Repository: cxf-fediz Updated Branches: refs/heads/1.4.x-fixes 186939536 -> b95bea190
[FEDIZ-207] Introducing FedizPrincipal.getId() Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/53c34c28 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/53c34c28 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/53c34c28 Branch: refs/heads/1.4.x-fixes Commit: 53c34c283c1cb1004a8fe05b01408fc4a2d089bc Parents: d6266d9 Author: Sergey Beryozkin <sberyoz...@gmail.com> Authored: Wed Aug 30 16:54:41 2017 +0100 Committer: Sergey Beryozkin <sberyoz...@gmail.com> Committed: Wed Aug 30 16:54:41 2017 +0100 ---------------------------------------------------------------------- .../java/org/apache/cxf/fediz/core/FedizPrincipal.java | 1 + .../cxf/fediz/core/federation/TestSigninHandler.java | 6 ++++++ .../apache/cxf/fediz/cxf/plugin/CXFFedizPrincipal.java | 9 +++++++++ .../apache/cxf/fediz/jetty8/FederationUserPrincipal.java | 8 ++++++++ .../apache/cxf/fediz/jetty9/FederationUserPrincipal.java | 10 +++++++++- .../authentication/FederationAuthenticationToken.java | 8 ++++++++ .../authentication/FederationAuthenticationToken.java | 8 ++++++++ .../authentication/FederationAuthenticationToken.java | 8 ++++++++ .../apache/cxf/fediz/tomcat7/FederationPrincipalImpl.java | 7 +++++++ .../apache/cxf/fediz/tomcat8/FederationPrincipalImpl.java | 9 ++++++++- .../cxf/fediz/service/oidc/FedizSubjectCreator.java | 4 ++-- 11 files changed, 74 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/53c34c28/plugins/core/src/main/java/org/apache/cxf/fediz/core/FedizPrincipal.java ---------------------------------------------------------------------- diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/FedizPrincipal.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/FedizPrincipal.java index f74991a..10cf6f0 100644 --- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/FedizPrincipal.java +++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/FedizPrincipal.java @@ -32,4 +32,5 @@ public interface FedizPrincipal extends Principal { List<String> getRoleClaims(); + String getId(); } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/53c34c28/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/TestSigninHandler.java ---------------------------------------------------------------------- diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/TestSigninHandler.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/TestSigninHandler.java index b7a5802..1317fd1 100644 --- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/TestSigninHandler.java +++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/TestSigninHandler.java @@ -92,6 +92,12 @@ public class TestSigninHandler extends SigninHandler<FedizPrincipal> { return roles; } + @Override + public String getId() { + // TODO Auto-generated method stub + return null; + } + } } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/53c34c28/plugins/cxf/src/main/java/org/apache/cxf/fediz/cxf/plugin/CXFFedizPrincipal.java ---------------------------------------------------------------------- diff --git a/plugins/cxf/src/main/java/org/apache/cxf/fediz/cxf/plugin/CXFFedizPrincipal.java b/plugins/cxf/src/main/java/org/apache/cxf/fediz/cxf/plugin/CXFFedizPrincipal.java index 325de9c..326fff5 100644 --- a/plugins/cxf/src/main/java/org/apache/cxf/fediz/cxf/plugin/CXFFedizPrincipal.java +++ b/plugins/cxf/src/main/java/org/apache/cxf/fediz/cxf/plugin/CXFFedizPrincipal.java @@ -20,6 +20,7 @@ package org.apache.cxf.fediz.cxf.plugin; import java.util.Collections; import java.util.List; +import java.util.UUID; import org.w3c.dom.Element; import org.apache.cxf.fediz.core.Claim; @@ -28,10 +29,12 @@ import org.apache.cxf.fediz.core.FedizPrincipal; public class CXFFedizPrincipal implements FedizPrincipal { + private String principalId; private final String subject; private final List<Claim> claims; private Element token; private List<String> roles = Collections.emptyList(); + public CXFFedizPrincipal(String subject, List<Claim> claims, List<String> roles, Element token) { this.subject = subject; @@ -40,6 +43,7 @@ public class CXFFedizPrincipal implements FedizPrincipal { if (roles != null) { this.roles = roles; } + principalId = UUID.randomUUID().toString(); } @Override @@ -60,4 +64,9 @@ public class CXFFedizPrincipal implements FedizPrincipal { public List<String> getRoleClaims() { return Collections.unmodifiableList(roles); } + + @Override + public String getId() { + return principalId; + } } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/53c34c28/plugins/jetty8/src/main/java/org/apache/cxf/fediz/jetty8/FederationUserPrincipal.java ---------------------------------------------------------------------- diff --git a/plugins/jetty8/src/main/java/org/apache/cxf/fediz/jetty8/FederationUserPrincipal.java b/plugins/jetty8/src/main/java/org/apache/cxf/fediz/jetty8/FederationUserPrincipal.java index 7122176..c6799b4 100644 --- a/plugins/jetty8/src/main/java/org/apache/cxf/fediz/jetty8/FederationUserPrincipal.java +++ b/plugins/jetty8/src/main/java/org/apache/cxf/fediz/jetty8/FederationUserPrincipal.java @@ -21,6 +21,7 @@ package org.apache.cxf.fediz.jetty8; import java.util.Collections; import java.util.List; +import java.util.UUID; import org.w3c.dom.Element; @@ -29,6 +30,7 @@ import org.apache.cxf.fediz.core.FedizPrincipal; import org.apache.cxf.fediz.core.processor.FedizResponse; public class FederationUserPrincipal implements FedizPrincipal { + private String principalId; private String name; private ClaimCollection claims; private FedizResponse response; @@ -41,6 +43,7 @@ public class FederationUserPrincipal implements FedizPrincipal { if (response.getRoles() != null) { this.roles = response.getRoles(); } + principalId = UUID.randomUUID().toString(); } @Override @@ -68,4 +71,9 @@ public class FederationUserPrincipal implements FedizPrincipal { public List<String> getRoleClaims() { return Collections.unmodifiableList(roles); } + + @Override + public String getId() { + return principalId; + } } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/53c34c28/plugins/jetty9/src/main/java/org/apache/cxf/fediz/jetty9/FederationUserPrincipal.java ---------------------------------------------------------------------- diff --git a/plugins/jetty9/src/main/java/org/apache/cxf/fediz/jetty9/FederationUserPrincipal.java b/plugins/jetty9/src/main/java/org/apache/cxf/fediz/jetty9/FederationUserPrincipal.java index 46d5f6e..edce599 100644 --- a/plugins/jetty9/src/main/java/org/apache/cxf/fediz/jetty9/FederationUserPrincipal.java +++ b/plugins/jetty9/src/main/java/org/apache/cxf/fediz/jetty9/FederationUserPrincipal.java @@ -21,6 +21,7 @@ package org.apache.cxf.fediz.jetty9; import java.util.Collections; import java.util.List; +import java.util.UUID; import org.w3c.dom.Element; @@ -29,6 +30,7 @@ import org.apache.cxf.fediz.core.FedizPrincipal; import org.apache.cxf.fediz.core.processor.FedizResponse; public class FederationUserPrincipal implements FedizPrincipal { + private String principalId; private String name; private ClaimCollection claims; private FedizResponse response; @@ -41,6 +43,7 @@ public class FederationUserPrincipal implements FedizPrincipal { if (response.getRoles() != null) { this.roles = response.getRoles(); } + principalId = UUID.randomUUID().toString(); } @Override @@ -48,7 +51,7 @@ public class FederationUserPrincipal implements FedizPrincipal { return name; } - + @Override public ClaimCollection getClaims() { return claims; @@ -68,4 +71,9 @@ public class FederationUserPrincipal implements FedizPrincipal { public List<String> getRoleClaims() { return Collections.unmodifiableList(roles); } + + @Override + public String getId() { + return principalId; + } } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/53c34c28/plugins/spring/src/main/java/org/apache/cxf/fediz/spring/authentication/FederationAuthenticationToken.java ---------------------------------------------------------------------- diff --git a/plugins/spring/src/main/java/org/apache/cxf/fediz/spring/authentication/FederationAuthenticationToken.java b/plugins/spring/src/main/java/org/apache/cxf/fediz/spring/authentication/FederationAuthenticationToken.java index 5ed8d57..ca63efc 100644 --- a/plugins/spring/src/main/java/org/apache/cxf/fediz/spring/authentication/FederationAuthenticationToken.java +++ b/plugins/spring/src/main/java/org/apache/cxf/fediz/spring/authentication/FederationAuthenticationToken.java @@ -23,6 +23,7 @@ import java.io.Serializable; import java.util.Collection; import java.util.Collections; import java.util.List; +import java.util.UUID; import org.w3c.dom.Element; import org.apache.cxf.fediz.core.ClaimCollection; @@ -41,6 +42,7 @@ public class FederationAuthenticationToken extends AbstractAuthenticationToken private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID; + private String principalId; private final Object credentials; private final Object principal; private final UserDetails userDetails; @@ -66,6 +68,7 @@ public class FederationAuthenticationToken extends AbstractAuthenticationToken if (response.getRoles() != null) { this.roles = response.getRoles(); } + principalId = UUID.randomUUID().toString(); } public Object getCredentials() { @@ -106,4 +109,9 @@ public class FederationAuthenticationToken extends AbstractAuthenticationToken public List<String> getRoleClaims() { return Collections.unmodifiableList(roles); } + + @Override + public String getId() { + return principalId; + } } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/53c34c28/plugins/spring2/src/main/java/org/apache/cxf/fediz/spring/authentication/FederationAuthenticationToken.java ---------------------------------------------------------------------- diff --git a/plugins/spring2/src/main/java/org/apache/cxf/fediz/spring/authentication/FederationAuthenticationToken.java b/plugins/spring2/src/main/java/org/apache/cxf/fediz/spring/authentication/FederationAuthenticationToken.java index 5e48e5c..65ccfb6 100644 --- a/plugins/spring2/src/main/java/org/apache/cxf/fediz/spring/authentication/FederationAuthenticationToken.java +++ b/plugins/spring2/src/main/java/org/apache/cxf/fediz/spring/authentication/FederationAuthenticationToken.java @@ -22,6 +22,7 @@ package org.apache.cxf.fediz.spring.authentication; import java.io.Serializable; import java.util.Collections; import java.util.List; +import java.util.UUID; import org.w3c.dom.Element; import org.apache.cxf.fediz.core.ClaimCollection; @@ -39,6 +40,7 @@ public class FederationAuthenticationToken extends AbstractAuthenticationToken private static final long serialVersionUID = 1L; + private String principalId; private final Object credentials; private final Object principal; private final UserDetails userDetails; @@ -64,6 +66,7 @@ public class FederationAuthenticationToken extends AbstractAuthenticationToken if (response.getRoles() != null) { this.roles = response.getRoles(); } + principalId = UUID.randomUUID().toString(); } public Object getCredentials() { @@ -104,4 +107,9 @@ public class FederationAuthenticationToken extends AbstractAuthenticationToken public List<String> getRoleClaims() { return Collections.unmodifiableList(roles); } + + @Override + public String getId() { + return principalId; + } } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/53c34c28/plugins/spring3/src/main/java/org/apache/cxf/fediz/spring/authentication/FederationAuthenticationToken.java ---------------------------------------------------------------------- diff --git a/plugins/spring3/src/main/java/org/apache/cxf/fediz/spring/authentication/FederationAuthenticationToken.java b/plugins/spring3/src/main/java/org/apache/cxf/fediz/spring/authentication/FederationAuthenticationToken.java index 5ed8d57..ca63efc 100644 --- a/plugins/spring3/src/main/java/org/apache/cxf/fediz/spring/authentication/FederationAuthenticationToken.java +++ b/plugins/spring3/src/main/java/org/apache/cxf/fediz/spring/authentication/FederationAuthenticationToken.java @@ -23,6 +23,7 @@ import java.io.Serializable; import java.util.Collection; import java.util.Collections; import java.util.List; +import java.util.UUID; import org.w3c.dom.Element; import org.apache.cxf.fediz.core.ClaimCollection; @@ -41,6 +42,7 @@ public class FederationAuthenticationToken extends AbstractAuthenticationToken private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID; + private String principalId; private final Object credentials; private final Object principal; private final UserDetails userDetails; @@ -66,6 +68,7 @@ public class FederationAuthenticationToken extends AbstractAuthenticationToken if (response.getRoles() != null) { this.roles = response.getRoles(); } + principalId = UUID.randomUUID().toString(); } public Object getCredentials() { @@ -106,4 +109,9 @@ public class FederationAuthenticationToken extends AbstractAuthenticationToken public List<String> getRoleClaims() { return Collections.unmodifiableList(roles); } + + @Override + public String getId() { + return principalId; + } } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/53c34c28/plugins/tomcat7/src/main/java/org/apache/cxf/fediz/tomcat7/FederationPrincipalImpl.java ---------------------------------------------------------------------- diff --git a/plugins/tomcat7/src/main/java/org/apache/cxf/fediz/tomcat7/FederationPrincipalImpl.java b/plugins/tomcat7/src/main/java/org/apache/cxf/fediz/tomcat7/FederationPrincipalImpl.java index 4beee9f..ac630cb 100644 --- a/plugins/tomcat7/src/main/java/org/apache/cxf/fediz/tomcat7/FederationPrincipalImpl.java +++ b/plugins/tomcat7/src/main/java/org/apache/cxf/fediz/tomcat7/FederationPrincipalImpl.java @@ -21,6 +21,7 @@ package org.apache.cxf.fediz.tomcat7; import java.util.Collections; import java.util.List; +import java.util.UUID; import org.w3c.dom.Element; import org.apache.catalina.realm.GenericPrincipal; @@ -30,6 +31,7 @@ import org.apache.cxf.fediz.core.FedizPrincipal; public class FederationPrincipalImpl extends GenericPrincipal implements FedizPrincipal { + protected String principalId; protected ClaimCollection claims; protected Element loginToken; private List<String> roles = Collections.emptyList(); @@ -42,6 +44,7 @@ public class FederationPrincipalImpl extends GenericPrincipal implements FedizPr if (roles != null) { this.roles = roles; } + principalId = UUID.randomUUID().toString(); } public ClaimCollection getClaims() { @@ -57,4 +60,8 @@ public class FederationPrincipalImpl extends GenericPrincipal implements FedizPr return Collections.unmodifiableList(roles); } + public String getId() { + return principalId; + } + } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/53c34c28/plugins/tomcat8/src/main/java/org/apache/cxf/fediz/tomcat8/FederationPrincipalImpl.java ---------------------------------------------------------------------- diff --git a/plugins/tomcat8/src/main/java/org/apache/cxf/fediz/tomcat8/FederationPrincipalImpl.java b/plugins/tomcat8/src/main/java/org/apache/cxf/fediz/tomcat8/FederationPrincipalImpl.java index 81408c7..a71ff06 100644 --- a/plugins/tomcat8/src/main/java/org/apache/cxf/fediz/tomcat8/FederationPrincipalImpl.java +++ b/plugins/tomcat8/src/main/java/org/apache/cxf/fediz/tomcat8/FederationPrincipalImpl.java @@ -21,6 +21,7 @@ package org.apache.cxf.fediz.tomcat8; import java.util.Collections; import java.util.List; +import java.util.UUID; import org.w3c.dom.Element; import org.apache.catalina.realm.GenericPrincipal; @@ -29,7 +30,7 @@ import org.apache.cxf.fediz.core.ClaimCollection; import org.apache.cxf.fediz.core.FedizPrincipal; public class FederationPrincipalImpl extends GenericPrincipal implements FedizPrincipal { - + protected String principalId; protected ClaimCollection claims; protected Element loginToken; private List<String> roles = Collections.emptyList(); @@ -42,6 +43,7 @@ public class FederationPrincipalImpl extends GenericPrincipal implements FedizPr if (roles != null) { this.roles = roles; } + principalId = UUID.randomUUID().toString(); } public ClaimCollection getClaims() { @@ -56,4 +58,9 @@ public class FederationPrincipalImpl extends GenericPrincipal implements FedizPr public List<String> getRoleClaims() { return Collections.unmodifiableList(roles); } + + @Override + public String getId() { + return principalId; + } } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/53c34c28/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java ---------------------------------------------------------------------- diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java index 79d9573..de44fce 100644 --- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java +++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java @@ -104,8 +104,8 @@ public class FedizSubjectCreator implements SubjectCreator { OidcUserSubject oidcSub = new OidcUserSubject(); oidcSub.setLogin(fedizPrincipal.getName()); - // REVISIT: use fedizPrincipal.getId() to guarantee the uniqueness once FEDIZ-207 is resolved - oidcSub.setId(fedizPrincipal.getName()); + String principalId = fedizPrincipal.getId(); + oidcSub.setId(principalId != null ? principalId : fedizPrincipal.getName()); IdToken idToken = convertToIdToken(mc, fedizPrincipal.getLoginToken(),