You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2016/11/08 14:56:29 UTC
[02/14] cxf-fediz git commit: [FEDIZ-173] Cors support for js OIDC
Implicit Flow, patch from Adrian Gonzalez applied, This closes #9
[FEDIZ-173] Cors support for js OIDC Implicit Flow, patch from Adrian Gonzalez applied, This closes #9
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/e88cf097
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/e88cf097
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/e88cf097
Branch: refs/heads/1.3.x-fixes
Commit: e88cf0979eb11a67193b4fc9d8e61197c6480c96
Parents: 6b29a87
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Wed Sep 14 12:06:29 2016 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Nov 8 14:43:03 2016 +0000
----------------------------------------------------------------------
services/oidc/pom.xml | 5 +++++
.../oidc/src/main/webapp/WEB-INF/applicationContext.xml | 9 +++++++++
2 files changed, 14 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/e88cf097/services/oidc/pom.xml
----------------------------------------------------------------------
diff --git a/services/oidc/pom.xml b/services/oidc/pom.xml
index ad3b515..aede1dd 100644
--- a/services/oidc/pom.xml
+++ b/services/oidc/pom.xml
@@ -58,6 +58,11 @@
<version>${cxf.version}</version>
</dependency>
<dependency>
+ <groupId>org.apache.cxf</groupId>
+ <artifactId>cxf-rt-rs-security-cors</artifactId>
+ <version>${cxf.version}</version>
+ </dependency>
+ <dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring.version}</version>
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/e88cf097/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml b/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
index c893dd4..53bd83f 100644
--- a/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
+++ b/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
@@ -95,6 +95,7 @@
<ref bean="oidcKeysService"/>
</jaxrs:serviceBeans>
<jaxrs:providers>
+ <ref bean="corsFilter"/>
<bean class="org.apache.cxf.rs.security.jose.jaxrs.JsonWebKeysProvider"/>
</jaxrs:providers>
<jaxrs:properties>
@@ -119,6 +120,7 @@
<ref bean="userInfoService"/>
</jaxrs:serviceBeans>
<jaxrs:providers>
+ <ref bean="corsFilter"/>
<bean class="org.apache.cxf.jaxrs.provider.json.JsonMapObjectProvider"/>
<ref bean="oauth2TokenValidationFilter"/>
</jaxrs:providers>
@@ -178,6 +180,13 @@
<property name="signWithClientSecret" value="true"/>
-->
</bean>
+ <!-- Cors filter for endpoints used by implicit flow (by js clients) -->
+ <util:list id="implicitFlowAllowHeaders">
+ <value>Authorization</value>
+ </util:list>
+ <bean id="corsFilter" class="org.apache.cxf.rs.security.cors.CrossOriginResourceSharingFilter">
+ <property name="allowHeaders" ref="implicitFlowAllowHeaders"/>
+ </bean>
<bean id="refreshTokenHandler" class="org.apache.cxf.rs.security.oauth2.grants.refresh.RefreshTokenGrantHandler">
<property name="dataProvider" ref="oauthProvider"/>
</bean>