You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2013/11/18 15:09:45 UTC
svn commit: r1543032 - in /cxf/branches/2.7.x-fixes: ./
rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/
rt/rs/security/xml/src/test/java/org/apache/cxf/rs/security/saml/
systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/...
Author: sergeyb
Date: Mon Nov 18 14:09:44 2013
New Revision: 1543032
URL: http://svn.apache.org/r1543032
Log:
Merged revisions 1543030 via svnmerge from
https://svn.apache.org/repos/asf/cxf/trunk
........
r1543030 | sergeyb | 2013-11-18 14:02:07 +0000 (Mon, 18 Nov 2013) | 1 line
[CXF-5390] DeflaterEncoderDecoder needs to throw the exception if the inflator can not finish the process
........
Added:
cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/test/java/org/apache/cxf/rs/security/saml/DeflateEncoderDecoderTest.java
- copied unchanged from r1543030, cxf/trunk/rt/rs/security/xml/src/test/java/org/apache/cxf/rs/security/saml/DeflateEncoderDecoderTest.java
Modified:
cxf/branches/2.7.x-fixes/ (props changed)
cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/DeflateEncoderDecoder.java
cxf/branches/2.7.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/JAXRSSamlTest.java
Propchange: cxf/branches/2.7.x-fixes/
------------------------------------------------------------------------------
Merged /cxf/trunk:r1543030
Propchange: cxf/branches/2.7.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.
Modified: cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/DeflateEncoderDecoder.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/DeflateEncoderDecoder.java?rev=1543032&r1=1543031&r2=1543032&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/DeflateEncoderDecoder.java (original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/DeflateEncoderDecoder.java Mon Nov 18 14:09:44 2013
@@ -38,6 +38,15 @@ public class DeflateEncoderDecoder {
while (!inflater.finished()) {
inputLen = inflater.inflate(input);
if (!inflater.finished()) {
+
+ if (inputLen == 0) {
+ if (inflater.needsInput()) {
+ throw new DataFormatException("Inflater can not inflate all the token bytes");
+ } else {
+ break;
+ }
+ }
+
inflatedToken = new byte[input.length + inflatedLen];
System.arraycopy(input, 0, inflatedToken, inflatedLen, inputLen);
inflatedLen += inputLen;
@@ -57,9 +66,10 @@ public class DeflateEncoderDecoder {
compresser.setInput(tokenBytes);
compresser.finish();
- byte[] output = new byte[tokenBytes.length];
+ byte[] output = new byte[tokenBytes.length * 2];
int compressedDataLength = compresser.deflate(output);
+
byte[] result = new byte[compressedDataLength];
System.arraycopy(output, 0, result, 0, compressedDataLength);
return result;
Modified: cxf/branches/2.7.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/JAXRSSamlTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/JAXRSSamlTest.java?rev=1543032&r1=1543031&r2=1543032&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/JAXRSSamlTest.java (original)
+++ cxf/branches/2.7.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/saml/JAXRSSamlTest.java Mon Nov 18 14:09:44 2013
@@ -26,6 +26,7 @@ import java.util.Map;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.client.ClientException;
import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
import org.apache.cxf.Bus;
import org.apache.cxf.bus.spring.SpringBusFactory;
@@ -75,6 +76,24 @@ public class JAXRSSamlTest extends Abstr
}
@Test
+ public void testInvalidSAMLTokenAsHeader() throws Exception {
+ String address = "https://localhost:" + PORT + "/samlheader/bookstore/books/123";
+
+ JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
+ bean.setAddress(address);
+
+ SpringBusFactory bf = new SpringBusFactory();
+ URL busFile = JAXRSSamlTest.class.getResource("client.xml");
+ Bus springBus = bf.createBus(busFile.toString());
+ bean.setBus(springBus);
+
+ WebClient wc = bean.createWebClient();
+ wc.header("Authorization", "SAML invalid_grant");
+ Response r = wc.get();
+ assertEquals(401, r.getStatus());
+ }
+
+ @Test
public void testGetBookSAMLTokenInForm() throws Exception {
String address = "https://localhost:" + PORT + "/samlform/bookstore/books";
FormEncodingProvider<Form> formProvider = new FormEncodingProvider<Form>();