You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2016/02/17 18:52:02 UTC
cxf git commit: Prototyping the code for supporting
aggregated/distributed claims
Repository: cxf
Updated Branches:
refs/heads/master 52bdff074 -> 92e0d0d96
Prototyping the code for supporting aggregated/distributed claims
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/92e0d0d9
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/92e0d0d9
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/92e0d0d9
Branch: refs/heads/master
Commit: 92e0d0d966528cddfeca9fb51de8b02ef2786f74
Parents: 52bdff0
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Wed Feb 17 17:51:47 2016 +0000
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Wed Feb 17 17:51:47 2016 +0000
----------------------------------------------------------------------
.../security/oidc/common/AbstractUserInfo.java | 44 +++++++++++++++++
.../security/oidc/common/AggregatedClaims.java | 42 ++++++++++++++++
.../security/oidc/common/DistributedClaims.java | 51 ++++++++++++++++++++
.../cxf/rs/security/oidc/utils/OidcUtils.java | 5 ++
4 files changed, 142 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/92e0d0d9/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AbstractUserInfo.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AbstractUserInfo.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AbstractUserInfo.java
index 583abed..18970f0 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AbstractUserInfo.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AbstractUserInfo.java
@@ -18,10 +18,14 @@
*/
package org.apache.cxf.rs.security.oidc.common;
+import java.util.Collections;
+import java.util.LinkedHashMap;
import java.util.Map;
import org.apache.cxf.helpers.CastUtils;
import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
+import org.apache.cxf.rs.security.jose.jwt.JwtException;
+import org.apache.cxf.rs.security.oidc.utils.OidcUtils;
public abstract class AbstractUserInfo extends JwtClaims {
public static final String NAME_CLAIM = "name";
@@ -177,4 +181,44 @@ public abstract class AbstractUserInfo extends JwtClaims {
return getLongProperty(UPDATED_AT_CLAIM);
}
+ public void setAggregatedClaims(AggregatedClaims claims) {
+ setProperty(OidcUtils.CLAIM_NAMES_PROPERTY, claims.getClaimNames());
+ setProperty(OidcUtils.CLAIM_SOURCES_PROPERTY,
+ Collections.singletonMap(OidcUtils.JWT_CLAIM_SOURCE_PROPERTY, claims.getJwtClaims()));
+ }
+ public AggregatedClaims getAggregatedClaims() {
+ Map<String, Object> names = CastUtils.cast((Map<?, ?>)getProperty(OidcUtils.CLAIM_NAMES_PROPERTY));
+ Map<String, Object> sources = CastUtils.cast((Map<?, ?>)getProperty(OidcUtils.CLAIM_SOURCES_PROPERTY));
+ if (names == null || sources == null || !sources.containsKey(OidcUtils.JWT_CLAIM_SOURCE_PROPERTY)) {
+ return null;
+ }
+ AggregatedClaims claims = new AggregatedClaims();
+ claims.setClaimNames(CastUtils.cast(names));
+ claims.setJwtClaims((String)sources.get(OidcUtils.JWT_CLAIM_SOURCE_PROPERTY));
+ return claims;
+ }
+ public void setDistributedClaims(DistributedClaims claims) {
+ if (claims.getEndpoint() == null) {
+ throw new JwtException();
+ }
+ Map<String, String> sources = new LinkedHashMap<String, String>();
+ setProperty(OidcUtils.CLAIM_NAMES_PROPERTY, claims.getClaimNames());
+ sources.put(OidcUtils.ENDPOINT_CLAIM_SOURCE_PROPERTY, claims.getEndpoint());
+ if (claims.getAccessToken() != null) {
+ sources.put(OidcUtils.TOKEN_CLAIM_SOURCE_PROPERTY, claims.getAccessToken());
+ }
+ setProperty(OidcUtils.CLAIM_SOURCES_PROPERTY, sources);
+ }
+ public DistributedClaims getDistributedClaims() {
+ Map<String, Object> names = CastUtils.cast((Map<?, ?>)getProperty(OidcUtils.CLAIM_NAMES_PROPERTY));
+ Map<String, Object> sources = CastUtils.cast((Map<?, ?>)getProperty(OidcUtils.CLAIM_SOURCES_PROPERTY));
+ if (names == null || sources == null || !sources.containsKey(OidcUtils.ENDPOINT_CLAIM_SOURCE_PROPERTY)) {
+ return null;
+ }
+ DistributedClaims claims = new DistributedClaims();
+ claims.setClaimNames(CastUtils.cast(names));
+ claims.setEndpoint((String)sources.get(OidcUtils.ENDPOINT_CLAIM_SOURCE_PROPERTY));
+ claims.setAccessToken((String)sources.get(OidcUtils.TOKEN_CLAIM_SOURCE_PROPERTY));
+ return claims;
+ }
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/92e0d0d9/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AggregatedClaims.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AggregatedClaims.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AggregatedClaims.java
new file mode 100644
index 0000000..38c9fa9
--- /dev/null
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/AggregatedClaims.java
@@ -0,0 +1,42 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oidc.common;
+
+import java.util.Map;
+
+public class AggregatedClaims {
+ private Map<String, String> claimNames;
+ private String jwtClaims;
+
+ public Map<String, String> getClaimNames() {
+ return claimNames;
+ }
+
+ public void setClaimNames(Map<String, String> claimNames) {
+ this.claimNames = claimNames;
+ }
+
+ public String getJwtClaims() {
+ return jwtClaims;
+ }
+
+ public void setJwtClaims(String jwtClaims) {
+ this.jwtClaims = jwtClaims;
+ }
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/92e0d0d9/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/DistributedClaims.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/DistributedClaims.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/DistributedClaims.java
new file mode 100644
index 0000000..07ae9c6
--- /dev/null
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/common/DistributedClaims.java
@@ -0,0 +1,51 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oidc.common;
+
+import java.util.Map;
+
+public class DistributedClaims {
+ private Map<String, String> claimNames;
+ private String endpoint;
+ private String accessToken;
+ public Map<String, String> getClaimNames() {
+ return claimNames;
+ }
+
+ public void setClaimNames(Map<String, String> claimNames) {
+ this.claimNames = claimNames;
+ }
+
+ public String getEndpoint() {
+ return endpoint;
+ }
+
+ public void setEndpoint(String endpoint) {
+ this.endpoint = endpoint;
+ }
+
+ public String getAccessToken() {
+ return accessToken;
+ }
+
+ public void setAccessToken(String accessToken) {
+ this.accessToken = accessToken;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/cxf/blob/92e0d0d9/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java
index 823e757..a8e086f 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/utils/OidcUtils.java
@@ -52,6 +52,11 @@ public final class OidcUtils {
public static final List<String> ADDRESS_CLAIMS = Arrays.asList(UserInfo.ADDRESS_CLAIM);
public static final List<String> PHONE_CLAIMS = Arrays.asList(UserInfo.PHONE_CLAIM);
public static final String CLAIMS_PARAM = "claims";
+ public static final String CLAIM_NAMES_PROPERTY = "_claims_names";
+ public static final String CLAIM_SOURCES_PROPERTY = "_claims_sources";
+ public static final String JWT_CLAIM_SOURCE_PROPERTY = "JWT";
+ public static final String ENDPOINT_CLAIM_SOURCE_PROPERTY = "endpoint";
+ public static final String TOKEN_CLAIM_SOURCE_PROPERTY = "access_token";
private static final Map<String, List<String>> SCOPES_MAP;
static {