You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2017/04/19 10:46:16 UTC
cxf-fediz git commit: Injecting MessageContext instead following
feedback from Sergey
Repository: cxf-fediz
Updated Branches:
refs/heads/master c68e48208 -> 4b9aaf230
Injecting MessageContext instead following feedback from Sergey
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/4b9aaf23
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/4b9aaf23
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/4b9aaf23
Branch: refs/heads/master
Commit: 4b9aaf230c52f4c79660b38d47e6bd339ed6a7c8
Parents: c68e482
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Wed Apr 19 11:46:02 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Wed Apr 19 11:46:02 2017 +0100
----------------------------------------------------------------------
.../oidc/clients/ClientRegistrationService.java | 15 +++++++--------
.../service/oidc/console/UserConsoleService.java | 10 ++++++----
2 files changed, 13 insertions(+), 12 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/4b9aaf23/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/clients/ClientRegistrationService.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/clients/ClientRegistrationService.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/clients/ClientRegistrationService.java
index d00b9cd..6dded2d 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/clients/ClientRegistrationService.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/clients/ClientRegistrationService.java
@@ -58,8 +58,7 @@ import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.common.util.Base64UrlUtility;
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.fediz.service.oidc.CSRFUtils;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.phase.PhaseInterceptorChain;
+import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.rs.security.oauth2.common.Client;
import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
import org.apache.cxf.rs.security.oauth2.common.UserSubject;
@@ -71,7 +70,6 @@ import org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken;
import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
import org.apache.cxf.rs.security.oidc.idp.OidcUserSubject;
import org.apache.cxf.rt.security.crypto.CryptoUtils;
-import org.apache.cxf.transport.http.AbstractHTTPDestination;
@Path("/")
public class ClientRegistrationService {
@@ -86,11 +84,11 @@ public class ClientRegistrationService {
private boolean protectIdTokenWithClientSecret;
private Map<String, String> clientScopes;
- private SecurityContext sc;
+ private MessageContext mc;
@Context
- public void setSecurityContext(SecurityContext securityContext) {
- this.sc = securityContext;
+ public void setMessageContext(MessageContext messageContext) {
+ this.mc = messageContext;
}
@GET
@@ -284,6 +282,7 @@ public class ClientRegistrationService {
Client newClient = new Client(clientId, clientSecret, isConfidential, appName);
// User who registered this client
+ SecurityContext sc = mc.getSecurityContext();
String userName = sc.getUserPrincipal().getName();
UserSubject userSubject = new OidcUserSubject(userName);
newClient.setResourceOwnerSubject(userSubject);
@@ -353,8 +352,7 @@ public class ClientRegistrationService {
private void checkCSRFToken(String csrfToken) {
// CSRF
- Message message = PhaseInterceptorChain.getCurrentMessage();
- HttpServletRequest httpRequest = (HttpServletRequest) message.get(AbstractHTTPDestination.HTTP_REQUEST);
+ HttpServletRequest httpRequest = mc.getHttpServletRequest();
String savedToken = CSRFUtils.getCSRFToken(httpRequest, false);
if (StringUtils.isEmpty(csrfToken) || StringUtils.isEmpty(savedToken)
|| !savedToken.equals(csrfToken)) {
@@ -452,6 +450,7 @@ public class ClientRegistrationService {
}
private String getUserName() {
+ SecurityContext sc = mc.getSecurityContext();
if (sc == null || sc.getUserPrincipal() == null) {
return null;
}
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/4b9aaf23/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/console/UserConsoleService.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/console/UserConsoleService.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/console/UserConsoleService.java
index 3d3abb5..cfe9565 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/console/UserConsoleService.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/console/UserConsoleService.java
@@ -27,18 +27,19 @@ import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.SecurityContext;
import org.apache.cxf.fediz.service.oidc.clients.ClientRegistrationService;
+import org.apache.cxf.jaxrs.ext.MessageContext;
@Path("/")
public class UserConsoleService {
- private SecurityContext sc;
+ private MessageContext mc;
private ClientRegistrationService clientRegService;
@Context
- public void setSecurityContext(SecurityContext securityContext) {
- this.sc = securityContext;
- clientRegService.setSecurityContext(securityContext);
+ public void setMessageContext(MessageContext messageContext) {
+ this.mc = messageContext;
+ clientRegService.setMessageContext(messageContext);
}
@@ -48,6 +49,7 @@ public class UserConsoleService {
return new UserConsole(getUserName());
}
private String getUserName() {
+ SecurityContext sc = mc.getSecurityContext();
return sc.getUserPrincipal().getName();
}
@Path("clients")