Repository: cxf Updated Branches: refs/heads/3.1.x-fixes fec88085f -> dd566ccce
Minor updates to Jose/Oauth2 code as suggested by Romain Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/dd566ccc Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/dd566ccc Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/dd566ccc Branch: refs/heads/3.1.x-fixes Commit: dd566cccec4c32221a81758cce9ddf85a4f10977 Parents: fec8808 Author: Sergey Beryozkin <[email protected]> Authored: Fri Jan 13 17:37:13 2017 +0000 Committer: Sergey Beryozkin <[email protected]> Committed: Fri Jan 13 17:44:13 2017 +0000 ---------------------------------------------------------------------- .../cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java | 9 ++++----- .../rs/security/oauth2/services/AbstractOAuthService.java | 2 +- 2 files changed, 5 insertions(+), 6 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/dd566ccc/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java index 6ed31fd..1c558a9 100644 --- a/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java +++ b/rt/rs/security/jose-parent/jose/src/main/java/org/apache/cxf/rs/security/jose/jws/NoneJwsSignatureProvider.java @@ -21,7 +21,8 @@ package org.apache.cxf.rs.security.jose.jws; import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm; public class NoneJwsSignatureProvider implements JwsSignatureProvider { - + private static final byte[] EMPTY_BYTE_ARRAY = new byte[] {}; + @Override public SignatureAlgorithm getAlgorithm() { return SignatureAlgorithm.NONE; @@ -34,9 +35,7 @@ public class NoneJwsSignatureProvider implements JwsSignatureProvider { @Override public byte[] sign(JwsHeaders headers, byte[] content) { - JwsSignature sig = createJwsSignature(headers); - sig.update(content, 0, content.length); - return sig.sign(); + return EMPTY_BYTE_ARRAY; } private static class NoneJwsSignature implements JwsSignature { @@ -47,7 +46,7 @@ public class NoneJwsSignatureProvider implements JwsSignatureProvider { @Override public byte[] sign() { - return new byte[]{}; + return EMPTY_BYTE_ARRAY; } } http://git-wip-us.apache.org/repos/asf/cxf/blob/dd566ccc/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java index c8bd408..79187d1 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java @@ -114,7 +114,7 @@ public abstract class AbstractOAuthService { */ protected void checkTransportSecurity() { if (!mc.getSecurityContext().isSecure()) { - LOG.warning("Unsecure HTTP, Transport Layer Security is recommended"); + LOG.warning("Unsecure HTTP, HTTPS is recommended"); if (blockUnsecureRequests) { throw ExceptionUtils.toBadRequestException(null, null); }
