You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2013/07/26 16:20:45 UTC
svn commit: r1507319 - in /cxf/trunk:
rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/
rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/
rt/rs/security/oauth-p...
Author: sergeyb
Date: Fri Jul 26 14:20:44 2013
New Revision: 1507319
URL: http://svn.apache.org/r1507319
Log:
[CXF-5162] Updating AccessTokenService to validate if Clients can get the current grant supported
Added:
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/OAuthDataProviderImpl.java (with props)
Modified:
cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrantHandler.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractTokenService.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java
cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java?rev=1507319&r1=1507318&r2=1507319&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java Fri Jul 26 14:20:44 2013
@@ -25,7 +25,7 @@ import java.io.InputStreamReader;
import java.security.Principal;
import java.security.cert.Certificate;
import java.util.ArrayList;
-import java.util.LinkedList;
+import java.util.Arrays;
import java.util.List;
import java.util.Set;
@@ -67,7 +67,6 @@ import org.apache.wss4j.dom.handler.WSHa
import org.apache.wss4j.dom.validate.Credential;
import org.apache.wss4j.dom.validate.SamlAssertionValidator;
import org.apache.wss4j.dom.validate.Validator;
-
import org.opensaml.xml.signature.KeyInfo;
import org.opensaml.xml.signature.Signature;
@@ -78,6 +77,9 @@ public class Saml2BearerGrantHandler ext
private static final String ENCODED_SAML2_BEARER_GRANT;
static {
WSSConfig.init();
+ // AccessTokenService may be configured with the form provider
+ // which will not decode by default - so listing both the actual
+ // and encoded grant type value will help
ENCODED_SAML2_BEARER_GRANT = HttpUtils.urlEncode(Constants.SAML2_BEARER_GRANT, "UTF-8");
}
private Validator samlValidator = new SamlAssertionValidator();
@@ -85,20 +87,9 @@ public class Saml2BearerGrantHandler ext
private SecurityContextProvider scProvider = new SecurityContextProviderImpl();
public Saml2BearerGrantHandler() {
- super(Constants.SAML2_BEARER_GRANT);
+ super(Arrays.asList(Constants.SAML2_BEARER_GRANT, ENCODED_SAML2_BEARER_GRANT));
}
- @Override
- public List<String> getSupportedGrantTypes() {
- // AccessTokenService may be configured with the form provider
- // which will not decode by default - so listing both the actual
- // and encoded grant type value will help
- List<String> types = new LinkedList<String>();
- types.add(Constants.SAML2_BEARER_GRANT);
- types.add(ENCODED_SAML2_BEARER_GRANT);
- return types;
- }
-
public void setSamlValidator(Validator validator) {
samlValidator = validator;
}
@@ -113,7 +104,6 @@ public class Saml2BearerGrantHandler ext
public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String> params)
throws OAuthServiceException {
- checkIfGrantSupported(client);
String assertion = params.getFirst(Constants.CLIENT_GRANT_ASSERTION_PARAM);
if (assertion == null) {
@@ -130,7 +120,8 @@ public class Saml2BearerGrantHandler ext
UserSubject grantSubject = getGrantSubject(message, assertionWrapper);
return doCreateAccessToken(client,
- grantSubject,
+ grantSubject,
+ Constants.SAML2_BEARER_GRANT,
OAuthUtils.parseScope(params.getFirst(OAuthConstants.SCOPE)));
} catch (OAuthServiceException ex) {
throw ex;
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java?rev=1507319&r1=1507318&r2=1507319&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java Fri Jul 26 14:20:44 2013
@@ -70,11 +70,12 @@ public abstract class AbstractGrantHandl
return Collections.unmodifiableList(supportedGrants);
}
+ @Deprecated
protected void checkIfGrantSupported(Client client) {
checkIfGrantSupported(client, getSingleGrantType());
}
- protected void checkIfGrantSupported(Client client, String requestedGrant) {
+ private void checkIfGrantSupported(Client client, String requestedGrant) {
if (!OAuthUtils.isGrantSupportedForClient(client,
canSupportPublicClients,
requestedGrant)) {
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java?rev=1507319&r1=1507318&r2=1507319&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java Fri Jul 26 14:20:44 2013
@@ -39,7 +39,6 @@ public class ClientCredentialsGrantHandl
public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String> params)
throws OAuthServiceException {
- checkIfGrantSupported(client);
return doCreateAccessToken(client,
client.getSubject(),
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java?rev=1507319&r1=1507318&r2=1507319&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java Fri Jul 26 14:20:44 2013
@@ -40,7 +40,6 @@ public class AuthorizationCodeGrantHandl
public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String> params)
throws OAuthServiceException {
- checkIfGrantSupported(client);
// Get the grant representation from the provider
String codeValue = params.getFirst(OAuthConstants.AUTHORIZATION_CODE_VALUE);
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java?rev=1507319&r1=1507318&r2=1507319&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java Fri Jul 26 14:20:44 2013
@@ -40,7 +40,6 @@ public class ResourceOwnerGrantHandler e
public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String> params)
throws OAuthServiceException {
- checkIfGrantSupported(client);
String ownerName = params.getFirst(OAuthConstants.RESOURCE_OWNER_NAME);
String ownerPassword = params.getFirst(OAuthConstants.RESOURCE_OWNER_PASSWORD);
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrantHandler.java?rev=1507319&r1=1507318&r2=1507319&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrantHandler.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrantHandler.java Fri Jul 26 14:20:44 2013
@@ -35,7 +35,6 @@ public class RefreshTokenGrantHandler im
private OAuthDataProvider dataProvider;
private boolean partialMatchScopeValidation;
- private boolean canSupportPublicClients;
public void setDataProvider(OAuthDataProvider dataProvider) {
this.dataProvider = dataProvider;
@@ -47,10 +46,6 @@ public class RefreshTokenGrantHandler im
public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String> params)
throws OAuthServiceException {
- if (!OAuthUtils.isGrantSupportedForClient(client, canSupportPublicClients,
- OAuthConstants.REFRESH_TOKEN_GRANT)) {
- throw new OAuthServiceException(OAuthConstants.UNAUTHORIZED_CLIENT);
- }
String refreshToken = params.getFirst(OAuthConstants.REFRESH_TOKEN);
List<String> requestedScopes = OAuthUtils.getRequestedScopes(client,
params.getFirst(OAuthConstants.SCOPE),
@@ -62,8 +57,4 @@ public class RefreshTokenGrantHandler im
public void setPartialMatchScopeValidation(boolean partialMatchScopeValidation) {
this.partialMatchScopeValidation = partialMatchScopeValidation;
}
-
- public void setCanSupportPublicClients(boolean support) {
- canSupportPublicClients = support;
- }
}
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractTokenService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractTokenService.java?rev=1507319&r1=1507318&r2=1507319&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractTokenService.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractTokenService.java Fri Jul 26 14:20:44 2013
@@ -143,6 +143,10 @@ public class AbstractTokenService extend
this.canSupportPublicClients = support;
}
+ public boolean isCanSupportPublicClients() {
+ return canSupportPublicClients;
+ }
+
public void setWriteCustomErrors(boolean writeCustomErrors) {
this.writeCustomErrors = writeCustomErrors;
}
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java?rev=1507319&r1=1507318&r2=1507319&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java Fri Jul 26 14:20:44 2013
@@ -77,6 +77,13 @@ public class AccessTokenService extends
// Make sure the client is authenticated
Client client = authenticateClientIfNeeded(params);
+ if (!OAuthUtils.isGrantSupportedForClient(client,
+ isCanSupportPublicClients(),
+ params.getFirst(OAuthConstants.GRANT_TYPE))) {
+ return createErrorResponse(params, OAuthConstants.UNAUTHORIZED_CLIENT);
+ }
+
+
// Find the grant handler
AccessTokenGrantHandler handler = findGrantHandler(params);
if (handler == null) {
@@ -115,10 +122,11 @@ public class AccessTokenService extends
}
/**
- * Find the mathcing grant handler
+ * Find the matching grant handler
*/
- protected AccessTokenGrantHandler findGrantHandler(MultivaluedMap<String, String> params) {
- String grantType = params.getFirst(OAuthConstants.GRANT_TYPE);
+ protected AccessTokenGrantHandler findGrantHandler(MultivaluedMap<String, String> params) {
+ String grantType = params.getFirst(OAuthConstants.GRANT_TYPE);
+
if (grantType != null) {
for (AccessTokenGrantHandler handler : grantHandlers) {
if (handler.getSupportedGrantTypes().contains(grantType)) {
Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/OAuthDataProviderImpl.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/OAuthDataProviderImpl.java?rev=1507319&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/OAuthDataProviderImpl.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/OAuthDataProviderImpl.java Fri Jul 26 14:20:44 2013
@@ -0,0 +1,85 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth2.grants;
+
+import java.util.List;
+
+import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;
+import org.apache.cxf.rs.security.oauth2.common.Client;
+import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
+import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
+import org.apache.cxf.rs.security.oauth2.common.UserSubject;
+import org.apache.cxf.rs.security.oauth2.provider.OAuthDataProvider;
+import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
+import org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken;
+
+
+public class OAuthDataProviderImpl implements OAuthDataProvider {
+
+ @Override
+ public Client getClient(String clientId) throws OAuthServiceException {
+ return new Client("alice", "alice", true);
+ }
+
+ @Override
+ public ServerAccessToken createAccessToken(AccessTokenRegistration accessToken)
+ throws OAuthServiceException {
+ return new BearerAccessToken(accessToken.getClient(), 3600);
+ }
+
+ @Override
+ public ServerAccessToken getAccessToken(String accessToken) throws OAuthServiceException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public ServerAccessToken getPreauthorizedToken(Client client, List<String> requestedScopes,
+ UserSubject subject, String grantType)
+ throws OAuthServiceException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public ServerAccessToken refreshAccessToken(Client client, String refreshToken,
+ List<String> requestedScopes) throws OAuthServiceException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public void removeAccessToken(ServerAccessToken accessToken) throws OAuthServiceException {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public List<OAuthPermission> convertScopeToPermissions(Client client, List<String> requestedScope) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public void revokeToken(Client client, String token, String tokenTypeHint) throws OAuthServiceException {
+ // TODO Auto-generated method stub
+
+ }
+
+}
Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/OAuthDataProviderImpl.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/OAuthDataProviderImpl.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java?rev=1507319&r1=1507318&r2=1507319&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java Fri Jul 26 14:20:44 2013
@@ -36,15 +36,14 @@ import org.junit.Test;
public class TokenGrantHandlerTest extends Assert {
+
+
@Test
- public void testSimpleGrantNotSupported() {
- try {
- new SimpleGrantHandler().createAccessToken(createClient("unsupported"),
- createMap("a"));
- fail("Unsupported Grant");
- } catch (OAuthServiceException ex) {
- assertEquals(OAuthConstants.UNAUTHORIZED_CLIENT, ex.getMessage());
- }
+ public void testSimpleGrantSupported() {
+ SimpleGrantHandler handler = new SimpleGrantHandler();
+ handler.setDataProvider(new OAuthDataProviderImpl());
+ ServerAccessToken t = handler.createAccessToken(createClient("a"), createMap("a"));
+ assertTrue(t instanceof BearerAccessToken);
}
@Test
@@ -59,27 +58,10 @@ public class TokenGrantHandlerTest exten
}
@Test
- public void testSimpleGrantSupported() {
- ServerAccessToken t = new SimpleGrantHandler().createAccessToken(createClient("a"),
- createMap("a"));
- assertTrue(t instanceof BearerAccessToken);
- }
-
- @Test
- public void testComplexGrantNotSupported() {
- try {
- new ComplexGrantHandler(Arrays.asList("a", "b"))
- .createAccessToken(createClient("unsupported"), createMap("a"));
- fail("Unsupported Grant");
- } catch (OAuthServiceException ex) {
- assertEquals(OAuthConstants.UNAUTHORIZED_CLIENT, ex.getMessage());
- }
- }
-
- @Test
public void testComplexGrantSupported() {
- ServerAccessToken t = new ComplexGrantHandler(Arrays.asList("a", "b"))
- .createAccessToken(createClient("a"), createMap("a"));
+ ComplexGrantHandler handler = new ComplexGrantHandler(Arrays.asList("a", "b"));
+ handler.setDataProvider(new OAuthDataProviderImpl());
+ ServerAccessToken t = handler.createAccessToken(createClient("a"), createMap("a"));
assertTrue(t instanceof BearerAccessToken);
}
@@ -110,8 +92,7 @@ public class TokenGrantHandlerTest exten
@Override
public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String> params)
throws OAuthServiceException {
- super.checkIfGrantSupported(client);
- return new BearerAccessToken(client, 3600L);
+ return super.doCreateAccessToken(client, client.getSubject(), null);
}
}
@@ -125,8 +106,8 @@ public class TokenGrantHandlerTest exten
@Override
public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String> params)
throws OAuthServiceException {
- super.checkIfGrantSupported(client, params.getFirst(OAuthConstants.GRANT_TYPE));
- return new BearerAccessToken(client, 3600L);
+ return super.doCreateAccessToken(client, client.getSubject(),
+ params.getFirst(OAuthConstants.GRANT_TYPE), null);
}
}
Modified: cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java?rev=1507319&r1=1507318&r2=1507319&view=diff
==============================================================================
--- cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java (original)
+++ cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java Fri Jul 26 14:20:44 2013
@@ -37,6 +37,7 @@ public class OAuthDataProviderImpl imple
public Client getClient(String clientId) throws OAuthServiceException {
Client client = new Client("alice", "alice", true);
client.getAllowedGrantTypes().add(Constants.SAML2_BEARER_GRANT);
+ client.getAllowedGrantTypes().add("custom_grant");
return client;
}