You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2017/08/29 14:37:55 UTC

cxf-fediz git commit: [FEDIZ-207] Using the login name for a moment

Repository: cxf-fediz
Updated Branches:
  refs/heads/1.4.x-fixes d2f889c17 -> d6266d9dc


[FEDIZ-207] Using the login name for a moment


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/d6266d9d
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/d6266d9d
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/d6266d9d

Branch: refs/heads/1.4.x-fixes
Commit: d6266d9dc23342a683a7a3480381c158653b75f3
Parents: d2f889c
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Tue Aug 29 15:37:30 2017 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Tue Aug 29 15:37:30 2017 +0100

----------------------------------------------------------------------
 .../apache/cxf/fediz/service/oidc/FedizSubjectCreator.java  | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/d6266d9d/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
index d0309c2..79d9573 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
@@ -31,7 +31,6 @@ import javax.ws.rs.core.UriBuilder;
 
 import org.w3c.dom.Element;
 
-import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.fediz.core.Claim;
 import org.apache.cxf.fediz.core.ClaimCollection;
 import org.apache.cxf.fediz.core.ClaimTypes;
@@ -44,7 +43,6 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 import org.apache.cxf.rs.security.oidc.common.AbstractUserInfo;
 import org.apache.cxf.rs.security.oidc.common.IdToken;
 import org.apache.cxf.rs.security.oidc.idp.OidcUserSubject;
-import org.apache.cxf.rt.security.crypto.CryptoUtils;
 import org.apache.wss4j.common.ext.WSSecurityException;
 import org.apache.wss4j.common.saml.SamlAssertionWrapper;
 import org.joda.time.DateTime;
@@ -106,11 +104,8 @@ public class FedizSubjectCreator implements SubjectCreator {
         OidcUserSubject oidcSub = new OidcUserSubject();
         oidcSub.setLogin(fedizPrincipal.getName());
 
-        // Subject ID - a locally unique and never reassigned identifier allocated to the end user
-        // REVISIT:
-        // Can it be allocated on per-session basis or is it something that is supposed to be created
-        // by the authentication system (IDP/STS) once and reported every time a given user signs in ?
-        oidcSub.setId(Base64UrlUtility.encode(CryptoUtils.generateSecureRandomBytes(16)));
+        // REVISIT: use fedizPrincipal.getId() to guarantee the uniqueness once FEDIZ-207 is resolved
+        oidcSub.setId(fedizPrincipal.getName());
 
         IdToken idToken = convertToIdToken(mc,
                                            fedizPrincipal.getLoginToken(),