You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2014/02/07 13:24:37 UTC
svn commit: r1565629 - in
/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2:
filters/OAuthRequestFilter.java filters/OAuthRequestInterceptor.java
services/AbstractAccessTokenValidator.java
Author: sergeyb
Date: Fri Feb 7 12:24:37 2014
New Revision: 1565629
URL: http://svn.apache.org/r1565629
Log:
Making it possible to register OAuthRequestFilter as the interceptor and also use it on non-JAX-RS paths
Added:
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestInterceptor.java (with props)
Modified:
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java?rev=1565629&r1=1565628&r2=1565629&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java Fri Feb 7 12:24:37 2014
@@ -57,7 +57,10 @@ public class OAuthRequestFilter extends
private boolean audienceIsEndpointAddress;
public void filter(ContainerRequestContext context) {
- Message m = JAXRSUtils.getCurrentMessage();
+ validateRequest(JAXRSUtils.getCurrentMessage());
+ }
+
+ protected void validateRequest(Message m) {
if (isCorsRequest(m)) {
return;
}
Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestInterceptor.java?rev=1565629&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestInterceptor.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestInterceptor.java Fri Feb 7 12:24:37 2014
@@ -0,0 +1,70 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth2.filters;
+
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Set;
+
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.phase.Phase;
+import org.apache.cxf.phase.PhaseInterceptor;
+
+
+public class OAuthRequestInterceptor extends OAuthRequestFilter implements PhaseInterceptor<Message> {
+
+ public void handleMessage(Message message) throws Fault {
+ validateRequest(message);
+ }
+
+ public Collection<PhaseInterceptor<? extends Message>> getAdditionalInterceptors() {
+ return null;
+ }
+
+ public Set<String> getAfter() {
+ return Collections.emptySet();
+ }
+
+ public Set<String> getBefore() {
+ return Collections.emptySet();
+ }
+
+ public String getId() {
+ return getClass().getName();
+ }
+
+ public String getPhase() {
+ return Phase.PRE_INVOKE;
+ }
+
+ public void handleFault(Message message) {
+ }
+
+// protected String[] getAuthorizationParts() {
+// // the current message is wrapped in MessageContext
+// MessageContext mc = getMessageContext();
+//
+// // extract the token from the message, example, get
+// // WS-Security Binary token put on the message by WSS4JInInterceptor
+//
+// String token = getTokenFromCurrentMessage(mc);
+// return new String[] {"Bearer", token};
+// }
+}
Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestInterceptor.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestInterceptor.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java?rev=1565629&r1=1565628&r2=1565629&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java Fri Feb 7 12:24:37 2014
@@ -28,6 +28,8 @@ import javax.ws.rs.InternalServerErrorEx
import javax.ws.rs.core.Context;
import org.apache.cxf.jaxrs.ext.MessageContext;
+import org.apache.cxf.jaxrs.ext.MessageContextImpl;
+import org.apache.cxf.phase.PhaseInterceptorChain;
import org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation;
import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
import org.apache.cxf.rs.security.oauth2.provider.AccessTokenValidator;
@@ -73,7 +75,7 @@ public abstract class AbstractAccessToke
}
public MessageContext getMessageContext() {
- return mc;
+ return mc != null ? mc : new MessageContextImpl(PhaseInterceptorChain.getCurrentMessage());
}
protected AccessTokenValidator findTokenValidator(String authScheme) {
@@ -99,7 +101,7 @@ public abstract class AbstractAccessToke
// Get the scheme and its data, Bearer only is supported by default
// WWW-Authenticate with the list of supported schemes will be sent back
// if the scheme is not accepted
- String[] authParts = AuthorizationUtils.getAuthorizationParts(mc, supportedSchemes);
+ String[] authParts = getAuthorizationParts();
String authScheme = authParts[0];
String authSchemeData = authParts[1];
@@ -108,7 +110,7 @@ public abstract class AbstractAccessToke
if (handler != null) {
try {
// Convert the HTTP Authorization scheme data into a token
- accessTokenV = handler.validateAccessToken(mc, authScheme, authSchemeData);
+ accessTokenV = handler.validateAccessToken(getMessageContext(), authScheme, authSchemeData);
} catch (OAuthServiceException ex) {
AuthorizationUtils.throwAuthorizationFailure(
Collections.singleton(authScheme), realm);
@@ -163,5 +165,8 @@ public abstract class AbstractAccessToke
this.audiences = audiences;
}
+ protected String[] getAuthorizationParts() {
+ return AuthorizationUtils.getAuthorizationParts(getMessageContext(), supportedSchemes);
+ }
}