Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 58f1631ff -> c3cca2d5d
Prototyping the code for supporting aggregated/distributed claims Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c3cca2d5 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c3cca2d5 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c3cca2d5 Branch: refs/heads/3.1.x-fixes Commit: c3cca2d5d92576235e27692806d0c8233a8ce9b1 Parents: 58f1631 Author: Sergey Beryozkin <[email protected]> Authored: Wed Feb 17 17:51:47 2016 +0000 Committer: Sergey Beryozkin <[email protected]> Committed: Wed Feb 17 17:53:10 2016 +0000 ---------------------------------------------------------------------- .../security/oidc/common/AbstractUserInfo.java | 44 +++++++++++++++++ .../security/oidc/common/AggregatedClaims.java | 42 ++++++++++++++++ .../security/oidc/common/DistributedClaims.java | 51 ++++++++++++++++++++ .../cxf/rs/security/oidc/utils/OidcUtils.java | 5 ++ 4 files changed, 142 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/c3cca2d5/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AbstractUserInfo.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AbstractUserInfo.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AbstractUserInfo.java index 583abed..18970f0 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AbstractUserInfo.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AbstractUserInfo.java @@ -18,10 +18,14 @@ */ package org.apache.cxf.rs.security.oidc.common; +import java.util.Collections; +import java.util.LinkedHashMap; import java.util.Map; import org.apache.cxf.helpers.CastUtils; import org.apache.cxf.rs.security.jose.jwt.JwtClaims; +import org.apache.cxf.rs.security.jose.jwt.JwtException; +import org.apache.cxf.rs.security.oidc.utils.OidcUtils; public abstract class AbstractUserInfo extends JwtClaims { public static final String NAME_CLAIM = "name"; @@ -177,4 +181,44 @@ public abstract class AbstractUserInfo extends JwtClaims { return getLongProperty(UPDATED_AT_CLAIM); } + public void setAggregatedClaims(AggregatedClaims claims) { + setProperty(OidcUtils.CLAIM_NAMES_PROPERTY, claims.getClaimNames()); + setProperty(OidcUtils.CLAIM_SOURCES_PROPERTY, + Collections.singletonMap(OidcUtils.JWT_CLAIM_SOURCE_PROPERTY, claims.getJwtClaims())); + } + public AggregatedClaims getAggregatedClaims() { + Map<String, Object> names = CastUtils.cast((Map<?, ?>)getProperty(OidcUtils.CLAIM_NAMES_PROPERTY)); + Map<String, Object> sources = CastUtils.cast((Map<?, ?>)getProperty(OidcUtils.CLAIM_SOURCES_PROPERTY)); + if (names == null || sources == null || !sources.containsKey(OidcUtils.JWT_CLAIM_SOURCE_PROPERTY)) { + return null; + } + AggregatedClaims claims = new AggregatedClaims(); + claims.setClaimNames(CastUtils.cast(names)); + claims.setJwtClaims((String)sources.get(OidcUtils.JWT_CLAIM_SOURCE_PROPERTY)); + return claims; + } + public void setDistributedClaims(DistributedClaims claims) { + if (claims.getEndpoint() == null) { + throw new JwtException(); + } + Map<String, String> sources = new LinkedHashMap<String, String>(); + setProperty(OidcUtils.CLAIM_NAMES_PROPERTY, claims.getClaimNames()); + sources.put(OidcUtils.ENDPOINT_CLAIM_SOURCE_PROPERTY, claims.getEndpoint()); + if (claims.getAccessToken() != null) { + sources.put(OidcUtils.TOKEN_CLAIM_SOURCE_PROPERTY, claims.getAccessToken()); + } + setProperty(OidcUtils.CLAIM_SOURCES_PROPERTY, sources); + } + public DistributedClaims getDistributedClaims() { + Map<String, Object> names = CastUtils.cast((Map<?, ?>)getProperty(OidcUtils.CLAIM_NAMES_PROPERTY)); + Map<String, Object> sources = CastUtils.cast((Map<?, ?>)getProperty(OidcUtils.CLAIM_SOURCES_PROPERTY)); + if (names == null || sources == null || !sources.containsKey(OidcUtils.ENDPOINT_CLAIM_SOURCE_PROPERTY)) { + return null; + } + DistributedClaims claims = new DistributedClaims(); + claims.setClaimNames(CastUtils.cast(names)); + claims.setEndpoint((String)sources.get(OidcUtils.ENDPOINT_CLAIM_SOURCE_PROPERTY)); + claims.setAccessToken((String)sources.get(OidcUtils.TOKEN_CLAIM_SOURCE_PROPERTY)); + return claims; + } } http://git-wip-us.apache.org/repos/asf/cxf/blob/c3cca2d5/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AggregatedClaims.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AggregatedClaims.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AggregatedClaims.java new file mode 100644 index 0000000..38c9fa9 --- /dev/null +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AggregatedClaims.java @@ -0,0 +1,42 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.cxf.rs.security.oidc.common; + +import java.util.Map; + +public class AggregatedClaims { + private Map<String, String> claimNames; + private String jwtClaims; + + public Map<String, String> getClaimNames() { + return claimNames; + } + + public void setClaimNames(Map<String, String> claimNames) { + this.claimNames = claimNames; + } + + public String getJwtClaims() { + return jwtClaims; + } + + public void setJwtClaims(String jwtClaims) { + this.jwtClaims = jwtClaims; + } +} http://git-wip-us.apache.org/repos/asf/cxf/blob/c3cca2d5/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/DistributedClaims.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/DistributedClaims.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/DistributedClaims.java new file mode 100644 index 0000000..07ae9c6 --- /dev/null +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/DistributedClaims.java @@ -0,0 +1,51 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.cxf.rs.security.oidc.common; + +import java.util.Map; + +public class DistributedClaims { + private Map<String, String> claimNames; + private String endpoint; + private String accessToken; + public Map<String, String> getClaimNames() { + return claimNames; + } + + public void setClaimNames(Map<String, String> claimNames) { + this.claimNames = claimNames; + } + + public String getEndpoint() { + return endpoint; + } + + public void setEndpoint(String endpoint) { + this.endpoint = endpoint; + } + + public String getAccessToken() { + return accessToken; + } + + public void setAccessToken(String accessToken) { + this.accessToken = accessToken; + } + +} http://git-wip-us.apache.org/repos/asf/cxf/blob/c3cca2d5/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java index 823e757..a8e086f 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java @@ -52,6 +52,11 @@ public final class OidcUtils { public static final List<String> ADDRESS_CLAIMS = Arrays.asList(UserInfo.ADDRESS_CLAIM); public static final List<String> PHONE_CLAIMS = Arrays.asList(UserInfo.PHONE_CLAIM); public static final String CLAIMS_PARAM = "claims"; + public static final String CLAIM_NAMES_PROPERTY = "_claims_names"; + public static final String CLAIM_SOURCES_PROPERTY = "_claims_sources"; + public static final String JWT_CLAIM_SOURCE_PROPERTY = "JWT"; + public static final String ENDPOINT_CLAIM_SOURCE_PROPERTY = "endpoint"; + public static final String TOKEN_CLAIM_SOURCE_PROPERTY = "access_token"; private static final Map<String, List<String>> SCOPES_MAP; static {
