You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2014/12/09 12:21:38 UTC
cxf git commit: [CXF-6142] Updating AcceptTokenValidator interface
Repository: cxf
Updated Branches:
refs/heads/master 1f123776f -> 982bff937
[CXF-6142] Updating AcceptTokenValidator interface
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/982bff93
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/982bff93
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/982bff93
Branch: refs/heads/master
Commit: 982bff93746e7c7234c474a612094f263eaf3794
Parents: 1f12377
Author: Sergey Beryozkin <sb...@talend.com>
Authored: Tue Dec 9 11:21:21 2014 +0000
Committer: Sergey Beryozkin <sb...@talend.com>
Committed: Tue Dec 9 11:21:21 2014 +0000
----------------------------------------------------------------------
.../oauth2/filters/AccessTokenValidatorClient.java | 16 +++++++++++-----
.../security/oauth2/filters/OAuthRequestFilter.java | 2 +-
.../oauth2/provider/AccessTokenValidator.java | 5 ++++-
.../services/AbstractAccessTokenValidator.java | 7 +++++--
.../services/AccessTokenValidatorService.java | 2 +-
.../hawk/AbstractHawkAccessTokenValidator.java | 15 ++++++++++-----
.../tokens/hawk/HawkAccessTokenValidator.java | 8 ++++++--
.../tokens/hawk/HawkAccessTokenValidatorClient.java | 11 +++++++----
.../tokens/hawk/HawkAccessTokenValidatorTest.java | 3 ++-
9 files changed, 47 insertions(+), 22 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/982bff93/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenValidatorClient.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenValidatorClient.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenValidatorClient.java
index 7f76407..984995b 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenValidatorClient.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenValidatorClient.java
@@ -21,10 +21,11 @@ package org.apache.cxf.rs.security.oauth2.filters;
import java.util.Collections;
import java.util.List;
-import javax.ws.rs.core.Form;
+import javax.ws.rs.core.MultivaluedMap;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.jaxrs.ext.MessageContext;
+import org.apache.cxf.jaxrs.impl.MetadataMap;
import org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation;
import org.apache.cxf.rs.security.oauth2.provider.AccessTokenValidator;
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
@@ -40,12 +41,17 @@ public class AccessTokenValidatorClient implements AccessTokenValidator {
public AccessTokenValidation validateAccessToken(MessageContext mc,
String authScheme,
- String authSchemeData)
+ String authSchemeData,
+ MultivaluedMap<String, String> extraProps)
throws OAuthServiceException {
WebClient client = WebClient.fromClient(tokenValidatorClient, true);
- Form form = new Form().param(OAuthConstants.AUTHORIZATION_SCHEME_TYPE, authScheme)
- .param(OAuthConstants.AUTHORIZATION_SCHEME_DATA, authSchemeData);
- return client.post(form, AccessTokenValidation.class);
+ MultivaluedMap<String, String> props = new MetadataMap<String, String>();
+ props.putSingle(OAuthConstants.AUTHORIZATION_SCHEME_TYPE, authScheme);
+ props.putSingle(OAuthConstants.AUTHORIZATION_SCHEME_DATA, authSchemeData);
+ if (extraProps != null) {
+ props.putAll(extraProps);
+ }
+ return client.post(props, AccessTokenValidation.class);
}
public void setTokenValidatorClient(WebClient tokenValidatorClient) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/982bff93/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java
index e8c052c..a41292a 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java
@@ -85,7 +85,7 @@ public class OAuthRequestFilter extends AbstractAccessTokenValidator
String authSchemeData = authParts[1];
// Get the access token
- AccessTokenValidation accessTokenV = getAccessTokenValidation(authScheme, authSchemeData);
+ AccessTokenValidation accessTokenV = getAccessTokenValidation(authScheme, authSchemeData, null);
// Find the scopes which match the current request
http://git-wip-us.apache.org/repos/asf/cxf/blob/982bff93/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AccessTokenValidator.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AccessTokenValidator.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AccessTokenValidator.java
index 0826361..96151d8 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AccessTokenValidator.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AccessTokenValidator.java
@@ -21,6 +21,8 @@ package org.apache.cxf.rs.security.oauth2.provider;
import java.util.List;
+import javax.ws.rs.core.MultivaluedMap;
+
import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation;
@@ -28,6 +30,7 @@ public interface AccessTokenValidator {
List<String> getSupportedAuthorizationSchemes();
AccessTokenValidation validateAccessToken(MessageContext mc,
String authScheme,
- String authSchemeData)
+ String authSchemeData,
+ MultivaluedMap<String, String> extraProps)
throws OAuthServiceException;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/982bff93/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java
index 16146f9..4594e35 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java
@@ -25,6 +25,7 @@ import java.util.List;
import java.util.Set;
import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MultivaluedMap;
import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.jaxrs.ext.MessageContextImpl;
@@ -90,7 +91,8 @@ public abstract class AbstractAccessTokenValidator {
/**
* Get the access token
*/
- protected AccessTokenValidation getAccessTokenValidation(String authScheme, String authSchemeData) {
+ protected AccessTokenValidation getAccessTokenValidation(String authScheme, String authSchemeData,
+ MultivaluedMap<String, String> extraProps) {
AccessTokenValidation accessTokenV = null;
if (dataProvider == null && tokenHandlers.isEmpty()) {
throw ExceptionUtils.toInternalServerErrorException(null, null);
@@ -101,7 +103,8 @@ public abstract class AbstractAccessTokenValidator {
if (handler != null) {
try {
// Convert the HTTP Authorization scheme data into a token
- accessTokenV = handler.validateAccessToken(getMessageContext(), authScheme, authSchemeData);
+ accessTokenV = handler.validateAccessToken(getMessageContext(), authScheme, authSchemeData,
+ extraProps);
} catch (OAuthServiceException ex) {
AuthorizationUtils.throwAuthorizationFailure(
Collections.singleton(authScheme), realm);
http://git-wip-us.apache.org/repos/asf/cxf/blob/982bff93/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenValidatorService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenValidatorService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenValidatorService.java
index 6f80679..6cb4a4b 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenValidatorService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenValidatorService.java
@@ -41,6 +41,6 @@ public class AccessTokenValidatorService extends AbstractAccessTokenValidator {
}
String authScheme = params.getFirst(OAuthConstants.AUTHORIZATION_SCHEME_TYPE);
String authSchemeData = params.getFirst(OAuthConstants.AUTHORIZATION_SCHEME_DATA);
- return super.getAccessTokenValidation(authScheme, authSchemeData);
+ return super.getAccessTokenValidation(authScheme, authSchemeData, params);
}
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/982bff93/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/AbstractHawkAccessTokenValidator.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/AbstractHawkAccessTokenValidator.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/AbstractHawkAccessTokenValidator.java
index dbecb50..82f655e 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/AbstractHawkAccessTokenValidator.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/AbstractHawkAccessTokenValidator.java
@@ -24,6 +24,8 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import javax.ws.rs.core.MultivaluedMap;
+
import org.apache.cxf.common.util.Base64Exception;
import org.apache.cxf.common.util.Base64Utility;
import org.apache.cxf.common.util.crypto.HmacUtils;
@@ -42,11 +44,12 @@ public abstract class AbstractHawkAccessTokenValidator implements AccessTokenVal
}
public AccessTokenValidation validateAccessToken(MessageContext mc,
- String authScheme,
- String authSchemeData) throws OAuthServiceException {
+ String authScheme, String authSchemeData, MultivaluedMap<String, String> extraProps)
+ throws OAuthServiceException {
Map<String, String> schemeParams = getSchemeParameters(authSchemeData);
- AccessTokenValidation atv = getAccessTokenValidation(mc, schemeParams, authSchemeData);
+ AccessTokenValidation atv =
+ getAccessTokenValidation(mc, authScheme, authSchemeData, extraProps, schemeParams);
String macKey = atv.getExtraProps().get(OAuthConstants.HAWK_TOKEN_KEY);
String macAlgo = atv.getExtraProps().get(OAuthConstants.HAWK_TOKEN_ALGORITHM);
@@ -74,8 +77,10 @@ public abstract class AbstractHawkAccessTokenValidator implements AccessTokenVal
}
protected abstract AccessTokenValidation getAccessTokenValidation(MessageContext mc,
- Map<String, String> schemeParams,
- String authSchemeData);
+ String authScheme,
+ String authSchemeData,
+ MultivaluedMap<String, String> extraProps,
+ Map<String, String> schemeParams);
private static Map<String, String> getSchemeParameters(String authData) {
String[] attributePairs = authData.split(",");
http://git-wip-us.apache.org/repos/asf/cxf/blob/982bff93/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidator.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidator.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidator.java
index 9955ffe..977c531 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidator.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidator.java
@@ -20,6 +20,8 @@ package org.apache.cxf.rs.security.oauth2.tokens.hawk;
import java.util.Map;
+import javax.ws.rs.core.MultivaluedMap;
+
import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation;
import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
@@ -32,8 +34,10 @@ public class HawkAccessTokenValidator extends AbstractHawkAccessTokenValidator {
private boolean remoteSignatureValidation;
protected AccessTokenValidation getAccessTokenValidation(MessageContext mc,
- Map<String, String> schemeParams,
- String authSchemeData) {
+ String authScheme,
+ String authSchemeData,
+ MultivaluedMap<String, String> extraProps,
+ Map<String, String> schemeParams) {
String macKey = schemeParams.get(OAuthConstants.HAWK_TOKEN_ID);
ServerAccessToken accessToken = dataProvider.getAccessToken(macKey);
if (!(accessToken instanceof HawkAccessToken)) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/982bff93/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidatorClient.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidatorClient.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidatorClient.java
index 8e615fb..4ab3a0f 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidatorClient.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidatorClient.java
@@ -21,6 +21,8 @@ package org.apache.cxf.rs.security.oauth2.tokens.hawk;
import java.util.List;
import java.util.Map;
+import javax.ws.rs.core.MultivaluedMap;
+
import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation;
import org.apache.cxf.rs.security.oauth2.provider.AccessTokenValidator;
@@ -30,10 +32,11 @@ public class HawkAccessTokenValidatorClient extends AbstractHawkAccessTokenValid
private AccessTokenValidator validator;
protected AccessTokenValidation getAccessTokenValidation(MessageContext mc,
- Map<String, String> schemeParams,
- String authSchemeData) {
- return validator.validateAccessToken(mc, OAuthConstants.HAWK_AUTHORIZATION_SCHEME,
- authSchemeData);
+ String authScheme,
+ String authSchemeData,
+ MultivaluedMap<String, String> extraProps,
+ Map<String, String> schemeParams) {
+ return validator.validateAccessToken(mc, authScheme, authSchemeData, extraProps);
}
public void setValidator(AccessTokenValidator validator) {
http://git-wip-us.apache.org/repos/asf/cxf/blob/982bff93/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidatorTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidatorTest.java b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidatorTest.java
index 65de61d..ebb213a 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidatorTest.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidatorTest.java
@@ -63,7 +63,8 @@ public class HawkAccessTokenValidatorTest extends Assert {
AccessTokenValidation tokenValidation = validator
.validateAccessToken(messageContext,
OAuthConstants.HAWK_AUTHORIZATION_SCHEME,
- authData.split(" ")[1]);
+ authData.split(" ")[1],
+ null);
assertNotNull(tokenValidation);
EasyMock.verify(dataProvider, messageContext, httpRequest);
}