Repository: cxf Updated Branches: refs/heads/master c1eaf69cb -> 332551899
Removing a duplicate IdToken context provider, leeping the form stream available Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/33255189 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/33255189 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/33255189 Branch: refs/heads/master Commit: 332551899eac231fb1d6d5bd91474bdfe241972b Parents: c1eaf69 Author: Sergey Beryozkin <sberyoz...@gmail.com> Authored: Tue Dec 15 11:09:37 2015 +0000 Committer: Sergey Beryozkin <sberyoz...@gmail.com> Committed: Tue Dec 15 11:09:37 2015 +0000 ---------------------------------------------------------------------- .../oidc/rp/IdTokenContextProvider.java | 35 ------------------ .../oidc/rp/OidcIdTokenRequestFilter.java | 3 ++ .../oidc/rp/OidcRpAuthenticationFilter.java | 8 +++- .../security/oidc/rp/OidcUserInfoProvider.java | 39 ++++++++++++++++++++ .../oidc/rp/UserInfoContextProvider.java | 39 -------------------- 5 files changed, 49 insertions(+), 75 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/33255189/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenContextProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenContextProvider.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenContextProvider.java deleted file mode 100644 index 0955b8e..0000000 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/IdTokenContextProvider.java +++ /dev/null @@ -1,35 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.cxf.rs.security.oidc.rp; - -import org.apache.cxf.jaxrs.ext.ContextProvider; -import org.apache.cxf.message.Message; -import org.apache.cxf.rs.security.oauth2.client.ClientTokenContext; -import org.apache.cxf.rs.security.oidc.common.IdToken; - -public class IdTokenContextProvider implements ContextProvider<IdToken> { - - @Override - public IdToken createContext(Message m) { - OidcClientTokenContext ctx = (OidcClientTokenContext) - m.getContent(ClientTokenContext.class); - return ctx != null ? ctx.getIdToken() : null; - } - -} http://git-wip-us.apache.org/repos/asf/cxf/blob/33255189/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenRequestFilter.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenRequestFilter.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenRequestFilter.java index 7026c9c..1babee7 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenRequestFilter.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcIdTokenRequestFilter.java @@ -18,6 +18,7 @@ */ package org.apache.cxf.rs.security.oidc.rp; +import java.io.ByteArrayInputStream; import java.io.IOException; import java.nio.charset.StandardCharsets; @@ -27,6 +28,7 @@ import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MultivaluedMap; import javax.ws.rs.core.Response; +import org.apache.cxf.common.util.StringUtils; import org.apache.cxf.jaxrs.impl.MetadataMap; import org.apache.cxf.jaxrs.utils.FormUtils; import org.apache.cxf.jaxrs.utils.JAXRSUtils; @@ -58,6 +60,7 @@ public class OidcIdTokenRequestFilter implements ContainerRequestFilter { String body = FormUtils.readBody(rc.getEntityStream(), StandardCharsets.UTF_8.name()); FormUtils.populateMapFromString(requestState, JAXRSUtils.getCurrentMessage(), body, StandardCharsets.UTF_8.name(), false); + rc.setEntityStream(new ByteArrayInputStream(StringUtils.toBytesUTF8(body))); } return requestState; } http://git-wip-us.apache.org/repos/asf/cxf/blob/33255189/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcRpAuthenticationFilter.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcRpAuthenticationFilter.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcRpAuthenticationFilter.java index e2534ba..43950fe 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcRpAuthenticationFilter.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcRpAuthenticationFilter.java @@ -18,6 +18,7 @@ */ package org.apache.cxf.rs.security.oidc.rp; +import java.io.ByteArrayInputStream; import java.net.URI; import java.nio.charset.StandardCharsets; @@ -33,6 +34,7 @@ import javax.ws.rs.core.MultivaluedMap; import javax.ws.rs.core.Response; import javax.ws.rs.core.UriBuilder; +import org.apache.cxf.common.util.StringUtils; import org.apache.cxf.jaxrs.ext.MessageContext; import org.apache.cxf.jaxrs.impl.MetadataMap; import org.apache.cxf.jaxrs.utils.FormUtils; @@ -51,7 +53,7 @@ public class OidcRpAuthenticationFilter implements ContainerRequestFilter { public void filter(ContainerRequestContext rc) { if (checkSecurityContext(rc)) { return; - } else { + } else if (redirectUri != null) { URI redirectAddress = null; if (redirectUri.startsWith("/")) { String basePath = (String)mc.get("http.base.path"); @@ -66,6 +68,8 @@ public class OidcRpAuthenticationFilter implements ContainerRequestFilter { .header(HttpHeaders.CACHE_CONTROL, "no-cache, no-store") .header("Pragma", "no-cache") .build()); + } else { + rc.abortWith(Response.status(401).build()); } } protected boolean checkSecurityContext(ContainerRequestContext rc) { @@ -89,6 +93,8 @@ public class OidcRpAuthenticationFilter implements ContainerRequestFilter { String body = FormUtils.readBody(rc.getEntityStream(), StandardCharsets.UTF_8.name()); FormUtils.populateMapFromString(requestState, JAXRSUtils.getCurrentMessage(), body, StandardCharsets.UTF_8.name(), true); + rc.setEntityStream(new ByteArrayInputStream(StringUtils.toBytesUTF8(body))); + } return requestState; } http://git-wip-us.apache.org/repos/asf/cxf/blob/33255189/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcUserInfoProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcUserInfoProvider.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcUserInfoProvider.java new file mode 100644 index 0000000..52e03fa --- /dev/null +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcUserInfoProvider.java @@ -0,0 +1,39 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.cxf.rs.security.oidc.rp; + +import org.apache.cxf.jaxrs.ext.ContextProvider; +import org.apache.cxf.message.Message; +import org.apache.cxf.rs.security.oauth2.client.ClientTokenContext; +import org.apache.cxf.rs.security.oidc.common.UserInfo; + +public class OidcUserInfoProvider implements ContextProvider<UserInfo> { + + @Override + public UserInfo createContext(Message m) { + OidcClientTokenContext ctx = (OidcClientTokenContext) + m.getContent(ClientTokenContext.class); + UserInfo userInfo = ctx != null ? ctx.getUserInfo() : null; + if (userInfo != null) { + userInfo.setIdToken(ctx.getIdToken()); + } + return userInfo; + } + +} http://git-wip-us.apache.org/repos/asf/cxf/blob/33255189/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/UserInfoContextProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/UserInfoContextProvider.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/UserInfoContextProvider.java deleted file mode 100644 index ad4793e..0000000 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/UserInfoContextProvider.java +++ /dev/null @@ -1,39 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.cxf.rs.security.oidc.rp; - -import org.apache.cxf.jaxrs.ext.ContextProvider; -import org.apache.cxf.message.Message; -import org.apache.cxf.rs.security.oauth2.client.ClientTokenContext; -import org.apache.cxf.rs.security.oidc.common.UserInfo; - -public class UserInfoContextProvider implements ContextProvider<UserInfo> { - - @Override - public UserInfo createContext(Message m) { - OidcClientTokenContext ctx = (OidcClientTokenContext) - m.getContent(ClientTokenContext.class); - UserInfo userInfo = ctx != null ? ctx.getUserInfo() : null; - if (userInfo != null) { - userInfo.setIdToken(ctx.getIdToken()); - } - return userInfo; - } - -}
