You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2017/08/29 14:37:55 UTC
cxf-fediz git commit: [FEDIZ-207] Using the login name for a moment
Repository: cxf-fediz
Updated Branches:
refs/heads/1.4.x-fixes d2f889c17 -> d6266d9dc
[FEDIZ-207] Using the login name for a moment
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/d6266d9d
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/d6266d9d
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/d6266d9d
Branch: refs/heads/1.4.x-fixes
Commit: d6266d9dc23342a683a7a3480381c158653b75f3
Parents: d2f889c
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Tue Aug 29 15:37:30 2017 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Tue Aug 29 15:37:30 2017 +0100
----------------------------------------------------------------------
.../apache/cxf/fediz/service/oidc/FedizSubjectCreator.java | 9 ++-------
1 file changed, 2 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/d6266d9d/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
index d0309c2..79d9573 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
@@ -31,7 +31,6 @@ import javax.ws.rs.core.UriBuilder;
import org.w3c.dom.Element;
-import org.apache.cxf.common.util.Base64UrlUtility;
import org.apache.cxf.fediz.core.Claim;
import org.apache.cxf.fediz.core.ClaimCollection;
import org.apache.cxf.fediz.core.ClaimTypes;
@@ -44,7 +43,6 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
import org.apache.cxf.rs.security.oidc.common.AbstractUserInfo;
import org.apache.cxf.rs.security.oidc.common.IdToken;
import org.apache.cxf.rs.security.oidc.idp.OidcUserSubject;
-import org.apache.cxf.rt.security.crypto.CryptoUtils;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.saml.SamlAssertionWrapper;
import org.joda.time.DateTime;
@@ -106,11 +104,8 @@ public class FedizSubjectCreator implements SubjectCreator {
OidcUserSubject oidcSub = new OidcUserSubject();
oidcSub.setLogin(fedizPrincipal.getName());
- // Subject ID - a locally unique and never reassigned identifier allocated to the end user
- // REVISIT:
- // Can it be allocated on per-session basis or is it something that is supposed to be created
- // by the authentication system (IDP/STS) once and reported every time a given user signs in ?
- oidcSub.setId(Base64UrlUtility.encode(CryptoUtils.generateSecureRandomBytes(16)));
+ // REVISIT: use fedizPrincipal.getId() to guarantee the uniqueness once FEDIZ-207 is resolved
+ oidcSub.setId(fedizPrincipal.getName());
IdToken idToken = convertToIdToken(mc,
fedizPrincipal.getLoginToken(),