You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2014/02/11 13:44:39 UTC
svn commit: r1567093 - in /cxf/branches/2.7.x-fixes: ./
rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/lifecycle/
rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/
rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/ rt/fro...
Author: sergeyb
Date: Tue Feb 11 12:44:38 2014
New Revision: 1567093
URL: http://svn.apache.org/r1567093
Log:
Merged revisions 1567081 via svnmerge from
https://svn.apache.org/repos/asf/cxf/trunk
........
r1567081 | sergeyb | 2014-02-11 12:21:28 +0000 (Tue, 11 Feb 2014) | 1 line
[CXF-5556] Minor updates
........
Modified:
cxf/branches/2.7.x-fixes/ (props changed)
cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/lifecycle/PerRequestResourceProvider.java
cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/AbstractJAXBProvider.java
cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/KerberosAuthenticationFilter.java
cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java
cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/JAXRSUtils.java
cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/SpecExceptions.java
cxf/branches/2.7.x-fixes/rt/rs/extensions/providers/src/main/java/org/apache/cxf/jaxrs/provider/atom/AtomPojoProvider.java
cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthHandler.java
cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java
cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java
cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java
cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlInHandler.java
cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
Propchange: cxf/branches/2.7.x-fixes/
------------------------------------------------------------------------------
Merged /cxf/trunk:r1567081
Propchange: cxf/branches/2.7.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.
Modified: cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/lifecycle/PerRequestResourceProvider.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/lifecycle/PerRequestResourceProvider.java?rev=1567093&r1=1567092&r2=1567093&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/lifecycle/PerRequestResourceProvider.java (original)
+++ cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/lifecycle/PerRequestResourceProvider.java Tue Feb 11 12:44:38 2014
@@ -94,7 +94,7 @@ public class PerRequestResourceProvider
}
private Response serverError(String msg) {
- return Response.serverError().entity(msg).build();
+ return JAXRSUtils.toResponseBuilder(500).entity(msg).build();
}
/**
Modified: cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/AbstractJAXBProvider.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/AbstractJAXBProvider.java?rev=1567093&r1=1567092&r2=1567093&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/AbstractJAXBProvider.java (original)
+++ cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/AbstractJAXBProvider.java Tue Feb 11 12:44:38 2014
@@ -682,7 +682,7 @@ public abstract class AbstractJAXBProvid
protected static void handleExceptionEnd(Throwable t, String message, boolean read) {
Response.Status status = read
? Response.Status.BAD_REQUEST : Response.Status.INTERNAL_SERVER_ERROR;
- Response r = Response.status(status)
+ Response r = JAXRSUtils.toResponseBuilder(status)
.type(MediaType.TEXT_PLAIN).entity(message).build();
WebApplicationException ex = read ? ExceptionUtils.toBadRequestException(t, r)
: ExceptionUtils.toInternalServerErrorException(t, r);
Modified: cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/KerberosAuthenticationFilter.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/KerberosAuthenticationFilter.java?rev=1567093&r1=1567092&r2=1567093&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/KerberosAuthenticationFilter.java (original)
+++ cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/KerberosAuthenticationFilter.java Tue Feb 11 12:44:38 2014
@@ -42,6 +42,7 @@ import org.apache.cxf.jaxrs.ext.MessageC
import org.apache.cxf.jaxrs.ext.RequestHandler;
import org.apache.cxf.jaxrs.model.ClassResourceInfo;
import org.apache.cxf.jaxrs.utils.ExceptionUtils;
+import org.apache.cxf.jaxrs.utils.JAXRSUtils;
import org.apache.cxf.message.Message;
import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.security.SecurityContext;
@@ -168,7 +169,7 @@ public class KerberosAuthenticationFilte
}
private static Response getFaultResponse() {
- return Response.status(401).header(HttpHeaders.WWW_AUTHENTICATE, NEGOTIATE_SCHEME).build();
+ return JAXRSUtils.toResponseBuilder(401).header(HttpHeaders.WWW_AUTHENTICATE, NEGOTIATE_SCHEME).build();
}
protected String getCompleteServicePrincipalName() {
Modified: cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java?rev=1567093&r1=1567092&r2=1567093&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java (original)
+++ cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java Tue Feb 11 12:44:38 2014
@@ -475,7 +475,7 @@ public final class InjectionUtils {
if (logError) {
LOG.severe(errorMessage.toString());
}
- Response r = Response.status(Response.Status.INTERNAL_SERVER_ERROR)
+ Response r = JAXRSUtils.toResponseBuilder(Response.Status.INTERNAL_SERVER_ERROR)
.type(MediaType.TEXT_PLAIN_TYPE)
.entity(errorMessage.toString()).build();
throw ExceptionUtils.toInternalServerErrorException(null, r);
@@ -1235,12 +1235,12 @@ public final class InjectionUtils {
} catch (InvocationTargetException ex) {
String msg = "Method " + method.getName() + " can not be invoked"
+ " due to InvocationTargetException";
- throw new WebApplicationException(Response.serverError().entity(msg).build());
+ throw new WebApplicationException(JAXRSUtils.toResponseBuilder(500).entity(msg).build());
} catch (IllegalAccessException ex) {
String msg = "Method " + method.getName() + " can not be invoked"
+ " due to IllegalAccessException";
throw ExceptionUtils.toInternalServerErrorException(ex,
- Response.serverError().entity(msg).build());
+ JAXRSUtils.toResponseBuilder(500).entity(msg).build());
}
}
}
Modified: cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/JAXRSUtils.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/JAXRSUtils.java?rev=1567093&r1=1567092&r2=1567093&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/JAXRSUtils.java (original)
+++ cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/JAXRSUtils.java Tue Feb 11 12:44:38 2014
@@ -535,7 +535,7 @@ public final class JAXRSUtils {
public static Response createResponse(ClassResourceInfo cri, Message msg,
String responseMessage, int status, boolean addAllow) {
- ResponseBuilder rb = Response.status(status);
+ ResponseBuilder rb = toResponseBuilder(status);
if (addAllow) {
Set<String> allowedMethods = cri.getAllowedMethods();
for (String m : allowedMethods) {
Modified: cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/SpecExceptions.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/SpecExceptions.java?rev=1567093&r1=1567092&r2=1567093&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/SpecExceptions.java (original)
+++ cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/SpecExceptions.java Tue Feb 11 12:44:38 2014
@@ -36,7 +36,7 @@ import javax.ws.rs.ServiceUnavailableExc
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
-public final class SpecExceptions {
+final class SpecExceptions {
private static final Map<Integer, Class<?>> EXCEPTIONS_MAP;
@@ -91,7 +91,7 @@ public final class SpecExceptions {
return new NotAuthorizedException(checkResponse(response, 401), cause);
}
-
+
public static NotAcceptableException toNotAcceptableException(Throwable cause, Response response) {
return new NotAcceptableException(checkResponse(response, 406), cause);
Modified: cxf/branches/2.7.x-fixes/rt/rs/extensions/providers/src/main/java/org/apache/cxf/jaxrs/provider/atom/AtomPojoProvider.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/extensions/providers/src/main/java/org/apache/cxf/jaxrs/provider/atom/AtomPojoProvider.java?rev=1567093&r1=1567092&r2=1567093&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/extensions/providers/src/main/java/org/apache/cxf/jaxrs/provider/atom/AtomPojoProvider.java (original)
+++ cxf/branches/2.7.x-fixes/rt/rs/extensions/providers/src/main/java/org/apache/cxf/jaxrs/provider/atom/AtomPojoProvider.java Tue Feb 11 12:44:38 2014
@@ -62,6 +62,7 @@ import org.apache.cxf.jaxrs.provider.Abs
import org.apache.cxf.jaxrs.provider.JAXBElementProvider;
import org.apache.cxf.jaxrs.utils.ExceptionUtils;
import org.apache.cxf.jaxrs.utils.InjectionUtils;
+import org.apache.cxf.jaxrs.utils.JAXRSUtils;
@Produces({"application/atom+xml", "application/atom+xml;type=feed", "application/atom+xml;type=entry" })
@Consumes({"application/atom+xml", "application/atom+xml;type=feed", "application/atom+xml;type=entry" })
@@ -548,7 +549,7 @@ public class AtomPojoProvider extends Ab
}
private void reportError(String message, Exception ex, int status) {
LOG.warning(message);
- Response response = Response.status(status).type("text/plain").entity(message).build();
+ Response response = JAXRSUtils.toResponseBuilder(status).type("text/plain").entity(message).build();
throw ExceptionUtils.toHttpException(ex, response);
}
private void reportError(String message, Exception ex) {
Modified: cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthHandler.java?rev=1567093&r1=1567092&r2=1567093&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthHandler.java (original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthHandler.java Tue Feb 11 12:44:38 2014
@@ -60,7 +60,7 @@ public class Saml2BearerAuthHandler exte
String assertionType = form.getData().getFirst(Constants.CLIENT_AUTH_ASSERTION_TYPE);
String decodedAssertionType = assertionType != null ? HttpUtils.urlDecode(assertionType) : null;
if (decodedAssertionType == null || !Constants.CLIENT_AUTH_SAML2_BEARER.equals(decodedAssertionType)) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
String assertion = form.getData().getFirst(Constants.CLIENT_AUTH_ASSERTION_PARAM);
@@ -77,7 +77,7 @@ public class Saml2BearerAuthHandler exte
try {
FormUtils.restoreForm(provider, form, message);
} catch (Exception ex) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
return null;
}
@@ -86,20 +86,20 @@ public class Saml2BearerAuthHandler exte
try {
return FormUtils.readForm(provider, message);
} catch (Exception ex) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
}
protected Element readToken(Message message, String assertion) {
if (assertion == null) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
try {
byte[] deflatedToken = Base64UrlUtility.decode(assertion);
InputStream is = new ByteArrayInputStream(deflatedToken);
return readToken(message, is);
} catch (Base64Exception ex) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
}
@@ -114,18 +114,15 @@ public class Saml2BearerAuthHandler exte
// Introduce SAMLOAuth2Validator to be reused between auth and grant handlers
Subject subject = SAMLUtils.getSubject(message, wrapper);
if (subject.getName() == null) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
if (clientId != null && !clientId.equals(subject.getName())) {
//TODO: Attempt to map client_id to subject.getName()
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
samlOAuthValidator.validate(message, wrapper);
message.put(OAuthConstants.CLIENT_ID, subject.getName());
}
- private static Response errorResponse() {
- return Response.status(401).build();
- }
}
Modified: cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java?rev=1567093&r1=1567092&r2=1567093&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java (original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java Tue Feb 11 12:44:38 2014
@@ -21,7 +21,6 @@ package org.apache.cxf.rs.security.oauth
import java.util.List;
-import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
import org.apache.cxf.jaxrs.impl.UriInfoImpl;
@@ -72,11 +71,11 @@ public class SamlOAuthValidator {
String expectedIssuer = OAuthConstants.CLIENT_ID.equals(issuer)
? wrapper.getSaml2().getSubject().getNameID().getValue() : issuer;
if (actualIssuer == null || !actualIssuer.equals(expectedIssuer)) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
}
if (!validateAuthenticationSubject(message, cs, wrapper.getSaml2().getSubject())) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
}
@@ -97,7 +96,7 @@ public class SamlOAuthValidator {
}
}
}
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
private String getAbsoluteTargetAddress(Message m) {
@@ -142,19 +141,19 @@ public class SamlOAuthValidator {
&& cs.getNotOnOrAfter() != null && !cs.getNotOnOrAfter().isBeforeNow()) {
return;
}
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
// Recipient must match assertion consumer URL
String recipient = subjectConfData.getRecipient();
if (recipient == null || !recipient.equals(getAbsoluteTargetAddress(m))) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
// We must have a NotOnOrAfter timestamp
if (subjectConfData.getNotOnOrAfter() == null
|| subjectConfData.getNotOnOrAfter().isBeforeNow()) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
//TODO: replay cache, same as with SAML SSO case
@@ -162,13 +161,10 @@ public class SamlOAuthValidator {
// Check address
if (subjectConfData.getAddress() != null
&& (clientAddress == null || !subjectConfData.getAddress().equals(clientAddress))) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
}
- private static Response errorResponse() {
- return Response.status(401).build();
- }
}
Modified: cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java?rev=1567093&r1=1567092&r2=1567093&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java (original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java Tue Feb 11 12:44:38 2014
@@ -23,12 +23,12 @@ import java.util.logging.Logger;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedMap;
-import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.ResponseBuilder;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.jaxrs.utils.ExceptionUtils;
+import org.apache.cxf.jaxrs.utils.JAXRSUtils;
import org.apache.cxf.rs.security.oauth2.common.Client;
import org.apache.cxf.rs.security.oauth2.common.OAuthError;
import org.apache.cxf.rs.security.oauth2.provider.OAuthDataProvider;
@@ -122,7 +122,7 @@ public abstract class AbstractOAuthServi
}
protected void reportInvalidRequestError(OAuthError entity, MediaType mt) {
- ResponseBuilder rb = Response.status(400);
+ ResponseBuilder rb = JAXRSUtils.toResponseBuilder(400);
if (mt != null) {
rb.type(mt);
}
Modified: cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java?rev=1567093&r1=1567092&r2=1567093&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java (original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java Tue Feb 11 12:44:38 2014
@@ -37,6 +37,7 @@ import javax.ws.rs.core.Response.Respons
import javax.ws.rs.core.SecurityContext;
import org.apache.cxf.jaxrs.utils.ExceptionUtils;
+import org.apache.cxf.jaxrs.utils.JAXRSUtils;
import org.apache.cxf.rs.security.oauth2.common.Client;
import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
import org.apache.cxf.rs.security.oauth2.common.OAuthError;
@@ -188,7 +189,7 @@ public class AccessTokenService extends
}
if (client == null) {
- throw ExceptionUtils.toNotAuthorizedException(null, Response.status(401).build());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
return client;
}
@@ -205,7 +206,7 @@ public class AccessTokenService extends
if (clientSecret == null || client.getClientSecret() == null
|| !client.getClientId().equals(clientId)
|| !client.getClientSecret().equals(clientSecret)) {
- throw ExceptionUtils.toNotAuthorizedException(null, Response.status(401).build());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
return client;
}
@@ -299,7 +300,7 @@ public class AccessTokenService extends
}
protected void reportInvalidClient(OAuthError error) {
- ResponseBuilder rb = Response.status(401);
+ ResponseBuilder rb = JAXRSUtils.toResponseBuilder(401);
throw ExceptionUtils.toNotAuthorizedException(null,
rb.type(MediaType.APPLICATION_JSON_TYPE).entity(error).build());
}
Modified: cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java?rev=1567093&r1=1567092&r2=1567093&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java (original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java Tue Feb 11 12:44:38 2014
@@ -303,7 +303,7 @@ public abstract class RedirectionBasedGr
SecurityContext securityContext =
(SecurityContext)getMessageContext().get(SecurityContext.class.getName());
if (securityContext == null || securityContext.getUserPrincipal() == null) {
- throw ExceptionUtils.toNotAuthorizedException(null, Response.status(401).build());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
checkTransportSecurity();
return securityContext;
Modified: cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java?rev=1567093&r1=1567092&r2=1567093&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java (original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java Tue Feb 11 12:44:38 2014
@@ -30,6 +30,7 @@ import javax.ws.rs.core.Response.Respons
import org.apache.cxf.common.util.Base64Utility;
import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.jaxrs.utils.ExceptionUtils;
+import org.apache.cxf.jaxrs.utils.JAXRSUtils;
/**
* Authorization helpers
@@ -49,7 +50,7 @@ public final class AuthorizationUtils {
if (authInfo.length == 2) {
return authInfo;
}
- throw ExceptionUtils.toNotAuthorizedException(null, Response.status(401).build());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
public static String[] getAuthorizationParts(MessageContext mc) {
@@ -74,7 +75,7 @@ public final class AuthorizationUtils {
}
public static void throwAuthorizationFailure(Set<String> challenges, String realm) {
- ResponseBuilder rb = Response.status(401);
+ ResponseBuilder rb = JAXRSUtils.toResponseBuilder(401);
StringBuilder sb = new StringBuilder();
for (String challenge : challenges) {
Modified: cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java?rev=1567093&r1=1567092&r2=1567093&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java (original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java Tue Feb 11 12:44:38 2014
@@ -21,11 +21,11 @@ package org.apache.cxf.rs.security.oauth
import java.util.List;
import javax.ws.rs.WebApplicationException;
-import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.jaxrs.utils.ExceptionUtils;
+import org.apache.cxf.jaxrs.utils.JAXRSUtils;
import org.apache.cxf.rs.security.oauth2.common.OAuthContext;
import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
@@ -82,7 +82,7 @@ public final class OAuthContextUtils {
*/
public static void assertRole(final MessageContext mc, final String role) {
if (!isUserInRole(mc, role)) {
- throw new WebApplicationException(Status.FORBIDDEN);
+ throw new WebApplicationException(JAXRSUtils.toResponse(Status.FORBIDDEN));
}
}
@@ -124,7 +124,7 @@ public final class OAuthContextUtils {
public static void assertClient(MessageContext mc, String client) {
String cl = resolveClient(mc);
if ((cl == null) || !cl.equals(client)) {
- throw new WebApplicationException(Status.FORBIDDEN);
+ throw new WebApplicationException(JAXRSUtils.toResponse(Status.FORBIDDEN));
}
}
@@ -136,7 +136,7 @@ public final class OAuthContextUtils {
public static OAuthContext getContext(final MessageContext mc) {
final OAuthContext oauth = mc.getContent(OAuthContext.class);
if ((oauth == null) || (oauth.getSubject() == null) || (oauth.getSubject().getLogin() == null)) {
- throw ExceptionUtils.toNotAuthorizedException(null, Response.status(401).build());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
return oauth;
}
Modified: cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlInHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlInHandler.java?rev=1567093&r1=1567092&r2=1567093&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlInHandler.java (original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlInHandler.java Tue Feb 11 12:44:38 2014
@@ -37,6 +37,7 @@ import org.w3c.dom.Node;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.jaxrs.ext.RequestHandler;
import org.apache.cxf.jaxrs.utils.ExceptionUtils;
+import org.apache.cxf.jaxrs.utils.JAXRSUtils;
import org.apache.cxf.message.Message;
import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.rs.security.common.CryptoLoader;
@@ -177,7 +178,7 @@ public abstract class AbstractSamlInHand
// TODO: get bundle resource message once this filter is moved
// to rt/rs/security
LOG.warning(error);
- Response response = Response.status(401).entity(error).build();
+ Response response = JAXRSUtils.toResponseBuilder(401).entity(error).build();
throw ExceptionUtils.toNotAuthorizedException(null, response);
}
Modified: cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java?rev=1567093&r1=1567092&r2=1567093&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java (original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java Tue Feb 11 12:44:38 2014
@@ -32,6 +32,7 @@ import org.w3c.dom.NodeList;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.jaxrs.utils.ExceptionUtils;
+import org.apache.cxf.jaxrs.utils.JAXRSUtils;
import org.apache.cxf.message.Message;
import org.apache.cxf.staxutils.StaxUtils;
import org.apache.cxf.staxutils.W3CDOMStreamReader;
@@ -80,7 +81,7 @@ public abstract class AbstractXmlSecInHa
protected void throwFault(String error, Exception ex) {
LOG.warning(error);
- Response response = Response.status(400).entity(error).build();
+ Response response = JAXRSUtils.toResponseBuilder(400).entity(error).build();
throw ExceptionUtils.toBadRequestException(null, response);
}