Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CXF-8121 Improve STS REST interface #580

Open
wants to merge 7 commits into
base: main
Choose a base branch
from
+15,022 −30,055
Open

CXF-8121 Improve STS REST interface #580

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
1262c12
CXF-8121 Improve STS REST interface
dtsybulka Sep 27, 2019
f19b3b8
CXF-8121: Add advanced tests. Small refactoring according the PR comm…
dtsybulka Oct 8, 2019
fed6dbc
Changes according PR's comments
dtsybulka Nov 3, 2019
ba9d9a8
Changes according PR's comments
dtsybulka Nov 3, 2019
7b2a427
Fix poms according PR commit. Small fixes in filters.
dtsybulka Nov 10, 2019
494f0e4
Merge branch 'master' of github.com:apache/cxf into CXF-8121
dtsybulka Jul 23, 2020
b10b7b9
[CXF-8121] Changes according PR's comments
dtsybulka Jul 31, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 9 additions & 1 deletion ...ices/sts/sts-core/src/main/java/org/apache/cxf/sts/rest/RESTSecurityTokenServiceImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ public class RESTSecurityTokenServiceImpl extends SecurityTokenServiceImpl imple
public static final Map<String, String> DEFAULT_CLAIM_TYPE_MAP;
public static final Map<String, String> DEFAULT_TOKEN_TYPE_MAP;

private static final Map<String, String> DEFAULT_KEY_TYPE_MAP = new HashMap<>();
public static final Map<String, String> DEFAULT_KEY_TYPE_MAP = new HashMap<>();
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This map should be made an unmodifiable map as per the other public maps


private static final String CLAIM_TYPE = "ClaimType";
private static final String CLAIM_TYPE_NS = "http://schemas.xmlsoap.org/ws/2005/05/identity";
Expand Down Expand Up @@ -402,6 +402,14 @@ public void setUseDeflateEncoding(boolean deflate) {
useDeflateEncoding = deflate;
}

public void setMessageContext(MessageContext messageContext) {
this.messageContext = messageContext;
}

public void setSecurityContext(javax.ws.rs.core.SecurityContext securityContext) {
this.securityContext = securityContext;
}

protected String encodeToken(String assertion) throws Base64Exception {
byte[] tokenBytes = assertion.getBytes(StandardCharsets.UTF_8);

Expand Down
97 changes: 97 additions & 0 deletions services/sts/sts-rest/pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,97 @@
<?xml version="1.0"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.apache.cxf.services.sts</groupId>
<artifactId>cxf-services-sts-rest</artifactId>
<packaging>bundle</packaging>
<name>Apache CXF STS REST</name>
<url>https://cxf.apache.org</url>
<parent>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-parent</artifactId>
<version>3.4.0-SNAPSHOT</version>
<relativePath>../../../parent/pom.xml</relativePath>
</parent>
<properties>
<cxf.module.name>org.apache.cxf.sts.core</cxf.module.name>
</properties>
<dependencies>
<dependency>
<groupId>org.apache.cxf.services.sts</groupId>
<artifactId>cxf-services-sts-core</artifactId>
<version>${project.version}</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-rs-service-description-openapi-v3</artifactId>
<version>${project.version}</version>
<exclusions>
<exclusion>
<groupId>javax.validation</groupId>
<artifactId>validation-api</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-frontend-jaxws</artifactId>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-rs-security-jose-jaxrs</artifactId>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.felix</groupId>
<artifactId>maven-bundle-plugin</artifactId>
<extensions>true</extensions>
<configuration>
<instructions>
<_nouses>true</_nouses>
<_versionpolicy>[$(version;==;$(@)),$(version;+;$(@)))</_versionpolicy>
<Implementation-Title>${project.name}</Implementation-Title>
<Implementation-Vendor>The Apache Software Foundation</Implementation-Vendor>
<Implementation-Vendor-Id>org.apache</Implementation-Vendor-Id>
<Specification-Title>${project.name}</Specification-Title>
<Specification-Vendor>The Apache Software Foundation</Specification-Vendor>
<Export-Package>
org.apache.cxf.sts.*;version=${cxf.osgi.version.clean}
</Export-Package>
<Import-Package>
javax.servlet*;version="${cxf.osgi.javax.servlet.version}",
!org.apache.cxf.sts.*,
org.apache.cxf.*,
org.springframework.ldap*;resolution:=optional,
net.sf.ehcache*;resolution:=optional;version="[2.5, 3.0.0)",
org.opensaml*;version="${cxf.opensaml.osgi.version.range}",
javax.xml.bind;version="${cxf.osgi.javax.bind.version}",
*
</Import-Package>
<Bundle-SymbolicName>org.apache.cxf.services.sts.rest</Bundle-SymbolicName>
</instructions>
</configuration>
</plugin>
</plugins>
</build>
</project>
80 changes: 80 additions & 0 deletions services/sts/sts-rest/src/main/java/org/apache/cxf/sts/rest/api/BaseResponse.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,80 @@
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.cxf.sts.rest.api;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The package name of "org.apache.cxf.sts.rest" is a bit problematic in OSGi, as it clashes with the module in STS Core. Can we rename this to something different?

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is org.apache.cxf.sts.rs will be OK?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes I guess so


import java.io.Serializable;

import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
import javax.xml.bind.annotation.XmlType;

/**
* Base class for STS REST interface responses
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "BaseResponse", propOrder = {
"status",
"message"
})
@XmlRootElement(name = "BaseResponse")
public class BaseResponse implements Serializable {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This class seems only to be called in the RestExceptionMapper when there is an exception? Maybe it should be renamed for only the purpose of an exception?

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The idea was to use this class for futher improvements of the STS REST interface. To return more "beautiful" REST responses instead the responses that now are return from STS core

private static final long serialVersionUID = 100L;

public enum StatusType {
// The service call has been successful
SUCCESS,
// The service call has been failed.
ERROR;
}

@XmlElement(required = true)
String status;

@XmlElement
String message;

public BaseResponse() {
this.status = StatusType.SUCCESS.name();
}

public BaseResponse(final StatusType status, final String message) {
this.status = status.name();
this.message = message;
}

public String getStatus() {
return status;
}

public void setStatus(String status) {
this.status = status;
}

public String getMessage() {
return message;
}

public void setMessage(String message) {
this.message = message;
}
}


85 changes: 85 additions & 0 deletions services/sts/sts-rest/src/main/java/org/apache/cxf/sts/rest/api/GetTokenRequest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.cxf.sts.rest.api;

import java.io.Serializable;
import java.util.ArrayList;
import java.util.List;

import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
import javax.xml.bind.annotation.XmlType;

/**
* Class describes request model for getTokenExchange and getToken endpoints
*/
@XmlAccessorType(XmlAccessType.FIELD)
@XmlType(name = "TokenRequest")
@XmlRootElement(name = "TokenRequest")
public class GetTokenRequest implements Serializable {
private static final long serialVersionUID = 100L;

@XmlElement(required = true)
private String tokenType;

@XmlElement(required = true)
private String keyType;

@XmlElement(required = true)
private List<String> claims = new ArrayList();

@XmlElement
private String audience;

public String getTokenType() {
return tokenType;
}

public void setTokenType(String tokenType) {
this.tokenType = tokenType;
}

public List<String> getClaims() {
return claims;
}

public void setClaims(List<String> claims) {
this.claims = claims;
}

public String getAudience() {
return audience;
}

public void setAudience(String audience) {
this.audience = audience;
}

public String getKeyType() {
return keyType;
}

public void setKeyType(String keyType) {
this.keyType = keyType;
}
}


Loading