You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2016/01/11 13:51:48 UTC
cxf git commit: [CXF-6736] Passing the code request state directly to
some functions
Repository: cxf
Updated Branches:
refs/heads/master 0222768ba -> 39c772a07
[CXF-6736] Passing the code request state directly to some functions
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/39c772a0
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/39c772a0
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/39c772a0
Branch: refs/heads/master
Commit: 39c772a0764b323f98ab58e00345f4fca924c425
Parents: 0222768
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Mon Jan 11 12:51:30 2016 +0000
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Mon Jan 11 12:51:30 2016 +0000
----------------------------------------------------------------------
.../oauth2/client/ClientCodeRequestFilter.java | 14 +++++---
.../oidc/rp/OidcClientCodeRequestFilter.java | 35 ++++++++------------
2 files changed, 22 insertions(+), 27 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/39c772a0/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
index c02688c..0b950c7 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
@@ -131,7 +131,8 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter {
}
private Response createCodeResponse(ContainerRequestContext rc, UriInfo ui) {
- MultivaluedMap<String, String> redirectState = createRedirectState(rc, ui);
+ MultivaluedMap<String, String> codeRequestState = toCodeRequestState(rc, ui);
+ MultivaluedMap<String, String> redirectState = createRedirectState(rc, ui, codeRequestState);
String theState = redirectState != null ? redirectState.getFirst(OAuthConstants.STATE) : null;
String redirectScope = redirectState != null ? redirectState.getFirst(OAuthConstants.SCOPE) : null;
String theScope = redirectScope != null ? redirectScope : scopes;
@@ -142,7 +143,7 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter {
theScope);
setFormPostResponseMode(ub, redirectState);
setCodeVerifier(ub, redirectState);
- setAdditionalCodeRequestParams(ub, redirectState);
+ setAdditionalCodeRequestParams(ub, redirectState, codeRequestState);
URI uri = ub.build();
return Response.seeOther(uri).build();
}
@@ -165,7 +166,9 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter {
}
}
- protected void setAdditionalCodeRequestParams(UriBuilder ub, MultivaluedMap<String, String> redirectState) {
+ protected void setAdditionalCodeRequestParams(UriBuilder ub,
+ MultivaluedMap<String, String> redirectState,
+ MultivaluedMap<String, String> codeRequestState) {
}
private URI getAbsoluteRedirectUri(UriInfo ui) {
@@ -222,12 +225,13 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter {
JAXRSUtils.getCurrentMessage().setContent(ClientTokenContext.class, request);
}
- protected MultivaluedMap<String, String> createRedirectState(ContainerRequestContext rc, UriInfo ui) {
+ protected MultivaluedMap<String, String> createRedirectState(ContainerRequestContext rc,
+ UriInfo ui,
+ MultivaluedMap<String, String> codeRequestState) {
if (clientStateManager == null) {
return new MetadataMap<String, String>();
}
String codeVerifier = null;
- MultivaluedMap<String, String> codeRequestState = toCodeRequestState(rc, ui);
if (codeVerifierTransformer != null) {
codeVerifier = Base64UrlUtility.encode(CryptoUtils.generateSecureRandomBytes(32));
codeRequestState.putSingle(OAuthConstants.AUTHORIZATION_CODE_VERIFIER,
http://git-wip-us.apache.org/repos/asf/cxf/blob/39c772a0/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
index 0191779..76035bc 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
@@ -81,17 +81,6 @@ public class OidcClientCodeRequestFilter extends ClientCodeRequestFilter {
}
@Override
- protected MultivaluedMap<String, String> createRedirectState(ContainerRequestContext rc, UriInfo ui) {
- MultivaluedMap<String, String> redirectState = super.createRedirectState(rc, ui);
- MultivaluedMap<String, String> codeRequestState = toRequestState(rc, ui);
- String loginHint = codeRequestState.getFirst(LOGIN_HINT_PARAMETER);
- if (loginHint != null) {
- redirectState.putSingle(LOGIN_HINT_PARAMETER, loginHint);
- }
- return redirectState;
- }
-
- @Override
protected MultivaluedMap<String, String> toCodeRequestState(ContainerRequestContext rc, UriInfo ui) {
MultivaluedMap<String, String> state = super.toCodeRequestState(rc, ui);
if (maxAgeOffset != null) {
@@ -139,13 +128,9 @@ public class OidcClientCodeRequestFilter extends ClientCodeRequestFilter {
}
@Override
- protected void setAdditionalCodeRequestParams(UriBuilder ub, MultivaluedMap<String, String> redirectState) {
- if (claims != null) {
- ub.queryParam("claims", claims);
- }
- if (claimsLocales != null) {
- ub.queryParam("claims_locales", claimsLocales);
- }
+ protected void setAdditionalCodeRequestParams(UriBuilder ub,
+ MultivaluedMap<String, String> redirectState,
+ MultivaluedMap<String, String> codeRequestState) {
if (redirectState != null) {
if (redirectState.getFirst(IdToken.NONCE_CLAIM) != null) {
ub.queryParam(IdToken.NONCE_CLAIM, redirectState.getFirst(IdToken.NONCE_CLAIM));
@@ -154,16 +139,22 @@ public class OidcClientCodeRequestFilter extends ClientCodeRequestFilter {
ub.queryParam(MAX_AGE_PARAMETER, redirectState.getFirst(MAX_AGE_PARAMETER));
}
}
+ if (codeRequestState != null && codeRequestState.getFirst(LOGIN_HINT_PARAMETER) != null) {
+ ub.queryParam(LOGIN_HINT_PARAMETER, codeRequestState.getFirst(LOGIN_HINT_PARAMETER));
+ }
+ if (claims != null) {
+ ub.queryParam("claims", claims);
+ }
+ if (claimsLocales != null) {
+ ub.queryParam("claims_locales", claimsLocales);
+ }
if (authenticationContextRef != null) {
ub.queryParam(ACR_PARAMETER, authenticationContextRef);
}
if (promptLogin != null) {
ub.queryParam(PROMPT_PARAMETER, promptLogin);
}
- String loginHint = redirectState.getFirst(LOGIN_HINT_PARAMETER);
- if (loginHint != null) {
- ub.queryParam(LOGIN_HINT_PARAMETER, loginHint);
- }
+
}
public void setPromptLogin(String promptLogin) {