You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2013/09/13 15:55:21 UTC
svn commit: r1522931 -
/cxf/branches/2.6.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
Author: coheigea
Date: Fri Sep 13 13:55:21 2013
New Revision: 1522931
URL: http://svn.apache.org/r1522931
Log:
Merged revisions 1522917 via git cherry-pick from
https://svn.apache.org/repos/asf/cxf/branches/2.7.x-fixes
........
r1522917 | coheigea | 2013-09-13 14:31:53 +0100 (Fri, 13 Sep 2013) | 6 lines
[CXF-5277] - "ConditionsProvider receives limited information from SAMLTokenRenewer"
Conflicts:
services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
........
Modified:
cxf/branches/2.6.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
Modified: cxf/branches/2.6.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java?rev=1522931&r1=1522930&r2=1522931&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java (original)
+++ cxf/branches/2.6.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewer.java Fri Sep 13 13:55:21 2013
@@ -47,6 +47,7 @@ import org.apache.cxf.sts.request.Receiv
import org.apache.cxf.sts.request.Renewing;
import org.apache.cxf.sts.token.provider.ConditionsProvider;
import org.apache.cxf.sts.token.provider.DefaultConditionsProvider;
+import org.apache.cxf.sts.token.provider.TokenProviderParameters;
import org.apache.cxf.sts.token.realm.SAMLRealm;
import org.apache.cxf.ws.security.sts.provider.STSException;
import org.apache.cxf.ws.security.tokenstore.SecurityToken;
@@ -507,10 +508,7 @@ public class SAMLTokenRenewer implements
private void createNewConditions(AssertionWrapper assertion, TokenRenewerParameters tokenParameters) {
ConditionsBean conditions =
- conditionsProvider.getConditions(
- tokenParameters.getAppliesToAddress(),
- tokenParameters.getTokenRequirements().getLifetime()
- );
+ conditionsProvider.getConditions(convertToProviderParameters(tokenParameters));
if (assertion.getSaml1() != null) {
org.opensaml.saml1.core.Assertion saml1Assertion = assertion.getSaml1();
@@ -531,6 +529,32 @@ public class SAMLTokenRenewer implements
}
}
+ private TokenProviderParameters convertToProviderParameters(
+ TokenRenewerParameters renewerParameters
+ ) {
+ TokenProviderParameters providerParameters = new TokenProviderParameters();
+ providerParameters.setAppliesToAddress(renewerParameters.getAppliesToAddress());
+ providerParameters.setEncryptionProperties(renewerParameters.getEncryptionProperties());
+ providerParameters.setKeyRequirements(renewerParameters.getKeyRequirements());
+ providerParameters.setPrincipal(renewerParameters.getPrincipal());
+ providerParameters.setRealm(renewerParameters.getRealm());
+ providerParameters.setStsProperties(renewerParameters.getStsProperties());
+ providerParameters.setTokenRequirements(renewerParameters.getTokenRequirements());
+ providerParameters.setTokenStore(renewerParameters.getTokenStore());
+ providerParameters.setWebServiceContext(renewerParameters.getWebServiceContext());
+
+ // Store token to renew in the additional properties in case you want to base some
+ // Conditions on the token
+ Map<String, Object> additionalProperties = renewerParameters.getAdditionalProperties();
+ if (additionalProperties == null) {
+ additionalProperties = new HashMap<String, Object>();
+ }
+ additionalProperties.put(ReceivedToken.class.getName(), renewerParameters.getToken());
+ providerParameters.setAdditionalProperties(additionalProperties);
+
+ return providerParameters;
+ }
+
private String createNewId(AssertionWrapper assertion) {
if (assertion.getSaml1() != null) {
org.opensaml.saml1.core.Assertion saml1Assertion = assertion.getSaml1();