Repository: cxf-fediz Updated Branches: refs/heads/master 8bd1906e4 -> 6da93223c
[FEDIZ-207] Using the login name for a moment Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/6da93223 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/6da93223 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/6da93223 Branch: refs/heads/master Commit: 6da93223c36bdc5dbbba80a437801f4c8deb059a Parents: 8bd1906 Author: Sergey Beryozkin <sberyoz...@gmail.com> Authored: Tue Aug 29 15:37:30 2017 +0100 Committer: Sergey Beryozkin <sberyoz...@gmail.com> Committed: Tue Aug 29 15:41:25 2017 +0100 ---------------------------------------------------------------------- .../apache/cxf/fediz/service/oidc/FedizSubjectCreator.java | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6da93223/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java ---------------------------------------------------------------------- diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java index 3708fca..8479895 100644 --- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java +++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java @@ -30,7 +30,6 @@ import javax.ws.rs.core.UriBuilder; import org.w3c.dom.Element; -import org.apache.cxf.common.util.Base64UrlUtility; import org.apache.cxf.fediz.core.Claim; import org.apache.cxf.fediz.core.ClaimCollection; import org.apache.cxf.fediz.core.ClaimTypes; @@ -43,7 +42,6 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants; import org.apache.cxf.rs.security.oidc.common.IdToken; import org.apache.cxf.rs.security.oidc.idp.OidcUserSubject; import org.apache.cxf.rs.security.oidc.utils.OidcUtils; -import org.apache.cxf.rt.security.crypto.CryptoUtils; import org.apache.wss4j.common.ext.WSSecurityException; import org.apache.wss4j.common.saml.SamlAssertionWrapper; import org.joda.time.DateTime; @@ -72,11 +70,8 @@ public class FedizSubjectCreator implements SubjectCreator { OidcUserSubject oidcSub = new OidcUserSubject(); oidcSub.setLogin(fedizPrincipal.getName()); - // Subject ID - a locally unique and never reassigned identifier allocated to the end user - // REVISIT: - // Can it be allocated on per-session basis or is it something that is supposed to be created - // by the authentication system (IDP/STS) once and reported every time a given user signs in ? - oidcSub.setId(Base64UrlUtility.encode(CryptoUtils.generateSecureRandomBytes(16))); + // REVISIT: use fedizPrincipal.getId() to guarantee the uniqueness once FEDIZ-207 is resolved + oidcSub.setId(fedizPrincipal.getName()); IdToken idToken = convertToIdToken(mc, fedizPrincipal.getLoginToken(),