You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2018/09/05 11:43:59 UTC

[cxf-fediz] branch master updated: FEDIZ-228 - Add the "jti" claim in FedizSubjectCreator

This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf-fediz.git


The following commit(s) were added to refs/heads/master by this push:
     new 621dc65  FEDIZ-228 - Add the "jti" claim in FedizSubjectCreator
621dc65 is described below

commit 621dc6512d0d56efbe39db3401b14be9cf16e0b5
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Wed Sep 5 12:43:39 2018 +0100

    FEDIZ-228 - Add the "jti" claim in FedizSubjectCreator
---
 .../java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java  | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
index 4b44dba..eeb6364 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/FedizSubjectCreator.java
@@ -41,6 +41,7 @@ import org.apache.cxf.jaxrs.ext.MessageContext;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
 import org.apache.cxf.rs.security.oauth2.provider.SubjectCreator;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
+import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
 import org.apache.cxf.rs.security.oidc.common.IdToken;
 import org.apache.cxf.rs.security.oidc.idp.OidcUserSubject;
 import org.apache.cxf.rs.security.oidc.utils.OidcUtils;
@@ -134,6 +135,8 @@ public class FedizSubjectCreator implements SubjectCreator {
             }
         }
 
+        idToken.setTokenId(OAuthUtils.generateRandomTokenKey());
+
         // Compute exp claim
         long currentTimeInSecs = System.currentTimeMillis() / 1000L;
         idToken.setIssuedAt(currentTimeInSecs);
@@ -184,7 +187,7 @@ public class FedizSubjectCreator implements SubjectCreator {
                     idToken.setEmail((String) c.getValue());
                 } else if (supportedClaims.containsKey(c.getClaimType().toString())
                         && requestedClaimsList.contains(supportedClaims.get(c.getClaimType().toString()))) {
-                    idToken.setClaim(supportedClaims.get(c.getClaimType().toString()), (String) c.getValue());
+                    idToken.setClaim(supportedClaims.get(c.getClaimType().toString()), c.getValue());
                 }
 
             }