org.forgerock / org.forgerock.openig

10 Nov, 2014

1 commit

4e9bd43f CR-5195 OPENIG-363: Doc how to integrate libs into the OpenIG war ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@696 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
mark
2014-11-10 11:37:11 +0000

07 Nov, 2014

9 commits

Wrong charset used in Entity class
- Added static UTF_8 Charset.
- Replaced newDecodedContentReader(null)
by newDecodedContentReader(UTF_8) in entity#getJson.

git-svn-id: https://svn.forgerock.org/openig/trunk@695 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-11-07 16:03:53 +0000

471ec570 OPENIG-336 OPENIG-350 (CCR-5078) Lazily retrieve cached user info resources in OAuth2 Client Filter ... Browse Code »

Without this change, the OAuth 2.0 Client Filter triggers the retrieval of
the user info resource for each request that is intercepted. It's a problem
for Identity Providers such as Google that have an allowed quota of request/sec,
because of the sudden burst of user info request.

This is even worse than that because sometimes, the intercepted request may
not even need to use theses information (think of OpenIG intercepting an
image served by the protected application and returned as-is) ...

This fix includes both a user-info resources caching for a few seconds (the
time for all requests to load a web page to be executed) and a lazy loading
of the resource (triggered the first time a downstream filter/handler access
the `user_info` structure). By default, resources are kept for 20 seconds after
the first access.

Like for OAuth2ResourceServerFilter, you can disable that cache with
`"cacheExpiration": "disabled"` in the configuration.

git-svn-id: https://svn.forgerock.org/openig/trunk@694 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-11-07 15:14:49 +0000

d086d2b6 OPENIG-264 Support disabling the access-token cache for OAuth2 RS Filter ... Browse Code »

This takes advantage of the new zero-length Duration support.
If the configuration express `zero`, `disabled` or any `0 <timeunit>`, the
access token cache will be disabled.

git-svn-id: https://svn.forgerock.org/openig/trunk@693 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-11-07 15:14:40 +0000

61cbf492 OPENIG-264 Supports zero-length Durations ... Browse Code »

That will be useful to support deactivation marker values when configuring cache timeouts.

This fix support both `zero` and `disabled` as zero-length Duration markers.
When the parsed String value also represents a zero-length duration (like `0 days and 0 ms`),
the special ZERO marker duration is returned.

Updated documentation as well.

git-svn-id: https://svn.forgerock.org/openig/trunk@692 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-11-07 15:14:33 +0000

be4291ed Only style ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@691 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
guillaume.sauthier
2014-11-07 15:14:23 +0000
707ab045 Updated doc with new log samples ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@690 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
guillaume.sauthier
2014-11-07 13:50:00 +0000

2fd96997 OPENIG-371 (CR-5157) Expose the source Name to the Logger API ... Browse Code »

In order to facilitate OPENIG-370 (log simplification), we now expose the Name
of the log source to the Logger. This has a number of implications:
 * `LogEntry.source` has been splited into the `source` and `type` attributes.
source being the original Name and type being the type of the entry (like
`log`, `started`, `elapsed`, ...). Log messages have the `log` type and
exception's messages have the `throwable` type.
 * Logger is no more a LogSink implementation
 * LogEntry has been adapted to directly use Logger instead of LogSink (this way
it can benefit of the Logger.source attribute's value automatically)
 * Logger do not "rebase" the source name anymore: can't do that since source
is not a String anymore.
 * That solves the source duplication issue of OPENIG-370

LogSink interface has been adapted to have a source Name instead of a source
String when trying to determine if something is legible.

LogSink implementations (ConsoleLogSink and FileLogSink) have been changed to
keep an output as close as possible as what we have previously (don't want to
work on OPEN-370 yet).

git-svn-id: https://svn.forgerock.org/openig/trunk@689 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-11-07 13:46:19 +0000

46839327 OPENIG-371 (CR-5157) Support hierarchical names to uniquely identify heap objects ... Browse Code »

A Name is a recursive object based on a leaf name and a parent Name.

Each Heap as a unique Name used to scope names of the managed heap objects.
Each heap object has a unique Name whose parent is the container Heap.

The Heaplet interface has been updated to give the Name instead of just a String.

The name of each created heap is based on the resource name.

git-svn-id: https://svn.forgerock.org/openig/trunk@688 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-11-07 13:45:58 +0000

397990d0 OPENIG-320 CR-5181 Rename KeyStore 'file' option to 'url' ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@687 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
matthew
2014-11-07 08:46:44 +0000

06 Nov, 2014

2 commits

6344b598 CR-5165 OPENIG-364: Update doc on capturing exchange ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@686 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
mark
2014-11-06 19:12:50 +0000

b821b7b2 Set the `maven.compiler.source` property to 1.6 ... Browse Code »

Since forgerock-parent 1.2.6, we need to specify that property in addition to `maven.compiler.target`.

IntelliJ can now import the project properly (using Java 6 style instead of Java 5 for code).

git-svn-id: https://svn.forgerock.org/openig/trunk@685 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-11-06 11:24:18 +0000

05 Nov, 2014

5 commits

4a47b651 Fix checkstyle ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@684 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
guillaume.sauthier
2014-11-05 14:43:50 +0000
c4ef80b2 OPENIG-330 Open Source license tracking ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@683 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
b.lavit
2014-11-05 14:22:41 +0000

e7060295 OPENIG-324 (CR-5117) Improve OAuth 2.0 Exception's messages ... Browse Code »

* OAuth2TokenException refactored to only have a message field
* Do not re-print chained exception's message
* Better error messages

git-svn-id: https://svn.forgerock.org/openig/trunk@682 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-11-05 14:19:08 +0000

b068cb74 OPENIG-324 (CR-5117) Log the detailed exception at debug level ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@681 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
guillaume.sauthier
2014-11-05 14:18:56 +0000
c1dfa43e Makes the log level of Logs.logDetailedException() configurable ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@680 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
guillaume.sauthier
2014-11-05 14:18:47 +0000

04 Nov, 2014

3 commits

0a05f86b OPENIG-357 Updated json-web-token to 2.3.2 ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@679 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
violette
2014-11-04 15:07:17 +0000
7b50572d OPENIG-356 Upgraded json-fluent to 2.3.2 ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@678 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
violette
2014-11-04 15:03:58 +0000

96a3e716 OPENIG-333 Quick fix for `clientInfo` not displayed in exchange's capture ... Browse Code »

When capturing the exchange's content, we're using JsonOutput with a Map view of the Exchange.
It happens that this view, because of the FieldMap stuff, only includes exchange's public fields.

It looks like this is not an issue for Expressions.

We'll fix all of theses public properties at once

git-svn-id: https://svn.forgerock.org/openig/trunk@677 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-11-04 09:17:28 +0000

03 Nov, 2014

2 commits

43baa4a4 Make documentation described constraints backed by code constructs: ... Browse Code »

* `preparedStatement` attribute is required
* `parameters` could be optional if no placeholders are specified

Used the as-list-of construct to init the parameters' expression's value.
Synched the doc

git-svn-id: https://svn.forgerock.org/openig/trunk@676 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-11-03 11:18:06 +0000

f29f3814 Better debug message ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@675 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
guillaume.sauthier
2014-11-03 11:17:57 +0000

31 Oct, 2014

2 commits

30b630a3 OPENIG-85 OPENIG-28 Use ResultSet.next() instead of ResultSet.first() ... Browse Code »

The JDBC spec states that PreparedStatement created through Connection.prepareStatement(String)
have the FORWARD_ONLY type. A forward only statement may not implement the first() method (does
not make sense to go back to the first row when you can only move forward).

So, it's safer to use ResultSet.next().

git-svn-id: https://svn.forgerock.org/openig/trunk@674 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-10-31 16:46:31 +0000

ee372195 OPENIG-28 Avoid out-of-bound alike errors when prepared statement is not parameterized ... Browse Code »

Trying to fill a non-existent prepared-statement placeholder results in a
SQLException (`Invalid column index` for Oracle, some other for MySQL, ...),
so we simply avoid theses errors by ignoring extra parameters.

We also output meaningful (I hope) warnings for both extra parameters
and un-valued placeholders.

git-svn-id: https://svn.forgerock.org/openig/trunk@673 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-10-31 16:46:22 +0000

30 Oct, 2014

6 commits

79382cfe OPENIG-301 Add an option to dump the exchange as part of the capture ... Browse Code »

The CaptureDecorator can now be configured to additionally capture the content
of the Exchange being intercepted.

If specified, it will print the full content of the Exchange instance, excluding
the `response` and the `request` since they should be captured by another mean.
The output contains a deep view of the exchange obtained through introspection
of the class structure (this is done by the Groovy JsonOutput class).
It appears that this class doesn't support cycles very well, so, depending on
the content of the exchange, it may throw exceptions.
By default we're doing our best to remove known cycles.

By default (in the system provided `capture` decorator), this option is disabled
since it adds a lot of cruft in the logs.

git-svn-id: https://svn.forgerock.org/openig/trunk@672 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-10-30 15:47:25 +0000

7308ba0b CR-5074 OPENIG-360 Update doc, using false to deactivate timer decoration ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@671 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
mark
2014-10-30 10:17:05 +0000

1c809a6d OPENIG-328 Enable the default HttpClient instance to use the TemporaryStorage co… ... Browse Code »

…nfigured in the config.json

Instead of creating manually the HttpClient instance and giving it the
(also manually) created TemporaryStorage instance, we now declare an
equivalent object declaration in the heap, letting the HttpClient heaplet
resolves properly its dependencies.

git-svn-id: https://svn.forgerock.org/openig/trunk@670 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-10-30 09:30:41 +0000

2a48e00e OPENIG-360 Supports false to deactivate timer in the decoration configuration ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@669 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
guillaume.sauthier
2014-10-30 09:30:29 +0000
2deda15c OPENIG-333 (CR-5066) Expose client information in the exchange ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@668 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
guillaume.sauthier
2014-10-30 09:30:20 +0000

84bbb4b6 CR-5067 OPENIG-309 Remove "useJwtSession" from "OAuth2ClientFilter" ref ... Browse Code »

This aligns with r611.
Thanks to Guillaume for pointing out what I'd missed.

git-svn-id: https://svn.forgerock.org/openig/trunk@667 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-10-30 06:45:01 +0000

29 Oct, 2014

1 commit

6f011d88 OPENIG-358 (CR-5060) Improve generated names for inline object declarations ... Browse Code »

Although the JSON pointer is sufficient to guarantee unicity of a name
within the scope of a heap, it makes it hard for reader to link that name
to the configuration object they provided.

This patch supports both improvements:
* if a `name` attribute is provided in the declaration, use it as-is
* if not, prepend the `type` attribute value to the pointer String to help identification

This patch also updates the logs samples provided in the documentation.

git-svn-id: https://svn.forgerock.org/openig/trunk@666 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-10-29 13:43:57 +0000

28 Oct, 2014

1 commit

966279e8 CR-5025 OPENIG-354: Document timer decorator ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@665 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
mark
2014-10-28 09:12:54 +0000

24 Oct, 2014

7 commits

4e05621d Fix typo ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@664 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
mark
2014-10-24 15:16:47 +0000
47a2fa7e Removed some useless deprecation warnings ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@663 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
guillaume.sauthier
2014-10-24 15:04:11 +0000
12612b8c Only render the exception stack trace if the DEBUG LogLevel is enabled ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@662 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
guillaume.sauthier
2014-10-24 15:04:04 +0000
b9edb2de Oops, forgot to move that logger warning level to error ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@661 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
guillaume.sauthier
2014-10-24 15:03:58 +0000
a5601440 OPENIG-355 Throw an Exception when trying to install route with duplicated name ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@660 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
guillaume.sauthier
2014-10-24 15:03:51 +0000

1028b0df OPENIG-331 Re-order the sequence of actions performed when the scanner detect file changes ... Browse Code »

Beginning with the removal of routes guarantee that we won't remove a route
that was just added or modified.

git-svn-id: https://svn.forgerock.org/openig/trunk@659 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-10-24 15:03:39 +0000

3fbb1a0f OPENIG-292 Properly fails the CryptoHeaderFilter creation when key format is invalid ... Browse Code »
```
git-svn-id: https://svn.forgerock.org/openig/trunk@658 dbb9e58e-28e6-4ce0-90e8-f11d9605b710
```
guillaume.sauthier
2014-10-24 10:44:57 +0000

23 Oct, 2014

1 commit

b0eba0dc OPENIG-339 (CR-4964) Provide more log information when route building fails ... Browse Code »

Exception's messages does not have to include the message of their parent anymore.
When a route failed to load for any reason, all the chained exception's
messages are logged as errors up to the root cause, and the full stack
trace is logged at the DEBUG level.

Notice that the LogSink you have to configure is the one of the Router itself (in
the JSON configuration where the Router handler is declared), configuring the LogSing
of the failed route configuration will not help.

git-svn-id: https://svn.forgerock.org/openig/trunk@657 dbb9e58e-28e6-4ce0-90e8-f11d9605b710

2014-10-23 17:25:56 +0000