You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cxf.apache.org by co...@apache.org on 2017/03/07 17:18:05 UTC

[1/2] cxf-fediz git commit: FEDIZ-193 - Add a way to support additional top level domains when registering OIDC clients

Repository: cxf-fediz
Updated Branches:
  refs/heads/master 35e4891b9 -> 84b63d16c


FEDIZ-193 - Add a way to support additional top level domains when registering OIDC clients


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/84b63d16
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/84b63d16
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/84b63d16

Branch: refs/heads/master
Commit: 84b63d16cc9f6c28e3ba61e4ae1f36054ec20c99
Parents: 686276a
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Tue Mar 7 17:17:32 2017 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Mar 7 17:17:55 2017 +0000

----------------------------------------------------------------------
 .../oidc/clients/ClientRegistrationService.java | 22 ++++++++++-
 .../cxf/fediz/systests/oidc/OIDCTest.java       | 39 ++++++++++++++++++++
 .../test/resources/oidc/applicationContext.xml  |  7 ++++
 3 files changed, 67 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/84b63d16/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/clients/ClientRegistrationService.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/clients/ClientRegistrationService.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/clients/ClientRegistrationService.java
index 7d29e4e..8b182af 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/clients/ClientRegistrationService.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/clients/ClientRegistrationService.java
@@ -22,6 +22,7 @@ package org.apache.cxf.fediz.service.oidc.clients;
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.Comparator;
@@ -35,6 +36,7 @@ import java.util.Map;
 import java.util.Set;
 import java.util.SortedSet;
 import java.util.TreeSet;
+import java.util.logging.Logger;
 
 import javax.ws.rs.Consumes;
 import javax.ws.rs.FormParam;
@@ -48,7 +50,10 @@ import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.SecurityContext;
 
+import org.apache.commons.validator.routines.DomainValidator;
+import org.apache.commons.validator.routines.DomainValidator.ArrayType;
 import org.apache.commons.validator.routines.UrlValidator;
+import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.rs.security.oauth2.common.Client;
@@ -65,6 +70,8 @@ import org.apache.cxf.rt.security.crypto.CryptoUtils;
 
 @Path("/")
 public class ClientRegistrationService {
+    
+    private static final Logger LOG = LogUtils.getL7dLogger(ClientRegistrationService.class);
 
     private Map<String, Collection<Client>> registrations = new HashMap<String, Collection<Client>>();
     private Map<String, Set<String>> clientNames = new HashMap<String, Set<String>>();
@@ -318,7 +325,7 @@ public class ClientRegistrationService {
     }
 
     private boolean isValidURI(String uri, boolean requireHttps) {
-
+        
         UrlValidator urlValidator = null;
 
         if (requireHttps) {
@@ -446,6 +453,19 @@ public class ClientRegistrationService {
         this.clientProvider = clientProvider;
     }
 
+    public void setAdditionalTLDs(List<String> additionalTLDs) {
+        // Support additional top level domains
+        if (additionalTLDs != null && !additionalTLDs.isEmpty()) {
+            try {
+                String[] tldsToAddArray = additionalTLDs.toArray(new String[additionalTLDs.size()]);
+                LOG.info("Adding the following additional Top Level Domains: " + Arrays.toString(tldsToAddArray));
+                DomainValidator.updateTLDOverride(ArrayType.GENERIC_PLUS, tldsToAddArray);
+            } catch (IllegalStateException ex) {
+                //
+            }
+        }
+    }
+
     private static class ClientComparator implements Comparator<Client> {
 
         @Override

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/84b63d16/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java
----------------------------------------------------------------------
diff --git a/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java b/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java
index 556e966..2e20ce5 100644
--- a/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java
+++ b/systests/oidc/src/test/java/org/apache/cxf/fediz/systests/oidc/OIDCTest.java
@@ -652,6 +652,45 @@ public class OIDCTest {
 
         webClient.close();
     }
+    
+    @org.junit.Test
+    public void testCreateClientWithSupportedTLD() throws Exception {
+        String url = "https://localhost:" + getRpHttpsPort() + "/fediz-oidc/console/clients";
+        String user = "alice";
+        String password = "ecila";
+
+        // Login to the client page successfully
+        WebClient webClient = setupWebClient(user, password, getIdpHttpsPort());
+        HtmlPage loginPage = login(url, webClient);
+        final String bodyTextContent = loginPage.getBody().getTextContent();
+        Assert.assertTrue(bodyTextContent.contains("Registered Clients"));
+
+        // Register a client with a supported TLD
+        HtmlPage registeredClientPage = registerNewClient(webClient, url, "tld1", "https://www.apache.corp",
+            "https://cxf.apache.org");
+        String registeredClientPageBody = registeredClientPage.getBody().getTextContent();
+        Assert.assertTrue(registeredClientPageBody.contains("Registered Clients"));
+        Assert.assertTrue(registeredClientPageBody.contains("tld1"));
+        Assert.assertTrue(registeredClientPageBody.contains("https://www.apache.corp"));
+        
+        HtmlTable table = registeredClientPage.getHtmlElementById("registered_clients");
+        String clientId = table.getCellAt(3, 1).asText().trim();
+        
+        // Register a client with an unsupported TLD
+        try {
+            HtmlPage errorPage = registerNewClient(webClient, url, "tld2", "https://www.apache.corp2",
+                                                   "https://cxf.apache.org");
+            Assert.assertTrue(errorPage.asText().contains("Invalid Client Registration"));
+        } catch (Exception ex) {
+            // expected
+        }
+        
+        // Delete the first client above
+        deleteClient(webClient, url, clientId);
+
+
+        webClient.close();
+    }
 
     private static WebClient setupWebClient(String user, String password, String idpPort) {
         final WebClient webClient = new WebClient();

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/84b63d16/systests/oidc/src/test/resources/oidc/applicationContext.xml
----------------------------------------------------------------------
diff --git a/systests/oidc/src/test/resources/oidc/applicationContext.xml b/systests/oidc/src/test/resources/oidc/applicationContext.xml
index 0313640..232e0f1 100644
--- a/systests/oidc/src/test/resources/oidc/applicationContext.xml
+++ b/systests/oidc/src/test/resources/oidc/applicationContext.xml
@@ -148,6 +148,13 @@
             <entry key="urn:org:apache:cxf:fediz:idp:realm-B" value="IDP of Realm B" />
           </map>
        </property>
+       <property name="additionalTLDs">
+           <list>
+               <value>domain123</value>
+               <value>corp</value>
+               <value>domain456</value>
+           </list>
+       </property>
     </bean>
     
     <!-- Console linking to the client registration service -->

[2/2] cxf-fediz git commit: Updating Commons Validator

Posted by co...@apache.org.

Updating Commons Validator


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/686276a2
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/686276a2
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/686276a2

Branch: refs/heads/master
Commit: 686276a2088135fe6fe57cf4cc75d86a6e702a10
Parents: 35e4891
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Mon Mar 6 16:43:14 2017 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Tue Mar 7 17:17:55 2017 +0000

----------------------------------------------------------------------
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/686276a2/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index 5b4a84a..7445020 100644
--- a/pom.xml
+++ b/pom.xml
@@ -43,7 +43,7 @@
         <commons.lang.version>3.5</commons.lang.version>
         <commons.logging.version>1.2</commons.logging.version>
         <commons.io.version>2.5</commons.io.version>
-        <commons.validator.version>1.5.1</commons.validator.version>
+        <commons.validator.version>1.6</commons.validator.version>
         <cxf.version>3.1.11-SNAPSHOT</cxf.version>
         <cxf.build-utils.version>3.2.0</cxf.build-utils.version>
         <dbcp.version>2.1.1</dbcp.version>