You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2016/01/18 18:11:35 UTC
cxf-fediz git commit: Optional support for the pre-registered scopes
for clients
Repository: cxf-fediz
Updated Branches:
refs/heads/master 6b400f10a -> c330c42e1
Optional support for the pre-registered scopes for clients
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/c330c42e
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/c330c42e
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/c330c42e
Branch: refs/heads/master
Commit: c330c42e10d07c63291e898ef4de6d09b210a05c
Parents: 6b400f1
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Mon Jan 18 17:11:21 2016 +0000
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Mon Jan 18 17:11:21 2016 +0000
----------------------------------------------------------------------
.../service/oidc/ClientRegistrationService.java | 12 +++++++++++-
.../src/main/webapp/WEB-INF/applicationContext.xml | 6 ++++++
.../oidc/src/main/webapp/WEB-INF/data-manager.xml | 15 ++++++++-------
3 files changed, 25 insertions(+), 8 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/c330c42e/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java
index af0dc7f..66932eb 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java
@@ -19,6 +19,7 @@
package org.apache.cxf.fediz.service.oidc;
+import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
@@ -52,7 +53,8 @@ public class ClientRegistrationService {
private OAuthDataManager manager;
private Map<String, String> homeRealms = new LinkedHashMap<String, String>();
private boolean protectIdTokenWithClientSecret;
-
+ private Map<String, String> clientScopes;
+
@Context
private SecurityContext sc;
@@ -195,6 +197,10 @@ public class ClientRegistrationService {
newClient.setRegisteredAt(System.currentTimeMillis() / 1000);
+ if (clientScopes != null && !clientScopes.isEmpty()) {
+ newClient.setRegisteredScopes(new ArrayList<String>(clientScopes.keySet()));
+ }
+
return registerNewClient(newClient);
}
@@ -256,4 +262,8 @@ public class ClientRegistrationService {
public void setProtectIdTokenWithClientSecret(boolean protectIdTokenWithClientSecret) {
this.protectIdTokenWithClientSecret = protectIdTokenWithClientSecret;
}
+
+ public void setClientScopes(Map<String, String> clientScopes) {
+ this.clientScopes = clientScopes;
+ }
}
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/c330c42e/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml b/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
index 9bdf677..baa2861 100644
--- a/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
+++ b/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
@@ -40,6 +40,9 @@
<bean id="oidcAuthorizationService" class="org.apache.cxf.rs.security.oidc.idp.OidcAuthorizationCodeService">
<property name="dataProvider" ref="oauthProvider"/>
<property name="skipAuthorizationWithOidcScope" value="true"/>
+ <!--
+ <property name="useAllClientScopes" value="true"/>
+ -->
<property name="canSupportPublicClients" value="true"/>
</bean>
<jaxrs:server address="/idp">
@@ -91,6 +94,9 @@
<bean id="clientRegService" init-method="init" class="org.apache.cxf.fediz.service.oidc.ClientRegistrationService">
<property name="dataProvider" ref="oauthProvider"/>
+ <!--
+ <property name="clientScopes" ref="acceptedScopes"/>
+ -->
<property name="homeRealms">
<map>
<entry key="urn:org:apache:cxf:fediz:idp:realm-A" value="IDP of Realm A" />
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/c330c42e/services/oidc/src/main/webapp/WEB-INF/data-manager.xml
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/webapp/WEB-INF/data-manager.xml b/services/oidc/src/main/webapp/WEB-INF/data-manager.xml
index da299c0..7804d38 100644
--- a/services/oidc/src/main/webapp/WEB-INF/data-manager.xml
+++ b/services/oidc/src/main/webapp/WEB-INF/data-manager.xml
@@ -19,9 +19,12 @@
-->
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
+ http://www.springframework.org/schema/util
+ http://www.springframework.org/schema/util/spring-util.xsd
">
<bean id="applicationContextProvider" class="org.apache.cxf.fediz.service.oidc.ApplicationContextProvider"/>
@@ -29,15 +32,13 @@
<bean id="samlTokenConverter" class="org.apache.cxf.fediz.service.oidc.SamlTokenConverter">
<property name="issuer" value="accounts.fediz.com"/>
</bean>
+ <util:map id="acceptedScopes">
+ <entry key="openid" value="Access the authentication claims" />
+ <entry key="refreshToken" value="Refresh access tokens" />
+ </util:map>
<bean id="oauthProvider" class="org.apache.cxf.fediz.service.oidc.OAuthDataManager"
init-method="init" destroy-method="close">
- <!--
- <property name="scopes">
- <map>
- <entry key="scopeName" value="scopeDescription" />
- </map>
- </property>
- -->
+ <property name="scopes" ref="acceptedScopes"/>
<!--
<property name="accessTokenLifetime" value="3600"/>
-->