You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2014/06/06 18:49:22 UTC
git commit: [CXF-5311] Prototyping JAX-RS handlers
Repository: cxf
Updated Branches:
refs/heads/master 2b51837e4 -> 73caf0ed3
[CXF-5311] Prototyping JAX-RS handlers
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/73caf0ed
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/73caf0ed
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/73caf0ed
Branch: refs/heads/master
Commit: 73caf0ed33e3a57ae700651ee4f89102c7f3e4ee
Parents: 2b51837
Author: Sergey Beryozkin <sb...@talend.com>
Authored: Fri Jun 6 17:49:07 2014 +0100
Committer: Sergey Beryozkin <sb...@talend.com>
Committed: Fri Jun 6 17:49:07 2014 +0100
----------------------------------------------------------------------
.../jwt/jaxrs/AbstractJweDecryptingFilter.java | 44 ++++++++++++++++++
.../jwt/jaxrs/JweClientResponseFilter.java | 36 +++++++++++++++
.../jwt/jaxrs/JweContainerRequestFilter.java | 9 ++--
.../oauth2/jwt/jaxrs/JweWriterInterceptor.java | 48 ++++++++++++++++++++
.../jwt/jaxrs/JwsContainerRequestFilter.java | 45 +++++++++++++++---
5 files changed, 171 insertions(+), 11 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/73caf0ed/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/AbstractJweDecryptingFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/AbstractJweDecryptingFilter.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/AbstractJweDecryptingFilter.java
new file mode 100644
index 0000000..296f12f
--- /dev/null
+++ b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/AbstractJweDecryptingFilter.java
@@ -0,0 +1,44 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth2.jwt.jaxrs;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.apache.cxf.helpers.IOUtils;
+import org.apache.cxf.rs.security.oauth2.jwe.JweDecryptionOutput;
+import org.apache.cxf.rs.security.oauth2.jwe.JweDecryptor;
+import org.apache.cxf.rs.security.oauth2.jwe.JweHeaders;
+
+public class AbstractJweDecryptingFilter {
+ private JweDecryptor decryptor;
+ protected byte[] decrypt(InputStream is) throws IOException {
+ JweDecryptionOutput out = decryptor.decrypt(new String(IOUtils.readBytesFromStream(is), "UTF-8"));
+ validateHeaders(out.getHeaders());
+ return out.getContent();
+ }
+
+ protected void validateHeaders(JweHeaders headers) {
+ // complete
+ }
+ public void setDecryptor(JweDecryptor decryptor) {
+ this.decryptor = decryptor;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/73caf0ed/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JweClientResponseFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JweClientResponseFilter.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JweClientResponseFilter.java
new file mode 100644
index 0000000..0cf38fe
--- /dev/null
+++ b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JweClientResponseFilter.java
@@ -0,0 +1,36 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth2.jwt.jaxrs;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+
+import javax.ws.rs.client.ClientRequestContext;
+import javax.ws.rs.client.ClientResponseContext;
+import javax.ws.rs.client.ClientResponseFilter;
+
+public class JweClientResponseFilter extends AbstractJweDecryptingFilter implements ClientResponseFilter {
+ @Override
+ public void filter(ClientRequestContext req, ClientResponseContext res) throws IOException {
+ res.setEntityStream(new ByteArrayInputStream(
+ decrypt(res.getEntityStream())));
+
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/73caf0ed/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JweContainerRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JweContainerRequestFilter.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JweContainerRequestFilter.java
index 89c47c6..9eb2ace 100644
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JweContainerRequestFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JweContainerRequestFilter.java
@@ -18,6 +18,7 @@
*/
package org.apache.cxf.rs.security.oauth2.jwt.jaxrs;
+import java.io.ByteArrayInputStream;
import java.io.IOException;
import javax.ws.rs.container.ContainerRequestContext;
@@ -25,12 +26,10 @@ import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.container.PreMatching;
@PreMatching
-public class JweContainerRequestFilter implements ContainerRequestFilter {
-
+public class JweContainerRequestFilter extends AbstractJweDecryptingFilter implements ContainerRequestFilter {
@Override
public void filter(ContainerRequestContext context) throws IOException {
- // TODO Auto-generated method stub
-
+ context.setEntityStream(new ByteArrayInputStream(
+ decrypt(context.getEntityStream())));
}
-
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/73caf0ed/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JweWriterInterceptor.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JweWriterInterceptor.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JweWriterInterceptor.java
new file mode 100644
index 0000000..be3f2eb
--- /dev/null
+++ b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JweWriterInterceptor.java
@@ -0,0 +1,48 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth2.jwt.jaxrs;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.OutputStream;
+
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.ext.WriterInterceptor;
+import javax.ws.rs.ext.WriterInterceptorContext;
+
+import org.apache.cxf.helpers.IOUtils;
+import org.apache.cxf.io.CachedOutputStream;
+import org.apache.cxf.rs.security.oauth2.jwe.JweEncryptor;
+
+public class JweWriterInterceptor implements WriterInterceptor {
+ private JweEncryptor encryptor;
+
+ @Override
+ public void aroundWriteTo(WriterInterceptorContext ctx) throws IOException, WebApplicationException {
+ OutputStream actualOs = ctx.getOutputStream();
+ CachedOutputStream cos = new CachedOutputStream();
+ ctx.setOutputStream(cos);
+ ctx.proceed();
+ String jweContent = encryptor.encrypt(cos.getBytes());
+ IOUtils.copy(new ByteArrayInputStream(jweContent.getBytes("UTF-8")), actualOs);
+ actualOs.flush();
+ // TODO: figure out what to do with the content type
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/73caf0ed/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JwsContainerRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JwsContainerRequestFilter.java b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JwsContainerRequestFilter.java
index 8c5c43a..1f9999a 100644
--- a/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JwsContainerRequestFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2-jwt/src/main/java/org/apache/cxf/rs/security/oauth2/jwt/jaxrs/JwsContainerRequestFilter.java
@@ -19,16 +19,49 @@
package org.apache.cxf.rs.security.oauth2.jwt.jaxrs;
import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.lang.annotation.Annotation;
+import java.lang.reflect.Type;
-import javax.ws.rs.container.ContainerRequestContext;
-import javax.ws.rs.container.ContainerRequestFilter;
-import javax.ws.rs.container.PreMatching;
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.MultivaluedMap;
+import javax.ws.rs.ext.MessageBodyReader;
+import javax.ws.rs.ext.MessageBodyWriter;
-@PreMatching
-public class JwsContainerRequestFilter implements ContainerRequestFilter {
+import org.apache.cxf.rs.security.oauth2.jwt.JwtToken;
+
+public class JwsContainerRequestFilter implements
+ MessageBodyWriter<JwtToken>, MessageBodyReader<JwtToken> {
+
+ @Override
+ public boolean isReadable(Class<?> cls, Type type, Annotation[] anns, MediaType mt) {
+ return cls == JwtToken.class;
+ }
+
+ @Override
+ public JwtToken readFrom(Class<JwtToken> cls, Type t, Annotation[] anns, MediaType mt,
+ MultivaluedMap<String, String> headers, InputStream is) throws IOException,
+ WebApplicationException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public long getSize(JwtToken token, Class<?> cls, Type type, Annotation[] anns, MediaType mt) {
+ return -1;
+ }
+
+ @Override
+ public boolean isWriteable(Class<?> cls, Type type, Annotation[] anns, MediaType mt) {
+ return cls == JwtToken.class;
+ }
@Override
- public void filter(ContainerRequestContext context) throws IOException {
+ public void writeTo(JwtToken token, Class<?> cls, Type type, Annotation[] anns, MediaType mt,
+ MultivaluedMap<String, Object> headers, OutputStream os) throws IOException,
+ WebApplicationException {
// TODO Auto-generated method stub
}