Repository: cxf Updated Branches: refs/heads/master 73caf0ed3 -> a7208b674
[CXF-5311] Prototyping JWS MBR/MBW Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a7208b67 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a7208b67 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a7208b67 Branch: refs/heads/master Commit: a7208b67404980b653dd00ee7a6ed30a8b62ee83 Parents: 73caf0e Author: Sergey Beryozkin <[email protected]> Authored: Fri Jun 6 17:55:04 2014 +0100 Committer: Sergey Beryozkin <[email protected]> Committed: Fri Jun 6 17:55:04 2014 +0100 ---------------------------------------------------------------------- .../jwt/jaxrs/JwsContainerRequestFilter.java | 69 --------------- .../jwt/jaxrs/JwsMessageBodyProvider.java | 90 ++++++++++++++++++++ 2 files changed, 90 insertions(+), 69 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/a7208b67/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JwsContainerRequestFilter.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JwsContainerRequestFilter.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JwsContainerRequestFilter.java deleted file mode 100644 index 1f9999a..0000000 --- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JwsContainerRequestFilter.java +++ /dev/null @@ -1,69 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.cxf.rs.security.oauth2.jwt.jaxrs; - -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.lang.annotation.Annotation; -import java.lang.reflect.Type; - -import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.MultivaluedMap; -import javax.ws.rs.ext.MessageBodyReader; -import javax.ws.rs.ext.MessageBodyWriter; - -import org.apache.cxf.rs.security.oauth2.jwt.JwtToken; - -public class JwsContainerRequestFilter implements - MessageBodyWriter<JwtToken>, MessageBodyReader<JwtToken> { - - @Override - public boolean isReadable(Class<?> cls, Type type, Annotation[] anns, MediaType mt) { - return cls == JwtToken.class; - } - - @Override - public JwtToken readFrom(Class<JwtToken> cls, Type t, Annotation[] anns, MediaType mt, - MultivaluedMap<String, String> headers, InputStream is) throws IOException, - WebApplicationException { - // TODO Auto-generated method stub - return null; - } - - @Override - public long getSize(JwtToken token, Class<?> cls, Type type, Annotation[] anns, MediaType mt) { - return -1; - } - - @Override - public boolean isWriteable(Class<?> cls, Type type, Annotation[] anns, MediaType mt) { - return cls == JwtToken.class; - } - - @Override - public void writeTo(JwtToken token, Class<?> cls, Type type, Annotation[] anns, MediaType mt, - MultivaluedMap<String, Object> headers, OutputStream os) throws IOException, - WebApplicationException { - // TODO Auto-generated method stub - - } - -} http://git-wip-us.apache.org/repos/asf/cxf/blob/a7208b67/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JwsMessageBodyProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JwsMessageBodyProvider.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JwsMessageBodyProvider.java new file mode 100644 index 0000000..96c171d --- /dev/null +++ b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JwsMessageBodyProvider.java @@ -0,0 +1,90 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.cxf.rs.security.oauth2.jwt.jaxrs; + +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.lang.annotation.Annotation; +import java.lang.reflect.Type; + +import javax.ws.rs.WebApplicationException; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.MultivaluedMap; +import javax.ws.rs.ext.MessageBodyReader; +import javax.ws.rs.ext.MessageBodyWriter; + +import org.apache.cxf.helpers.IOUtils; +import org.apache.cxf.rs.security.oauth2.jws.JwsCompactConsumer; +import org.apache.cxf.rs.security.oauth2.jws.JwsCompactProducer; +import org.apache.cxf.rs.security.oauth2.jws.JwsSignatureProvider; +import org.apache.cxf.rs.security.oauth2.jws.JwsSignatureVerifier; +import org.apache.cxf.rs.security.oauth2.jwt.JwtToken; + +public class JwsMessageBodyProvider implements + MessageBodyWriter<JwtToken>, MessageBodyReader<JwtToken> { + + private JwsSignatureProvider sigProvider; + private JwsSignatureVerifier sigVerifier; + + @Override + public boolean isReadable(Class<?> cls, Type type, Annotation[] anns, MediaType mt) { + return cls == JwtToken.class; + } + + @Override + public JwtToken readFrom(Class<JwtToken> cls, Type t, Annotation[] anns, MediaType mt, + MultivaluedMap<String, String> headers, InputStream is) throws IOException, + WebApplicationException { + JwsCompactConsumer p = new JwsCompactConsumer(IOUtils.readStringFromStream(is)); + p.verifySignatureWith(sigVerifier); + return p.getJwtToken(); + } + + @Override + public long getSize(JwtToken token, Class<?> cls, Type type, Annotation[] anns, MediaType mt) { + return -1; + } + + @Override + public boolean isWriteable(Class<?> cls, Type type, Annotation[] anns, MediaType mt) { + return cls == JwtToken.class; + } + + @Override + public void writeTo(JwtToken token, Class<?> cls, Type type, Annotation[] anns, MediaType mt, + MultivaluedMap<String, Object> headers, OutputStream os) throws IOException, + WebApplicationException { + JwsCompactProducer p = new JwsCompactProducer(token); + p.signWith(sigProvider); + IOUtils.copy(new ByteArrayInputStream(p.getSignedEncodedToken().getBytes("UTF-8")), os); + } + + + public void setSigProvider(JwsSignatureProvider sigProvider) { + this.sigProvider = sigProvider; + } + + + public void setSigVerifier(JwsSignatureVerifier sigVerifier) { + this.sigVerifier = sigVerifier; + } + +}
