You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2016/09/26 12:47:16 UTC
cxf-fediz git commit: Optinally persisting client cred client records
Repository: cxf-fediz
Updated Branches:
refs/heads/master dd65d5a30 -> cf0712206
Optinally persisting client cred client records
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/cf071220
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/cf071220
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/cf071220
Branch: refs/heads/master
Commit: cf0712206b92fa9b9a81e7d0db92088c9807ef17
Parents: dd65d5a
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Mon Sep 26 13:46:59 2016 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Mon Sep 26 13:46:59 2016 +0100
----------------------------------------------------------------------
.../service/oidc/OAuthDataProviderImpl.java | 32 +++++++++++---------
1 file changed, 17 insertions(+), 15 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/cf071220/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java
index 6b402b7..a14af3b 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java
@@ -43,6 +43,7 @@ public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider {
private static final Logger LOG = LogUtils.getL7dLogger(OAuthDataProviderImpl.class);
private boolean checkOnlyRegisteredClients;
+ private boolean persistUnregisteredClients = true;
private String contextName;
private Configuration loginConfig;
@@ -59,7 +60,6 @@ public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider {
if (OAuthConstants.CLIENT_CREDENTIALS_GRANT.equals(grantType)) {
// Pre-registering the OAuth2 Client representations for
// "client_credentials" can be difficult.
-
String clientSecret = (String)getMessageContext().get(OAuthConstants.CLIENT_SECRET);
if (clientSecret != null) {
// Direct authentication with the back-end storage
@@ -67,9 +67,7 @@ public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider {
} else {
Principal p = super.getMessageContext().getSecurityContext().getUserPrincipal();
if (clientId.equals(p.getName())) {
- Client c = new Client(clientId, null, true);
- c.setAllowedGrantTypes(Collections.singletonList(OAuthConstants.CLIENT_CREDENTIALS_GRANT));
- return c;
+ return createClientCredClient(clientId, null);
}
}
}
@@ -95,10 +93,9 @@ public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider {
// Login using JAAS
CallbackHandler callbackHandler =
new NamePasswordCallbackHandler(clientId, clientSecret);
- LoginContext ctx = new LoginContext(getContextName(), null, callbackHandler, loginConfig);
+ LoginContext ctx = new LoginContext(contextName, null, callbackHandler, loginConfig);
ctx.login();
- Client client = new Client(clientId, clientSecret, true);
- client.setAllowedGrantTypes(Collections.singletonList(OAuthConstants.CLIENT_CREDENTIALS_GRANT));
+ Client client = createClientCredClient(clientId, clientSecret);
ctx.logout();
return client;
} catch (LoginException ex) {
@@ -113,20 +110,25 @@ public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider {
this.checkOnlyRegisteredClients = checkOnlyRegisteredClients;
}
- public String getContextName() {
- return contextName;
- }
-
public void setContextName(String contextName) {
this.contextName = contextName;
}
- public Configuration getLoginConfig() {
- return loginConfig;
- }
-
public void setLoginConfig(Configuration loginConfig) {
this.loginConfig = loginConfig;
}
+ public void setPersistUnregisteredClients(boolean persistUnregisteredClients) {
+ this.persistUnregisteredClients = persistUnregisteredClients;
+ }
+
+ protected Client createClientCredClient(String clientId, String password) {
+ Client c = new Client(clientId, password, true);
+ c.setAllowedGrantTypes(Collections.singletonList(OAuthConstants.CLIENT_CREDENTIALS_GRANT));
+ if (persistUnregisteredClients) {
+ // It will enable seeing these clients and their tokens in the OIDC management console
+ super.setClient(c);
+ }
+ return c;
+ }
}