cxf-fediz git commit: Fixing merge
Repository: cxf-fediz Updated Branches: refs/heads/1.4.x-fixes 0b2f100d3 -> cb3b80db8 Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/cb3b80db Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/cb3b80db Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/cb3b80db Branch: refs/heads/1.4.x-fixes Commit: cb3b80db8fea41d760c4bdeac1ef322622349421 Parents: 0b2f100 Author: Colm O hEigeartaigh Authored: Fri Aug 11 15:45:58 2017 +0100 Committer: Colm O hEigeartaigh Committed: Fri Aug 11 15:45:58 2017 +0100 -- pom.xml | 7 +-- 1 file changed, 1 insertion(+), 6 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/cb3b80db/pom.xml -- diff --git a/pom.xml b/pom.xml index ff25187..b5a36fa 100644 --- a/pom.xml +++ b/pom.xml @@ -64,14 +64,9 @@ 2.4.2 2.5 1.7.22 -<<< HEAD -4.3.5.RELEASE -4.2.2.RELEASE -7.0.75 -=== 4.3.10.RELEASE 4.2.3.RELEASE ->>> 83711e91... Updating a few dependencies +7.0.75 8.5.12 2.1.10
[2/2] cxf-fediz git commit: Fixing merge
Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/90431dbb Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/90431dbb Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/90431dbb Branch: refs/heads/1.2.x-fixes Commit: 90431dbbf9e66f4443f7ddcefd24bc6c9746036f Parents: 22d8ad9 Author: Colm O hEigeartaigh Authored: Fri Apr 21 11:01:01 2017 +0100 Committer: Colm O hEigeartaigh Committed: Fri Apr 21 11:01:01 2017 +0100 -- release_notes.txt | 24 +--- 1 file changed, 1 insertion(+), 23 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/90431dbb/release_notes.txt -- diff --git a/release_notes.txt b/release_notes.txt index 8531aea..219bf5b 100644 --- a/release_notes.txt +++ b/release_notes.txt @@ -1,4 +1,4 @@ -Apache CXF Fediz 1.2.2 Release Notes +Apache CXF Fediz 1.2.4 Release Notes 1. Overview @@ -63,28 +63,6 @@ N.A. 8. Specific issues, features, and improvements fixed in this version -Release Notes - CXF-Fediz - Version 1.3.2 - -Bug - -[FEDIZ-185] - Make one of passiveRequestorEndpoint or passiveRequestorEndpointConstraint mandatory in the IDP -[FEDIZ-189] - Add support for absolute URLs in the logoutRedirectTo parameter -[FEDIZ-191] - The HomeRealmReminder cookie is not deleted after logout in the IdP -[FEDIZ-194] - NPE when restarting Fediz OIDC after using dynamic registration - -Improvement - -[FEDIZ-173] - Cors support for js OIDC Implicit Flow -[FEDIZ-183] - Support logging out in the plugins via the "wa" parameter -[FEDIZ-186] - Add new logoutRedirectToConstraint plugin configuration parameter -[FEDIZ-193] - Add a way to support additional top level domains when registering OIDC clients -[FEDIZ-200] - Make one of logoutEndpoint or logoutEndpointConstraint mandatory in the IDP - -Task - -[FEDIZ-174] - Update CXF version to 3.1.8-SNAPSHOT - - Release Notes - CXF-Fediz - Version 1.2.4 Bug
cxf-fediz git commit: Fixing merge
Repository: cxf-fediz Updated Branches: refs/heads/1.3.x-fixes 71480c3f7 -> c90528742 Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/c9052874 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/c9052874 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/c9052874 Branch: refs/heads/1.3.x-fixes Commit: c905287423b8f98c9ee93661884c24f3b6528c3f Parents: 71480c3 Author: Colm O hEigeartaigh Authored: Tue Apr 18 18:17:09 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Apr 18 18:17:09 2017 +0100 -- .../oidc/clients/ClientRegistrationService.java | 82 ++-- .../clients/InvalidRegistrationException.java | 28 +++ 2 files changed, 68 insertions(+), 42 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/c9052874/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/clients/ClientRegistrationService.java -- diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/clients/ClientRegistrationService.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/clients/ClientRegistrationService.java index 107dbf2..f2860eb 100644 --- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/clients/ClientRegistrationService.java +++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/clients/ClientRegistrationService.java @@ -85,14 +85,14 @@ public class ClientRegistrationService { private Map homeRealms = new LinkedHashMap(); private boolean protectIdTokenWithClientSecret; private Map clientScopes; - + private SecurityContext sc; @Context public void setSecurityContext(SecurityContext securityContext) { this.sc = securityContext; } - + @GET @Produces(MediaType.TEXT_HTML) @Path("/register") @@ -118,8 +118,8 @@ public class ClientRegistrationService { } return null; } - - + + @POST @Consumes(MediaType.APPLICATION_FORM_URLENCODED) @Produces(MediaType.TEXT_HTML) @@ -128,7 +128,7 @@ public class ClientRegistrationService { @FormParam("client_csrfToken") String csrfToken) { // CSRF if (!checkCSRFToken(csrfToken)) { -throw new InvalidRegistration("Invalid CSRF Token"); +throw new InvalidRegistrationException("Invalid CSRF Token"); } Collection clients = getClientRegistrations(); @@ -154,7 +154,7 @@ public class ClientRegistrationService { @FormParam("client_csrfToken") String csrfToken) { // CSRF if (!checkCSRFToken(csrfToken)) { -throw new InvalidRegistration("Invalid CSRF Token"); +throw new InvalidRegistrationException("Invalid CSRF Token"); } Client c = getRegisteredClient(id); @@ -164,7 +164,7 @@ public class ClientRegistrationService { clientProvider.setClient(c); return c; } - + @GET @Produces(MediaType.TEXT_HTML) @Path("/{id}/tokens") @@ -172,14 +172,14 @@ public class ClientRegistrationService { Client c = getRegisteredClient(id); return doGetClientIssuedTokens(c); } - + protected ClientTokens doGetClientIssuedTokens(Client c) { Comparator tokenComp = new TokenComparator(); UserSubject subject = new OidcUserSubject(getUserName()); -List accessTokens = +List accessTokens = new ArrayList(dataProvider.getAccessTokens(c, subject)); Collections.sort(accessTokens, tokenComp); -List refreshTokens = +List refreshTokens = new ArrayList(dataProvider.getRefreshTokens(c, subject)); Collections.sort(refreshTokens, tokenComp); return new ClientTokens(c, accessTokens, refreshTokens); @@ -193,12 +193,12 @@ public class ClientRegistrationService { @FormParam("client_csrfToken") String csrfToken) { // CSRF if (!checkCSRFToken(csrfToken)) { -throw new InvalidRegistration("Invalid CSRF Token"); +throw new InvalidRegistrationException("Invalid CSRF Token"); } return doRevokeClientToken(clientId, tokenId, OAuthConstants.ACCESS_TOKEN); } - + @POST @Consumes(MediaType.APPLICATION_FORM_URLENCODED) @Produces(MediaType.TEXT_HTML) @@ -208,12 +208,12 @@ public class ClientRegistrationService { @FormParam("client_csrfToken") String csrfToken) { // CSRF if (!checkCSRFToken(csrfToken)) { -throw new InvalidRegistra
[5/5] cxf-fediz git commit: Fixing merge
Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/bf5f471d Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/bf5f471d Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/bf5f471d Branch: refs/heads/1.2.x-fixes Commit: bf5f471d45f147bae346b45f0cf45ac20f53a1e5 Parents: 229c2b9 Author: Colm O hEigeartaigh Authored: Thu Apr 13 16:01:00 2017 +0100 Committer: Colm O hEigeartaigh Committed: Thu Apr 13 16:01:00 2017 +0100 -- .../idp/beans/EndpointAddressValidator.java | 5 +++ .../fediz/service/idp/domain/Application.java | 4 +- .../cxf/fediz/service/idp/domain/Idp.java | 2 +- .../idp/src/main/resources/entities-realma.xml | 1 - .../WEB-INF/federation-validate-request.xml | 14 +-- .../apache/cxf/fediz/systests/idp/IdpTest.java | 40 +++- 6 files changed, 24 insertions(+), 42 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/bf5f471d/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/EndpointAddressValidator.java -- diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/EndpointAddressValidator.java b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/EndpointAddressValidator.java index 83299cb..3e3d09c 100644 --- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/EndpointAddressValidator.java +++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/EndpointAddressValidator.java @@ -64,6 +64,11 @@ public class EndpointAddressValidator { return true; } +if (realm == null) { +LOG.warn("No service config found for " + realm); +return false; +} + Application serviceConfig = idpConfig.findApplication(realm); if (serviceConfig == null) { LOG.warn("No service config found for " + realm); http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/bf5f471d/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/domain/Application.java -- diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/domain/Application.java b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/domain/Application.java index fca01e1..b90b831 100644 --- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/domain/Application.java +++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/domain/Application.java @@ -33,8 +33,8 @@ import javax.xml.bind.annotation.XmlType; @XmlRootElement(name = "application", namespace = "http://org.apache.cxf.fediz/";) @XmlType(propOrder = {"realm", "role", "serviceDisplayName", "serviceDescription", "protocol", "tokenType", "lifeTime", "encryptionCertificate", "requestedClaims", - "policyNamespace", "passiveRequestorEndpoint", "passiveRequestorEndpointConstraint", "id" }) - "logoutEndpoint", "logoutEndpointConstraint"}) + "policyNamespace", "passiveRequestorEndpoint", "passiveRequestorEndpointConstraint", "id", + "logoutEndpoint", "logoutEndpointConstraint" }) public class Application implements Serializable { private static final long serialVersionUID = 5644327504861846964L; http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/bf5f471d/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/domain/Idp.java -- diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/domain/Idp.java b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/domain/Idp.java index bc4fe27..53e4ab9 100644 --- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/domain/Idp.java +++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/domain/Idp.java @@ -36,7 +36,7 @@ import javax.xml.bind.annotation.XmlType; "certificate", "certificatePassword", "provideIdpList", "useCurrentIdp", "hrds", "rpSingleSignOutConfirmation", "supportedProtocols", "tokenTypesOffered", "claimTypesOffered", "authenticationURIs", "applications", "trustedIdps", "id", "rpSingleSignOutCleanupConfirmation", - "disableLogoutAddressValidation"}) + "disableLogoutAddressValidation" }) public class Idp implements Serializable { private static final long serialVersionUID = -5570301342547139039L; http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/bf5f471d/services/idp/src/main/resources/entities-realma.xml
[3/3] cxf-fediz git commit: Fixing merge
Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/9908207f Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/9908207f Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/9908207f Branch: refs/heads/1.2.x-fixes Commit: 9908207f2fd11cce5247098980cdc986a9797b5f Parents: 5faa900 Author: Colm O hEigeartaigh Authored: Wed Dec 21 15:47:04 2016 + Committer: Colm O hEigeartaigh Committed: Wed Dec 21 15:47:04 2016 + -- .../apache/cxf/fediz/core/federation/FederationLogoutTest.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/9908207f/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java -- diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java index ee6775e..36a6d96 100644 --- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java +++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationLogoutTest.java @@ -266,7 +266,7 @@ public class FederationLogoutTest { HttpServletRequest req = EasyMock.createMock(HttpServletRequest.class); EasyMock.expect(req.getParameter(FederationConstants.PARAM_ACTION)) -.andReturn(FederationConstants.ACTION_SIGNOUT).anyTimes(); +.andReturn(FederationConstants.ACTION_SIGNOUT).anyTimes(); EasyMock.expect(req.getParameter(FederationConstants.PARAM_REPLY)).andReturn(REPLY_URL).anyTimes(); EasyMock.expect(req.getRequestURL()).andReturn(new StringBuffer("https://localhost/fedizhelloworld/secure";)); EasyMock.expect(req.getRequestURI()).andReturn("/secure"); @@ -355,4 +355,4 @@ public class FederationLogoutTest { EasyMock.replay(resp); logoutHandler.handleRequest(req, resp); } -} \ No newline at end of file +}
[14/14] cxf-fediz git commit: Fixing merge
Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/1d904eda Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/1d904eda Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/1d904eda Branch: refs/heads/1.3.x-fixes Commit: 1d904eda8a7ca4236cff7bb1bc6cc022581fa939 Parents: 1879daf Author: Colm O hEigeartaigh Authored: Tue Nov 8 14:48:44 2016 + Committer: Colm O hEigeartaigh Committed: Tue Nov 8 14:48:44 2016 + -- services/sts/src/main/webapp/WEB-INF/ldap.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/1d904eda/services/sts/src/main/webapp/WEB-INF/ldap.xml -- diff --git a/services/sts/src/main/webapp/WEB-INF/ldap.xml b/services/sts/src/main/webapp/WEB-INF/ldap.xml index 8b36f86..9ee9807 100644 --- a/services/sts/src/main/webapp/WEB-INF/ldap.xml +++ b/services/sts/src/main/webapp/WEB-INF/ldap.xml @@ -102,7 +102,7 @@ http://docs.oasis-open.org/ws-sx/ws-trust/200512/"; serviceName="ns1:SecurityTokenService" endpointName="ns1:TransportUT_Port">
[2/2] cxf-fediz git commit: Fixing merge
Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/d71f3286 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/d71f3286 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/d71f3286 Branch: refs/heads/1.2.x-fixes Commit: d71f3286cd12e2540ee520a4d3f0611e74a4bfaa Parents: 219cb39 Author: Colm O hEigeartaigh Authored: Fri Jun 10 13:54:11 2016 +0100 Committer: Colm O hEigeartaigh Committed: Fri Jun 10 13:54:11 2016 +0100 -- .../AudienceRestrictionTest.java| 10 +- .../AudienceRestrictionTest.java| 210 --- .../test/resources/fediz_config_aud_restr.xml | 61 -- 3 files changed, 4 insertions(+), 277 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/d71f3286/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/AudienceRestrictionTest.java -- diff --git a/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/AudienceRestrictionTest.java b/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/AudienceRestrictionTest.java index d9822cb..654a4f6 100644 --- a/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/AudienceRestrictionTest.java +++ b/systests/tomcat7/src/test/java/org/apache/cxf/fediz/integrationtests/AudienceRestrictionTest.java @@ -39,7 +39,7 @@ import org.apache.catalina.LifecycleState; import org.apache.catalina.connector.Connector; import org.apache.catalina.startup.Tomcat; import org.apache.commons.io.IOUtils; -import org.apache.cxf.fediz.tomcat7.FederationAuthenticator; +import org.apache.cxf.fediz.tomcat.FederationAuthenticator; import org.apache.http.auth.AuthScope; import org.apache.http.auth.UsernamePasswordCredentials; import org.junit.AfterClass; @@ -129,9 +129,9 @@ public class AudienceRestrictionTest { content = content.replaceAll("\\$\\{idp.https.port\\}", "" + idpHttpsPort); File f2 = new File(baseDir + "/test-classes/fediz_config_aud_restr.xml"); -try (FileOutputStream outputStream = new FileOutputStream(f2)) { -IOUtils.write(content, outputStream, "UTF-8"); -} +FileOutputStream outputStream = new FileOutputStream(f2); +IOUtils.write(content, outputStream, "UTF-8"); +outputStream.close(); } FederationAuthenticator fa = new FederationAuthenticator(); @@ -203,8 +203,6 @@ public class AudienceRestrictionTest { } catch (FailingHttpStatusCodeException ex) { Assert.assertEquals(ex.getStatusCode(), 401); } - -webClient.close(); } } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/d71f3286/systests/tomcat8/src/test/java/org/apache/cxf/fediz/integrationtests/AudienceRestrictionTest.java -- diff --git a/systests/tomcat8/src/test/java/org/apache/cxf/fediz/integrationtests/AudienceRestrictionTest.java b/systests/tomcat8/src/test/java/org/apache/cxf/fediz/integrationtests/AudienceRestrictionTest.java deleted file mode 100644 index 673b868..000 --- a/systests/tomcat8/src/test/java/org/apache/cxf/fediz/integrationtests/AudienceRestrictionTest.java +++ /dev/null @@ -1,210 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.cxf.fediz.integrationtests; - - -import java.io.File; -import java.io.FileInputStream; -import java.io.FileOutputStream; -import java.io.IOException; - -import javax.servlet.ServletException; - -import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException; -import com.gargoylesoftware.htmlunit.WebClient; -import com.gargoylesoftware.htmlunit.html.HtmlForm; -import com.gargoylesoftware.htmlunit.html.HtmlPage; -import com.gargoylesoftware.htmlunit.html.HtmlSubmitInput; - -import org.apache.catalina.Context; -import org.ap
[6/6] cxf-fediz git commit: Fixing merge
Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/b132fb84 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/b132fb84 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/b132fb84 Branch: refs/heads/1.2.x-fixes Commit: b132fb8463cbef6cfcdee84b4b143abe54699cd0 Parents: ad726f9 Author: Colm O hEigeartaigh Authored: Fri Jun 3 14:10:15 2016 +0100 Committer: Colm O hEigeartaigh Committed: Fri Jun 3 14:10:15 2016 +0100 -- .../cxf/fediz/core/federation/AudienceRestrictionTest.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/b132fb84/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/AudienceRestrictionTest.java -- diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/AudienceRestrictionTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/AudienceRestrictionTest.java index bf55170..e69772c 100644 --- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/AudienceRestrictionTest.java +++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/AudienceRestrictionTest.java @@ -50,7 +50,7 @@ import org.apache.wss4j.common.saml.bean.AudienceRestrictionBean; import org.apache.wss4j.common.saml.bean.ConditionsBean; import org.apache.wss4j.common.saml.builder.SAML2Constants; import org.apache.wss4j.common.util.DOM2Writer; -import org.apache.wss4j.common.util.XMLUtils; +import org.apache.wss4j.dom.util.WSSecurityUtil; import org.easymock.EasyMock; import org.junit.AfterClass; import org.junit.Assert; @@ -400,10 +400,10 @@ public class AudienceRestrictionTest { Document doc = STSUtil.toSOAPPart(rstr); Element token = assertion.toDOM(doc); -Element e = XMLUtils.findElement(doc, "RequestedSecurityToken", +Element e = WSSecurityUtil.findElement(doc, "RequestedSecurityToken", FederationConstants.WS_TRUST_13_NS); if (e == null) { -e = XMLUtils.findElement(doc, "RequestedSecurityToken", +e = WSSecurityUtil.findElement(doc, "RequestedSecurityToken", FederationConstants.WS_TRUST_2005_02_NS); } e.appendChild(token);
cxf-fediz git commit: Fixing merge
Repository: cxf-fediz Updated Branches: refs/heads/1.2.x-fixes 5f208683c -> 8c187b274 Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/8c187b27 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/8c187b27 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/8c187b27 Branch: refs/heads/1.2.x-fixes Commit: 8c187b27406f751ade9c045b159bdecf71d602da Parents: 5f20868 Author: Colm O hEigeartaigh Authored: Mon Jan 25 17:09:27 2016 + Committer: Colm O hEigeartaigh Committed: Mon Jan 25 17:09:27 2016 + -- .../java/org/apache/cxf/fediz/integrationtests/SAMLSSOTest.java | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/8c187b27/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/SAMLSSOTest.java -- diff --git a/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/SAMLSSOTest.java b/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/SAMLSSOTest.java index df6c3ae..64e6b52 100644 --- a/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/SAMLSSOTest.java +++ b/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/SAMLSSOTest.java @@ -39,8 +39,8 @@ import org.apache.catalina.LifecycleState; import org.apache.catalina.connector.Connector; import org.apache.catalina.startup.Tomcat; import org.apache.cxf.fediz.core.ClaimTypes; -import org.apache.cxf.fediz.tomcat.FederationAuthenticator; import org.apache.cxf.fediz.core.util.DOMUtils; +import org.apache.cxf.fediz.tomcat.FederationAuthenticator; import org.apache.http.auth.AuthScope; import org.apache.http.auth.UsernamePasswordCredentials; import org.apache.xml.security.keys.KeyInfo; @@ -301,8 +301,6 @@ public class SAMLSSOTest { Assert.assertNotNull(ki.getX509Certificate()); Assert.assertTrue(signature.checkSignatureValue(ki.getX509Certificate())); - -webClient.close(); } private static String login(String url, String user, String password,
[5/5] cxf-fediz git commit: Fixing merge
Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/c31963db Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/c31963db Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/c31963db Branch: refs/heads/1.2.x-fixes Commit: c31963dbcb90712352749872b8f1af828362b665 Parents: f482853 Author: Colm O hEigeartaigh Authored: Thu Jan 21 12:10:34 2016 + Committer: Colm O hEigeartaigh Committed: Thu Jan 21 12:10:34 2016 + -- .../src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java | 2 -- 1 file changed, 2 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/c31963db/systests/idp/src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java -- diff --git a/systests/idp/src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java b/systests/idp/src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java index dd0046d..78cbe56 100644 --- a/systests/idp/src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java +++ b/systests/idp/src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java @@ -514,7 +514,5 @@ public class IdpTest { } catch (FailingHttpStatusCodeException ex) { Assert.assertEquals(ex.getStatusCode(), 400); } - -webClient.close(); } }
[6/6] cxf-fediz git commit: Fixing merge
Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/85258b07 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/85258b07 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/85258b07 Branch: refs/heads/1.2.x-fixes Commit: 85258b076209ff8df3d9bf72f67ec2977c7ca423 Parents: 5b6540d Author: Colm O hEigeartaigh Authored: Mon Jan 18 14:18:01 2016 + Committer: Colm O hEigeartaigh Committed: Mon Jan 18 14:18:01 2016 + -- .../integrationtests/AbstractAttackTests.java | 229 --- .../fediz/integrationtests/AbstractTests.java | 124 +- 2 files changed, 113 insertions(+), 240 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/85258b07/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractAttackTests.java -- diff --git a/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractAttackTests.java b/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractAttackTests.java deleted file mode 100644 index 69e3f50..000 --- a/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractAttackTests.java +++ /dev/null @@ -1,229 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.cxf.fediz.integrationtests; - -import java.net.URLEncoder; - -import org.apache.http.auth.AuthScope; -import org.apache.http.auth.UsernamePasswordCredentials; -import org.apache.wss4j.dom.WSSConfig; -import org.junit.Assert; -import org.junit.Test; - -import com.gargoylesoftware.htmlunit.CookieManager; -import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException; -import com.gargoylesoftware.htmlunit.WebClient; -import com.gargoylesoftware.htmlunit.html.DomElement; -import com.gargoylesoftware.htmlunit.html.DomNodeList; -import com.gargoylesoftware.htmlunit.html.HtmlForm; -import com.gargoylesoftware.htmlunit.html.HtmlPage; -import com.gargoylesoftware.htmlunit.html.HtmlSubmitInput; - -/** - * Some negative/attack tests for the IdP/RP - */ -public abstract class AbstractAttackTests { - -static final String TEST_WREQ = -"http://docs.oasis-open.org/ws-sx/ws-trust/200512\";>" -+ "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV3.0" -+ ""; - -static { -WSSConfig.init(); -} - -public AbstractAttackTests() { -super(); -} - -public abstract String getServletContextName(); - -public abstract String getIdpHttpsPort(); - -public abstract String getRpHttpsPort(); - -@Test -public void testAliceModifiedSignature() throws Exception { -String url = "https://localhost:"; + getRpHttpsPort() + "/" + getServletContextName() -+ "/secure/fedservlet"; -String user = "alice"; -String password = "ecila"; - -// Get the initial token -CookieManager cookieManager = new CookieManager(); -final WebClient webClient = new WebClient(); -webClient.setCookieManager(cookieManager); -webClient.getOptions().setUseInsecureSSL(true); -webClient.getCredentialsProvider().setCredentials( -new AuthScope("localhost", Integer.parseInt(getIdpHttpsPort())), -new UsernamePasswordCredentials(user, password)); - -webClient.getOptions().setJavaScriptEnabled(false); -final HtmlPage idpPage = webClient.getPage(url); -webClient.getOptions().setJavaScriptEnabled(true); -Assert.assertEquals("IDP SignIn Response Form", idpPage.getTitleText()); - -// Parse the form to get the token (wresult) -DomNodeList results = idpPage.getElementsByTagName("input"); - -for (DomElement result : results) { -if ("wresult".equals(result.getAttributeNS(null, "name"))) { -// Now modify the Signature -String value = result.getAttributeNS(null, "value"); -
cxf-fediz git commit: Fixing merge
Repository: cxf-fediz Updated Branches: refs/heads/1.2.x-fixes e0d2b1c40 -> 46b05ed9a Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/46b05ed9 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/46b05ed9 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/46b05ed9 Branch: refs/heads/1.2.x-fixes Commit: 46b05ed9a478d58bfbf90cfa90cd9121e566e55d Parents: e0d2b1c Author: Colm O hEigeartaigh Authored: Thu Jan 14 17:02:16 2016 + Committer: Colm O hEigeartaigh Committed: Thu Jan 14 17:02:16 2016 + -- .../java/org/apache/cxf/fediz/integrationtests/KerberosTest.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/46b05ed9/systests/kerberos/src/test/java/org/apache/cxf/fediz/integrationtests/KerberosTest.java -- diff --git a/systests/kerberos/src/test/java/org/apache/cxf/fediz/integrationtests/KerberosTest.java b/systests/kerberos/src/test/java/org/apache/cxf/fediz/integrationtests/KerberosTest.java index a414bdb..3dda898 100644 --- a/systests/kerberos/src/test/java/org/apache/cxf/fediz/integrationtests/KerberosTest.java +++ b/systests/kerberos/src/test/java/org/apache/cxf/fediz/integrationtests/KerberosTest.java @@ -94,7 +94,8 @@ import org.junit.runner.RunWith; @CreateKdcServer( transports = { -@CreateTransport(protocol = "KRB", address = "127.0.0.1") +// @CreateTransport(protocol = "TCP", address = "127.0.0.1", port=1024) +@CreateTransport(protocol = "UDP", address = "127.0.0.1") }, primaryRealm = "service.ws.apache.org", kdcPrincipal = "krbtgt/service.ws.apache@service.ws.apache.org"
[2/2] cxf-fediz git commit: Fixing merge
Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/f4d00969 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/f4d00969 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/f4d00969 Branch: refs/heads/1.2.x-fixes Commit: f4d00969f3df4089e6ec5ae264219b2dc36c46e0 Parents: afe146a Author: Colm O hEigeartaigh Authored: Tue Dec 22 16:52:28 2015 + Committer: Colm O hEigeartaigh Committed: Tue Dec 22 16:52:28 2015 + -- .../java/org/apache/cxf/fediz/systests/idp/IdpTest.java | 10 -- 1 file changed, 10 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f4d00969/systests/idp/src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java -- diff --git a/systests/idp/src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java b/systests/idp/src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java index 3e3d2ea..f9948f5 100644 --- a/systests/idp/src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java +++ b/systests/idp/src/test/java/org/apache/cxf/fediz/systests/idp/IdpTest.java @@ -345,8 +345,6 @@ public class IdpTest { } catch (FailingHttpStatusCodeException ex) { Assert.assertEquals(ex.getStatusCode(), 400); } - -webClient.close(); } // Send an unknown wa value @@ -375,8 +373,6 @@ public class IdpTest { } catch (FailingHttpStatusCodeException ex) { Assert.assertEquals(ex.getStatusCode(), 400); } - -webClient.close(); } // Send an unknown whr value @@ -405,8 +401,6 @@ public class IdpTest { } catch (FailingHttpStatusCodeException ex) { Assert.assertEquals(ex.getStatusCode(), 500); } - -webClient.close(); } // Send an unknown wtrealm value @@ -435,8 +429,6 @@ public class IdpTest { } catch (FailingHttpStatusCodeException ex) { Assert.assertEquals(ex.getStatusCode(), 400); } - -webClient.close(); } // Send an malformed wreply value @@ -465,7 +457,5 @@ public class IdpTest { } catch (FailingHttpStatusCodeException ex) { Assert.assertEquals(ex.getStatusCode(), 400); } - -webClient.close(); } }
[4/4] cxf-fediz git commit: Fixing merge
Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/aafd1c27 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/aafd1c27 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/aafd1c27 Branch: refs/heads/1.2.x-fixes Commit: aafd1c27563ff8e609501d4490b693c93d4e174e Parents: fb2744a Author: Colm O hEigeartaigh Authored: Tue Dec 22 15:51:53 2015 + Committer: Colm O hEigeartaigh Committed: Tue Dec 22 15:51:53 2015 + -- .../cxf/fediz/service/idp/integrationtests/RestITTest.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/aafd1c27/services/idp/src/test/java/org/apache/cxf/fediz/service/idp/integrationtests/RestITTest.java -- diff --git a/services/idp/src/test/java/org/apache/cxf/fediz/service/idp/integrationtests/RestITTest.java b/services/idp/src/test/java/org/apache/cxf/fediz/service/idp/integrationtests/RestITTest.java index 8c02d11..ef64b2d 100644 --- a/services/idp/src/test/java/org/apache/cxf/fediz/service/idp/integrationtests/RestITTest.java +++ b/services/idp/src/test/java/org/apache/cxf/fediz/service/idp/integrationtests/RestITTest.java @@ -119,7 +119,7 @@ public class RestITTest { Assert.assertEquals("Number of TokenTypesOffered doesn't match", 2, idp.getTokenTypesOffered().size()); Assert.assertEquals("Number of applications doesn't match", -2, idp.getApplications().size()); +1, idp.getApplications().size()); Assert.assertEquals("Number of trusted IDPs doesn't match", 1, idp.getTrustedIdps().size()); Assert.assertEquals("Number of claims doesn't match", @@ -136,7 +136,7 @@ public class RestITTest { Assert.assertEquals("ServiceDisplayName doesn't match", "REALM B", idp.getServiceDisplayName()); Assert.assertEquals("IdpUrl doesn't match", -new URL("https://localhost:12443/fediz-idp-remote/federation";), idp.getIdpUrl()); +new URL("https://localhost:12443/fediz-idp/federation";), idp.getIdpUrl()); Assert.assertEquals("StsUrl doesn't match", new URL("https://localhost:12443/fediz-idp-sts/REALMB";), idp.getStsUrl()); Assert.assertEquals("Uri doesn't match",
[3/3] cxf-fediz git commit: Fixing merge
Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/7f576154 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/7f576154 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/7f576154 Branch: refs/heads/1.2.x-fixes Commit: 7f5761547a91c5c64c06bffca020f6538869c135 Parents: 9434b63 Author: Colm O hEigeartaigh Authored: Mon Dec 21 16:31:38 2015 + Committer: Colm O hEigeartaigh Committed: Mon Dec 21 16:31:38 2015 + -- .../apache/cxf/fediz/core/samlsso/SAMLSSOResponseValidator.java| 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/7f576154/plugins/core/src/main/java/org/apache/cxf/fediz/core/samlsso/SAMLSSOResponseValidator.java -- diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/samlsso/SAMLSSOResponseValidator.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/samlsso/SAMLSSOResponseValidator.java index 3ecce44..609103e 100644 --- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/samlsso/SAMLSSOResponseValidator.java +++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/samlsso/SAMLSSOResponseValidator.java @@ -94,7 +94,7 @@ public class SAMLSSOResponseValidator { } // Validate Assertions -org.opensaml.saml.saml2.core.Assertion validAssertion = null; +org.opensaml.saml2.core.Assertion validAssertion = null; Date sessionNotOnOrAfter = null; for (org.opensaml.saml2.core.Assertion assertion : samlResponse.getAssertions()) { // Check the Issuer
[2/2] cxf-fediz git commit: Fixing merge
Fixing merge Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/5a225d15 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/5a225d15 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/5a225d15 Branch: refs/heads/1.2.x-fixes Commit: 5a225d15df038dd1275cec6ccc24c142519ef365 Parents: c933293 Author: Colm O hEigeartaigh Authored: Fri Jul 31 14:37:22 2015 +0100 Committer: Colm O hEigeartaigh Committed: Fri Jul 31 14:37:22 2015 +0100 -- .../core/federation/FederationResponseTest.java | 26 ++-- 1 file changed, 13 insertions(+), 13 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/5a225d15/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationResponseTest.java -- diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationResponseTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationResponseTest.java index 125a2ec..c833d0e 100644 --- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationResponseTest.java +++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationResponseTest.java @@ -75,9 +75,9 @@ import org.apache.wss4j.common.saml.bean.ConditionsBean; import org.apache.wss4j.common.saml.builder.SAML1Constants; import org.apache.wss4j.common.saml.builder.SAML2Constants; import org.apache.wss4j.common.util.DOM2Writer; -import org.apache.wss4j.common.util.XMLUtils; import org.apache.wss4j.dom.WSConstants; import org.apache.wss4j.dom.message.WSSecEncrypt; +import org.apache.wss4j.dom.util.WSSecurityUtil; import org.joda.time.DateTime; import org.joda.time.DateTimeZone; import org.junit.AfterClass; @@ -928,12 +928,12 @@ public class FederationResponseTest { Element token2 = assertion1.toDOM(doc); // Now modify the first Signature to point to the other Element -Element sig1 = XMLUtils.findElement(token1, "Signature", WSConstants.SIG_NS); -Element sig2 = XMLUtils.findElement(token2, "Signature", WSConstants.SIG_NS); +Element sig1 = WSSecurityUtil.findElement(token1, "Signature", WSConstants.SIG_NS); +Element sig2 = WSSecurityUtil.findElement(token2, "Signature", WSConstants.SIG_NS); sig1.getParentNode().replaceChild(sig2.cloneNode(true), sig1); List requestedTokenElements = -XMLUtils.findElements(doc, "RequestedSecurityToken", FederationConstants.WS_TRUST_13_NS); +WSSecurityUtil.findElements(doc, "RequestedSecurityToken", FederationConstants.WS_TRUST_13_NS); Assert.assertEquals(2, requestedTokenElements.size()); requestedTokenElements.get(0).appendChild(token1); requestedTokenElements.get(1).appendChild(token2); @@ -981,7 +981,7 @@ public class FederationResponseTest { Element token2 = assertion2.toDOM(doc); List requestedTokenElements = -XMLUtils.findElements(doc, "RequestedSecurityToken", FederationConstants.WS_TRUST_13_NS); +WSSecurityUtil.findElements(doc, "RequestedSecurityToken", FederationConstants.WS_TRUST_13_NS); Assert.assertEquals(2, requestedTokenElements.size()); requestedTokenElements.get(0).appendChild(token1); requestedTokenElements.get(1).appendChild(token2); @@ -1376,10 +1376,10 @@ public class FederationResponseTest { Document doc = STSUtil.toSOAPPart(STSUtil.SAMPLE_RSTR_COLL_MSG); Element token = assertion.toDOM(doc); -Element e = XMLUtils.findElement(doc, "RequestedSecurityToken", +Element e = WSSecurityUtil.findElement(doc, "RequestedSecurityToken", FederationConstants.WS_TRUST_13_NS); if (e == null) { -e = XMLUtils.findElement(doc, "RequestedSecurityToken", +e = WSSecurityUtil.findElement(doc, "RequestedSecurityToken", FederationConstants.WS_TRUST_2005_02_NS); } e.appendChild(token); @@ -1513,10 +1513,10 @@ public class FederationResponseTest { issueDateTime = issueDateTime.plusSeconds(1); token.setAttributeNS(null, "IssueInstant", issueDateTime.toString()); -Element e = XMLUtils.findElement(doc, "RequestedSecurityToken", +Element e = WSSecurityUtil.findElement(doc, "RequestedSecurityToken", FederationConstants.WS_TRUST_13_NS); if (e == null) { -e = XMLUtils.findElement(doc, "RequestedSecurityToken", +e = WSSecurityUtil.findElement(doc, "RequestedSecurityToken",