You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2016/09/14 11:06:48 UTC
cxf-fediz git commit: [FEDIZ-173] Cors support for js OIDC Implicit
Flow, patch from Adrian Gonzalez applied, This closes #9
Repository: cxf-fediz
Updated Branches:
refs/heads/master 22553ad77 -> 510bee5ad
[FEDIZ-173] Cors support for js OIDC Implicit Flow, patch from Adrian Gonzalez applied, This closes #9
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/510bee5a
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/510bee5a
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/510bee5a
Branch: refs/heads/master
Commit: 510bee5adc9d1742cd942f93db2a07abc82084b5
Parents: 22553ad
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Wed Sep 14 12:06:29 2016 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Wed Sep 14 12:06:29 2016 +0100
----------------------------------------------------------------------
services/oidc/pom.xml | 5 +++++
.../oidc/src/main/webapp/WEB-INF/applicationContext.xml | 9 +++++++++
2 files changed, 14 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/510bee5a/services/oidc/pom.xml
----------------------------------------------------------------------
diff --git a/services/oidc/pom.xml b/services/oidc/pom.xml
index ad3b515..aede1dd 100644
--- a/services/oidc/pom.xml
+++ b/services/oidc/pom.xml
@@ -58,6 +58,11 @@
<version>${cxf.version}</version>
</dependency>
<dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-rs-security-cors</artifactId>
+ <version>${cxf.version}</version>
+ </dependency>
+ <dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring.version}</version>
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/510bee5a/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml b/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
index c893dd4..53bd83f 100644
--- a/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
+++ b/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
@@ -95,6 +95,7 @@
<ref bean="oidcKeysService"/>
</jaxrs:serviceBeans>
<jaxrs:providers>
+ <ref bean="corsFilter"/>
<bean class="org.apache.cxf.rs.security.jose.jaxrs.JsonWebKeysProvider"/>
</jaxrs:providers>
<jaxrs:properties>
@@ -119,6 +120,7 @@
<ref bean="userInfoService"/>
</jaxrs:serviceBeans>
<jaxrs:providers>
+ <ref bean="corsFilter"/>
<bean class="org.apache.cxf.jaxrs.provider.json.JsonMapObjectProvider"/>
<ref bean="oauth2TokenValidationFilter"/>
</jaxrs:providers>
@@ -178,6 +180,13 @@
<property name="signWithClientSecret" value="true"/>
-->
</bean>
+ <!-- Cors filter for endpoints used by implicit flow (by js clients) -->
+ <util:list id="implicitFlowAllowHeaders">
+ <value>Authorization</value>
+ </util:list>
+ <bean id="corsFilter" class="org.apache.cxf.rs.security.cors.CrossOriginResourceSharingFilter">
+ <property name="allowHeaders" ref="implicitFlowAllowHeaders"/>
+ </bean>
<bean id="refreshTokenHandler" class="org.apache.cxf.rs.security.oauth2.grants.refresh.RefreshTokenGrantHandler">
<property name="dataProvider" ref="oauthProvider"/>
</bean>