You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2016/01/29 14:52:11 UTC
cxf-fediz git commit: Wrapping the collection of clients to make it
simpler to manage multiple views for a single path
Repository: cxf-fediz
Updated Branches:
refs/heads/master 10b9246ae -> 11826312b
Wrapping the collection of clients to make it simpler to manage multiple views for a single path
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/11826312
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/11826312
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/11826312
Branch: refs/heads/master
Commit: 11826312ba5e2be08f457814655efe2460e79578
Parents: 10b9246
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Fri Jan 29 13:51:57 2016 +0000
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Fri Jan 29 13:51:57 2016 +0000
----------------------------------------------------------------------
.../service/oidc/ClientRegistrationService.java | 70 ++++++++++++--------
.../fediz/service/oidc/InvalidRegistration.java | 31 +++++++++
.../oidc/InvalidRegistrationException.java | 32 ---------
.../fediz/service/oidc/RegisteredClients.java | 35 ++++++++++
.../main/webapp/WEB-INF/applicationContext.xml | 7 +-
.../WEB-INF/views/invalidRegistration.jsp | 24 +++++++
.../webapp/WEB-INF/views/registeredClients.jsp | 3 +-
7 files changed, 141 insertions(+), 61 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/11826312/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java
index 733f7ea..dfe2a01 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java
@@ -40,6 +40,7 @@ import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;
import org.apache.commons.validator.routines.UrlValidator;
@@ -76,8 +77,8 @@ public class ClientRegistrationService {
@GET
@Produces(MediaType.TEXT_HTML)
@Path("/")
- public Collection<Client> getClients() {
- return getClientRegistrations();
+ public RegisteredClients getClients() {
+ return new RegisteredClients(getClientRegistrations());
}
@GET
@@ -97,7 +98,7 @@ public class ClientRegistrationService {
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
@Produces(MediaType.TEXT_HTML)
@Path("/{id}/remove")
- public Collection<Client> removeClient(@PathParam("id") String id) {
+ public RegisteredClients removeClient(@PathParam("id") String id) {
Collection<Client> clients = getClientRegistrations();
for (Iterator<Client> it = clients.iterator(); it.hasNext();) {
Client c = it.next();
@@ -107,7 +108,7 @@ public class ClientRegistrationService {
break;
}
}
- return clients;
+ return new RegisteredClients(clients);
}
@POST
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
@@ -193,62 +194,68 @@ public class ClientRegistrationService {
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
@Produces(MediaType.TEXT_HTML)
@Path("/")
- public Collection<Client> registerForm(@FormParam("client_name") String appName,
+ public Response registerForm(@FormParam("client_name") String appName,
@FormParam("client_type") String appType,
@FormParam("client_audience") String audience,
@FormParam("client_redirectURI") String redirectURI,
@FormParam("client_homeRealm") String homeRealm
- ) throws InvalidRegistrationException {
+ ) {
- // Check parameters
- if (appName == null || "".equals(appName)) {
- throw new InvalidRegistrationException("The client id must not be empty");
+ // Client Name
+ if (StringUtils.isEmpty(appName)) {
+ return invalidRegistrationResponse("The client name must not be empty");
}
- if (appType == null) {
- throw new InvalidRegistrationException("The client type must not be empty");
+ // Client Type
+ if (StringUtils.isEmpty(appType)) {
+ return invalidRegistrationResponse("The client type must not be empty");
}
if (!("confidential".equals(appType) || "public".equals(appType))) {
- throw new InvalidRegistrationException("An invalid client type was specified: " + appType);
+ return invalidRegistrationResponse("An invalid client type was specified: " + appType);
}
-
+ // Client ID
String clientId = generateClientId();
boolean isConfidential = "confidential".equals(appType);
+ // Client Secret
String clientSecret = isConfidential
? generateClientSecret()
: null;
FedizClient newClient = new FedizClient(clientId, clientSecret, isConfidential, appName);
+
+ // User who registered this client
+ String userName = sc.getUserPrincipal().getName();
+ UserSubject userSubject = new UserSubject(userName);
+ newClient.setResourceOwnerSubject(userSubject);
+
+ // Client Registration Time
+ newClient.setRegisteredAt(System.currentTimeMillis() / 1000);
+
+ // Client Realm
newClient.setHomeRealm(homeRealm);
+
+ // Client Redirect URIs
if (!StringUtils.isEmpty(redirectURI)) {
String[] allUris = redirectURI.trim().split(" ");
List<String> redirectUris = new LinkedList<String>();
for (String uri : allUris) {
if (!StringUtils.isEmpty(uri)) {
if (!isValidURI(uri, false)) {
- throw new InvalidRegistrationException("An invalid redirect URI was specified: " + uri);
+ return invalidRegistrationResponse("An invalid redirect URI was specified: " + uri);
}
redirectUris.add(uri);
}
}
newClient.setRedirectUris(redirectUris);
}
- String userName = sc.getUserPrincipal().getName();
- UserSubject userSubject = new UserSubject(userName);
- newClient.setResourceOwnerSubject(userSubject);
-
- newClient.setRegisteredAt(System.currentTimeMillis() / 1000);
-
- if (clientScopes != null && !clientScopes.isEmpty()) {
- newClient.setRegisteredScopes(new ArrayList<String>(clientScopes.keySet()));
- }
+ // Client Audience URIs
if (!StringUtils.isEmpty(audience)) {
String[] auds = audience.trim().split(" ");
List<String> registeredAuds = new LinkedList<String>();
for (String aud : auds) {
if (!StringUtils.isEmpty(aud)) {
if (!isValidURI(aud, true)) {
- throw new InvalidRegistrationException("An invalid audience URI was specified: " + aud);
+ return invalidRegistrationResponse("An invalid audience URI was specified: " + aud);
}
registeredAuds.add(aud);
}
@@ -256,9 +263,18 @@ public class ClientRegistrationService {
newClient.setRegisteredAudiences(registeredAuds);
}
- return registerNewClient(newClient);
+ // Client Scopes
+ if (clientScopes != null && !clientScopes.isEmpty()) {
+ newClient.setRegisteredScopes(new ArrayList<String>(clientScopes.keySet()));
+ }
+
+ return Response.ok(registerNewClient(newClient)).build();
}
+ private Response invalidRegistrationResponse(String error) {
+ return Response.ok(new InvalidRegistration(error)).build();
+ }
+
private boolean isValidURI(String uri, boolean requireHttps) {
UrlValidator urlValidator = null;
@@ -301,11 +317,11 @@ public class ClientRegistrationService {
return Base64UrlUtility.encode(CryptoUtils.generateSecureRandomBytes(keySizeOctets));
}
- protected Collection<Client> registerNewClient(Client newClient) {
+ protected RegisteredClients registerNewClient(Client newClient) {
clientProvider.setClient(newClient);
Collection<Client> clientRegistrations = getClientRegistrations();
clientRegistrations.add(newClient);
- return clientRegistrations;
+ return new RegisteredClients(clientRegistrations);
}
protected Collection<Client> getClientRegistrations() {
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/11826312/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/InvalidRegistration.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/InvalidRegistration.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/InvalidRegistration.java
new file mode 100644
index 0000000..31637a7
--- /dev/null
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/InvalidRegistration.java
@@ -0,0 +1,31 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.fediz.service.oidc;
+
+public class InvalidRegistration {
+ private String message;
+ public InvalidRegistration(String message) {
+ this.message = message;
+ }
+ public String getMessage() {
+ return message;
+ }
+
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/11826312/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/InvalidRegistrationException.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/InvalidRegistrationException.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/InvalidRegistrationException.java
deleted file mode 100644
index d115f31..0000000
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/InvalidRegistrationException.java
+++ /dev/null
@@ -1,32 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.fediz.service.oidc;
-
-public class InvalidRegistrationException extends Exception {
-
- /**
- *
- */
- private static final long serialVersionUID = 6251451448320551293L;
-
- public InvalidRegistrationException(String message) {
- super(message);
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/11826312/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/RegisteredClients.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/RegisteredClients.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/RegisteredClients.java
new file mode 100644
index 0000000..dc30b27
--- /dev/null
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/RegisteredClients.java
@@ -0,0 +1,35 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.oidc;
+
+import java.util.Collection;
+
+import org.apache.cxf.rs.security.oauth2.common.Client;
+
+public class RegisteredClients {
+ private Collection<Client> clients;
+ public RegisteredClients(Collection<Client> clients) {
+ this.clients = clients;
+ }
+ public Collection<Client> getClients() {
+ return clients;
+ }
+
+
+}
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/11826312/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml b/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
index 48422fc..040500b 100644
--- a/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
+++ b/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
@@ -122,10 +122,15 @@
<property name="dispatcherName" value="jsp"/>
<property name="resourcePaths">
<map>
- <entry key="/clients" value="/WEB-INF/views/registeredClients.jsp"/>
<entry key="/remove" value="/WEB-INF/views/registeredClients.jsp"/>
</map>
</property>
+ <property name="classResources">
+ <map>
+ <entry key="org.apache.cxf.fediz.service.oidc.InvalidRegistration" value="/WEB-INF/views/invalidRegistration.jsp"/>
+ </map>
+ </property>
+
</bean>
<bean id="idTokenFilter" class="org.apache.cxf.rs.security.oidc.idp.IdTokenResponseFilter">
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/11826312/services/oidc/src/main/webapp/WEB-INF/views/invalidRegistration.jsp
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/webapp/WEB-INF/views/invalidRegistration.jsp b/services/oidc/src/main/webapp/WEB-INF/views/invalidRegistration.jsp
new file mode 100644
index 0000000..c87b963
--- /dev/null
+++ b/services/oidc/src/main/webapp/WEB-INF/views/invalidRegistration.jsp
@@ -0,0 +1,24 @@
+<%@ page import="javax.servlet.http.HttpServletRequest" %>
+<%@ page import="org.apache.cxf.fediz.service.oidc.InvalidRegistration" %>
+
+<%
+ InvalidRegistration invalidReg = (InvalidRegistration)request.getAttribute("data");
+ String basePath = request.getContextPath() + request.getServletPath();
+ if (!basePath.endsWith("/")) {
+ basePath += "/";
+ }
+%>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+ <title>Invalid Client Registration</title>
+</head>
+<body>
+<div class="padded">
+<h2><%= invalidReg.getMessage() %></h2>
+<br/>
+<p>Return to <a href="<%=basePath%>clients/register">Client registration</a></p>
+<p>Return to <a href="<%=basePath%>clients">registered Clients</a></p>
+</div>
+</body>
+</html>
+
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/11826312/services/oidc/src/main/webapp/WEB-INF/views/registeredClients.jsp
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/webapp/WEB-INF/views/registeredClients.jsp b/services/oidc/src/main/webapp/WEB-INF/views/registeredClients.jsp
index afd91ae..47807d3 100644
--- a/services/oidc/src/main/webapp/WEB-INF/views/registeredClients.jsp
+++ b/services/oidc/src/main/webapp/WEB-INF/views/registeredClients.jsp
@@ -5,9 +5,10 @@
<%@ page import="java.util.Locale"%>
<%@ page import="java.util.TimeZone"%>
<%@ page import="javax.servlet.http.HttpServletRequest" %>
+<%@ page import="org.apache.cxf.fediz.service.oidc.RegisteredClients" %>
<%
- Collection<Client> regs = (Collection<Client>)request.getAttribute("data");
+ Collection<Client> regs = ((RegisteredClients)request.getAttribute("data")).getClients();
String basePath = request.getContextPath() + request.getServletPath();
if (!basePath.endsWith("/")) {
basePath += "/";