/it/it-parent/pom.xml| 2 +-
20 files changed, 654 insertions(+), 111 deletions(-)
create mode 100644
distribution/src/main/release/samples/jax_rs/description_openapi_microprofile_spring/README.txt
copy
distribution/src/main/release/samples/jax_rs/{description_openapi_v3_spring =>
description_openapi_microprofile_spring}/pom.xml (84%)
create mode 100644
distribution/src/main/release/samples/jax_rs/description_openapi_microprofile_spring/src/main/java/demo/jaxrs/openapi/server/AppConfig.java
copy distribution/src/main/release/samples/jax_rs/{description_openapi_v3_web
=>
description_openapi_microprofile_spring}/src/main/java/demo/jaxrs/openapi/server/Item.java
(100%)
copy distribution/src/main/release/samples/jax_rs/{description_openapi_v3 =>
description_openapi_microprofile_spring}/src/main/java/demo/jaxrs/openapi/server/Sample.java
(68%)
copy
distribution/src/main/release/samples/jax_rs/{description_openapi_v3_spring =>
description_openapi_microprofile_spring}/src/main/java/demo/jaxrs/openapi/server/Server.java
(68%)
copy {systests/rs-sse/rs-sse-base =>
distribution/src/main/release/samples/jax_rs/description_openapi_microprofile_spring}/src/main/resources/META-INF/cxf/org.apache.cxf.Logger
(100%)
copy distribution/src/main/release/samples/jax_rs/{description_swagger2_spring
=> description_openapi_microprofile_spring}/src/main/resources/logback.xml
(100%)
copy rt/rs/{description-swagger => description-microprofile-openapi}/pom.xml
(73%)
copy
distribution/src/main/release/samples/jax_rs/minimal_osgi/src/main/java/minimalosgi/SampleResource.java
=>
rt/rs/description-microprofile-openapi/src/main/java/org/apache/cxf/jaxrs/microprofile/openapi/OpenApiEndpoint.java
(64%)
create mode 100644
rt/rs/description-microprofile-openapi/src/main/java/org/apache/cxf/jaxrs/microprofile/openapi/OpenApiFeature.java
copy rt/rs/{description-openapi-v3/src/main/java/org/apache/cxf/jaxrs =>
description-microprofile-openapi/src/main/java/org/apache/cxf/jaxrs/microprofile}/openapi/SwaggerUi.java
(78%)
[cxf] 01/01: Merge pull request #571 from apache/CXF-7601_microProfileOpenApi
This is an automated email from the ASF dual-hosted git repository. deki pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/cxf.git commit bf81196008d0ba72ac37e5704e3b65417eaac0e7 Merge: 563b1ec 64915c3 Author: Dennis Kieselhorst AuthorDate: Thu Aug 15 22:07:45 2019 +0200 Merge pull request #571 from apache/CXF-7601_microProfileOpenApi [CXF-7601] Add support for Microprofile OpenAPI implementation .../README.txt | 32 ++ .../pom.xml| 98 + .../java/demo/jaxrs/openapi/server/AppConfig.java | 35 ++ .../main/java/demo/jaxrs/openapi/server/Item.java | 49 +++ .../java/demo/jaxrs/openapi/server/Sample.java | 162 .../java/demo/jaxrs/openapi/server/Server.java | 37 ++ .../resources/META-INF/cxf/org.apache.cxf.Logger | 1 + .../src/main/resources/logback.xml | 16 + distribution/src/main/release/samples/pom.xml | 1 + osgi/itests-felix/pom.xml | 2 +- parent/pom.xml | 25 +- rt/rs/description-microprofile-openapi/pom.xml | 93 + .../microprofile/openapi/OpenApiEndpoint.java | 43 ++ .../jaxrs/microprofile/openapi/OpenApiFeature.java | 455 + .../cxf/jaxrs/microprofile/openapi/SwaggerUi.java | 47 +++ rt/rs/pom.xml | 1 + rt/rs/security/jcs-parent/jcs/pom.xml | 2 +- rt/rs/security/jcs-parent/pom.xml | 2 +- .../wsdl_maven/codegen/src/it/cxf-4004/pom.xml | 2 +- .../wsdl_maven/codegen/src/it/it-parent/pom.xml| 2 +- 20 files changed, 1099 insertions(+), 6 deletions(-)
buildbot failure in on cxf-site-production
The Buildbot has detected a new failure on builder cxf-site-production while building . Full details are available at: https://ci.apache.org/builders/cxf-site-production/builds/34533 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: bb-cms-slave Build Reason: The Nightly scheduler named 'cxf-site-production' triggered this build Build Source Stamp: [branch cxf/web] HEAD Blamelist: BUILD FAILED: failed compile Sincerely, -The Buildbot
[cxf] branch 3.2.x-fixes updated: Recording .gitmergeinfo Changes
This is an automated email from the ASF dual-hosted git repository. coheigea pushed a commit to branch 3.2.x-fixes in repository https://gitbox.apache.org/repos/asf/cxf.git The following commit(s) were added to refs/heads/3.2.x-fixes by this push: new 395bad7 Recording .gitmergeinfo Changes 395bad7 is described below commit 395bad76d9fe1e712f2675afe9e8464de4c2a569 Author: Colm O hEigeartaigh AuthorDate: Thu Aug 15 14:28:12 2019 +0100 Recording .gitmergeinfo Changes --- .gitmergeinfo | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitmergeinfo b/.gitmergeinfo index faf5b24..625cfc4 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -69,6 +69,7 @@ B 1fad5125f0c5cdab906846857528a32cc5de6fd5 B 2071cddbaa5d6e795e293207325e6396ab9e7916 B 208b581837430a97d9e13318603af679674b8092 B 21138b4ce300510f442475f1a59b2fac03f366dd +B 2122d9fddbbc6973952842df47ce5996fd697eb1 B 2157f30f50a0626e725c6398e534d10d845219e0 B 21b1df73ccd9da90b4eb9c28d457afdbb81d78cf B 2288ddf9f17f674f1406d0772f738ca37835361e @@ -81,6 +82,7 @@ B 246a43a7b7ccc813ec4137078fdd939f1d6f2b17 B 2484a8d80c63b0ae577be71b017e887f143e0071 B 2566c8ff08e0b237d18c97bc919d32628eaa39ea B 2569f6312af44fe43c53a059652579e2565c5a00 +B 258584a4ef8a744d088f978ed9c68e3efcf98f40 B 2593370daa37267575f7426d25a0e491d3d45155 B 25e5da1dfb7aef43459ab172e2ada4471eb9c72c B 25e88017b49bde5a53bce8dab3ecc93aab6dd040
[cxf] 01/02: Adding OAuth public client tests
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 3.3.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 2122d9fddbbc6973952842df47ce5996fd697eb1
Author: Colm O hEigeartaigh
AuthorDate: Thu Aug 15 13:34:58 2019 +0100
Adding OAuth public client tests
(cherry picked from commit 840282a01cb6fe4ceb1dc3382cf48f2fbfcaf1fc)
---
.../oauth2/common/JCacheOAuthDataProviderImpl.java | 17 +-
.../security/oauth2/common/OAuth2TestUtils.java| 34 +++
.../security/oauth2/grants/PublicClientTest.java | 228 +
.../oauth2/grants/grants-server-public.xml | 149 ++
.../jaxrs/security/oauth2/grants/publicclient.xml | 42
5 files changed, 466 insertions(+), 4 deletions(-)
diff --git
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/JCacheOAuthDataProviderImpl.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/JCacheOAuthDataProviderImpl.java
index 8161092..378529d 100644
---
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/JCacheOAuthDataProviderImpl.java
+++
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/JCacheOAuthDataProviderImpl.java
@@ -56,6 +56,11 @@ public class JCacheOAuthDataProviderImpl extends
JCacheCodeDataProvider {
public JCacheOAuthDataProviderImpl(String servicePort, String partnerPort,
boolean storeJwtTokenKeyOnly) throws
Exception {
+this(servicePort, partnerPort, storeJwtTokenKeyOnly, false);
+}
+
+public JCacheOAuthDataProviderImpl(String servicePort, String partnerPort,
+ boolean storeJwtTokenKeyOnly, boolean
createPublicClients) throws Exception {
// Create random cache files, as this provider could be called by
several test implementations
super(DEFAULT_CONFIG_URL, BusFactory.getThreadDefaultBus(true),
CLIENT_CACHE_KEY + "_" + Math.abs(new Random().nextInt()),
@@ -64,7 +69,8 @@ public class JCacheOAuthDataProviderImpl extends
JCacheCodeDataProvider {
REFRESH_TOKEN_CACHE_KEY + "_" + Math.abs(new Random().nextInt()),
storeJwtTokenKeyOnly);
// filters/grants test client
-Client client = new Client("consumer-id", "this-is-a-secret", true);
+Client client = createPublicClients ? new Client("consumer-id", null,
false)
+: new Client("consumer-id", "this-is-a-secret", true);
List redirectUris = new ArrayList<>();
redirectUris.add("http://www.blah.apache.org;);
if (partnerPort != null) {
@@ -92,7 +98,8 @@ public class JCacheOAuthDataProviderImpl extends
JCacheCodeDataProvider {
this.setClient(client);
// OIDC filters test client
-client = new Client("consumer-id-oidc", "this-is-a-secret", true);
+client = createPublicClients ? new Client("consumer-id-oidc", null,
false)
+: new Client("consumer-id-oidc", "this-is-a-secret", true);
client.setRedirectUris(Collections.singletonList("https://localhost:;
+ servicePort
+
"/secured/bookstore/books"));
@@ -104,7 +111,8 @@ public class JCacheOAuthDataProviderImpl extends
JCacheCodeDataProvider {
this.setClient(client);
// Audience test client
-client = new Client("consumer-id-aud", "this-is-a-secret", true);
+client = createPublicClients ? new Client("consumer-id-aud", null,
false)
+: new Client("consumer-id-aud", "this-is-a-secret", true);
client.setRedirectUris(Collections.singletonList("http://www.blah.apache.org;));
client.getAllowedGrantTypes().add("authorization_code");
@@ -118,7 +126,8 @@ public class JCacheOAuthDataProviderImpl extends
JCacheCodeDataProvider {
this.setClient(client);
// Audience test client 2
-client = new Client("consumer-id-aud2", "this-is-a-secret", true);
+client = createPublicClients ? new Client("consumer-id-aud2", null,
false)
+: new Client("consumer-id-aud2", "this-is-a-secret", true);
client.setRedirectUris(Collections.singletonList("http://www.blah.apache.org;));
client.getAllowedGrantTypes().add("authorization_code");
diff --git
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
index 336381b..328211e 100644
---
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
+++
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
@@ -100,6 +100,12 @@ public final
[cxf] 02/02: Adding OAuth PKCE Digest tests
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 3.3.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 258584a4ef8a744d088f978ed9c68e3efcf98f40
Author: Colm O hEigeartaigh
AuthorDate: Thu Aug 15 14:25:18 2019 +0100
Adding OAuth PKCE Digest tests
(cherry picked from commit 563b1ec1f5b2186003843d5e686cc764efa00bb3)
---
.../security/oauth2/common/OAuth2TestUtils.java| 2 +-
.../security/oauth2/grants/PublicClientTest.java | 123 +
.../oauth2/grants/grants-server-public.xml | 33 ++
3 files changed, 157 insertions(+), 1 deletion(-)
diff --git
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
index 328211e..a6ddb2c 100644
---
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
+++
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
@@ -156,7 +156,7 @@ public final class OAuth2TestUtils {
String
code,
String
consumerId,
String
audience) {
-return getAccessTokenWithAuthorizationCode(client, code,
"consumer-id", audience, null);
+return getAccessTokenWithAuthorizationCode(client, code, consumerId,
audience, null);
}
public static ClientAccessToken
getAccessTokenWithAuthorizationCode(WebClient client,
diff --git
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/PublicClientTest.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/PublicClientTest.java
index 150719b..606aee0 100644
---
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/PublicClientTest.java
+++
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/PublicClientTest.java
@@ -27,6 +27,8 @@ import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.common.util.Base64UrlUtility;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
+import org.apache.cxf.rs.security.oauth2.grants.code.CodeVerifierTransformer;
+import org.apache.cxf.rs.security.oauth2.grants.code.DigestCodeVerifier;
import org.apache.cxf.rt.security.crypto.CryptoUtils;
import org.apache.cxf.systest.jaxrs.security.SecurityTestUtil;
import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils;
@@ -196,12 +198,133 @@ public class PublicClientTest extends
AbstractBusClientServerTestBase {
try {
codeVerifier =
Base64UrlUtility.encode(CryptoUtils.generateSecureRandomBytes(32));
OAuth2TestUtils.getAccessTokenWithAuthorizationCode(client, code,
"consumer-id", null, codeVerifier);
+fail("Failure expected on a different verifier");
+} catch (Exception ex) {
+// expected
+}
+}
+
+@org.junit.Test
+public void testPKCEDigest() throws Exception {
+URL busFile = PublicClientTest.class.getResource("publicclient.xml");
+
+String address = "https://localhost:; + JCACHE_PORT + "/services/";
+WebClient client = WebClient.create(address,
OAuth2TestUtils.setupProviders(),
+"alice", "security",
busFile.toString());
+// Save the Cookie for the second request...
+WebClient.getConfig(client).getRequestContext().put(
+org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+// Get Authorization Code
+AuthorizationCodeParameters parameters = new
AuthorizationCodeParameters();
+parameters.setConsumerId("consumer-id");
+String codeVerifier =
Base64UrlUtility.encode(CryptoUtils.generateSecureRandomBytes(32));
+CodeVerifierTransformer transformer = new DigestCodeVerifier();
+String codeChallenge = transformer.transformCodeVerifier(codeVerifier);
+parameters.setCodeChallenge(codeChallenge);
+parameters.setCodeChallengeMethod(transformer.getChallengeMethod());
+parameters.setResponseType("code");
+parameters.setPath("authorize/");
+
+String location = OAuth2TestUtils.getLocation(client, parameters);
+String code = OAuth2TestUtils.getSubstring(location, "code");
+assertNotNull(code);
+
+// Now get the access token - note services3 doesn't require basic auth
+String address2 = "https://localhost:; + JCACHE_PORT + "/services3/";
+client = WebClient.create(address2,
[cxf] branch 3.3.x-fixes updated (34a323d -> 258584a)
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a change to branch 3.3.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git.
from 34a323d Recording .gitmergeinfo Changes
new 2122d9f Adding OAuth public client tests
new 258584a Adding OAuth PKCE Digest tests
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../oauth2/common/JCacheOAuthDataProviderImpl.java | 17 +-
.../security/oauth2/common/OAuth2TestUtils.java| 34 ++
.../security/oauth2/grants/PublicClientTest.java | 351 +
...ver-jcache-jwt.xml => grants-server-public.xml} | 81 +++--
.../jaxrs/security/oauth2/grants/publicclient.xml} | 6 +-
5 files changed, 459 insertions(+), 30 deletions(-)
create mode 100644
systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/PublicClientTest.java
copy
systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/{grants-negative-server-jcache-jwt.xml
=> grants-server-public.xml} (70%)
copy
systests/{ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/subjectconf/client-noauth.xml
=>
rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/publicclient.xml}
(93%)
[cxf] 01/02: Adding OAuth public client tests
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 840282a01cb6fe4ceb1dc3382cf48f2fbfcaf1fc
Author: Colm O hEigeartaigh
AuthorDate: Thu Aug 15 13:34:58 2019 +0100
Adding OAuth public client tests
---
.../oauth2/common/JCacheOAuthDataProviderImpl.java | 17 +-
.../security/oauth2/common/OAuth2TestUtils.java| 34 +++
.../security/oauth2/grants/PublicClientTest.java | 228 +
.../oauth2/grants/grants-server-public.xml | 149 ++
.../jaxrs/security/oauth2/grants/publicclient.xml | 42
5 files changed, 466 insertions(+), 4 deletions(-)
diff --git
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/JCacheOAuthDataProviderImpl.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/JCacheOAuthDataProviderImpl.java
index 8161092..378529d 100644
---
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/JCacheOAuthDataProviderImpl.java
+++
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/JCacheOAuthDataProviderImpl.java
@@ -56,6 +56,11 @@ public class JCacheOAuthDataProviderImpl extends
JCacheCodeDataProvider {
public JCacheOAuthDataProviderImpl(String servicePort, String partnerPort,
boolean storeJwtTokenKeyOnly) throws
Exception {
+this(servicePort, partnerPort, storeJwtTokenKeyOnly, false);
+}
+
+public JCacheOAuthDataProviderImpl(String servicePort, String partnerPort,
+ boolean storeJwtTokenKeyOnly, boolean
createPublicClients) throws Exception {
// Create random cache files, as this provider could be called by
several test implementations
super(DEFAULT_CONFIG_URL, BusFactory.getThreadDefaultBus(true),
CLIENT_CACHE_KEY + "_" + Math.abs(new Random().nextInt()),
@@ -64,7 +69,8 @@ public class JCacheOAuthDataProviderImpl extends
JCacheCodeDataProvider {
REFRESH_TOKEN_CACHE_KEY + "_" + Math.abs(new Random().nextInt()),
storeJwtTokenKeyOnly);
// filters/grants test client
-Client client = new Client("consumer-id", "this-is-a-secret", true);
+Client client = createPublicClients ? new Client("consumer-id", null,
false)
+: new Client("consumer-id", "this-is-a-secret", true);
List redirectUris = new ArrayList<>();
redirectUris.add("http://www.blah.apache.org;);
if (partnerPort != null) {
@@ -92,7 +98,8 @@ public class JCacheOAuthDataProviderImpl extends
JCacheCodeDataProvider {
this.setClient(client);
// OIDC filters test client
-client = new Client("consumer-id-oidc", "this-is-a-secret", true);
+client = createPublicClients ? new Client("consumer-id-oidc", null,
false)
+: new Client("consumer-id-oidc", "this-is-a-secret", true);
client.setRedirectUris(Collections.singletonList("https://localhost:;
+ servicePort
+
"/secured/bookstore/books"));
@@ -104,7 +111,8 @@ public class JCacheOAuthDataProviderImpl extends
JCacheCodeDataProvider {
this.setClient(client);
// Audience test client
-client = new Client("consumer-id-aud", "this-is-a-secret", true);
+client = createPublicClients ? new Client("consumer-id-aud", null,
false)
+: new Client("consumer-id-aud", "this-is-a-secret", true);
client.setRedirectUris(Collections.singletonList("http://www.blah.apache.org;));
client.getAllowedGrantTypes().add("authorization_code");
@@ -118,7 +126,8 @@ public class JCacheOAuthDataProviderImpl extends
JCacheCodeDataProvider {
this.setClient(client);
// Audience test client 2
-client = new Client("consumer-id-aud2", "this-is-a-secret", true);
+client = createPublicClients ? new Client("consumer-id-aud2", null,
false)
+: new Client("consumer-id-aud2", "this-is-a-secret", true);
client.setRedirectUris(Collections.singletonList("http://www.blah.apache.org;));
client.getAllowedGrantTypes().add("authorization_code");
diff --git
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
index 336381b..328211e 100644
---
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
+++
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
@@ -100,6 +100,12 @@ public final class OAuth2TestUtils {
if (parameters.getRequest() != null) {
[cxf] 02/02: Adding OAuth PKCE Digest tests
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 563b1ec1f5b2186003843d5e686cc764efa00bb3
Author: Colm O hEigeartaigh
AuthorDate: Thu Aug 15 14:25:18 2019 +0100
Adding OAuth PKCE Digest tests
---
.../security/oauth2/common/OAuth2TestUtils.java| 2 +-
.../security/oauth2/grants/PublicClientTest.java | 123 +
.../oauth2/grants/grants-server-public.xml | 33 ++
3 files changed, 157 insertions(+), 1 deletion(-)
diff --git
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
index 328211e..a6ddb2c 100644
---
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
+++
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
@@ -156,7 +156,7 @@ public final class OAuth2TestUtils {
String
code,
String
consumerId,
String
audience) {
-return getAccessTokenWithAuthorizationCode(client, code,
"consumer-id", audience, null);
+return getAccessTokenWithAuthorizationCode(client, code, consumerId,
audience, null);
}
public static ClientAccessToken
getAccessTokenWithAuthorizationCode(WebClient client,
diff --git
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/PublicClientTest.java
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/PublicClientTest.java
index 150719b..606aee0 100644
---
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/PublicClientTest.java
+++
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/PublicClientTest.java
@@ -27,6 +27,8 @@ import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.common.util.Base64UrlUtility;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
+import org.apache.cxf.rs.security.oauth2.grants.code.CodeVerifierTransformer;
+import org.apache.cxf.rs.security.oauth2.grants.code.DigestCodeVerifier;
import org.apache.cxf.rt.security.crypto.CryptoUtils;
import org.apache.cxf.systest.jaxrs.security.SecurityTestUtil;
import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils;
@@ -196,12 +198,133 @@ public class PublicClientTest extends
AbstractBusClientServerTestBase {
try {
codeVerifier =
Base64UrlUtility.encode(CryptoUtils.generateSecureRandomBytes(32));
OAuth2TestUtils.getAccessTokenWithAuthorizationCode(client, code,
"consumer-id", null, codeVerifier);
+fail("Failure expected on a different verifier");
+} catch (Exception ex) {
+// expected
+}
+}
+
+@org.junit.Test
+public void testPKCEDigest() throws Exception {
+URL busFile = PublicClientTest.class.getResource("publicclient.xml");
+
+String address = "https://localhost:; + JCACHE_PORT + "/services/";
+WebClient client = WebClient.create(address,
OAuth2TestUtils.setupProviders(),
+"alice", "security",
busFile.toString());
+// Save the Cookie for the second request...
+WebClient.getConfig(client).getRequestContext().put(
+org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+// Get Authorization Code
+AuthorizationCodeParameters parameters = new
AuthorizationCodeParameters();
+parameters.setConsumerId("consumer-id");
+String codeVerifier =
Base64UrlUtility.encode(CryptoUtils.generateSecureRandomBytes(32));
+CodeVerifierTransformer transformer = new DigestCodeVerifier();
+String codeChallenge = transformer.transformCodeVerifier(codeVerifier);
+parameters.setCodeChallenge(codeChallenge);
+parameters.setCodeChallengeMethod(transformer.getChallengeMethod());
+parameters.setResponseType("code");
+parameters.setPath("authorize/");
+
+String location = OAuth2TestUtils.getLocation(client, parameters);
+String code = OAuth2TestUtils.getSubstring(location, "code");
+assertNotNull(code);
+
+// Now get the access token - note services3 doesn't require basic auth
+String address2 = "https://localhost:; + JCACHE_PORT + "/services3/";
+client = WebClient.create(address2, OAuth2TestUtils.setupProviders(),
busFile.toString());
+// Save the Cookie for the second
[cxf] branch master updated (6164a86 -> 563b1ec)
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git.
from 6164a86 SLF4J upgrade
new 840282a Adding OAuth public client tests
new 563b1ec Adding OAuth PKCE Digest tests
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../oauth2/common/JCacheOAuthDataProviderImpl.java | 17 +-
.../security/oauth2/common/OAuth2TestUtils.java| 34 ++
.../security/oauth2/grants/PublicClientTest.java | 351 +
...ver-jcache-jwt.xml => grants-server-public.xml} | 81 +++--
.../jaxrs/security/oauth2/grants/publicclient.xml} | 6 +-
5 files changed, 459 insertions(+), 30 deletions(-)
create mode 100644
systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/PublicClientTest.java
copy
systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/{grants-negative-server-jcache-jwt.xml
=> grants-server-public.xml} (70%)
copy
systests/{ws-security/src/test/resources/org/apache/cxf/systest/ws/saml/subjectconf/client-noauth.xml
=>
rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/publicclient.xml}
(93%)
buildbot success in on cxf-site-production
The Buildbot has detected a restored build on builder cxf-site-production while building . Full details are available at: https://ci.apache.org/builders/cxf-site-production/builds/34526 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: bb-cms-slave Build Reason: The Nightly scheduler named 'cxf-site-production' triggered this build Build Source Stamp: [branch cxf/web] HEAD Blamelist: Build succeeded! Sincerely, -The Buildbot
buildbot failure in on cxf-site-production
The Buildbot has detected a new failure on builder cxf-site-production while building . Full details are available at: https://ci.apache.org/builders/cxf-site-production/builds/34525 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: bb-cms-slave Build Reason: The Nightly scheduler named 'cxf-site-production' triggered this build Build Source Stamp: [branch cxf/web] HEAD Blamelist: BUILD FAILED: failed compile Sincerely, -The Buildbot
