You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by jb...@apache.org on 2016/01/20 06:28:56 UTC
[1/2] cxf-fediz git commit: [FEDIZ-144] Added Spring EL support for
HomeRealm Discovery
Repository: cxf-fediz
Updated Branches:
refs/heads/master 94dc9ec91 -> 7b2f203e1
[FEDIZ-144] Added Spring EL support for HomeRealm Discovery
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/7b2f203e
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/7b2f203e
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/7b2f203e
Branch: refs/heads/master
Commit: 7b2f203e13aedf9fbffeaae273222b7380f7e92b
Parents: 3a723af
Author: Jan Bernhardt <jb...@talend.com>
Authored: Tue Jan 19 12:19:48 2016 +0100
Committer: Jan Bernhardt <jb...@talend.com>
Committed: Wed Jan 20 06:27:33 2016 +0100
----------------------------------------------------------------------
.../idp/beans/ProcessHRDSExpressionAction.java | 40 ++++++++++++++----
.../idp/src/main/resources/entities-realma.xml | 9 ++--
.../WEB-INF/flows/federation-signin-request.xml | 44 +++++---------------
3 files changed, 48 insertions(+), 45 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/7b2f203e/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/ProcessHRDSExpressionAction.java
----------------------------------------------------------------------
diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/ProcessHRDSExpressionAction.java b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/ProcessHRDSExpressionAction.java
index e7a9296..088af6c 100644
--- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/ProcessHRDSExpressionAction.java
+++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/ProcessHRDSExpressionAction.java
@@ -18,10 +18,17 @@
*/
package org.apache.cxf.fediz.service.idp.beans;
+import javax.servlet.http.Cookie;
+
+import org.apache.cxf.fediz.core.FederationConstants;
import org.apache.cxf.fediz.service.idp.domain.Idp;
import org.apache.cxf.fediz.service.idp.util.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.expression.Expression;
+import org.springframework.expression.ExpressionParser;
+import org.springframework.expression.spel.standard.SpelExpressionParser;
import org.springframework.stereotype.Component;
import org.springframework.webflow.execution.RequestContext;
@@ -32,17 +39,36 @@ import org.springframework.webflow.execution.RequestContext;
public class ProcessHRDSExpressionAction {
private static final String IDP_CONFIG = "idpConfig";
+
private static final Logger LOG = LoggerFactory.getLogger(ProcessHRDSExpressionAction.class);
+ @Autowired
+ private HomeRealmReminder homeRealmReminder;
+
public String submit(RequestContext context) {
+ // Check if home realm is known already
+ Cookie whrCookie = homeRealmReminder.readCookie(context);
+ if (whrCookie != null) {
+ LOG.debug("WHR Cookie set: {}", whrCookie);
+ return whrCookie.getValue();
+ }
+
+ // Check if custom HRDS is defined
Idp idpConfig = (Idp)WebUtils.getAttributeFromFlowScope(context, IDP_CONFIG);
String hrds = idpConfig.getHrds();
- //TODO
- if (hrds == null) {
- LOG.info("HRDS is null (Mock).");
- return "";
+
+ if (hrds != null) {
+ LOG.debug("HomeRealmDiscoveryService EL: {}", hrds);
+ ExpressionParser parser = new SpelExpressionParser();
+ Expression exp = parser.parseExpression(hrds);
+ String result = exp.getValue(context, String.class);
+ LOG.info("Realm resolved by HomeRealmDiscoveryService: {}", result);
+ return result;
}
- LOG.info("HRDS is not null (Mock).");
- return "some-whr-value";
+
+ // Return whr parameter unchanged
+ String whr = (String)WebUtils.getAttributeFromFlowScope(context, FederationConstants.PARAM_HOME_REALM);
+ LOG.debug("No custom homeRealm handling, using whr parameter as provided in request: {}", whr);
+ return whr;
}
-}
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/7b2f203e/services/idp/src/main/resources/entities-realma.xml
----------------------------------------------------------------------
diff --git a/services/idp/src/main/resources/entities-realma.xml b/services/idp/src/main/resources/entities-realma.xml
index a6b43d6..01969a6 100644
--- a/services/idp/src/main/resources/entities-realma.xml
+++ b/services/idp/src/main/resources/entities-realma.xml
@@ -38,10 +38,8 @@
<property name="rpSingleSignOutConfirmation" value="true"/>
<property name="supportedProtocols">
<util:list>
- <value>http://docs.oasis-open.org/wsfed/federation/200706
- </value>
- <value>http://docs.oasis-open.org/ws-sx/ws-trust/200512
- </value>
+ <value>http://docs.oasis-open.org/wsfed/federation/200706</value>
+ <value>http://docs.oasis-open.org/ws-sx/ws-trust/200512</value>
</util:list>
</property>
<property name="tokenTypesOffered">
@@ -52,7 +50,8 @@
</property>
<property name="authenticationURIs">
<util:map>
- <entry key="default" value="federation/up" />
+ <entry key="default"
+ value="federation/up" />
<entry key="http://docs.oasis-open.org/wsfed/authorization/200706/authntypes/SslAndKey"
value="federation/krb" />
<entry key="http://docs.oasis-open.org/wsfed/authorization/200706/authntypes/default"
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/7b2f203e/services/idp/src/main/webapp/WEB-INF/flows/federation-signin-request.xml
----------------------------------------------------------------------
diff --git a/services/idp/src/main/webapp/WEB-INF/flows/federation-signin-request.xml b/services/idp/src/main/webapp/WEB-INF/flows/federation-signin-request.xml
index fc44654..094d393 100644
--- a/services/idp/src/main/webapp/WEB-INF/flows/federation-signin-request.xml
+++ b/services/idp/src/main/webapp/WEB-INF/flows/federation-signin-request.xml
@@ -32,51 +32,29 @@
<input name="whr" />
<decision-state id="checkHRDSEnabled">
- <if test="true" then="checkWhrInSigninRequest" else="checkDefaultToThisIDP" />
+ <if test="true" then="processHRDSExpression" else="checkDefaultToThisIDP" />
</decision-state>
- <decision-state id="checkWhrInSigninRequest">
- <if test="flowScope.whr == null or flowScope.whr.trim().isEmpty()"
- then="checkHomeRealm" else="checkIsThisIDP" />
+ <decision-state id="checkDefaultToThisIDP">
+ <if test="flowScope.idpConfig.isUseCurrentIdp()" then="checkWauthTypeSupported"
+ else="viewBadRequest" />
</decision-state>
- <decision-state id="checkHomeRealm">
- <if test="homeRealmReminder.readCookie(flowRequestContext) == null"
- then="processHRDSExpression" else="restoreHomeRealm" />
+ <decision-state id="processHRDSExpression">
+ <on-entry>
+ <evaluate expression="processHRDSExpressionAction.submit(flowRequestContext)" result="flowScope.whr" />
+ </on-entry>
+ <if test="flowScope.whr == null or flowScope.whr.trim().isEmpty()"
+ then="provideIDPListForUser" else="checkIsThisIDP" />
</decision-state>
- <action-state id="restoreHomeRealm">
- <evaluate
- expression="homeRealmReminder.readCookie(flowRequestContext).value"
- result="flowScope.whr" />
- <transition to="checkIsThisIDP" />
- </action-state>
-
- <action-state id="processHRDSExpression">
- <!-- TODO -->
- <evaluate
- expression="processHRDSExpressionAction.submit(flowRequestContext)"
- result="flowScope.whr" />
- <transition on="" to="provideIDPListForUser" />
- <transition to="checkIsThisIDP">
- <evaluate
- expression="homeRealmReminder.addCookie(flowRequestContext, flowScope.whr)" />
- </transition>
- </action-state>
-
<decision-state id="provideIDPListForUser">
- <if
- test="flowScope.idpConfig.trustedIdps == null or idpConfig.trustedIdps.isEmpty()"
+ <if test="flowScope.idpConfig.trustedIdps == null or idpConfig.trustedIdps.isEmpty()"
then="checkDefaultToThisIDP" />
<if test="flowScope.idpConfig.isProvideIdpList() == false"
then="checkDefaultToThisIDP" else="showIDPList" />
</decision-state>
- <decision-state id="checkDefaultToThisIDP">
- <if test="flowScope.idpConfig.isUseCurrentIdp()" then="checkWauthTypeSupported"
- else="viewBadRequest" />
- </decision-state>
-
<view-state id="showIDPList" view="idplist" model="trustedIDPSelection">
<var name="trustedIDPSelection"
class="org.apache.cxf.fediz.service.idp.model.TrustedIDPSelection" />
[2/2] cxf-fediz git commit: Fix broken link on error page
Posted by jb...@apache.org.
Fix broken link on error page
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/3a723af6
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/3a723af6
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/3a723af6
Branch: refs/heads/master
Commit: 3a723af6fa11d9f3998f92b72467b2782aa37e4a
Parents: 94dc9ec
Author: Jan Bernhardt <jb...@talend.com>
Authored: Tue Jan 19 12:17:24 2016 +0100
Committer: Jan Bernhardt <jb...@talend.com>
Committed: Wed Jan 20 06:27:33 2016 +0100
----------------------------------------------------------------------
services/oidc/src/main/webapp/WEB-INF/views/oAuthError.jsp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/3a723af6/services/oidc/src/main/webapp/WEB-INF/views/oAuthError.jsp
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/webapp/WEB-INF/views/oAuthError.jsp b/services/oidc/src/main/webapp/WEB-INF/views/oAuthError.jsp
index 93c96c6..51e0274 100644
--- a/services/oidc/src/main/webapp/WEB-INF/views/oAuthError.jsp
+++ b/services/oidc/src/main/webapp/WEB-INF/views/oAuthError.jsp
@@ -26,7 +26,7 @@ Authorization error: <%= error.getError() %>
</h1>
<br/>
<p>
-Back to <a href="<%= basePath %>client">Client Registration page</a>
+Back to <a href="<%= basePath %>clients">Client Registration page</a>
</p>
</big></big>
</div>