You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by jb...@apache.org on 2015/12/10 15:42:08 UTC
cxf-fediz git commit: Add oidc application realm
Repository: cxf-fediz
Updated Branches:
refs/heads/master 664d577dc -> d9e97341d
Add oidc application realm
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/d9e97341
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/d9e97341
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/d9e97341
Branch: refs/heads/master
Commit: d9e97341d58ca42f4151cf760c32356e0e1002e9
Parents: 664d577
Author: Jan Bernhardt <jb...@talend.com>
Authored: Thu Dec 10 15:25:41 2015 +0100
Committer: Jan Bernhardt <jb...@talend.com>
Committed: Thu Dec 10 15:38:39 2015 +0100
----------------------------------------------------------------------
services/idp/src/main/resources/entities-realma.xml | 15 +++++++++++++--
.../service/idp/integrationtests/RestITTest.java | 2 +-
.../fediz/service/idp/service/jpa/IdpDAOJPATest.java | 11 ++++-------
services/oidc/src/main/conf/fediz_config.xml | 8 ++++----
4 files changed, 22 insertions(+), 14 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/d9e97341/services/idp/src/main/resources/entities-realma.xml
----------------------------------------------------------------------
diff --git a/services/idp/src/main/resources/entities-realma.xml b/services/idp/src/main/resources/entities-realma.xml
index c9e6f0a..66839e6 100644
--- a/services/idp/src/main/resources/entities-realma.xml
+++ b/services/idp/src/main/resources/entities-realma.xml
@@ -66,6 +66,7 @@
<property name="applications">
<util:list>
<ref bean="srv-fedizhelloworld" />
+ <ref bean="srv-oidc" />
</util:list>
</property>
<property name="trustedIdps">
@@ -104,8 +105,18 @@
<property name="role" value="ApplicationServiceType" />
<property name="tokenType" value="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" />
<property name="lifeTime" value="3600" />
- <property name="passiveRequestorEndpointConstraint"
- value="https://localhost:(\d)*/.*" />
+ <property name="passiveRequestorEndpointConstraint" value="https://localhost:?(\d)*/.*" />
+ </bean>
+
+ <bean id="srv-oidc" class="org.apache.cxf.fediz.service.idp.service.jpa.ApplicationEntity">
+ <property name="realm" value="urn:org:apache:cxf:fediz:oidc" />
+ <property name="protocol" value="http://docs.oasis-open.org/wsfed/federation/200706" />
+ <property name="serviceDisplayName" value="OIDC Provider" />
+ <property name="serviceDescription" value="OpenID Connect Provider" />
+ <property name="role" value="ApplicationServiceType" />
+ <property name="tokenType" value="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" />
+ <property name="lifeTime" value="3600" />
+ <property name="passiveRequestorEndpointConstraint" value="https://localhost:?(\d)*/fediz-oidc/.*" />
</bean>
<bean class="org.apache.cxf.fediz.service.idp.service.jpa.ApplicationClaimEntity">
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/d9e97341/services/idp/src/test/java/org/apache/cxf/fediz/service/idp/integrationtests/RestITTest.java
----------------------------------------------------------------------
diff --git a/services/idp/src/test/java/org/apache/cxf/fediz/service/idp/integrationtests/RestITTest.java b/services/idp/src/test/java/org/apache/cxf/fediz/service/idp/integrationtests/RestITTest.java
index 6931633..9b3147f 100644
--- a/services/idp/src/test/java/org/apache/cxf/fediz/service/idp/integrationtests/RestITTest.java
+++ b/services/idp/src/test/java/org/apache/cxf/fediz/service/idp/integrationtests/RestITTest.java
@@ -114,7 +114,7 @@ public class RestITTest {
Assert.assertEquals("Number of TokenTypesOffered doesn't match",
2, idp.getTokenTypesOffered().size());
Assert.assertEquals("Number of applications doesn't match",
- 1, idp.getApplications().size());
+ 2, idp.getApplications().size());
Assert.assertEquals("Number of trusted IDPs doesn't match",
1, idp.getTrustedIdps().size());
Assert.assertEquals("Number of claims doesn't match",
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/d9e97341/services/idp/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/IdpDAOJPATest.java
----------------------------------------------------------------------
diff --git a/services/idp/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/IdpDAOJPATest.java b/services/idp/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/IdpDAOJPATest.java
index 11f5d77..6256371 100644
--- a/services/idp/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/IdpDAOJPATest.java
+++ b/services/idp/src/test/java/org/apache/cxf/fediz/service/idp/service/jpa/IdpDAOJPATest.java
@@ -69,8 +69,7 @@ public class IdpDAOJPATest {
@Test
public void testReadExistingIdpEmbeddedAll() throws MalformedURLException {
- Idp idp = idpDAO.getIdp("urn:org:apache:cxf:fediz:idp:realm-A",
- Arrays.asList("all"));
+ Idp idp = idpDAO.getIdp("urn:org:apache:cxf:fediz:idp:realm-A", Arrays.asList("all"));
Assert.isTrue("stsKeystoreA.properties".equals(idp.getCertificate()),
"Certificate doesn't match");
@@ -98,7 +97,7 @@ public class IdpDAOJPATest {
"Number of SupportedProtocols doesn't match");
Assert.isTrue(2 == idp.getTokenTypesOffered().size(),
"Number of TokenTypesOffered doesn't match");
- Assert.isTrue(1 == idp.getApplications().size(),
+ Assert.isTrue(2 == idp.getApplications().size(),
"Number of applications doesn't match");
Assert.isTrue(1 == idp.getTrustedIdps().size(),
"Number of trusted IDPs doesn't match");
@@ -126,11 +125,9 @@ public class IdpDAOJPATest {
@Test
public void testReadExistingIdpEmbeddedApplications() {
- Idp idp = idpDAO.getIdp("urn:org:apache:cxf:fediz:idp:realm-A",
- Arrays.asList("applications"));
+ Idp idp = idpDAO.getIdp("urn:org:apache:cxf:fediz:idp:realm-A", Arrays.asList("applications"));
- Assert.isTrue(1 == idp.getApplications().size(),
- "Number of applications doesn't match");
+ Assert.isTrue(2 == idp.getApplications().size(), "Number of applications doesn't match");
}
@Test
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/d9e97341/services/oidc/src/main/conf/fediz_config.xml
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/conf/fediz_config.xml b/services/oidc/src/main/conf/fediz_config.xml
index f57f9e9..512899c 100644
--- a/services/oidc/src/main/conf/fediz_config.xml
+++ b/services/oidc/src/main/conf/fediz_config.xml
@@ -25,7 +25,7 @@
<FedizConfig>
<contextConfig name="/fediz-oidc">
<audienceUris>
- <audienceItem>urn:org:apache:cxf:fediz:fedizhelloworld</audienceItem>
+ <audienceItem>urn:org:apache:cxf:fediz:oidc</audienceItem>
</audienceUris>
<certificateStores>
<trustManager>
@@ -38,11 +38,11 @@
<maximumClockSkew>1000</maximumClockSkew>
<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="federationProtocolType" version="1.0.0">
- <realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
- <issuer>https://localhost:8443/fediz-idp/federation</issuer>
+ <realm>urn:org:apache:cxf:fediz:oidc</realm>
+ <issuer>https://localhost:9443/fediz-idp/federation</issuer>
+ <homeRealm type="Class">org.apache.cxf.fediz.service.oidc.HomeRealmCallbackHandler</homeRealm>
<roleDelimiter>,</roleDelimiter>
<roleURI>http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role</roleURI>
- <homeRealm type="Class">org.apache.cxf.fediz.service.oidc.HomeRealmCallbackHandler</homeRealm>
<claimTypesRequested>
<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role" optional="false" />
<claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" optional="true" />