You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cxf.apache.org by GitBox <gi...@apache.org> on 2017/11/29 08:16:25 UTC
[GitHub] gonzalad closed pull request #348: [CXF-7572] default port in OAuth discovery doc
gonzalad closed pull request #348: [CXF-7572] default port in OAuth discovery doc
URL: https://github.com/apache/cxf/pull/348
This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:
As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationMetadataService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationMetadataService.java
index 71d33d4d53d..1b8dba4224a 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationMetadataService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationMetadataService.java
@@ -19,6 +19,7 @@
package org.apache.cxf.rs.security.oauth2.services;
import java.net.URI;
+import java.net.URISyntaxException;
import java.util.LinkedHashMap;
import java.util.Map;
@@ -49,61 +50,69 @@
// Optional
private boolean dynamicRegistrationEndpointNotAvailable;
private String dynamicRegistrationEndpointAddress;
-
+
@GET
@Produces("application/json")
public String getConfiguration(@Context UriInfo ui) {
Map<String, Object> cfg = new LinkedHashMap<String, Object>();
String baseUri = getBaseUri(ui);
prepareConfigurationData(cfg, baseUri);
-
+
JsonMapObjectReaderWriter writer = new JsonMapObjectReaderWriter();
writer.setFormat(true);
return writer.toJson(cfg);
}
-
+
protected void prepareConfigurationData(Map<String, Object> cfg, String baseUri) {
// Issuer
cfg.put("issuer", buildIssuerUri(baseUri));
// Authorization Endpoint
- String theAuthorizationEndpointAddress =
- calculateEndpointAddress(authorizationEndpointAddress, baseUri, "/idp/authorize");
+ String theAuthorizationEndpointAddress =
+ calculateEndpointAddress(authorizationEndpointAddress, baseUri, "/idp/authorize");
cfg.put("authorization_endpoint", theAuthorizationEndpointAddress);
// Token Endpoint
if (!isTokenEndpointNotAvailable()) {
- String theTokenEndpointAddress =
- calculateEndpointAddress(tokenEndpointAddress, baseUri, "/oauth2/token");
+ String theTokenEndpointAddress =
+ calculateEndpointAddress(tokenEndpointAddress, baseUri, "/oauth2/token");
cfg.put("token_endpoint", theTokenEndpointAddress);
}
// Token Revocation Endpoint
if (!isTokenRevocationEndpointNotAvailable()) {
- String theTokenRevocationEndpointAddress =
- calculateEndpointAddress(tokenRevocationEndpointAddress, baseUri, "/oauth2/revoke");
+ String theTokenRevocationEndpointAddress =
+ calculateEndpointAddress(tokenRevocationEndpointAddress, baseUri, "/oauth2/revoke");
cfg.put("revocation_endpoint", theTokenRevocationEndpointAddress);
}
// Jwks Uri Endpoint
if (!isJwkEndpointNotAvailable()) {
- String theJwkEndpointAddress =
- calculateEndpointAddress(jwkEndpointAddress, baseUri, "/jwk/keys");
+ String theJwkEndpointAddress =
+ calculateEndpointAddress(jwkEndpointAddress, baseUri, "/jwk/keys");
cfg.put("jwks_uri", theJwkEndpointAddress);
}
// Dynamic Registration Endpoint
if (!isDynamicRegistrationEndpointNotAvailable()) {
- String theDynamicRegistrationEndpointAddress =
- calculateEndpointAddress(dynamicRegistrationEndpointAddress, baseUri, "/dynamic/register");
+ String theDynamicRegistrationEndpointAddress =
+ calculateEndpointAddress(dynamicRegistrationEndpointAddress, baseUri, "/dynamic/register");
cfg.put("registration_endpoint", theDynamicRegistrationEndpointAddress);
}
}
protected static String calculateEndpointAddress(String endpointAddress, String baseUri, String defRelAddress) {
endpointAddress = endpointAddress != null ? endpointAddress : defRelAddress;
- if (endpointAddress.startsWith("https")) {
+ if (isAbsoluteUri(endpointAddress)) {
return endpointAddress;
} else {
- return UriBuilder.fromUri(baseUri).path(endpointAddress).build().toString();
+ URI uri = UriBuilder.fromUri(baseUri).path(endpointAddress).build();
+ return removeDefaultPort(uri).toString();
}
}
+ private static boolean isAbsoluteUri(String endpointAddress) {
+ if (endpointAddress == null) {
+ return false;
+ }
+ return endpointAddress.startsWith("http://") || endpointAddress.startsWith("https://");
+ }
+
private String getBaseUri(UriInfo ui) {
String requestUri = ui.getRequestUri().toString();
int ind = requestUri.lastIndexOf(".well-known");
@@ -143,7 +152,7 @@ public boolean isTokenRevocationEndpointNotAvailable() {
public void setJwkEndpointNotAvailable(boolean jwkEndpointNotAvailable) {
this.jwkEndpointNotAvailable = jwkEndpointNotAvailable;
}
-
+
public boolean isJwkEndpointNotAvailable() {
return jwkEndpointNotAvailable;
}
@@ -173,8 +182,14 @@ public void setDynamicRegistrationEndpointAddress(String dynamicRegistrationEndp
}
private String buildIssuerUri(String baseUri) {
- URI uri = issuer == null || !issuer.startsWith("/") ? URI.create(baseUri)
- : UriBuilder.fromUri(baseUri).path(issuer).build();
+ URI uri;
+ if (isAbsoluteUri(issuer)) {
+ uri = UriBuilder.fromUri(issuer).build();
+ } else {
+ uri = issuer == null || !issuer.startsWith("/") ? URI.create(baseUri)
+ : UriBuilder.fromUri(baseUri).path(issuer).build();
+ }
+ uri = removeDefaultPort(uri);
if (stripPathFromIssuerUri) {
StringBuilder sb = new StringBuilder();
sb.append(uri.getScheme()).append("://").append(uri.getHost());
@@ -187,8 +202,22 @@ private String buildIssuerUri(String baseUri) {
}
}
+ private static URI removeDefaultPort(URI uri) {
+ if ((uri.getPort() == 80 && "http".equals(uri.getScheme()))
+ || (uri.getPort() == 443 && "https".equals(uri.getScheme()))) {
+ try {
+ URI newURI = new URI(uri.getScheme(), uri.getUserInfo(), uri.getHost(), -1,
+ uri.getPath(), uri.getQuery(), uri.getFragment());
+ return newURI;
+ } catch (URISyntaxException e) {
+ throw new IllegalArgumentException("Invalid URI " + uri + " : " + e.toString(), e);
+ }
+ }
+ return uri;
+ }
+
public void setStripPathFromIssuerUri(boolean stripPathFromIssuerUri) {
this.stripPathFromIssuerUri = stripPathFromIssuerUri;
}
-}
+}
\ No newline at end of file
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services