You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2016/04/13 13:58:47 UTC
cxf git commit: Trying to save OAuth2 model with both OpenJPA and
Hibernate
Repository: cxf
Updated Branches:
refs/heads/master 4851a12f9 -> 2f8a1f764
Trying to save OAuth2 model with both OpenJPA and Hibernate
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/2f8a1f76
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/2f8a1f76
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/2f8a1f76
Branch: refs/heads/master
Commit: 2f8a1f7645c30cb40d4f080ce4b4099964028751
Parents: 4851a12
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Wed Apr 13 12:58:32 2016 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Wed Apr 13 12:58:32 2016 +0100
----------------------------------------------------------------------
rt/rs/security/oauth-parent/oauth2/pom.xml | 61 +++++++++++++------
.../security/oauth2/common/OAuthPermission.java | 51 ++++++++--------
.../oauth2/common/ServerAccessToken.java | 4 +-
.../grants/code/AuthorizationCodeGrant.java | 10 ++--
.../code/ServerAuthorizationCodeGrant.java | 6 +-
.../oauth2/provider/JPAOAuthDataProvider.java | 41 +++++++++----
.../oauth2/tokens/refresh/RefreshToken.java | 4 +-
.../src/test/resources/META-INF/persistence.xml | 14 ++++-
rt/rs/security/sso/oidc/pom.xml | 62 ++++++++++++++------
.../rs/security/oidc/idp/OidcUserSubject.java | 11 ++++
.../oidc/idp/JPAOidcUserSubjectTest.java | 28 ++++-----
.../src/test/resources/META-INF/persistence.xml | 17 +++++-
12 files changed, 211 insertions(+), 98 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/2f8a1f76/rt/rs/security/oauth-parent/oauth2/pom.xml
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/pom.xml b/rt/rs/security/oauth-parent/oauth2/pom.xml
index 2642684..e0d78f9 100644
--- a/rt/rs/security/oauth-parent/oauth2/pom.xml
+++ b/rt/rs/security/oauth-parent/oauth2/pom.xml
@@ -37,6 +37,7 @@
</cxf.osgi.import>
<hibernate.em.version>4.1.0.Final</hibernate.em.version>
<hsqldb.version>1.8.0.10</hsqldb.version>
+ <openjpa.version>2.4.0</openjpa.version>
</properties>
<dependencies>
<dependency>
@@ -95,18 +96,19 @@
<artifactId>easymock</artifactId>
<scope>test</scope>
</dependency>
+ <!--
+ <dependency>
+ <groupId>org.apache.openjpa</groupId>
+ <artifactId>openjpa</artifactId>
+ <version>${openjpa.version}</version>
+ <scope>test</scope>
+ </dependency>
+ -->
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-entitymanager</artifactId>
<version>${hibernate.em.version}</version>
<scope>test</scope>
- <!-- Conflicts with Apache Tika dependencies -->
- <exclusions>
- <exclusion>
- <groupId>xml-apis</groupId>
- <artifactId>xml-apis</artifactId>
- </exclusion>
- </exclusions>
</dependency>
<dependency>
<groupId>hsqldb</groupId>
@@ -114,13 +116,38 @@
<version>${hsqldb.version}</version>
<scope>test</scope>
</dependency>
- <!--
- <dependency>
- <groupId>org.apache.openjpa</groupId>
- <artifactId>openjpa</artifactId>
- <version>2.2.0</version>
- <scope>test</scope>
- </dependency>
- -->
- </dependencies>
-</project>
+ </dependencies>
+ <!--
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.openjpa</groupId>
+ <artifactId>openjpa-maven-plugin</artifactId>
+ <version>${openjpa.version}</version>
+ <configuration>
+ <includes>
+ org/apache/cxf/rs/security/oauth2/common/Client.class,
+ org/apache/cxf/rs/security/oauth2/common/UserSubject.class,
+ org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrant,
+ org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.class,
+ org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.class,
+ org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.class,
+ org/apache/cxf/rs/security/oauth2/common/AccessToken.class,
+ org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.class,
+ org/apache/cxf/rs/security/oauth2/common/OAuthPermission.class
+ </includes>
+ </configuration>
+ <executions>
+ <execution>
+ <id>enhancer</id>
+ <phase>process-test-classes</phase>
+ <goals>
+ <goal>test-enhance</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ -->
+ </project>
http://git-wip-us.apache.org/repos/asf/cxf/blob/2f8a1f76/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
index 26e7eef..ce60032 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
@@ -22,6 +22,9 @@ import java.io.Serializable;
import java.util.LinkedList;
import java.util.List;
+import javax.persistence.ElementCollection;
+import javax.persistence.Entity;
+import javax.persistence.Id;
import javax.xml.bind.annotation.XmlRootElement;
/**
@@ -32,6 +35,7 @@ import javax.xml.bind.annotation.XmlRootElement;
* a limited set of HTTP verbs and request URIs
*/
@XmlRootElement
+@Entity
public class OAuthPermission implements Serializable {
private static final long serialVersionUID = -6486616235830491290L;
private List<String> httpVerbs = new LinkedList<String>();
@@ -67,6 +71,7 @@ public class OAuthPermission implements Serializable {
* Gets the optional list of HTTP verbs
* @return the list of HTTP verbs
*/
+ @ElementCollection
public List<String> getHttpVerbs() {
return httpVerbs;
}
@@ -83,6 +88,7 @@ public class OAuthPermission implements Serializable {
* Gets the optional list of relative request URIs
* @return the list of URIs
*/
+ @ElementCollection
public List<String> getUris() {
return uris;
}
@@ -107,6 +113,7 @@ public class OAuthPermission implements Serializable {
* Get the permission value such as "read_calendar"
* @return the value
*/
+ @Id
public String getPermission() {
return permission;
}
@@ -158,27 +165,25 @@ public class OAuthPermission implements Serializable {
}
OAuthPermission that = (OAuthPermission)object;
- if (this.httpVerbs != null && that.httpVerbs == null
- || this.httpVerbs == null && that.httpVerbs != null
- || this.httpVerbs != null && !this.httpVerbs.equals(that.httpVerbs)) {
+ if (getHttpVerbs() != null && that.getHttpVerbs() == null
+ || getHttpVerbs() == null && that.getHttpVerbs() != null
+ || getHttpVerbs() != null && !getHttpVerbs().equals(that.getHttpVerbs())) {
return false;
}
- if (this.uris != null && that.uris == null
- || this.uris == null && that.uris != null
- || this.uris != null && !this.uris.equals(that.uris)) {
+ if (getUris() != null && that.getUris() == null
+ || getUris() == null && that.getUris() != null
+ || getUris() != null && !getUris().equals(that.getUris())) {
return false;
}
- if (this.permission != null && that.permission == null
- || this.permission == null && that.permission != null
- || this.permission != null && !this.permission.equals(that.permission)) {
+ if (!getPermission().equals(that.getPermission())) {
return false;
}
- if (this.description != null && that.description == null
- || this.description == null && that.description != null
- || this.description != null && !this.description.equals(that.description)) {
+ if (getDescription() != null && that.getDescription() == null
+ || getDescription() == null && that.getDescription() != null
+ || getDescription() != null && !getDescription().equals(that.getDescription())) {
return false;
}
- if (this.invisibleToClient != that.invisibleToClient || this.isDefault != that.isDefault) { //NOPMD
+ if (isInvisibleToClient() != that.isInvisibleToClient() || isDefault() != that.isDefault()) { //NOPMD
return false;
}
@@ -188,20 +193,18 @@ public class OAuthPermission implements Serializable {
@Override
public int hashCode() {
int hashCode = 17;
- if (httpVerbs != null) {
- hashCode = 31 * hashCode + httpVerbs.hashCode();
+ if (getHttpVerbs() != null) {
+ hashCode = 31 * hashCode + getHttpVerbs().hashCode();
}
- if (uris != null) {
- hashCode = 31 * hashCode + uris.hashCode();
+ if (getUris() != null) {
+ hashCode = 31 * hashCode + getUris().hashCode();
}
- if (permission != null) {
- hashCode = 31 * hashCode + permission.hashCode();
+ hashCode = 31 * hashCode + getPermission().hashCode();
+ if (getDescription() != null) {
+ hashCode = 31 * hashCode + getDescription().hashCode();
}
- if (description != null) {
- hashCode = 31 * hashCode + description.hashCode();
- }
- hashCode = 31 * hashCode + Boolean.hashCode(invisibleToClient);
- hashCode = 31 * hashCode + Boolean.hashCode(isDefault);
+ hashCode = 31 * hashCode + Boolean.hashCode(isInvisibleToClient());
+ hashCode = 31 * hashCode + Boolean.hashCode(isDefault());
return hashCode;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/2f8a1f76/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
index ac2ae7b..7d64ea5 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
@@ -26,12 +26,14 @@ import java.util.Map;
import javax.persistence.ElementCollection;
import javax.persistence.MapKeyColumn;
import javax.persistence.MappedSuperclass;
+import javax.persistence.OneToMany;
import javax.persistence.OneToOne;
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
+
/**
* Server Access Token representation
*/
@@ -105,7 +107,7 @@ public abstract class ServerAccessToken extends AccessToken {
* Returns a list of opaque permissions/scopes
* @return the scopes
*/
- @ElementCollection
+ @OneToMany
public List<OAuthPermission> getScopes() {
return scopes;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/2f8a1f76/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrant.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrant.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrant.java
index 57a4595..928b940 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrant.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrant.java
@@ -99,12 +99,12 @@ public class AuthorizationCodeGrant implements AccessTokenGrant {
public MultivaluedMap<String, String> toMap() {
MultivaluedMap<String, String> map = new MetadataMap<String, String>();
map.putSingle(OAuthConstants.GRANT_TYPE, OAuthConstants.AUTHORIZATION_CODE_GRANT);
- map.putSingle(OAuthConstants.AUTHORIZATION_CODE_VALUE, code);
- if (redirectUri != null) {
- map.putSingle(OAuthConstants.REDIRECT_URI, redirectUri);
+ map.putSingle(OAuthConstants.AUTHORIZATION_CODE_VALUE, getCode());
+ if (getRedirectUri() != null) {
+ map.putSingle(OAuthConstants.REDIRECT_URI, getRedirectUri());
}
- if (codeVerifier != null) {
- map.putSingle(OAuthConstants.AUTHORIZATION_CODE_VERIFIER, codeVerifier);
+ if (getCodeVerifier() != null) {
+ map.putSingle(OAuthConstants.AUTHORIZATION_CODE_VERIFIER, getCodeVerifier());
}
return map;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/2f8a1f76/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
index 97f8e1f..50802d3 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
@@ -18,8 +18,8 @@
*/
package org.apache.cxf.rs.security.oauth2.grants.code;
-import java.util.Collections;
import java.util.LinkedHashMap;
+import java.util.LinkedList;
import java.util.List;
import java.util.Map;
@@ -43,8 +43,8 @@ public class ServerAuthorizationCodeGrant extends AuthorizationCodeGrant {
private long issuedAt;
private long expiresIn;
private Client client;
- private List<String> approvedScopes = Collections.emptyList();
- private List<String> requestedScopes = Collections.emptyList();
+ private List<String> approvedScopes = new LinkedList<String>();
+ private List<String> requestedScopes = new LinkedList<String>();
private UserSubject subject;
private String audience;
private String clientCodeChallenge;
http://git-wip-us.apache.org/repos/asf/cxf/blob/2f8a1f76/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
index 409fe25..87e37c6 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
@@ -18,14 +18,15 @@
*/
package org.apache.cxf.rs.security.oauth2.provider;
+import java.util.LinkedList;
import java.util.List;
-import javax.persistence.EntityExistsException;
import javax.persistence.EntityManager;
import javax.persistence.NoResultException;
import javax.persistence.TypedQuery;
import org.apache.cxf.rs.security.oauth2.common.Client;
+import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
import org.apache.cxf.rs.security.oauth2.common.UserSubject;
import org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken;
@@ -50,7 +51,12 @@ public class JPAOAuthDataProvider extends AbstractOAuthDataProvider {
}
public void setClient(Client client) {
- persistEntityWithPossibleRollback(client.getResourceOwnerSubject());
+ UserSubject sub = getEntityManager().find(UserSubject.class, client.getResourceOwnerSubject().getLogin());
+ if (sub == null) {
+ persistEntity(client.getResourceOwnerSubject());
+ } else {
+ client.setResourceOwnerSubject(sub);
+ }
persistEntity(client);
}
@@ -100,21 +106,34 @@ public class JPAOAuthDataProvider extends AbstractOAuthDataProvider {
}
protected void saveAccessToken(ServerAccessToken serverToken) {
+ List<OAuthPermission> perms = new LinkedList<OAuthPermission>();
+ for (OAuthPermission perm : serverToken.getScopes()) {
+ OAuthPermission permSaved = getEntityManager().find(OAuthPermission.class, perm.getPermission());
+ if (permSaved != null) {
+ perms.add(permSaved);
+ } else {
+ persistEntity(perm);
+ perms.add(perm);
+ }
+ }
+ serverToken.setScopes(perms);
+
+ UserSubject sub = getEntityManager().find(UserSubject.class, serverToken.getSubject().getLogin());
+ if (sub == null) {
+ persistEntity(serverToken.getSubject());
+ } else {
+ entityManager.getTransaction().begin();
+ sub = entityManager.merge(serverToken.getSubject());
+ entityManager.getTransaction().commit();
+ serverToken.setSubject(sub);
+ }
+
persistEntity(serverToken);
}
protected void saveRefreshToken(RefreshToken refreshToken) {
persistEntity(refreshToken);
}
- protected void persistEntityWithPossibleRollback(Object entity) {
- try {
- entityManager.getTransaction().begin();
- entityManager.persist(entity);
- entityManager.getTransaction().commit();
- } catch (EntityExistsException ex) {
- entityManager.getTransaction().rollback();
- }
- }
protected void persistEntity(Object entity) {
entityManager.getTransaction().begin();
entityManager.persist(entity);
http://git-wip-us.apache.org/repos/asf/cxf/blob/2f8a1f76/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.java
index 2d1caad..da937b8 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.java
@@ -77,10 +77,10 @@ public class RefreshToken extends ServerAccessToken {
}
public void addAccessToken(String token) {
- accessTokens.add(token);
+ getAccessTokens().add(token);
}
public boolean removeAccessToken(String token) {
- return accessTokens.remove(token);
+ return getAccessTokens().remove(token);
}
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/2f8a1f76/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml b/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
index 7d6193b..1e8328b 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
+++ b/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
@@ -6,9 +6,13 @@
<provider>org.hibernate.ejb.HibernatePersistence</provider>
<class>org.apache.cxf.rs.security.oauth2.common.Client</class>
<class>org.apache.cxf.rs.security.oauth2.common.UserSubject</class>
+ <class>org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant</class>
+ <class>org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeGrant</class>
<class>org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken</class>
+ <class>org.apache.cxf.rs.security.oauth2.common.ServerAccessToken</class>
+ <class>org.apache.cxf.rs.security.oauth2.common.AccessToken</class>
+ <class>org.apache.cxf.rs.security.oauth2.common.OAuthPermission</class>
<class>org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken</class>
- <class>org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant</class>
<exclude-unlisted-classes>true</exclude-unlisted-classes>
<properties>
<property name="hibernate.connection.url" value="jdbc:hsqldb:mem:oauth-jpa"/>
@@ -20,13 +24,18 @@
<property name="javax.persistence.validation.mode" value="none"/>
</properties>
</persistence-unit>
+ <!--
<persistence-unit name="testUnitOpenJPA" transaction-type="RESOURCE_LOCAL">
<provider>org.apache.openjpa.persistence.PersistenceProviderImpl</provider>
<class>org.apache.cxf.rs.security.oauth2.common.Client</class>
<class>org.apache.cxf.rs.security.oauth2.common.UserSubject</class>
+ <class>org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant</class>
+ <class>org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeGrant</class>
<class>org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken</class>
+ <class>org.apache.cxf.rs.security.oauth2.common.ServerAccessToken</class>
+ <class>org.apache.cxf.rs.security.oauth2.common.AccessToken</class>
+ <class>org.apache.cxf.rs.security.oauth2.common.OAuthPermission</class>
<class>org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken</class>
- <class>org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant</class>
<exclude-unlisted-classes>true</exclude-unlisted-classes>
<properties>
<property name="openjpa.ConnectionURL" value="jdbc:hsqldb:mem:oauth-jpa"/>
@@ -37,4 +46,5 @@
<property name="openjpa.jdbc.SynchronizeMappings" value="buildSchema"/>
</properties>
</persistence-unit>
+ -->
</persistence>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/cxf/blob/2f8a1f76/rt/rs/security/sso/oidc/pom.xml
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/pom.xml b/rt/rs/security/sso/oidc/pom.xml
index 860f8ab..db5f424 100644
--- a/rt/rs/security/sso/oidc/pom.xml
+++ b/rt/rs/security/sso/oidc/pom.xml
@@ -33,6 +33,7 @@
<properties>
<hibernate.em.version>4.1.0.Final</hibernate.em.version>
<hsqldb.version>1.8.0.10</hsqldb.version>
+ <openjpa.version>2.4.0</openjpa.version>
</properties>
<dependencies>
<dependency>
@@ -53,31 +54,24 @@
<optional>true</optional>
</dependency>
<dependency>
- <groupId>org.hibernate</groupId>
- <artifactId>hibernate-entitymanager</artifactId>
- <version>${hibernate.em.version}</version>
- <scope>test</scope>
- <!-- Conflicts with Apache Tika dependencies -->
- <exclusions>
- <exclusion>
- <groupId>xml-apis</groupId>
- <artifactId>xml-apis</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
<groupId>hsqldb</groupId>
<artifactId>hsqldb</artifactId>
<version>${hsqldb.version}</version>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>org.hibernate</groupId>
+ <artifactId>hibernate-entitymanager</artifactId>
+ <version>${hibernate.em.version}</version>
+ <scope>test</scope>
+ </dependency>
<!--
- <dependency>
+ <dependency>
<groupId>org.apache.openjpa</groupId>
<artifactId>openjpa</artifactId>
- <version>2.2.0</version>
- <scope>test</scope>
- </dependency>
+ <version>${openjpa.version}</version>
+ <scope>provided</scope>
+ </dependency>
-->
<!--test dependencies-->
<dependency>
@@ -91,4 +85,38 @@
<scope>test</scope>
</dependency>
</dependencies>
+ <!--
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.openjpa</groupId>
+ <artifactId>openjpa-maven-plugin</artifactId>
+ <version>${openjpa.version}</version>
+ <configuration>
+ <includes>
+ org/apache/cxf/rs/security/oidc/idp/OidcUserSubject.class,
+ org/apache/cxf/rs/security/oauth2/common/Client.class,
+ org/apache/cxf/rs/security/oauth2/common/UserSubject.class,
+ org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrant,
+ org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.class,
+ org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.class,
+ org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.class,
+ org/apache/cxf/rs/security/oauth2/common/AccessToken.class,
+ org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.class,
+ org/apache/cxf/rs/security/oauth2/common/OAuthPermission.class
+ </includes>
+ </configuration>
+ <executions>
+ <execution>
+ <id>enhancer</id>
+ <phase>process-test-classes</phase>
+ <goals>
+ <goal>test-enhance</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ -->
</project>
http://git-wip-us.apache.org/repos/asf/cxf/blob/2f8a1f76/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcUserSubject.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcUserSubject.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcUserSubject.java
index c08bd78..cea5319 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcUserSubject.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcUserSubject.java
@@ -18,10 +18,13 @@
*/
package org.apache.cxf.rs.security.oidc.idp;
+import javax.persistence.Entity;
+
import org.apache.cxf.rs.security.oauth2.common.UserSubject;
import org.apache.cxf.rs.security.oidc.common.IdToken;
import org.apache.cxf.rs.security.oidc.common.UserInfo;
+@Entity
public class OidcUserSubject extends UserSubject {
private static final long serialVersionUID = 8806727177012442229L;
@@ -32,6 +35,14 @@ public class OidcUserSubject extends UserSubject {
}
+ public OidcUserSubject(String login) {
+ super(login);
+ }
+
+ public OidcUserSubject(String login, String id) {
+ super(login, id);
+ }
+
public OidcUserSubject(UserSubject sub) {
super(sub);
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/2f8a1f76/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java b/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java
index b2509dc..6799297 100644
--- a/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java
+++ b/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java
@@ -29,7 +29,6 @@ import javax.persistence.Persistence;
import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;
import org.apache.cxf.rs.security.oauth2.common.Client;
import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
-import org.apache.cxf.rs.security.oauth2.common.UserSubject;
import org.apache.cxf.rs.security.oauth2.provider.JPAOAuthDataProvider;
import org.apache.cxf.rs.security.oidc.common.IdToken;
@@ -66,7 +65,7 @@ public class JPAOidcUserSubjectTest extends Assert {
@Test
- public void testAddGetDeleteAccessTokenWithOidcUserSubject() {
+ public void testAccessTokenWithOidcUserSubject() {
Client c = addClient("101", "bob");
AccessTokenRegistration atr = new AccessTokenRegistration();
@@ -87,24 +86,25 @@ public class JPAOidcUserSubjectTest extends Assert {
OidcUserSubject oidcSubject2 = (OidcUserSubject)at2.getSubject();
assertEquals(c.getClientId(), oidcSubject2.getIdToken().getAudience());
- OidcUserSubject oidcSubject3 = new OidcUserSubject();
- oidcSubject3.setLogin("bob");
- IdToken idToken2 = new IdToken();
- idToken2.setAudience(c.getClientId());
- oidcSubject3.setIdToken(idToken2);
- atr.setSubject(oidcSubject3);
-
- ServerAccessToken at3 = provider.createAccessToken(atr);
- ServerAccessToken at4 = provider.getAccessToken(at3.getTokenKey());
- OidcUserSubject oidcSubject4 = (OidcUserSubject)at4.getSubject();
- assertEquals(c.getClientId(), oidcSubject4.getIdToken().getAudience());
+// OidcUserSubject oidcSubject3 = new OidcUserSubject();
+// oidcSubject3.setLogin("bob");
+// IdToken idToken2 = new IdToken();
+// idToken2.setAudience(c.getClientId());
+// oidcSubject3.setIdToken(idToken2);
+// atr.setSubject(oidcSubject3);
+//
+// ServerAccessToken at3 = provider.createAccessToken(atr);
+// ServerAccessToken at4 = provider.getAccessToken(at3.getTokenKey());
+// OidcUserSubject oidcSubject4 = (OidcUserSubject)at4.getSubject();
+// assertEquals(c.getClientId(), oidcSubject4.getIdToken().getAudience());
}
+
private Client addClient(String clientId, String userLogin) {
Client c = new Client();
c.setRedirectUris(Collections.singletonList("http://client/redirect"));
c.setClientId(clientId);
- c.setResourceOwnerSubject(new UserSubject(userLogin));
+ c.setResourceOwnerSubject(new OidcUserSubject(userLogin));
provider.setClient(c);
return c;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/2f8a1f76/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml b/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml
index 7d6193b..80a1e82 100644
--- a/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml
+++ b/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml
@@ -2,13 +2,19 @@
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_2_0.xsd"
version="2.0">
+
<persistence-unit name="testUnitHibernate" transaction-type="RESOURCE_LOCAL">
<provider>org.hibernate.ejb.HibernatePersistence</provider>
+ <class>org.apache.cxf.rs.security.oidc.idp.OidcUserSubject</class>
<class>org.apache.cxf.rs.security.oauth2.common.Client</class>
<class>org.apache.cxf.rs.security.oauth2.common.UserSubject</class>
+ <class>org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant</class>
+ <class>org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeGrant</class>
<class>org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken</class>
+ <class>org.apache.cxf.rs.security.oauth2.common.ServerAccessToken</class>
+ <class>org.apache.cxf.rs.security.oauth2.common.AccessToken</class>
+ <class>org.apache.cxf.rs.security.oauth2.common.OAuthPermission</class>
<class>org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken</class>
- <class>org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant</class>
<exclude-unlisted-classes>true</exclude-unlisted-classes>
<properties>
<property name="hibernate.connection.url" value="jdbc:hsqldb:mem:oauth-jpa"/>
@@ -20,13 +26,19 @@
<property name="javax.persistence.validation.mode" value="none"/>
</properties>
</persistence-unit>
+ <!--
<persistence-unit name="testUnitOpenJPA" transaction-type="RESOURCE_LOCAL">
<provider>org.apache.openjpa.persistence.PersistenceProviderImpl</provider>
+ <class>org.apache.cxf.rs.security.oidc.idp.OidcUserSubject</class>
<class>org.apache.cxf.rs.security.oauth2.common.Client</class>
<class>org.apache.cxf.rs.security.oauth2.common.UserSubject</class>
+ <class>org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant</class>
+ <class>org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeGrant</class>
<class>org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken</class>
+ <class>org.apache.cxf.rs.security.oauth2.common.ServerAccessToken</class>
+ <class>org.apache.cxf.rs.security.oauth2.common.AccessToken</class>
+ <class>org.apache.cxf.rs.security.oauth2.common.OAuthPermission</class>
<class>org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken</class>
- <class>org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant</class>
<exclude-unlisted-classes>true</exclude-unlisted-classes>
<properties>
<property name="openjpa.ConnectionURL" value="jdbc:hsqldb:mem:oauth-jpa"/>
@@ -37,4 +49,5 @@
<property name="openjpa.jdbc.SynchronizeMappings" value="buildSchema"/>
</properties>
</persistence-unit>
+ -->
</persistence>
\ No newline at end of file