You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2016/07/26 11:43:25 UTC

cxf git commit: Make it possible to set the role "claim" for the OidcRpAuthenticationFilter as well

Repository: cxf
Updated Branches:
  refs/heads/master 955fd4b7f -> 87b4ca436


Make it possible to set the role "claim" for the OidcRpAuthenticationFilter as well


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/87b4ca43
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/87b4ca43
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/87b4ca43

Branch: refs/heads/master
Commit: 87b4ca4362ea7a0e7b45d1589027045c6e3a552e
Parents: 955fd4b
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Jul 26 12:43:00 2016 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Jul 26 12:43:00 2016 +0100

----------------------------------------------------------------------
 .../rs/security/oidc/rp/OidcRpAuthenticationFilter.java   | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/87b4ca43/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcRpAuthenticationFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcRpAuthenticationFilter.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcRpAuthenticationFilter.java
index 9a6823b..4ef706f 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcRpAuthenticationFilter.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcRpAuthenticationFilter.java
@@ -53,6 +53,7 @@ public class OidcRpAuthenticationFilter implements ContainerRequestFilter {
     private MessageContext mc;
     private ClientTokenContextManager stateManager;
     private String redirectUri;
+    private String roleClaim;
     
     public void filter(ContainerRequestContext rc) {
         if (checkSecurityContext(rc)) {
@@ -95,7 +96,10 @@ public class OidcRpAuthenticationFilter implements ContainerRequestFilter {
         newTokenContext.setUserInfo(tokenContext.getUserInfo());
         newTokenContext.setState(toRequestState(rc));
         JAXRSUtils.getCurrentMessage().setContent(ClientTokenContext.class, newTokenContext);
-        rc.setSecurityContext(new OidcSecurityContext(newTokenContext));
+        
+        OidcSecurityContext oidcSecCtx = new OidcSecurityContext(newTokenContext);
+        oidcSecCtx.setRoleClaim(roleClaim);
+        rc.setSecurityContext(oidcSecCtx);
         return true;
     }
     private MultivaluedMap<String, String> toRequestState(ContainerRequestContext rc) {
@@ -116,4 +120,8 @@ public class OidcRpAuthenticationFilter implements ContainerRequestFilter {
     public void setClientTokenContextManager(ClientTokenContextManager manager) {
         this.stateManager = manager;
     }
+    
+    public void setRoleClaim(String roleClaim) {
+        this.roleClaim = roleClaim;
+    }
 }