You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2016/11/09 17:15:00 UTC
cxf git commit: Initial support for a form_post response_mod (def by
OIDC but recommended for OAuth2 too)
Repository: cxf
Updated Branches:
refs/heads/master f12557bd4 -> 20ec9b68d
Initial support for a form_post response_mod (def by OIDC but recommended for OAuth2 too)
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/20ec9b68
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/20ec9b68
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/20ec9b68
Branch: refs/heads/master
Commit: 20ec9b68dc79686758fc628d81714a3f00f56779
Parents: f12557b
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Wed Nov 9 17:14:20 2016 +0000
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Wed Nov 9 17:14:20 2016 +0000
----------------------------------------------------------------------
.../security/oauth2/common/OOBAuthorizationResponse.java | 10 +++++++++-
.../oauth2/services/AuthorizationCodeGrantService.java | 5 ++++-
.../cxf/rs/security/oauth2/utils/OAuthConstants.java | 7 +++++--
3 files changed, 18 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/20ec9b68/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OOBAuthorizationResponse.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OOBAuthorizationResponse.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OOBAuthorizationResponse.java
index bc1a4aa..673c2b0 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OOBAuthorizationResponse.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OOBAuthorizationResponse.java
@@ -25,7 +25,7 @@ public class OOBAuthorizationResponse {
private String clientDescription;
private String userId;
private long expiresIn;
-
+ private String redirectUri;
public String getAuthorizationCode() {
return authorizationCode;
}
@@ -65,5 +65,13 @@ public class OOBAuthorizationResponse {
public void setClientDescription(String clientDescription) {
this.clientDescription = clientDescription;
}
+
+ public String getRedirectUri() {
+ return redirectUri;
+ }
+
+ public void setRedirectUri(String redirectUri) {
+ this.redirectUri = redirectUri;
+ }
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/20ec9b68/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
index 36c94f7..3b14da1 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
@@ -104,13 +104,16 @@ public class AuthorizationCodeGrantService extends RedirectionBasedGrantService
return createErrorResponse(state.getState(), state.getRedirectUri(), OAuthConstants.ACCESS_DENIED);
}
String grantCode = processCodeGrant(client, grant.getCode(), grant.getSubject());
- if (state.getRedirectUri() == null) {
+ if (state.getRedirectUri() == null
+ || OAuthConstants.FORM_RESPONSE_MODE.equals(
+ state.getExtraProperties().get(OAuthConstants.RESPONSE_MODE))) {
OOBAuthorizationResponse oobResponse = new OOBAuthorizationResponse();
oobResponse.setClientId(client.getClientId());
oobResponse.setClientDescription(client.getApplicationDescription());
oobResponse.setAuthorizationCode(grantCode);
oobResponse.setUserId(userSubject.getLogin());
oobResponse.setExpiresIn(grant.getExpiresIn());
+ oobResponse.setRedirectUri(state.getRedirectUri());
return deliverOOBResponse(oobResponse);
} else {
// return the code by appending it as a query parameter to the redirect URI
http://git-wip-us.apache.org/repos/asf/cxf/blob/20ec9b68/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
index 635c016..a14fa97 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
@@ -37,12 +37,15 @@ public final class OAuthConstants {
public static final String ACCESS_TOKEN = "access_token";
public static final String ACCESS_TOKEN_TYPE = "token_type";
public static final String ACCESS_TOKEN_EXPIRES_IN = "expires_in";
- // CXF-Specific
- public static final String ACCESS_TOKEN_ISSUED_AT = "issued_at";
public static final String GRANT_TYPE = "grant_type";
public static final String RESPONSE_TYPE = "response_type";
public static final String TOKEN_RESPONSE_TYPE = "token";
public static final String REFRESH_TOKEN = "refresh_token";
+ public static final String RESPONSE_MODE = "response_mode";
+ public static final String FORM_RESPONSE_MODE = "form_post";
+ // CXF-Specific
+ public static final String ACCESS_TOKEN_ISSUED_AT = "issued_at";
+
// Well-known grant types
public static final String AUTHORIZATION_CODE_GRANT = "authorization_code";