You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2016/02/18 13:52:09 UTC
cxf git commit: Better support for requesting specific claims with a
claims parameter
Repository: cxf
Updated Branches:
refs/heads/master 5249d5e71 -> b11a8cc31
Better support for requesting specific claims with a claims parameter
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b11a8cc3
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b11a8cc3
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b11a8cc3
Branch: refs/heads/master
Commit: b11a8cc31d57dfd7cc943e2937a1c791bd332874
Parents: 5249d5e
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Thu Feb 18 12:51:54 2016 +0000
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Thu Feb 18 12:51:54 2016 +0000
----------------------------------------------------------------------
.../security/oidc/common/ClaimPreference.java | 55 ++++++++++++++
.../rs/security/oidc/common/ClaimsRequest.java | 77 ++++++++++++++++++++
.../oidc/rp/OidcClientCodeRequestFilter.java | 6 ++
3 files changed, 138 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/b11a8cc3/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/ClaimPreference.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/ClaimPreference.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/ClaimPreference.java
new file mode 100644
index 0000000..212dac8
--- /dev/null
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/ClaimPreference.java
@@ -0,0 +1,55 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oidc.common;
+
+import java.util.List;
+
+import org.apache.cxf.helpers.CastUtils;
+import org.apache.cxf.jaxrs.json.basic.JsonMapObject;
+
+public class ClaimPreference extends JsonMapObject {
+ public static final String ESSENTIAL_PROPERTY = "essential";
+ public static final String VALUE_PROPERTY = "value";
+ public static final String VALUES_PROPERTY = "values";
+ private static final long serialVersionUID = 9105405849730632953L;
+
+ public void setEssential(Boolean essential) {
+ setProperty(ESSENTIAL_PROPERTY, essential);
+ }
+ public Boolean getEssential() {
+ return getBooleanProperty(ESSENTIAL_PROPERTY);
+ }
+ public void setValue(String value) {
+ setProperty(VALUE_PROPERTY, value);
+ }
+ public String getValue() {
+ return getStringProperty(VALUE_PROPERTY);
+ }
+ public void setValues(List<String> values) {
+ setProperty(VALUES_PROPERTY, values);
+ }
+ public List<String> getValues() {
+ Object prop = getProperty(VALUES_PROPERTY);
+ if (prop instanceof List) {
+ return CastUtils.cast((List<?>)prop);
+ } else {
+ return null;
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/b11a8cc3/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/ClaimsRequest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/ClaimsRequest.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/ClaimsRequest.java
new file mode 100644
index 0000000..5c02f42
--- /dev/null
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/ClaimsRequest.java
@@ -0,0 +1,77 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oidc.common;
+
+import java.util.LinkedHashMap;
+import java.util.Map;
+
+import org.apache.cxf.helpers.CastUtils;
+import org.apache.cxf.jaxrs.json.basic.JsonMapObject;
+
+public class ClaimsRequest extends JsonMapObject {
+ public static final String ID_TOKEN_CLAIMS = "id_token";
+ public static final String USER_INFO_CLAIMS = "userinfo";
+ private static final long serialVersionUID = -1356735897518391517L;
+
+
+ public void setIdTokenClaims(Map<String, ClaimPreference> claims) {
+ setProperty(ID_TOKEN_CLAIMS, claims);
+ }
+
+ public Map<String, ClaimPreference> getIdTokenClaims() {
+ return getClaims(ID_TOKEN_CLAIMS);
+ }
+
+ public void setUserInfoClaims(Map<String, ClaimPreference> claims) {
+ setProperty(USER_INFO_CLAIMS, claims);
+ }
+
+ private Map<String, ClaimPreference> getClaims(String propertyName) {
+ Object claimsProp = getProperty(propertyName);
+ if (claimsProp instanceof Map) {
+ Map<String, ?> claimsMap = CastUtils.cast((Map<?, ?>)claimsProp);
+ if (!claimsMap.isEmpty()) {
+ if (claimsMap.values().iterator().next() instanceof ClaimPreference) {
+ return CastUtils.cast((Map<?, ?>)claimsMap);
+ }
+ Map<String, ClaimPreference> claims = new LinkedHashMap<String, ClaimPreference>();
+ Map<String, Map<String, ?>> parsedMap = CastUtils.cast((Map<?, ?>)claimsProp);
+ for (Map.Entry<String, Map<String, ?>> entry : parsedMap.entrySet()) {
+
+ ClaimPreference pref = new ClaimPreference();
+ Object essentialProp = entry.getValue().get(ClaimPreference.ESSENTIAL_PROPERTY);
+ if (essentialProp != null) {
+ pref.setProperty(ClaimPreference.ESSENTIAL_PROPERTY, essentialProp);
+ }
+ Object valueProp = entry.getValue().get(ClaimPreference.VALUE_PROPERTY);
+ if (valueProp != null) {
+ pref.setProperty(ClaimPreference.VALUE_PROPERTY, valueProp);
+ }
+ Object valuesProp = entry.getValue().get(ClaimPreference.VALUES_PROPERTY);
+ if (valuesProp != null) {
+ pref.setProperty(ClaimPreference.VALUES_PROPERTY, valuesProp);
+ }
+ }
+ return claims;
+ }
+ }
+ return null;
+
+ }
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/b11a8cc3/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
index 76035bc..f77efba 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
@@ -28,12 +28,14 @@ import javax.ws.rs.core.UriBuilder;
import javax.ws.rs.core.UriInfo;
import org.apache.cxf.common.util.StringUtils;
+import org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter;
import org.apache.cxf.jaxrs.utils.ExceptionUtils;
import org.apache.cxf.rs.security.oauth2.client.ClientCodeRequestFilter;
import org.apache.cxf.rs.security.oauth2.client.ClientTokenContext;
import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
+import org.apache.cxf.rs.security.oidc.common.ClaimsRequest;
import org.apache.cxf.rs.security.oidc.common.IdToken;
public class OidcClientCodeRequestFilter extends ClientCodeRequestFilter {
@@ -169,6 +171,10 @@ public class OidcClientCodeRequestFilter extends ClientCodeRequestFilter {
this.maxAgeOffset = maxAgeOffset;
}
+ public void setClaimsRequest(ClaimsRequest claimsRequest) {
+ setClaims(new JsonMapObjectReaderWriter().toJson(claimsRequest));
+ }
+
public void setClaims(String claims) {
this.claims = claims;
}