You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2017/06/29 08:32:08 UTC
[1/2] syncope git commit: [SYNCOPE-1129] Fix IT execution
Repository: syncope
Updated Branches:
refs/heads/2_0_X 194385d3c -> 52aa758c5
refs/heads/master b4713c15f -> 7187c35ab
[SYNCOPE-1129] Fix IT execution
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/7187c35a
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/7187c35a
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/7187c35a
Branch: refs/heads/master
Commit: 7187c35ab562c233fdefdc41e44a27b13ec46863
Parents: b4713c1
Author: Francesco Chicchiriccò <il...@apache.org>
Authored: Thu Jun 29 10:31:51 2017 +0200
Committer: Francesco Chicchiriccò <il...@apache.org>
Committed: Thu Jun 29 10:31:51 2017 +0200
----------------------------------------------------------------------
.../client/console/rest/RealmRestClient.java | 2 --
.../persistence/jpa/dao/AbstractAnyDAO.java | 2 --
.../core/spring/security/AuthDataAccessor.java | 24 +++++++++++---------
.../spring/security/SyncopeJWTSSOProvider.java | 19 +++-------------
.../src/main/resources/securityContext.xml | 6 +++++
.../jpa/dao/ElasticsearchAnySearchDAO.java | 2 --
.../apache/syncope/core/logic/SAML2SPLogic.java | 17 ++------------
.../core/reference/ITImplementationLookup.java | 4 ++++
8 files changed, 28 insertions(+), 48 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/7187c35a/client/console/src/main/java/org/apache/syncope/client/console/rest/RealmRestClient.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/rest/RealmRestClient.java b/client/console/src/main/java/org/apache/syncope/client/console/rest/RealmRestClient.java
index 3855d31..2d23df6 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/rest/RealmRestClient.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/rest/RealmRestClient.java
@@ -18,8 +18,6 @@
*/
package org.apache.syncope.client.console.rest;
-import static org.apache.syncope.client.console.rest.BaseRestClient.getService;
-
import java.util.List;
import javax.ws.rs.core.GenericType;
import javax.ws.rs.core.Response;
http://git-wip-us.apache.org/repos/asf/syncope/blob/7187c35a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/AbstractAnyDAO.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/AbstractAnyDAO.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/AbstractAnyDAO.java
index 89d27e9..394359b 100644
--- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/AbstractAnyDAO.java
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/AbstractAnyDAO.java
@@ -18,8 +18,6 @@
*/
package org.apache.syncope.core.persistence.jpa.dao;
-import static org.apache.syncope.core.persistence.jpa.dao.AbstractDAO.LOG;
-
import java.io.StringReader;
import java.util.ArrayList;
import java.util.Collection;
http://git-wip-us.apache.org/repos/asf/syncope/blob/7187c35a/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
----------------------------------------------------------------------
diff --git a/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java b/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
index d0e69f8..1a425f3 100644
--- a/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
+++ b/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
@@ -69,7 +69,6 @@ import org.apache.syncope.core.spring.ApplicationContextProvider;
import org.identityconnectors.framework.common.objects.Uid;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.support.AbstractBeanDefinition;
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
@@ -86,7 +85,7 @@ import org.springframework.transaction.annotation.Transactional;
* @see UsernamePasswordAuthenticationProvider
* @see SyncopeAuthenticationDetails
*/
-public class AuthDataAccessor implements InitializingBean {
+public class AuthDataAccessor {
protected static final Logger LOG = LoggerFactory.getLogger(AuthDataAccessor.class);
@@ -141,18 +140,21 @@ public class AuthDataAccessor implements InitializingBean {
@Autowired
protected ImplementationLookup implementationLookup;
- protected Map<String, JWTSSOProvider> jwtSSOProviders = new HashMap<>();
+ private Map<String, JWTSSOProvider> jwtSSOProviders;
- @Override
- public void afterPropertiesSet() throws Exception {
- for (Class<?> clazz : implementationLookup.getJWTSSOProviderClasses()) {
- JWTSSOProvider jwtSSOProvider = (JWTSSOProvider) ApplicationContextProvider.getBeanFactory().
- createBean(clazz, AbstractBeanDefinition.AUTOWIRE_BY_TYPE, true);
- jwtSSOProviders.put(jwtSSOProvider.getIssuer(), jwtSSOProvider);
+ public JWTSSOProvider getJWTSSOProvider(final String issuer) {
+ synchronized (this) {
+ if (jwtSSOProviders == null) {
+ jwtSSOProviders = new HashMap<>();
+
+ for (Class<?> clazz : implementationLookup.getJWTSSOProviderClasses()) {
+ JWTSSOProvider jwtSSOProvider = (JWTSSOProvider) ApplicationContextProvider.getBeanFactory().
+ createBean(clazz, AbstractBeanDefinition.AUTOWIRE_BY_TYPE, true);
+ jwtSSOProviders.put(jwtSSOProvider.getIssuer(), jwtSSOProvider);
+ }
+ }
}
- }
- public JWTSSOProvider getJWTSSOProvider(final String issuer) {
JWTSSOProvider provider = jwtSSOProviders.get(issuer);
if (provider == null) {
throw new AuthenticationCredentialsNotFoundException(
http://git-wip-us.apache.org/repos/asf/syncope/blob/7187c35a/core/spring/src/main/java/org/apache/syncope/core/spring/security/SyncopeJWTSSOProvider.java
----------------------------------------------------------------------
diff --git a/core/spring/src/main/java/org/apache/syncope/core/spring/security/SyncopeJWTSSOProvider.java b/core/spring/src/main/java/org/apache/syncope/core/spring/security/SyncopeJWTSSOProvider.java
index 4cd1a9f..d40a096 100644
--- a/core/spring/src/main/java/org/apache/syncope/core/spring/security/SyncopeJWTSSOProvider.java
+++ b/core/spring/src/main/java/org/apache/syncope/core/spring/security/SyncopeJWTSSOProvider.java
@@ -20,41 +20,28 @@ package org.apache.syncope.core.spring.security;
import javax.annotation.Resource;
import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
-import org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureVerifier;
import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
import org.apache.cxf.rs.security.jose.jws.JwsVerificationSignature;
import org.apache.syncope.core.persistence.api.dao.UserDAO;
import org.apache.syncope.core.persistence.api.entity.user.User;
-import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.transaction.annotation.Transactional;
/**
* Default implementation for internal JWT validation.
*/
-public class SyncopeJWTSSOProvider implements JWTSSOProvider, InitializingBean {
+public class SyncopeJWTSSOProvider implements JWTSSOProvider {
@Resource(name = "jwtIssuer")
private String jwtIssuer;
- @Resource(name = "jwsKey")
- private String jwsKey;
-
- @Autowired
- private JwsSignatureProvider signatureProvider;
+ @Resource(name = "syncopeJWTSSOProviderDelegate")
+ private JwsSignatureVerifier delegate;
@Autowired
private UserDAO userDAO;
- private JwsSignatureVerifier delegate;
-
- @Override
- public void afterPropertiesSet() throws Exception {
- delegate = new HmacJwsSignatureVerifier(jwsKey.getBytes(), signatureProvider.getAlgorithm());
- }
-
@Override
public String getIssuer() {
return jwtIssuer;
http://git-wip-us.apache.org/repos/asf/syncope/blob/7187c35a/core/spring/src/main/resources/securityContext.xml
----------------------------------------------------------------------
diff --git a/core/spring/src/main/resources/securityContext.xml b/core/spring/src/main/resources/securityContext.xml
index cc1445c..85a44a4 100644
--- a/core/spring/src/main/resources/securityContext.xml
+++ b/core/spring/src/main/resources/securityContext.xml
@@ -54,6 +54,12 @@ under the License.
<constructor-arg value="${adminPassword}" index="1"/>
</bean>
+ <bean id="syncopeJWTSSOProviderDelegate" class="org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureVerifier">
+ <constructor-arg value="#{jwsKey.getBytes()}" index="0"/>
+ <constructor-arg index="1">
+ <value type="org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm">HS512</value>
+ </constructor-arg>
+ </bean>
<bean id="jwsSignatureProvider" class="org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureProvider">
<constructor-arg value="#{jwsKey.getBytes()}" index="0"/>
<constructor-arg index="1">
http://git-wip-us.apache.org/repos/asf/syncope/blob/7187c35a/ext/elasticsearch/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/ElasticsearchAnySearchDAO.java
----------------------------------------------------------------------
diff --git a/ext/elasticsearch/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/ElasticsearchAnySearchDAO.java b/ext/elasticsearch/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/ElasticsearchAnySearchDAO.java
index 82b7c6f..e670e93 100644
--- a/ext/elasticsearch/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/ElasticsearchAnySearchDAO.java
+++ b/ext/elasticsearch/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/ElasticsearchAnySearchDAO.java
@@ -18,8 +18,6 @@
*/
package org.apache.syncope.core.persistence.jpa.dao;
-import static org.apache.syncope.core.persistence.jpa.dao.AbstractDAO.LOG;
-
import java.lang.reflect.Field;
import java.util.ArrayList;
import java.util.Arrays;
http://git-wip-us.apache.org/repos/asf/syncope/blob/7187c35a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
----------------------------------------------------------------------
diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
index 1ea3601..91e9ff0 100644
--- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
+++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
@@ -36,9 +36,7 @@ import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.tuple.Pair;
import org.apache.commons.lang3.tuple.Triple;
-import org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureVerifier;
import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer;
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
import org.apache.syncope.common.lib.AbstractBaseBean;
import org.apache.syncope.common.lib.SyncopeClientException;
@@ -117,14 +115,13 @@ import org.opensaml.saml.saml2.metadata.impl.SPSSODescriptorBuilder;
import org.opensaml.saml.saml2.metadata.impl.SingleLogoutServiceBuilder;
import org.opensaml.xmlsec.keyinfo.KeyInfoGenerator;
import org.opensaml.xmlsec.keyinfo.impl.X509KeyInfoGeneratorFactory;
-import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.stereotype.Component;
@Component
-public class SAML2SPLogic extends AbstractSAML2Logic<AbstractBaseBean> implements InitializingBean {
+public class SAML2SPLogic extends AbstractSAML2Logic<AbstractBaseBean> {
private static final Integer JWT_RELAY_STATE_DURATION = 5;
@@ -167,19 +164,9 @@ public class SAML2SPLogic extends AbstractSAML2Logic<AbstractBaseBean> implement
@Autowired
private SAML2ReaderWriter saml2rw;
- @Resource(name = "jwsKey")
- private String jwsKey;
-
- @Autowired
- private JwsSignatureProvider jwsSignatureProvider;
-
+ @Resource(name = "syncopeJWTSSOProviderDelegate")
private JwsSignatureVerifier jwsSignatureVerifier;
- @Override
- public void afterPropertiesSet() throws Exception {
- jwsSignatureVerifier = new HmacJwsSignatureVerifier(jwsKey.getBytes(), jwsSignatureProvider.getAlgorithm());
- }
-
@PreAuthorize("hasRole('" + StandardEntitlement.ANONYMOUS + "')")
public void getMetadata(final String spEntityID, final String urlContext, final OutputStream os) {
check();
http://git-wip-us.apache.org/repos/asf/syncope/blob/7187c35a/fit/core-reference/src/main/java/org/apache/syncope/fit/core/reference/ITImplementationLookup.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/main/java/org/apache/syncope/fit/core/reference/ITImplementationLookup.java b/fit/core-reference/src/main/java/org/apache/syncope/fit/core/reference/ITImplementationLookup.java
index 4e76d49..0a3571c 100644
--- a/fit/core-reference/src/main/java/org/apache/syncope/fit/core/reference/ITImplementationLookup.java
+++ b/fit/core-reference/src/main/java/org/apache/syncope/fit/core/reference/ITImplementationLookup.java
@@ -77,6 +77,10 @@ public class ITImplementationLookup implements ImplementationLookup {
{
Set<String> classNames = new HashSet<>();
+ classNames.add(SyncopeJWTSSOProvider.class.getName());
+ put(Type.JWT_SSO_PROVIDER, classNames);
+
+ classNames = new HashSet<>();
classNames.add(ReconciliationReportletConf.class.getName());
classNames.add(UserReportletConf.class.getName());
classNames.add(GroupReportletConf.class.getName());
[2/2] syncope git commit: [SYNCOPE-1129] Fix IT execution
Posted by il...@apache.org.
[SYNCOPE-1129] Fix IT execution
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/52aa758c
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/52aa758c
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/52aa758c
Branch: refs/heads/2_0_X
Commit: 52aa758c57a40707e6d7de5c16f449ca7f368294
Parents: 194385d
Author: Francesco Chicchiriccò <il...@apache.org>
Authored: Thu Jun 29 10:31:51 2017 +0200
Committer: Francesco Chicchiriccò <il...@apache.org>
Committed: Thu Jun 29 10:32:02 2017 +0200
----------------------------------------------------------------------
.../client/console/rest/RealmRestClient.java | 2 --
.../persistence/jpa/dao/AbstractAnyDAO.java | 2 --
.../core/spring/security/AuthDataAccessor.java | 24 +++++++++++---------
.../spring/security/SyncopeJWTSSOProvider.java | 19 +++-------------
.../src/main/resources/securityContext.xml | 6 +++++
.../jpa/dao/ElasticsearchAnySearchDAO.java | 2 --
.../apache/syncope/core/logic/SAML2SPLogic.java | 17 ++------------
.../core/reference/ITImplementationLookup.java | 4 ++++
8 files changed, 28 insertions(+), 48 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/52aa758c/client/console/src/main/java/org/apache/syncope/client/console/rest/RealmRestClient.java
----------------------------------------------------------------------
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/rest/RealmRestClient.java b/client/console/src/main/java/org/apache/syncope/client/console/rest/RealmRestClient.java
index 3855d31..2d23df6 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/rest/RealmRestClient.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/rest/RealmRestClient.java
@@ -18,8 +18,6 @@
*/
package org.apache.syncope.client.console.rest;
-import static org.apache.syncope.client.console.rest.BaseRestClient.getService;
-
import java.util.List;
import javax.ws.rs.core.GenericType;
import javax.ws.rs.core.Response;
http://git-wip-us.apache.org/repos/asf/syncope/blob/52aa758c/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/AbstractAnyDAO.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/AbstractAnyDAO.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/AbstractAnyDAO.java
index 89d27e9..394359b 100644
--- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/AbstractAnyDAO.java
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/AbstractAnyDAO.java
@@ -18,8 +18,6 @@
*/
package org.apache.syncope.core.persistence.jpa.dao;
-import static org.apache.syncope.core.persistence.jpa.dao.AbstractDAO.LOG;
-
import java.io.StringReader;
import java.util.ArrayList;
import java.util.Collection;
http://git-wip-us.apache.org/repos/asf/syncope/blob/52aa758c/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
----------------------------------------------------------------------
diff --git a/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java b/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
index d0e69f8..1a425f3 100644
--- a/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
+++ b/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
@@ -69,7 +69,6 @@ import org.apache.syncope.core.spring.ApplicationContextProvider;
import org.identityconnectors.framework.common.objects.Uid;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.support.AbstractBeanDefinition;
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
@@ -86,7 +85,7 @@ import org.springframework.transaction.annotation.Transactional;
* @see UsernamePasswordAuthenticationProvider
* @see SyncopeAuthenticationDetails
*/
-public class AuthDataAccessor implements InitializingBean {
+public class AuthDataAccessor {
protected static final Logger LOG = LoggerFactory.getLogger(AuthDataAccessor.class);
@@ -141,18 +140,21 @@ public class AuthDataAccessor implements InitializingBean {
@Autowired
protected ImplementationLookup implementationLookup;
- protected Map<String, JWTSSOProvider> jwtSSOProviders = new HashMap<>();
+ private Map<String, JWTSSOProvider> jwtSSOProviders;
- @Override
- public void afterPropertiesSet() throws Exception {
- for (Class<?> clazz : implementationLookup.getJWTSSOProviderClasses()) {
- JWTSSOProvider jwtSSOProvider = (JWTSSOProvider) ApplicationContextProvider.getBeanFactory().
- createBean(clazz, AbstractBeanDefinition.AUTOWIRE_BY_TYPE, true);
- jwtSSOProviders.put(jwtSSOProvider.getIssuer(), jwtSSOProvider);
+ public JWTSSOProvider getJWTSSOProvider(final String issuer) {
+ synchronized (this) {
+ if (jwtSSOProviders == null) {
+ jwtSSOProviders = new HashMap<>();
+
+ for (Class<?> clazz : implementationLookup.getJWTSSOProviderClasses()) {
+ JWTSSOProvider jwtSSOProvider = (JWTSSOProvider) ApplicationContextProvider.getBeanFactory().
+ createBean(clazz, AbstractBeanDefinition.AUTOWIRE_BY_TYPE, true);
+ jwtSSOProviders.put(jwtSSOProvider.getIssuer(), jwtSSOProvider);
+ }
+ }
}
- }
- public JWTSSOProvider getJWTSSOProvider(final String issuer) {
JWTSSOProvider provider = jwtSSOProviders.get(issuer);
if (provider == null) {
throw new AuthenticationCredentialsNotFoundException(
http://git-wip-us.apache.org/repos/asf/syncope/blob/52aa758c/core/spring/src/main/java/org/apache/syncope/core/spring/security/SyncopeJWTSSOProvider.java
----------------------------------------------------------------------
diff --git a/core/spring/src/main/java/org/apache/syncope/core/spring/security/SyncopeJWTSSOProvider.java b/core/spring/src/main/java/org/apache/syncope/core/spring/security/SyncopeJWTSSOProvider.java
index 4cd1a9f..d40a096 100644
--- a/core/spring/src/main/java/org/apache/syncope/core/spring/security/SyncopeJWTSSOProvider.java
+++ b/core/spring/src/main/java/org/apache/syncope/core/spring/security/SyncopeJWTSSOProvider.java
@@ -20,41 +20,28 @@ package org.apache.syncope.core.spring.security;
import javax.annotation.Resource;
import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
-import org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureVerifier;
import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
import org.apache.cxf.rs.security.jose.jws.JwsVerificationSignature;
import org.apache.syncope.core.persistence.api.dao.UserDAO;
import org.apache.syncope.core.persistence.api.entity.user.User;
-import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.transaction.annotation.Transactional;
/**
* Default implementation for internal JWT validation.
*/
-public class SyncopeJWTSSOProvider implements JWTSSOProvider, InitializingBean {
+public class SyncopeJWTSSOProvider implements JWTSSOProvider {
@Resource(name = "jwtIssuer")
private String jwtIssuer;
- @Resource(name = "jwsKey")
- private String jwsKey;
-
- @Autowired
- private JwsSignatureProvider signatureProvider;
+ @Resource(name = "syncopeJWTSSOProviderDelegate")
+ private JwsSignatureVerifier delegate;
@Autowired
private UserDAO userDAO;
- private JwsSignatureVerifier delegate;
-
- @Override
- public void afterPropertiesSet() throws Exception {
- delegate = new HmacJwsSignatureVerifier(jwsKey.getBytes(), signatureProvider.getAlgorithm());
- }
-
@Override
public String getIssuer() {
return jwtIssuer;
http://git-wip-us.apache.org/repos/asf/syncope/blob/52aa758c/core/spring/src/main/resources/securityContext.xml
----------------------------------------------------------------------
diff --git a/core/spring/src/main/resources/securityContext.xml b/core/spring/src/main/resources/securityContext.xml
index cc1445c..85a44a4 100644
--- a/core/spring/src/main/resources/securityContext.xml
+++ b/core/spring/src/main/resources/securityContext.xml
@@ -54,6 +54,12 @@ under the License.
<constructor-arg value="${adminPassword}" index="1"/>
</bean>
+ <bean id="syncopeJWTSSOProviderDelegate" class="org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureVerifier">
+ <constructor-arg value="#{jwsKey.getBytes()}" index="0"/>
+ <constructor-arg index="1">
+ <value type="org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm">HS512</value>
+ </constructor-arg>
+ </bean>
<bean id="jwsSignatureProvider" class="org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureProvider">
<constructor-arg value="#{jwsKey.getBytes()}" index="0"/>
<constructor-arg index="1">
http://git-wip-us.apache.org/repos/asf/syncope/blob/52aa758c/ext/elasticsearch/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/ElasticsearchAnySearchDAO.java
----------------------------------------------------------------------
diff --git a/ext/elasticsearch/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/ElasticsearchAnySearchDAO.java b/ext/elasticsearch/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/ElasticsearchAnySearchDAO.java
index 82b7c6f..e670e93 100644
--- a/ext/elasticsearch/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/ElasticsearchAnySearchDAO.java
+++ b/ext/elasticsearch/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/ElasticsearchAnySearchDAO.java
@@ -18,8 +18,6 @@
*/
package org.apache.syncope.core.persistence.jpa.dao;
-import static org.apache.syncope.core.persistence.jpa.dao.AbstractDAO.LOG;
-
import java.lang.reflect.Field;
import java.util.ArrayList;
import java.util.Arrays;
http://git-wip-us.apache.org/repos/asf/syncope/blob/52aa758c/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
----------------------------------------------------------------------
diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
index 1ea3601..91e9ff0 100644
--- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
+++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
@@ -36,9 +36,7 @@ import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.tuple.Pair;
import org.apache.commons.lang3.tuple.Triple;
-import org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureVerifier;
import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer;
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
import org.apache.syncope.common.lib.AbstractBaseBean;
import org.apache.syncope.common.lib.SyncopeClientException;
@@ -117,14 +115,13 @@ import org.opensaml.saml.saml2.metadata.impl.SPSSODescriptorBuilder;
import org.opensaml.saml.saml2.metadata.impl.SingleLogoutServiceBuilder;
import org.opensaml.xmlsec.keyinfo.KeyInfoGenerator;
import org.opensaml.xmlsec.keyinfo.impl.X509KeyInfoGeneratorFactory;
-import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.stereotype.Component;
@Component
-public class SAML2SPLogic extends AbstractSAML2Logic<AbstractBaseBean> implements InitializingBean {
+public class SAML2SPLogic extends AbstractSAML2Logic<AbstractBaseBean> {
private static final Integer JWT_RELAY_STATE_DURATION = 5;
@@ -167,19 +164,9 @@ public class SAML2SPLogic extends AbstractSAML2Logic<AbstractBaseBean> implement
@Autowired
private SAML2ReaderWriter saml2rw;
- @Resource(name = "jwsKey")
- private String jwsKey;
-
- @Autowired
- private JwsSignatureProvider jwsSignatureProvider;
-
+ @Resource(name = "syncopeJWTSSOProviderDelegate")
private JwsSignatureVerifier jwsSignatureVerifier;
- @Override
- public void afterPropertiesSet() throws Exception {
- jwsSignatureVerifier = new HmacJwsSignatureVerifier(jwsKey.getBytes(), jwsSignatureProvider.getAlgorithm());
- }
-
@PreAuthorize("hasRole('" + StandardEntitlement.ANONYMOUS + "')")
public void getMetadata(final String spEntityID, final String urlContext, final OutputStream os) {
check();
http://git-wip-us.apache.org/repos/asf/syncope/blob/52aa758c/fit/core-reference/src/main/java/org/apache/syncope/fit/core/reference/ITImplementationLookup.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/main/java/org/apache/syncope/fit/core/reference/ITImplementationLookup.java b/fit/core-reference/src/main/java/org/apache/syncope/fit/core/reference/ITImplementationLookup.java
index 4e76d49..0a3571c 100644
--- a/fit/core-reference/src/main/java/org/apache/syncope/fit/core/reference/ITImplementationLookup.java
+++ b/fit/core-reference/src/main/java/org/apache/syncope/fit/core/reference/ITImplementationLookup.java
@@ -77,6 +77,10 @@ public class ITImplementationLookup implements ImplementationLookup {
{
Set<String> classNames = new HashSet<>();
+ classNames.add(SyncopeJWTSSOProvider.class.getName());
+ put(Type.JWT_SSO_PROVIDER, classNames);
+
+ classNames = new HashSet<>();
classNames.add(ReconciliationReportletConf.class.getName());
classNames.add(UserReportletConf.class.getName());
classNames.add(GroupReportletConf.class.getName());