You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2015/12/10 18:07:21 UTC
[1/4] cxf git commit: Don't write out the permission name if it's null
Repository: cxf
Updated Branches:
refs/heads/3.0.x-fixes 0678d530b -> b1fc5e49b
Don't write out the permission name if it's null
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/36b35b9a
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/36b35b9a
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/36b35b9a
Branch: refs/heads/3.0.x-fixes
Commit: 36b35b9acf50dd87856f17614c78b8cf965a796d
Parents: 0678d53
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Dec 10 12:44:20 2015 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Dec 10 16:59:46 2015 +0000
----------------------------------------------------------------------
.../java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/36b35b9a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
index 59d1da7..1941a7c 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
@@ -118,7 +118,9 @@ public final class OAuthUtils {
if (sb.length() > 0) {
sb.append(" ");
}
- sb.append(perm.getPermission());
+ if (perm.getPermission() != null) {
+ sb.append(perm.getPermission());
+ }
}
return sb.toString();
}
[3/4] cxf git commit: Recording .gitmergeinfo Changes
Posted by co...@apache.org.
Recording .gitmergeinfo Changes
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/808558f8
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/808558f8
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/808558f8
Branch: refs/heads/3.0.x-fixes
Commit: 808558f888cddbd8536710ae866a0ac8fafdedb0
Parents: 612e0e5
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Dec 10 16:59:52 2015 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Dec 10 16:59:52 2015 +0000
----------------------------------------------------------------------
.gitmergeinfo | 1 +
1 file changed, 1 insertion(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/808558f8/.gitmergeinfo
----------------------------------------------------------------------
diff --git a/.gitmergeinfo b/.gitmergeinfo
index c7d7dd0..bbf976c 100644
--- a/.gitmergeinfo
+++ b/.gitmergeinfo
@@ -799,6 +799,7 @@ M d9f4142e87bc8a4f31c1bd1560a01a18b5c66407
M da352523c42bf69ab743f75a5216a03e26a20bef
M daac77b18e2693ef4ad424937aedc764229a63ee
M dbc4a26cd47c2609c601dc3640b655ea0a2b60b9
+M dc1a867f9527ce3431f097fde27a984b0c3c324e
M dd1b3ebf5b10651a2220a54a1f6e276d2197acf0
M dfe90b649bee2e7cdd448b16d60b26457385b4e5
M e2225709c37cb289b99db015b3d8ba5b9b317615
[4/4] cxf git commit: Fixing merge
Posted by co...@apache.org.
Fixing merge
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b1fc5e49
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b1fc5e49
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b1fc5e49
Branch: refs/heads/3.0.x-fixes
Commit: b1fc5e49b0f1aa90e529ec473591e6ed735c44da
Parents: 808558f
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Dec 10 17:07:07 2015 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Dec 10 17:07:07 2015 +0000
----------------------------------------------------------------------
.../rs/security/oidc/idp/IdTokenResponseFilter.java | 13 ++-----------
.../apache/cxf/rs/security/oidc/utils/OidcUtils.java | 1 +
2 files changed, 3 insertions(+), 11 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/b1fc5e49/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/IdTokenResponseFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/IdTokenResponseFilter.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/IdTokenResponseFilter.java
index 8f2ef01..2f4e371 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/IdTokenResponseFilter.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/IdTokenResponseFilter.java
@@ -33,21 +33,12 @@ public class IdTokenResponseFilter extends AbstractOAuthServerJoseJwtProducer im
private String issuer;
@Override
public void process(ClientAccessToken ct, ServerAccessToken st) {
-<<<<<<< HEAD
- // This may also be done directly inside a data provider code creating the server token
-=======
// Only add an IdToken if the client has the "openid" scope
if (ct.getApprovedScope() == null || !ct.getApprovedScope().contains(OidcUtils.OPENID_SCOPE)) {
return;
}
- String idToken = getProcessedIdToken(st);
- if (idToken != null) {
- ct.getParameters().put(OidcUtils.ID_TOKEN, idToken);
- }
-
- }
- private String getProcessedIdToken(ServerAccessToken st) {
->>>>>>> dc1a867... Only issue an IdToken if the client has the correct scope (for OpenId)
+
+ // This may also be done directly inside a data provider code creating the server token
if (userInfoProvider != null) {
IdToken token =
userInfoProvider.getIdToken(st.getClient().getClientId(), st.getSubject(), st.getScopes());
http://git-wip-us.apache.org/repos/asf/cxf/blob/b1fc5e49/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java
index 7ced717..7aa06a1 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java
@@ -33,6 +33,7 @@ import org.apache.cxf.rt.security.crypto.MessageDigestUtils;
public final class OidcUtils {
public static final String ID_TOKEN = "id_token";
+ public static final String OPENID_SCOPE = "openid";
public static final String OIDC_SCOPE = "oidc";
public static final String PROFILE_SCOPE = "profile";
public static final String EMAIL_SCOPE = "email";
[2/4] cxf git commit: Only issue an IdToken if the client has the
correct scope (for OpenId)
Posted by co...@apache.org.
Only issue an IdToken if the client has the correct scope (for OpenId)
# Conflicts:
# rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/IdTokenResponseFilter.java
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/612e0e58
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/612e0e58
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/612e0e58
Branch: refs/heads/3.0.x-fixes
Commit: 612e0e58f869cb0908db67a6a010eae34fa4f9dc
Parents: 36b35b9
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Dec 10 15:10:32 2015 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Dec 10 16:59:52 2015 +0000
----------------------------------------------------------------------
.../rs/security/oidc/idp/IdTokenResponseFilter.java | 14 ++++++++++++++
1 file changed, 14 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/612e0e58/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/IdTokenResponseFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/IdTokenResponseFilter.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/IdTokenResponseFilter.java
index e2cd6ee..8f2ef01 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/IdTokenResponseFilter.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/IdTokenResponseFilter.java
@@ -33,7 +33,21 @@ public class IdTokenResponseFilter extends AbstractOAuthServerJoseJwtProducer im
private String issuer;
@Override
public void process(ClientAccessToken ct, ServerAccessToken st) {
+<<<<<<< HEAD
// This may also be done directly inside a data provider code creating the server token
+=======
+ // Only add an IdToken if the client has the "openid" scope
+ if (ct.getApprovedScope() == null || !ct.getApprovedScope().contains(OidcUtils.OPENID_SCOPE)) {
+ return;
+ }
+ String idToken = getProcessedIdToken(st);
+ if (idToken != null) {
+ ct.getParameters().put(OidcUtils.ID_TOKEN, idToken);
+ }
+
+ }
+ private String getProcessedIdToken(ServerAccessToken st) {
+>>>>>>> dc1a867... Only issue an IdToken if the client has the correct scope (for OpenId)
if (userInfoProvider != null) {
IdToken token =
userInfoProvider.getIdToken(st.getClient().getClientId(), st.getSubject(), st.getScopes());