You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2015/07/08 17:33:43 UTC
cxf git commit: Minor update to OAuth2 JwsReq filter
Repository: cxf
Updated Branches:
refs/heads/master 0e93e9030 -> b71933f09
Minor update to OAuth2 JwsReq filter
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b71933f0
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b71933f0
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b71933f0
Branch: refs/heads/master
Commit: b71933f0963c9a4410531849ac6ef5bca937f7e1
Parents: 0e93e90
Author: Sergey Beryozkin <sb...@talend.com>
Authored: Wed Jul 8 16:33:28 2015 +0100
Committer: Sergey Beryozkin <sb...@talend.com>
Committed: Wed Jul 8 16:33:28 2015 +0100
----------------------------------------------------------------------
.../oauth2/grants/code/JwtRequestCodeFilter.java | 12 ++++++++++++
1 file changed, 12 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/b71933f0/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeFilter.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeFilter.java
index 4920af0..d80c8bd 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/JwtRequestCodeFilter.java
@@ -26,6 +26,7 @@ import javax.crypto.SecretKey;
import javax.ws.rs.core.MultivaluedMap;
import org.apache.cxf.helpers.CastUtils;
+import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.jaxrs.impl.MetadataMap;
import org.apache.cxf.jaxrs.provider.json.JsonMapObjectReaderWriter;
import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm;
@@ -44,6 +45,7 @@ import org.apache.cxf.rt.security.crypto.CryptoUtils;
public class JwtRequestCodeFilter implements AuthorizationCodeRequestFilter {
private static final String REQUEST_PARAM = "request";
+ private static final String REQUEST_URI_PARAM = "request_uri";
private JweDecryptionProvider jweDecryptor;
private JwsSignatureVerifier jwsVerifier;
private boolean verifyWithClientCertificates;
@@ -56,6 +58,12 @@ public class JwtRequestCodeFilter implements AuthorizationCodeRequestFilter {
UserSubject endUser,
Client client) {
String requestToken = params.getFirst(REQUEST_PARAM);
+ if (requestToken == null) {
+ String requestUri = params.getFirst(REQUEST_URI_PARAM);
+ if (requestUri != null && requestUri.startsWith(getPrefix(client))) {
+ requestToken = WebClient.create(requestUri).get(String.class);
+ }
+ }
if (requestToken != null) {
JweDecryptionProvider theJweDecryptor = getInitializedDecryptionProvider(client);
if (theJweDecryptor != null) {
@@ -92,6 +100,10 @@ public class JwtRequestCodeFilter implements AuthorizationCodeRequestFilter {
return params;
}
}
+ private String getPrefix(Client client) {
+ //TODO: consider restricting to specific hosts
+ return "https://";
+ }
public void setJweDecryptor(JweDecryptionProvider jweDecryptor) {
this.jweDecryptor = jweDecryptor;
}