You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2022/07/20 07:20:22 UTC
[cxf] branch main updated: Picking up more changes from WSS4J
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/cxf.git
The following commit(s) were added to refs/heads/main by this push:
new b067ecf705 Picking up more changes from WSS4J
b067ecf705 is described below
commit b067ecf705094a7b66a98639465c38f2a55f7d15
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Wed Jul 20 08:09:05 2022 +0100
Picking up more changes from WSS4J
---
.../cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java | 3 +--
.../cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java | 4 +---
.../java/org/apache/cxf/rs/security/saml/AbstractSamlInHandler.java | 3 +--
.../org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java | 2 +-
.../main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java | 2 +-
.../src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java | 2 +-
.../org/apache/cxf/systest/sts/secure_conv/SCTTokenValidator.java | 3 +--
7 files changed, 7 insertions(+), 12 deletions(-)
diff --git a/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java b/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java
index 2ae7d76dad..8da8e1551e 100644
--- a/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java
@@ -206,8 +206,7 @@ public class Saml2BearerGrantHandler extends AbstractGrantHandler {
);
assertion.verifySignature(samlKeyInfo);
assertion.parseSubject(
- new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto(),
- data.getCallbackHandler()
+ new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto()
);
} else if (getTLSCertificates(message) == null) {
throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
diff --git a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java
index 93c5ac6b99..aa3c79005e 100644
--- a/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java
+++ b/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLProtocolResponseValidator.java
@@ -413,9 +413,7 @@ public class SAMLProtocolResponseValidator {
assertion.verifySignature(samlKeyInfo);
assertion.parseSubject(
- new WSSSAMLKeyInfoProcessor(requestData),
- requestData.getSigVerCrypto(),
- requestData.getCallbackHandler()
+ new WSSSAMLKeyInfoProcessor(requestData), requestData.getSigVerCrypto()
);
} catch (WSSecurityException e) {
LOG.log(Level.FINE, "Assertion failed signature validation", e);
diff --git a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlInHandler.java b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlInHandler.java
index 05c18133e0..9f29614b2f 100644
--- a/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlInHandler.java
+++ b/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlInHandler.java
@@ -171,8 +171,7 @@ public abstract class AbstractSamlInHandler implements ContainerRequestFilter {
assertion.verifySignature(samlKeyInfo);
assertion.parseSubject(
- new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto(),
- data.getCallbackHandler()
+ new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto()
);
} else if (getTLSCertificates(message) == null) {
throwFault("Assertion must be signed", null);
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
index 1119d1f4f6..e66212bf89 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/AbstractWSS4JInterceptor.java
@@ -215,7 +215,7 @@ public abstract class AbstractWSS4JInterceptor extends WSHandler implements Soap
RequestData reqData
) throws WSSecurityException {
Message message = (Message)reqData.getMsgContext();
- ClassLoader classLoader = this.getClassLoader(reqData.getMsgContext());
+ ClassLoader classLoader = this.getClassLoader();
PasswordEncryptor passwordEncryptor = getPasswordEncryptor(reqData);
return
WSS4JUtils.loadCryptoFromPropertiesFile(
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
index 8d57f3440e..e43ebc5cf5 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
@@ -341,7 +341,7 @@ public class SAMLTokenRenewer extends AbstractSAMLTokenProvider implements Token
// Parse the HOK subject if it exists
assertion.parseSubject(
- new WSSSAMLKeyInfoProcessor(requestData), sigCrypto, callbackHandler
+ new WSSSAMLKeyInfoProcessor(requestData), sigCrypto
);
SAMLKeyInfo keyInfo = assertion.getSubjectKeyInfo();
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
index ef3d27bc47..b10fefa125 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
@@ -889,7 +889,7 @@ public class IssueSamlUnitTest {
data.setWsDocInfo(new WSDocInfo(assertion.getOwnerDocument()));
assertionWrapper.parseSubject(
- new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto(), data.getCallbackHandler()
+ new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto()
);
SAMLKeyInfo samlKeyInfo = assertionWrapper.getSubjectKeyInfo();
diff --git a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/secure_conv/SCTTokenValidator.java b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/secure_conv/SCTTokenValidator.java
index 892f126576..7479ac154f 100644
--- a/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/secure_conv/SCTTokenValidator.java
+++ b/services/sts/systests/advanced/src/test/java/org/apache/cxf/systest/sts/secure_conv/SCTTokenValidator.java
@@ -42,8 +42,7 @@ public class SCTTokenValidator extends STSTokenValidator {
}
transformedToken.parseSubject(
- new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto(),
- data.getCallbackHandler()
+ new WSSSAMLKeyInfoProcessor(data), data.getSigVerCrypto()
);
SAMLKeyInfo keyInfo = transformedToken.getSubjectKeyInfo();
byte[] secret = keyInfo.getSecret();