Merge branch 'refs/heads/master' of git@github.com:Talend/tesb-rt-se.git

idralyuk · Jul 17, 2012 · b948ccc · b948ccc
2 parents a27e8c5 + fb33c7f
commit b948ccc
Show file tree

Hide file tree

Showing 70 changed files with 3,203 additions and 70 deletions.
diff --git a/...rity/common/src/main/java/com/talend/camel/examples/springsecurity/common/HelloWorld.java b/...rity/common/src/main/java/com/talend/camel/examples/springsecurity/common/HelloWorld.java
@@ -11,7 +11,7 @@
 import javax.ws.rs.POST;
 import javax.ws.rs.Path;
 import javax.ws.rs.Produces;
-import javax.ws.rs.QueryParam;
+import javax.ws.rs.MatrixParam;
 import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
 
 @WebService(targetNamespace = "http://hello.com")
@@ -20,7 +20,7 @@ public interface HelloWorld {
 
     @GET
     @Produces("text/plain")
-    String sayHi(@QueryParam("text") String text);
+    String sayHi(@MatrixParam("text") String text);
 
     @POST
     @Consumes("text/xml")

diff --git a/examples/cxf/features/pom.xml b/examples/cxf/features/pom.xml
@@ -21,7 +21,7 @@
     <properties>
         <activemq.version>5.5.1</activemq.version>
         <cxf.version>2.6.1</cxf.version>
-        <cxf.xjc.version>${cxf.version}</cxf.xjc.version>
+        <cxf.xjc.version>2.6.0</cxf.xjc.version>
         <camel.version>2.9.3-SNAPSHOT</camel.version>
         <karaf.version>2.2.8</karaf.version>
         <spring.version>3.0.7.RELEASE</spring.version>

diff --git a/examples/cxf/jaxrs-oauth2/README.txt b/examples/cxf/jaxrs-oauth2/README.txt
@@ -36,6 +36,10 @@ Please see the "Demo Description" section below for more information.
 
 [1] http://tools.ietf.org/html/draft-ietf-oauth-v2-25
 
+Additinally, please follow sso-saml/README.txt on how to run this demo with 
+Social.com, Reservations and OAuth2.0 web applications running on different 
+HTTP ports, with SAML Web Browser Single Sign-On enabled.   
+
 
 Building the Demo
 ---------------------------------------
@@ -100,10 +104,12 @@ file. If the server is listening on an alternative port then you can use an
 - The Social.com User Registration Form asks for a user name and password.  
   At the moment only a user name "barry@social.com" with the "1234" password 
   is supported 
-- Press "Register With Social.com" to complete the reservation.  
+- Press "Register With Social.com" to complete the account registration.  
 - Follow the link in the bottom of the returned User Registration 
-  Confirmation page in order to view the personal UserAccount page, 
-  note that the Calendar has no reserved events.
+  Confirmation page in order to view the personal UserAccount page.
+- When asked please authenticate with the service using the 
+  "barry@social.com" and "1234" pair. 
+- View the account page, Note that Calendar has no reserved events.
 - Follow the link in the bottom of the User Account page in order to try
   the online Restaurant Reservations service.  
 - The Restaurant Reservations Form offers an option to book a restaurant 

diff --git a/examples/cxf/jaxrs-oauth2/client/src/main/java/client/RESTClient.java b/examples/cxf/jaxrs-oauth2/client/src/main/java/client/RESTClient.java
@@ -54,7 +54,7 @@ public void registerClientApplication() throws Exception {
     }
 
     public void createUserAccount() throws Exception {
-    	WebClient rs = WebClient.create("http://localhost:" + port + "/services/social/registerUser");
+    	WebClient rs = WebClient.create("http://localhost:" + port + "/services/register/registerUser");
     	WebClient.getConfig(rs).getHttpConduit().getClient().setReceiveTimeout(10000000L);
     	rs.form(new Form().set("user", "barry@social.com").set("password", "1234"));
 

diff --git a/examples/cxf/jaxrs-oauth2/pom.xml b/examples/cxf/jaxrs-oauth2/pom.xml
@@ -20,7 +20,7 @@
     </parent>
 
     <properties>
-        <cxf.version>2.6.1</cxf.version>
+        <cxf.version>2.6.2-SNAPSHOT</cxf.version>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     </properties>
 
@@ -42,6 +42,11 @@
         <module>service</module>
         <module>war</module>
         <module>client</module>
+
+        <module>sso-saml/social-app-war</module>
+        <module>sso-saml/oauth-war</module>
+        <module>sso-saml/reservations-war</module>
+        <module>sso-saml/samlp-racs-war</module> 
     </modules>
 
     <build>
@@ -77,6 +82,6 @@
             </plugins>
         </pluginManagement>
     </build>
-
+    
 </project>
 
diff --git a/examples/cxf/jaxrs-oauth2/service/src/main/java/oauth2/manager/ThirdPartyAccessService.java b/examples/cxf/jaxrs-oauth2/service/src/main/java/oauth2/manager/ThirdPartyAccessService.java
@@ -14,6 +14,7 @@
 
 import oauth2.common.Calendar;
 import oauth2.common.OAuthConstants;
+import oauth2.service.UserAccount;
 import oauth2.service.UserAccounts;
 
 import org.apache.cxf.jaxrs.ext.MessageContext;
@@ -35,7 +36,11 @@ public void setAccounts(UserAccounts accounts) {
 	public Calendar getUserCalendar() {
 	    OAuthContext oauth = getOAuthContext();
 	    String userName = oauth.getSubject().getLogin();
-		return accounts.getAccount(userName).getCalendar();
+	    UserAccount account = accounts.getAccount(userName);
+	    if (account == null) {
+	    	account = accounts.getAccountWithAlias(userName);
+	    }
+		return account.getCalendar();
 	}
 
 	@POST

diff --git a/examples/cxf/jaxrs-oauth2/service/src/main/java/oauth2/service/SecurityContextFilter.java b/examples/cxf/jaxrs-oauth2/service/src/main/java/oauth2/service/SecurityContextFilter.java
@@ -9,7 +9,6 @@
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.Response;
-import javax.ws.rs.core.UriInfo;
 import javax.ws.rs.ext.Provider;
 
 import org.apache.cxf.common.security.SimplePrincipal;
@@ -25,20 +24,33 @@ public class SecurityContextFilter implements RequestHandler {
 
 	@Context
 	private HttpHeaders headers;
-	@Context
-	private UriInfo ui;
 
     private UserAccounts accounts;
-	private String userRegistrationPath; 
 
 	public void setAccounts(UserAccounts accounts) {
 		this.accounts = accounts;
 	}
 
 	public Response handleRequest(Message message, ClassResourceInfo cri) {
 
-		if (ui.getAbsolutePath().toString().endsWith(userRegistrationPath)) {
-			return null;
+
+		SecurityContext sc = message.get(SecurityContext.class);
+		if (sc != null) {
+		    Principal principal  = sc.getUserPrincipal();
+		    if (principal != null) {
+			    String accountName = principal.getName();
+
+			    UserAccount account = accounts.getAccount(accountName);
+			    if (account == null) {
+			    	account = accounts.getAccountWithAlias(accountName);
+			    }
+				if (account == null) {
+					return createFaultResponse();
+				} else {
+					setNewSecurityContext(message, account.getName());
+					return null;
+				}
+		    }
 		}
 
 		List<String> authValues = headers.getRequestHeader("Authorization");
@@ -64,27 +76,30 @@ public Response handleRequest(Message message, ClassResourceInfo cri) {
 		if (account == null || !account.getPassword().equals(namePassword[1])) {
 			return createFaultResponse();
 		}
-		final SecurityContext sc = new SecurityContext() {
+
+		setNewSecurityContext(message, account.getName());
+		return null;
+	}
+
+	private void setNewSecurityContext(Message message, final String user) {
+		final SecurityContext newSc = new SecurityContext() {
 
 			public Principal getUserPrincipal() {
-				return new SimplePrincipal(account.getName());
+				return new SimplePrincipal(user);
 			}
 
 			public boolean isUserInRole(String arg0) {
 				return false;
 			}
 
 		};
-		message.put(SecurityContext.class, sc);
-		return null;
+		message.put(SecurityContext.class, newSc);
 	}
-
+	
 	private Response createFaultResponse() {
 		return Response.status(401).header("WWW-Authenticate", "Basic realm=\"Social.com\"").build();
 	}
 
-	public void setUserRegistrationPath(String userRegistrationPath) {
-		this.userRegistrationPath = userRegistrationPath;
-	}
+
 
 }
diff --git a/examples/cxf/jaxrs-oauth2/service/src/main/java/oauth2/service/UserAccount.java b/examples/cxf/jaxrs-oauth2/service/src/main/java/oauth2/service/UserAccount.java
@@ -8,13 +8,26 @@
 public class UserAccount {
     private String name;
     private String password;
+
+    private String accountAlias;
+
     private Calendar calendar = new Calendar();
 
     public UserAccount(String name, String password) {
     	this.name = name;
     	this.password = password;
     }
 
+    public UserAccount(String name, String password, String alias) {
+    	this.name = name;
+    	this.password = password;
+    	if (alias != null) {
+    	    this.accountAlias = alias;
+    	} else {
+    		this.accountAlias = name;
+    	}
+    }
+
     public String getName() {
     	return name;
     }
@@ -26,4 +39,12 @@ public String getPassword() {
 	public Calendar getCalendar() {
 		return calendar;
 	}
+
+	public String getAccountAlias() {
+		return accountAlias;
+	}
+
+	public void setAccountAlias(String accountAlias) {
+		this.accountAlias = accountAlias;
+	}
 }
diff --git a/examples/cxf/jaxrs-oauth2/service/src/main/java/oauth2/service/UserAccounts.java b/examples/cxf/jaxrs-oauth2/service/src/main/java/oauth2/service/UserAccounts.java
@@ -9,17 +9,30 @@ public class UserAccounts {
 
 	private ConcurrentHashMap<String, UserAccount> accounts = 
 		new ConcurrentHashMap<String, UserAccount>();
+	private ConcurrentHashMap<String, UserAccount> accountAliases = 
+			new ConcurrentHashMap<String, UserAccount>();
 
 	public void setAccount(String userName, UserAccount account) {
 		accounts.putIfAbsent(userName, account);
+		if (account.getAccountAlias() != null) {
+		    accountAliases.putIfAbsent(account.getAccountAlias(), account);
+		}
 	}
 
 	public UserAccount getAccount(String name) {
 		return accounts.get(name);
 	}
 
+	public UserAccount getAccountWithAlias(String alias) {
+		return accountAliases.get(alias);
+	}
+
 	public UserAccount removeAccount(String name) {
-		return accounts.remove(name);
+		UserAccount account = accounts.remove(name);
+		if (account != null && account.getAccountAlias() != null) {
+			accountAliases.remove(account.getAccountAlias());
+		}
+		return account;
 	}
 
 }
diff --git a/examples/cxf/jaxrs-oauth2/service/src/main/java/oauth2/service/UserRegistrationService.java b/examples/cxf/jaxrs-oauth2/service/src/main/java/oauth2/service/UserRegistrationService.java
@@ -27,11 +27,13 @@ public void setAccounts(UserAccounts accounts) {
 	@POST
 	@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
 	@Path("/")
-	public UserRegistration register(@FormParam("user") String name, @FormParam("password") String password) {
+	public UserRegistration register(@FormParam("user") String name,
+			                         @FormParam("alias") String alias,
+			                         @FormParam("password") String password) {
 		if (accounts.getAccount(name) != null) {
 			throw new WebApplicationException(400);
 		}
-		accounts.setAccount(name, new UserAccount(name, password));
+		accounts.setAccount(name, new UserAccount(name, password, alias));
 		return new UserRegistration(name);
 	}
 }
diff --git a/examples/cxf/jaxrs-oauth2/service/src/main/java/oauth2/thirdparty/SecurityContextFilter.java b/examples/cxf/jaxrs-oauth2/service/src/main/java/oauth2/thirdparty/SecurityContextFilter.java
@@ -26,13 +26,22 @@ public class SecurityContextFilter implements RequestHandler {
 	@Context
 	private HttpHeaders headers;
 	private Map<String, String> users;
-
+	private String realm;
 	public void setUsers(Map<String, String> users) {
 		this.users = users;
 	} 
 
 
 	public Response handleRequest(Message message, ClassResourceInfo cri) {
+
+		SecurityContext sc = message.get(SecurityContext.class);
+		if (sc != null) {
+		    Principal principal  = sc.getUserPrincipal();
+		    if (principal != null && users.containsKey(principal.getName())) {
+			    return null;
+		    }
+		}
+
 		List<String> authValues = headers.getRequestHeader("Authorization");
 		if (authValues.size() != 1) {
 			return createFaultResponse();
@@ -56,7 +65,7 @@ public Response handleRequest(Message message, ClassResourceInfo cri) {
 		if (password == null || !password.equals(namePassword[1])) {
 			return createFaultResponse();
 		}
-		final SecurityContext sc = new SecurityContext() {
+		final SecurityContext newSc = new SecurityContext() {
 
 			public Principal getUserPrincipal() {
 				return new SimplePrincipal(namePassword[0]);
@@ -67,11 +76,22 @@ public boolean isUserInRole(String arg0) {
 			}
 
 		};
-		message.put(SecurityContext.class, sc);
+		message.put(SecurityContext.class, newSc);
 		return null;
 	}
 
 	private Response createFaultResponse() {
-		return Response.status(401).header("WWW-Authenticate", "Basic realm=\"Reservations\"").build();
+		return Response.status(401).header("WWW-Authenticate", 
+				"Basic realm=\"" + getRealm() + "\"").build();
+	}
+
+
+	public String getRealm() {
+		return realm;
+	}
+
+
+	public void setRealm(String realm) {
+		this.realm = realm;
 	}
 }
diff --git a/examples/cxf/jaxrs-oauth2/service/src/main/java/server/SocialApplication.java b/examples/cxf/jaxrs-oauth2/service/src/main/java/server/SocialApplication.java
@@ -44,7 +44,6 @@ public Set<Object> getSingletons() {
         userRegService.setAccounts(accounts);
 
         SecurityContextFilter scFilter = new SecurityContextFilter();
-        scFilter.setUserRegistrationPath("registerUser");
         scFilter.setAccounts(accounts);
 
         ThirdPartyAccessService thirdPartyAccessService = new ThirdPartyAccessService();