You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2015/12/03 13:56:59 UTC
cxf-fediz git commit: Updating new clients keeping the resource owner
subject and pulling the existing regs on the start up
Repository: cxf-fediz
Updated Branches:
refs/heads/master 1b2c9a0bc -> 29530b63f
Updating new clients keeping the resource owner subject and pulling the existing regs on the start up
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/29530b63
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/29530b63
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/29530b63
Branch: refs/heads/master
Commit: 29530b63fd9af6a4aeb13b845f0ddd7af7aa8716
Parents: 1b2c9a0
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Thu Dec 3 12:56:34 2015 +0000
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Thu Dec 3 12:56:34 2015 +0000
----------------------------------------------------------------------
.../service/oidc/ClientRegistrationService.java | 21 +++++++++++++++++++-
.../main/webapp/WEB-INF/applicationContext.xml | 11 +++++-----
2 files changed, 26 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/29530b63/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java
index c663b09..d4269d7 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ClientRegistrationService.java
@@ -39,6 +39,7 @@ import javax.ws.rs.core.SecurityContext;
import org.apache.commons.lang3.StringUtils;
import org.apache.cxf.common.util.Base64UrlUtility;
import org.apache.cxf.rs.security.oauth2.common.Client;
+import org.apache.cxf.rs.security.oauth2.common.UserSubject;
import org.apache.cxf.rt.security.crypto.CryptoUtils;
@Path("/")
@@ -85,6 +86,9 @@ public class ClientRegistrationService {
if (!StringUtils.isEmpty(redirectURI)) {
newClient.setRedirectUris(Collections.singletonList(redirectURI));
}
+ String userName = sc.getUserPrincipal().getName();
+ UserSubject userSubject = new UserSubject(userName);
+ newClient.setResourceOwnerSubject(userSubject);
return registerNewClient(newClient);
}
@@ -108,7 +112,11 @@ public class ClientRegistrationService {
}
protected Collection<Client> getClientRegistrations() {
- String userName = sc.getUserPrincipal().getName();
+ String userName = getUserName();
+ return getClientRegistrations(userName);
+ }
+
+ protected Collection<Client> getClientRegistrations(String userName) {
Collection<Client> userClientRegs = registrations.get(userName);
if (userClientRegs == null) {
userClientRegs = new HashSet<Client>();
@@ -117,6 +125,10 @@ public class ClientRegistrationService {
return userClientRegs;
}
+ private String getUserName() {
+ return sc.getUserPrincipal().getName();
+ }
+
public void setDataProvider(OAuthDataManager m) {
this.manager = m;
}
@@ -124,5 +136,12 @@ public class ClientRegistrationService {
public void setHomeRealms(Map<String, String> homeRealms) {
this.homeRealms = homeRealms;
}
+
+ public void init() {
+ for (Client c : manager.getClients()) {
+ String userName = c.getResourceOwnerSubject().getLogin();
+ getClientRegistrations(userName).add(c);
+ }
+ }
}
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/29530b63/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml b/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
index 420fd4f..6702a0b 100644
--- a/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
+++ b/services/oidc/src/main/webapp/WEB-INF/applicationContext.xml
@@ -55,12 +55,13 @@
<entry key="rs.security.signature.key.password.provider" value-ref="keyPasswordProvider"/>
</jaxrs:properties>
</jaxrs:server>
+
+ <!--
+ Disable it if the client secret is used or if
+ pre-installing public OIDC keys to clients is preferred
+ -->
<jaxrs:server address="/jwk">
<jaxrs:serviceBeans>
- <!--
- disable it if the client secret is used or if
- pre-installing public OIDC keys to clients is preferred
- -->
<ref bean="oidcKeysService"/>
</jaxrs:serviceBeans>
<jaxrs:providers>
@@ -74,7 +75,7 @@
<bean id="keyPasswordProvider" class="org.apache.cxf.fediz.service.oidc.PrivateKeyPasswordProviderImpl"/>
- <bean id="clientRegService" class="org.apache.cxf.fediz.service.oidc.ClientRegistrationService">
+ <bean id="clientRegService" init-method="init" class="org.apache.cxf.fediz.service.oidc.ClientRegistrationService">
<property name="dataProvider" ref="oauthProvider"/>
<property name="homeRealms">
<map>