[2/2] cxf git commit: Add the ability to set a custom claim type in the generated token
Add the ability to set a custom claim type in the generated token # Conflicts: # services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java # services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/JWTClaimsTest.java # services/sts/systests/basic/src/test/java/org/apache/cxf/systest/sts/rest/STSRESTTest.java Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/fb414c7a Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/fb414c7a Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/fb414c7a Branch: refs/heads/3.1.x-fixes Commit: fb414c7abfb5de8bf95462a9de23335d4320af4e Parents: af13152 Author: Colm O hEigeartaighAuthored: Tue Jul 11 13:11:49 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Jul 11 13:14:05 2017 +0100 -- .../sts/rest/RESTSecurityTokenServiceImpl.java | 1 + .../provider/jwt/DefaultJWTClaimsProvider.java | 29 +++- .../cxf/sts/token/provider/JWTClaimsTest.java | 77 +++- .../cxf/systest/sts/rest/STSRESTTest.java | 14 ++-- .../cxf/systest/sts/rest/cxf-rest-sts.xml | 7 ++ 5 files changed, 115 insertions(+), 13 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/fb414c7a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java -- diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java index bcc31a4..f3d0719 100644 --- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java +++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java @@ -77,6 +77,7 @@ public class RESTSecurityTokenServiceImpl extends SecurityTokenServiceImpl imple DEFAULT_CLAIM_TYPE_MAP = new HashMap (); DEFAULT_CLAIM_TYPE_MAP.put("emailaddress", CLAIM_TYPE_NS + "/claims/emailaddress"); DEFAULT_CLAIM_TYPE_MAP.put("role", CLAIM_TYPE_NS + "/claims/role"); +DEFAULT_CLAIM_TYPE_MAP.put("roles", CLAIM_TYPE_NS + "/claims/role"); DEFAULT_CLAIM_TYPE_MAP.put("surname", CLAIM_TYPE_NS + "/claims/surname"); DEFAULT_CLAIM_TYPE_MAP.put("givenname", CLAIM_TYPE_NS + "/claims/givenname"); DEFAULT_CLAIM_TYPE_MAP.put("name", CLAIM_TYPE_NS + "/claims/name"); http://git-wip-us.apache.org/repos/asf/cxf/blob/fb414c7a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java -- diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java index fee93df..6b4ffe0 100644 --- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java +++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java @@ -24,6 +24,7 @@ import java.util.ArrayList; import java.util.Date; import java.util.Iterator; import java.util.List; +import java.util.Map; import java.util.UUID; import java.util.logging.Logger; @@ -60,7 +61,8 @@ public class DefaultJWTClaimsProvider implements JWTClaimsProvider { private boolean failLifetimeExceedance = true; private boolean acceptClientLifetime; private long futureTimeToLive = 60L; - +private Map claimTypeMap; + /** * Get a JwtClaims object. */ @@ -158,7 +160,7 @@ public class DefaultJWTClaimsProvider implements JWTClaimsProvider { if (claim.getValues().size() == 1) { claimValues = claim.getValues().get(0); } -claims.setProperty(claim.getClaimType().toString(), claimValues); + claims.setProperty(translateClaim(claim.getClaimType().toString()), claimValues); } } } @@ -277,7 +279,14 @@ public class DefaultJWTClaimsProvider implements JWTClaimsProvider { } } } - + +private String translateClaim(String claimType) { +if (claimTypeMap == null || !claimTypeMap.containsKey(claimType)) { +return claimType; +} +return claimTypeMap.get(claimType); +} + public boolean isUseX500CN() { return useX500CN; } @@ -366,5 +375,17 @@ public class
cxf git commit: Add the ability to set a custom claim type in the generated token
Repository: cxf Updated Branches: refs/heads/master 30ac7940b -> e0bbfe4a0 Add the ability to set a custom claim type in the generated token Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e0bbfe4a Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e0bbfe4a Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e0bbfe4a Branch: refs/heads/master Commit: e0bbfe4a0c8a17c2335d08aec558c98fdebbf07d Parents: 30ac794 Author: Colm O hEigeartaighAuthored: Tue Jul 11 13:11:49 2017 +0100 Committer: Colm O hEigeartaigh Committed: Tue Jul 11 13:12:44 2017 +0100 -- .../sts/rest/RESTSecurityTokenServiceImpl.java | 1 + .../provider/jwt/DefaultJWTClaimsProvider.java | 23 +- .../cxf/sts/token/provider/JWTClaimsTest.java | 75 .../cxf/systest/sts/rest/STSRESTTest.java | 7 +- .../cxf/systest/sts/rest/cxf-rest-sts.xml | 7 ++ 5 files changed, 108 insertions(+), 5 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/e0bbfe4a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java -- diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java index 16b715c..b9c0030 100644 --- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java +++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java @@ -77,6 +77,7 @@ public class RESTSecurityTokenServiceImpl extends SecurityTokenServiceImpl imple DEFAULT_CLAIM_TYPE_MAP = new HashMap<>(); DEFAULT_CLAIM_TYPE_MAP.put("emailaddress", CLAIM_TYPE_NS + "/claims/emailaddress"); DEFAULT_CLAIM_TYPE_MAP.put("role", CLAIM_TYPE_NS + "/claims/role"); +DEFAULT_CLAIM_TYPE_MAP.put("roles", CLAIM_TYPE_NS + "/claims/role"); DEFAULT_CLAIM_TYPE_MAP.put("surname", CLAIM_TYPE_NS + "/claims/surname"); DEFAULT_CLAIM_TYPE_MAP.put("givenname", CLAIM_TYPE_NS + "/claims/givenname"); DEFAULT_CLAIM_TYPE_MAP.put("name", CLAIM_TYPE_NS + "/claims/name"); http://git-wip-us.apache.org/repos/asf/cxf/blob/e0bbfe4a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java -- diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java index 92c7b32b..09fa265 100644 --- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java +++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/provider/jwt/DefaultJWTClaimsProvider.java @@ -26,6 +26,7 @@ import java.time.format.DateTimeParseException; import java.util.ArrayList; import java.util.Iterator; import java.util.List; +import java.util.Map; import java.util.UUID; import java.util.logging.Logger; @@ -61,6 +62,7 @@ public class DefaultJWTClaimsProvider implements JWTClaimsProvider { private boolean failLifetimeExceedance = true; private boolean acceptClientLifetime; private long futureTimeToLive = 60L; +private Map claimTypeMap; /** * Get a JwtClaims object. @@ -159,7 +161,7 @@ public class DefaultJWTClaimsProvider implements JWTClaimsProvider { if (claim.getValues().size() == 1) { claimValues = claim.getValues().get(0); } -claims.setProperty(claim.getClaimType().toString(), claimValues); + claims.setProperty(translateClaim(claim.getClaimType().toString()), claimValues); } } } @@ -276,6 +278,13 @@ public class DefaultJWTClaimsProvider implements JWTClaimsProvider { } } +private String translateClaim(String claimType) { +if (claimTypeMap == null || !claimTypeMap.containsKey(claimType)) { +return claimType; +} +return claimTypeMap.get(claimType); +} + public boolean isUseX500CN() { return useX500CN; } @@ -365,4 +374,16 @@ public class DefaultJWTClaimsProvider implements JWTClaimsProvider { this.failLifetimeExceedance = failLifetimeExceedance; } +public Map getClaimTypeMap() { +return claimTypeMap; +} + +/** + * Specify a way to map ClaimType URIs to custom ClaimTypes + * @param claimTypeMap + */ +