You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2017/02/21 15:19:01 UTC
cxf-fediz git commit: Using a base URI to resolve IdToken issuer
values which start from a forward slash
Repository: cxf-fediz
Updated Branches:
refs/heads/master 5667ed43a -> d5f30aa57
Using a base URI to resolve IdToken issuer values which start from a forward slash
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/d5f30aa5
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/d5f30aa5
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/d5f30aa5
Branch: refs/heads/master
Commit: d5f30aa574f1d9d2d6dd9a047f4db21b8191a804
Parents: 5667ed4
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Tue Feb 21 15:18:48 2017 +0000
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Tue Feb 21 15:18:48 2017 +0000
----------------------------------------------------------------------
.../cxf/fediz/service/oidc/FedizSubjectCreator.java | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/d5f30aa5/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
index 527eb74..a276d5f 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
@@ -25,6 +25,7 @@ import java.util.List;
import java.util.Map;
import javax.ws.rs.core.MultivaluedMap;
+import javax.ws.rs.core.UriBuilder;
import org.w3c.dom.Element;
@@ -75,7 +76,8 @@ public class FedizSubjectCreator implements SubjectCreator {
// by the authentication system (IDP/STS) once and reported every time a given user signs in ?
oidcSub.setId(Base64UrlUtility.encode(CryptoUtils.generateSecureRandomBytes(16)));
- IdToken idToken = convertToIdToken(fedizPrincipal.getLoginToken(),
+ IdToken idToken = convertToIdToken(mc,
+ fedizPrincipal.getLoginToken(),
oidcSub.getLogin(),
oidcSub.getId(),
fedizPrincipal.getClaims(),
@@ -88,7 +90,8 @@ public class FedizSubjectCreator implements SubjectCreator {
return oidcSub;
}
- private IdToken convertToIdToken(Element samlToken,
+ private IdToken convertToIdToken(MessageContext mc,
+ Element samlToken,
String subjectName,
String subjectId,
ClaimCollection claims,
@@ -129,7 +132,14 @@ public class FedizSubjectCreator implements SubjectCreator {
}
// Check if default issuer, issuedAt and expiryTime values have to be set
if (issuer != null) {
- idToken.setIssuer(issuer);
+ String realIssuer = null;
+ if (issuer.startsWith("/")) {
+ UriBuilder ub = mc.getUriInfo().getBaseUriBuilder();
+ realIssuer = ub.path(issuer).build().toString();
+ } else {
+ realIssuer = issuer;
+ }
+ idToken.setIssuer(realIssuer);
} else if (saml2Assertion != null) {
Issuer assertionIssuer = saml2Assertion.getIssuer();
if (assertionIssuer != null) {