You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by jb...@apache.org on 2015/12/14 16:22:18 UTC
cxf git commit: Prefer Subject Name over E-Mail address when creating
the users principal
Repository: cxf
Updated Branches:
refs/heads/3.1.x-fixes f6a96430b -> 1a5708e21
Prefer Subject Name over E-Mail address when creating the users principal
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/1a5708e2
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/1a5708e2
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/1a5708e2
Branch: refs/heads/3.1.x-fixes
Commit: 1a5708e21708a9ed96991cd56ff89b3fd4eac15a
Parents: f6a9643
Author: Jan Bernhardt <jb...@talend.com>
Authored: Mon Dec 14 16:16:45 2015 +0100
Committer: Jan Bernhardt <jb...@talend.com>
Committed: Mon Dec 14 16:21:44 2015 +0100
----------------------------------------------------------------------
.../security/oidc/rp/OidcSecurityContext.java | 24 ++++++++++++++------
1 file changed, 17 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/1a5708e2/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcSecurityContext.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcSecurityContext.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcSecurityContext.java
index d31c189..2c50bb8 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcSecurityContext.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcSecurityContext.java
@@ -27,33 +27,43 @@ import org.apache.cxf.rs.security.oidc.common.IdToken;
public class OidcSecurityContext extends SimpleSecurityContext implements SecurityContext {
private OidcClientTokenContext oidcContext;
+
public OidcSecurityContext(IdToken token) {
this(new OidcClientTokenContextImpl(token));
}
+
public OidcSecurityContext(OidcClientTokenContext oidcContext) {
super(getPrincipalName(oidcContext));
this.oidcContext = oidcContext;
}
+
public OidcClientTokenContext getOidcContext() {
return oidcContext;
}
- private static String getPrincipalName(OidcClientTokenContext oidcContext) {
+
+ protected static String getPrincipalName(OidcClientTokenContext oidcContext) {
+ String name = null;
if (oidcContext.getUserInfo() != null) {
- return oidcContext.getUserInfo().getEmail();
- } else {
- IdToken token = oidcContext.getIdToken();
- String name = token.getEmail();
+ name = oidcContext.getUserInfo().getSubject();
if (name == null) {
- name = token.getSubject();
+ name = oidcContext.getUserInfo().getEmail();
}
- return name;
}
+ if (name == null && oidcContext.getIdToken() != null) {
+ name = oidcContext.getIdToken().getSubject();
+ if (name == null) {
+ name = oidcContext.getIdToken().getEmail();
+ }
+ }
+ return name;
}
+
@Override
public boolean isSecure() {
String value = HttpUtils.getEndpointAddress(JAXRSUtils.getCurrentMessage());
return value.startsWith("https://");
}
+
@Override
public String getAuthenticationScheme() {
return "OIDC";