You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cxf.apache.org by go...@apache.org on 2017/11/29 08:25:20 UTC

[cxf] branch CXF-7572 created (now 86c574f)

This is an automated email from the ASF dual-hosted git repository.

gonzalad pushed a change to branch CXF-7572
in repository https://gitbox.apache.org/repos/asf/cxf.git.


      at 86c574f  [CXF-7572] default port in OAuth discovery doc

This branch includes the following new commits:

     new 86c574f  [CXF-7572] default port in OAuth discovery doc

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


-- 
To stop receiving notification emails like this one, please contact
['"commits@cxf.apache.org" <co...@cxf.apache.org>'].

[cxf] 01/01: [CXF-7572] default port in OAuth discovery doc

Posted by go...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

gonzalad pushed a commit to branch CXF-7572
in repository https://gitbox.apache.org/repos/asf/cxf.git

commit 86c574f5778522ab911c15d56243a976ff13df59
Author: gonzalad <ad...@yahoo.fr>
AuthorDate: Wed Nov 29 09:16:20 2017 +0100

    [CXF-7572] default port in OAuth discovery doc
    
    Default port should be removed from
    issuer and endpoints in discovery
    documents.
    
    aka
    "issuer":"https://authorization-server:443"
    should be
    "issuer":"https://authorization-server"
---
 .../services/AuthorizationMetadataService.java     | 38 +++++++++++++++++++---
 1 file changed, 34 insertions(+), 4 deletions(-)

diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationMetadataService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationMetadataService.java
index 5fe9326..596216b 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationMetadataService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationMetadataService.java
@@ -19,6 +19,7 @@
 package org.apache.cxf.rs.security.oauth2.services;
 
 import java.net.URI;
+import java.net.URISyntaxException;
 import java.util.LinkedHashMap;
 import java.util.Map;
 
@@ -97,10 +98,19 @@ public class AuthorizationMetadataService {
 
     protected static String calculateEndpointAddress(String endpointAddress, String baseUri, String defRelAddress) {
         endpointAddress = endpointAddress != null ? endpointAddress : defRelAddress;
-        if (endpointAddress.startsWith("https")) {
+        if (isAbsoluteUri(endpointAddress)) {
             return endpointAddress;
+        } else {
+            URI uri = UriBuilder.fromUri(baseUri).path(endpointAddress).build();
+            return removeDefaultPort(uri).toString();
         }
-        return UriBuilder.fromUri(baseUri).path(endpointAddress).build().toString();
+    }
+
+    private static boolean isAbsoluteUri(String endpointAddress) {
+        if (endpointAddress == null) {
+            return false;
+        }
+        return endpointAddress.startsWith("http://") || endpointAddress.startsWith("https://");
     }
 
     private String getBaseUri(UriInfo ui) {
@@ -172,8 +182,14 @@ public class AuthorizationMetadataService {
     }
 
     private String buildIssuerUri(String baseUri) {
-        URI uri = issuer == null || !issuer.startsWith("/") ? URI.create(baseUri) 
-            : UriBuilder.fromUri(baseUri).path(issuer).build();
+        URI uri;
+        if (isAbsoluteUri(issuer)) {
+            uri = UriBuilder.fromUri(issuer).build();
+        } else {
+            uri = issuer == null || !issuer.startsWith("/") ? URI.create(baseUri)
+                    : UriBuilder.fromUri(baseUri).path(issuer).build();
+        }
+        uri = removeDefaultPort(uri);
         if (stripPathFromIssuerUri) {
             StringBuilder sb = new StringBuilder();
             sb.append(uri.getScheme()).append("://").append(uri.getHost());
@@ -186,6 +202,20 @@ public class AuthorizationMetadataService {
         }
     }
 
+    private static URI removeDefaultPort(URI uri) {
+        if ((uri.getPort() == 80 && "http".equals(uri.getScheme()))
+                || (uri.getPort() == 443 && "https".equals(uri.getScheme()))) {
+            try {
+                URI newURI = new URI(uri.getScheme(), uri.getUserInfo(), uri.getHost(), -1,
+                        uri.getPath(), uri.getQuery(), uri.getFragment());
+                return newURI;
+            } catch (URISyntaxException e) {
+                throw new IllegalArgumentException("Invalid URI " + uri + " : " + e.toString(), e);
+            }
+        }
+        return uri;
+    }
+
     public void setStripPathFromIssuerUri(boolean stripPathFromIssuerUri) {
         this.stripPathFromIssuerUri = stripPathFromIssuerUri;
     }

-- 
To stop receiving notification emails like this one, please contact
"commits@cxf.apache.org" <co...@cxf.apache.org>.