You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2016/02/22 18:04:16 UTC
cxf-fediz git commit: Initial code to use CXF to get the access token.
Repository: cxf-fediz
Updated Branches:
refs/heads/master 59ef5280e -> 6ed41737a
Initial code to use CXF to get the access token.
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/6ed41737
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/6ed41737
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/6ed41737
Branch: refs/heads/master
Commit: 6ed41737a9f0eebda467d44017c4bf1781d7a082
Parents: 59ef528
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Mon Feb 22 17:03:50 2016 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Mon Feb 22 17:03:50 2016 +0000
----------------------------------------------------------------------
services/idp/pom.xml | 1 -
.../TrustedIdpOIDCProtocolHandler.java | 46 ++++++++++++++++++++
2 files changed, 46 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6ed41737/services/idp/pom.xml
----------------------------------------------------------------------
diff --git a/services/idp/pom.xml b/services/idp/pom.xml
index 6607080..99a6084 100644
--- a/services/idp/pom.xml
+++ b/services/idp/pom.xml
@@ -226,7 +226,6 @@
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-rs-client</artifactId>
<version>${cxf.version}</version>
- <scope>test</scope>
</dependency>
<dependency>
<groupId>javax.validation</groupId>
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6ed41737/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/protocols/TrustedIdpOIDCProtocolHandler.java
----------------------------------------------------------------------
diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/protocols/TrustedIdpOIDCProtocolHandler.java b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/protocols/TrustedIdpOIDCProtocolHandler.java
index b4bc951..f4ffe40 100644
--- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/protocols/TrustedIdpOIDCProtocolHandler.java
+++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/protocols/TrustedIdpOIDCProtocolHandler.java
@@ -29,11 +29,18 @@ import java.net.URLEncoder;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
+import java.util.ArrayList;
import java.util.Collections;
+import java.util.List;
import javax.servlet.http.HttpServletRequest;
+import javax.ws.rs.core.Form;
+import javax.ws.rs.core.Response;
import org.w3c.dom.Element;
+
+import com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider;
+
import org.apache.cxf.fediz.core.FederationConstants;
import org.apache.cxf.fediz.core.config.FedizContext;
import org.apache.cxf.fediz.core.config.TrustManager;
@@ -55,6 +62,11 @@ import org.apache.cxf.fediz.service.idp.domain.Idp;
import org.apache.cxf.fediz.service.idp.domain.TrustedIdp;
import org.apache.cxf.fediz.service.idp.spi.TrustedIdpProtocolHandler;
import org.apache.cxf.fediz.service.idp.util.WebUtils;
+import org.apache.cxf.interceptor.LoggingInInterceptor;
+import org.apache.cxf.interceptor.LoggingOutInterceptor;
+import org.apache.cxf.jaxrs.client.ClientConfiguration;
+import org.apache.cxf.jaxrs.client.WebClient;
+import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
import org.apache.wss4j.common.crypto.CertificateStore;
@@ -128,6 +140,7 @@ public class TrustedIdpOIDCProtocolHandler implements TrustedIdpProtocolHandler
@Override
public URL processSignInResponse(RequestContext context, Idp idp, TrustedIdp trustedIdp) {
+ /*
String code = (String) WebUtils.getAttributeFromFlowScope(context,
OAuthConstants.CODE_RESPONSE_TYPE);
if (code == null) {
@@ -165,11 +178,44 @@ public class TrustedIdpOIDCProtocolHandler implements TrustedIdpProtocolHandler
LOG.error("Invalid Redirect URL for Trusted Idp", ex);
throw new IllegalStateException("Invalid Redirect URL for Trusted Idp");
}
+ */
+ return null;
}
@Override
public SecurityToken mapSignInResponse(RequestContext context, Idp idp, TrustedIdp trustedIdp) {
+ String code = (String) WebUtils.getAttributeFromFlowScope(context,
+ OAuthConstants.CODE_RESPONSE_TYPE);
+ if (code != null) {
+ // Here we need to get the IdToken using the authorization code
+ String address = "http://localhost:8080/auth/realms/realmb/protocol/openid-connect/token";
+
+ List<Object> providers = new ArrayList<Object>();
+ providers.add(new JacksonJsonProvider());
+
+ WebClient client =
+ WebClient.create(address, providers, "consumer-id", "90d5da25-e900-443f-a5d5-feb3bb060800", null);
+
+ ClientConfiguration config = WebClient.getConfig(client);
+
+ config.getOutInterceptors().add(new LoggingOutInterceptor());
+ config.getInInterceptors().add(new LoggingInInterceptor());
+
+ client.type("application/x-www-form-urlencoded").accept("application/json");
+
+ Form form = new Form();
+ form.param("grant_type", "authorization_code");
+ form.param("code", code);
+ form.param("client_id", "consumer-id");
+ form.param("redirect_uri", idp.getIdpUrl().toString());
+ Response response = client.post(form);
+
+ ClientAccessToken accessToken = response.readEntity(ClientAccessToken.class);
+ System.out.println("AT: " + accessToken.getTokenKey());
+
+ }
+
try {
String whr = (String) WebUtils.getAttributeFromFlowScope(context,
FederationConstants.PARAM_HOME_REALM);