You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2016/04/05 17:51:35 UTC
[1/2] cxf git commit: Experimenting with saving the access tokens
Repository: cxf
Updated Branches:
refs/heads/master b2e5fb658 -> e9fa213b9
Experimenting with saving the access tokens
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b66bb192
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b66bb192
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b66bb192
Branch: refs/heads/master
Commit: b66bb192efca493f376f09c99f06666d8630bf1c
Parents: 0b9cb3d
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Tue Apr 5 16:50:56 2016 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Tue Apr 5 16:50:56 2016 +0100
----------------------------------------------------------------------
.../rs/security/oauth2/common/AccessToken.java | 9 +++++++
.../oauth2/common/ServerAccessToken.java | 13 +++++++++-
.../oauth2/provider/JPAOAuthDataProvider.java | 27 ++++++++++++++++++--
.../oauth2/tokens/bearer/BearerAccessToken.java | 3 +++
.../grants/code/JPACodeDataProviderTest.java | 26 +++++++++++++++++++
.../src/test/resources/META-INF/persistence.xml | 4 +++
6 files changed, 79 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/b66bb192/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessToken.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessToken.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessToken.java
index dd0415f..ade93b4 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessToken.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessToken.java
@@ -22,9 +22,15 @@ import java.io.Serializable;
import java.util.LinkedHashMap;
import java.util.Map;
+import javax.persistence.ElementCollection;
+import javax.persistence.Id;
+import javax.persistence.MapKeyColumn;
+import javax.persistence.MappedSuperclass;
+
/**
* Base Access Token representation
*/
+@MappedSuperclass
public abstract class AccessToken implements Serializable {
private static final long serialVersionUID = -5750544301887053480L;
@@ -80,6 +86,7 @@ public abstract class AccessToken implements Serializable {
* Returns the token key
* @return the key
*/
+ @Id
public String getTokenKey() {
return tokenKey;
}
@@ -110,6 +117,8 @@ public abstract class AccessToken implements Serializable {
* Gets token parameters
* @return
*/
+ @ElementCollection
+ @MapKeyColumn(name = "propName")
public Map<String, String> getParameters() {
return parameters;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/b66bb192/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
index 1f13877..ac2ae7b 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
@@ -23,6 +23,11 @@ import java.util.LinkedList;
import java.util.List;
import java.util.Map;
+import javax.persistence.ElementCollection;
+import javax.persistence.MapKeyColumn;
+import javax.persistence.MappedSuperclass;
+import javax.persistence.OneToOne;
+
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
@@ -30,6 +35,7 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
/**
* Server Access Token representation
*/
+@MappedSuperclass
public abstract class ServerAccessToken extends AccessToken {
private static final long serialVersionUID = 638776204861456064L;
@@ -86,6 +92,7 @@ public abstract class ServerAccessToken extends AccessToken {
* Returns the Client associated with this token
* @return the client
*/
+ @OneToOne
public Client getClient() {
return client;
}
@@ -98,6 +105,7 @@ public abstract class ServerAccessToken extends AccessToken {
* Returns a list of opaque permissions/scopes
* @return the scopes
*/
+ @ElementCollection
public List<OAuthPermission> getScopes() {
return scopes;
}
@@ -126,6 +134,7 @@ public abstract class ServerAccessToken extends AccessToken {
* when authorizing a given client request
* @return UserSubject
*/
+ @OneToOne
public UserSubject getSubject() {
return subject;
}
@@ -162,7 +171,7 @@ public abstract class ServerAccessToken extends AccessToken {
return responseType;
}
-
+ @ElementCollection
public List<String> getAudiences() {
return audiences;
}
@@ -194,6 +203,8 @@ public abstract class ServerAccessToken extends AccessToken {
this.nonce = nonce;
}
+ @ElementCollection
+ @MapKeyColumn(name = "extraPropName")
public Map<String, String> getExtraProperties() {
return extraProperties;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/b66bb192/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
index f3bb53d..4045f91 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
@@ -29,10 +29,13 @@ import javax.persistence.TypedQuery;
import org.apache.cxf.rs.security.oauth2.common.Client;
import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
import org.apache.cxf.rs.security.oauth2.common.UserSubject;
+import org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken;
import org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken;
public class JPAOAuthDataProvider extends AbstractOAuthDataProvider {
private static final String CLIENT_TABLE_NAME = Client.class.getSimpleName();
+ private static final String BEARER_TOKEN_TABLE_NAME = BearerAccessToken.class.getSimpleName();
+ private static final String REFRESH_TOKEN_TABLE_NAME = BearerAccessToken.class.getSimpleName();
private EntityManager entityManager;
public JPAOAuthDataProvider() {
@@ -74,17 +77,27 @@ public class JPAOAuthDataProvider extends AbstractOAuthDataProvider {
@Override
public ServerAccessToken getAccessToken(String accessToken) throws OAuthServiceException {
- return null;
+ try {
+ return getTokenQuery(accessToken).getSingleResult();
+ } catch (NoResultException ex) {
+ return null;
+ }
}
@Override
protected void doRevokeAccessToken(ServerAccessToken at) {
+ removeEntity(at);
}
@Override
protected RefreshToken getRefreshToken(String refreshTokenKey) {
- return null;
+ try {
+ return getRefreshTokenQuery(refreshTokenKey).getSingleResult();
+ } catch (NoResultException ex) {
+ return null;
+ }
}
@Override
protected void doRevokeRefreshToken(RefreshToken rt) {
+ removeEntity(rt);
}
protected void saveAccessToken(ServerAccessToken serverToken) {
@@ -111,6 +124,16 @@ public class JPAOAuthDataProvider extends AbstractOAuthDataProvider {
return entityManager.createQuery(
"SELECT c FROM " + CLIENT_TABLE_NAME + " c WHERE c.clientId = '" + clientId + "'", Client.class);
}
+ protected TypedQuery<ServerAccessToken> getTokenQuery(String tokenKey) {
+ return entityManager.createQuery(
+ "SELECT t FROM " + BEARER_TOKEN_TABLE_NAME + " t WHERE t.tokenKey = '" + tokenKey + "'",
+ ServerAccessToken.class);
+ }
+ protected TypedQuery<RefreshToken> getRefreshTokenQuery(String tokenKey) {
+ return entityManager.createQuery(
+ "SELECT t FROM " + REFRESH_TOKEN_TABLE_NAME + " t WHERE t.tokenKey = '" + tokenKey + "'",
+ RefreshToken.class);
+ }
protected TypedQuery<Client> getClientsQuery(UserSubject resourceOwnerSubject) {
if (resourceOwnerSubject == null) {
return entityManager.createQuery("SELECT c FROM " + CLIENT_TABLE_NAME + " c", Client.class);
http://git-wip-us.apache.org/repos/asf/cxf/blob/b66bb192/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
index c0ecd61..1128c32 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
@@ -18,6 +18,8 @@
*/
package org.apache.cxf.rs.security.oauth2.tokens.bearer;
+import javax.persistence.Entity;
+
import org.apache.cxf.rs.security.oauth2.common.Client;
import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
@@ -26,6 +28,7 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
/**
* Simple Bearer Access Token implementations
*/
+@Entity
public class BearerAccessToken extends ServerAccessToken {
private static final long serialVersionUID = -3614732043728799245L;
http://git-wip-us.apache.org/repos/asf/cxf/blob/b66bb192/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java
index 120d261..9cf80e5 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java
@@ -27,8 +27,12 @@ import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
import javax.persistence.Persistence;
+import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;
import org.apache.cxf.rs.security.oauth2.common.Client;
+import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
+import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
import org.apache.cxf.rs.security.oauth2.common.UserSubject;
+import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
import org.junit.After;
import org.junit.Assert;
@@ -53,6 +57,7 @@ public class JPACodeDataProviderTest extends Assert {
EntityManager em = emFactory.createEntityManager();
provider = new JPACodeDataProvider();
provider.setEntityManager(em);
+ provider.setSupportedScopes(Collections.singletonMap("a", "A Scope"));
} catch (Exception ex) {
ex.printStackTrace();
fail("Exception during JPA EntityManager creation.");
@@ -96,6 +101,27 @@ public class JPACodeDataProviderTest extends Assert {
}
+ @Test
+ public void testAddGetDeleteAccessToken() {
+ Client c = addClient("101", "bob");
+
+ AccessTokenRegistration atr = new AccessTokenRegistration();
+ atr.setClient(c);
+ atr.setApprovedScope(Collections.singletonList("a"));
+ atr.setSubject(c.getResourceOwnerSubject());
+
+ ServerAccessToken at = provider.createAccessToken(atr);
+ ServerAccessToken at2 = provider.getAccessToken(at.getTokenKey());
+ assertEquals(at.getTokenKey(), at2.getTokenKey());
+ List<OAuthPermission> scopes = at2.getScopes();
+ assertNotNull(scopes);
+ assertEquals(1, scopes.size());
+ OAuthPermission perm = scopes.get(0);
+ assertEquals("a", perm.getPermission());
+ provider.revokeToken(c, at.getTokenKey(), OAuthConstants.ACCESS_TOKEN);
+ assertNull(provider.getAccessToken(at.getTokenKey()));
+ }
+
private Client addClient(String clientId, String userLogin) {
Client c = new Client();
c.setRedirectUris(Collections.singletonList("http://client/redirect"));
http://git-wip-us.apache.org/repos/asf/cxf/blob/b66bb192/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml b/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
index 78744d5..eb413f0 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
+++ b/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
@@ -6,6 +6,8 @@
<provider>org.hibernate.ejb.HibernatePersistence</provider>
<class>org.apache.cxf.rs.security.oauth2.common.Client</class>
<class>org.apache.cxf.rs.security.oauth2.common.UserSubject</class>
+ <class>org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken</class>
+ <class>org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken</class>
<exclude-unlisted-classes>true</exclude-unlisted-classes>
<properties>
<property name="hibernate.connection.url" value="jdbc:hsqldb:mem:oauth-jpa"/>
@@ -21,6 +23,8 @@
<provider>org.apache.openjpa.persistence.PersistenceProviderImpl</provider>
<class>org.apache.cxf.rs.security.oauth2.common.Client</class>
<class>org.apache.cxf.rs.security.oauth2.common.UserSubject</class>
+ <class>org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken</class>
+ <class>org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken</class>
<exclude-unlisted-classes>true</exclude-unlisted-classes>
<properties>
<property name="openjpa.ConnectionURL" value="jdbc:hsqldb:mem:oauth-jpa"/>
[2/2] cxf git commit: Merge branch 'master' of
https://git-wip-us.apache.org/repos/asf/cxf
Posted by se...@apache.org.
Merge branch 'master' of https://git-wip-us.apache.org/repos/asf/cxf
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e9fa213b
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e9fa213b
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e9fa213b
Branch: refs/heads/master
Commit: e9fa213b9b6a4df35daaa77a7eaaf74f639e7e13
Parents: b66bb19 b2e5fb6
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Tue Apr 5 16:51:21 2016 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Tue Apr 5 16:51:21 2016 +0100
----------------------------------------------------------------------
.gitignore | 1 +
.../samples/jax_rs/websocket_osgi/README.txt | 94 +++++++
.../samples/jax_rs/websocket_osgi/pom.xml | 96 +++++++
.../main/java/demo/jaxrs/server/Customer.java | 43 +++
.../java/demo/jaxrs/server/CustomerService.java | 271 +++++++++++++++++++
.../src/main/java/demo/jaxrs/server/Order.java | 69 +++++
.../main/java/demo/jaxrs/server/Product.java | 43 +++
.../resources/OSGI-INF/blueprint/context.xml | 47 ++++
.../websocket_osgi/src/test/resources/client.js | 234 ++++++++++++++++
.../AsymmetricBindingHandler.java | 1 +
.../StaxAsymmetricBindingHandler.java | 4 +
.../StaxSymmetricBindingHandler.java | 4 +
.../policyhandlers/SymmetricBindingHandler.java | 1 +
.../https/ciphersuites/CipherSuitesTest.java | 31 +++
.../src/test/resources/keys/wss40exp.jks | Bin 0 -> 3941 bytes
.../src/test/resources/keys/wss40expCA.jks | Bin 0 -> 858 bytes
.../ciphersuites-client-expired-cert.xml | 37 +++
.../https/ciphersuites/ciphersuites-server.xml | 28 ++
.../org/apache/cxf/systest/ws/gcm/GCMTest.java | 48 ++++
.../ws/gcm/MGF256AlgorithmSuiteLoader.java | 18 ++
.../apache/cxf/systest/ws/gcm/DoubleItGCM.wsdl | 61 +++++
.../apache/cxf/systest/ws/gcm/mgf-client.xml | 10 +
.../apache/cxf/systest/ws/gcm/mgf-server.xml | 9 +
.../cxf/systest/ws/gcm/mgf-stax-server.xml | 10 +
24 files changed, 1160 insertions(+)
----------------------------------------------------------------------