You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2013/06/21 21:26:11 UTC
svn commit: r1495553 - in
/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2:
client/OAuthClientUtils.java services/AbstractAccessTokenValidator.java
utils/AuthorizationUtils.java
Author: sergeyb
Date: Fri Jun 21 19:26:11 2013
New Revision: 1495553
URL: http://svn.apache.org/r1495553
Log:
Support for a realm parameter in OAuth2 filter
Modified:
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java?rev=1495553&r1=1495552&r2=1495553&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java Fri Jun 21 19:26:11 2013
@@ -226,7 +226,9 @@ public final class OAuthClientUtils {
accessTokenService.header("Authorization", sb.toString());
} else {
form.param(OAuthConstants.CLIENT_ID, consumer.getKey());
- form.param(OAuthConstants.CLIENT_SECRET, consumer.getSecret());
+ if (consumer.getSecret() != null) {
+ form.param(OAuthConstants.CLIENT_SECRET, consumer.getSecret());
+ }
}
} else {
// in this case the AccessToken service is expected to find a mapping between
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java?rev=1495553&r1=1495552&r2=1495553&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java Fri Jun 21 19:26:11 2013
@@ -46,6 +46,7 @@ public abstract class AbstractAccessToke
private List<AccessTokenValidator> tokenHandlers = Collections.emptyList();
private Set<String> supportedSchemes = new HashSet<String>();
private OAuthDataProvider dataProvider;
+ private String realm;
public void setTokenValidator(AccessTokenValidator validator) {
setTokenValidators(Collections.singletonList(validator));
@@ -106,7 +107,7 @@ public abstract class AbstractAccessToke
accessTokenV = handler.validateAccessToken(mc, authScheme, authSchemeData);
} catch (OAuthServiceException ex) {
AuthorizationUtils.throwAuthorizationFailure(
- Collections.singleton(authScheme));
+ Collections.singleton(authScheme), realm);
}
}
// Default processing if no registered providers available
@@ -119,22 +120,26 @@ public abstract class AbstractAccessToke
}
if (localAccessToken == null) {
AuthorizationUtils.throwAuthorizationFailure(
- Collections.singleton(authScheme));
+ Collections.singleton(authScheme), realm);
}
accessTokenV = new AccessTokenValidation(localAccessToken);
}
if (accessTokenV == null) {
- AuthorizationUtils.throwAuthorizationFailure(supportedSchemes);
+ AuthorizationUtils.throwAuthorizationFailure(supportedSchemes, realm);
}
// Check if token is still valid
if (OAuthUtils.isExpired(accessTokenV.getTokenIssuedAt(), accessTokenV.getTokenLifetime())) {
if (localAccessToken != null) {
dataProvider.removeAccessToken(localAccessToken);
}
- AuthorizationUtils.throwAuthorizationFailure(supportedSchemes);
+ AuthorizationUtils.throwAuthorizationFailure(supportedSchemes, realm);
}
return accessTokenV;
}
+
+ public void setRealm(String realm) {
+ this.realm = realm;
+ }
}
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java?rev=1495553&r1=1495552&r2=1495553&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java Fri Jun 21 19:26:11 2013
@@ -70,6 +70,10 @@ public final class AuthorizationUtils {
}
public static void throwAuthorizationFailure(Set<String> challenges) {
+ throwAuthorizationFailure(challenges, null);
+ }
+
+ public static void throwAuthorizationFailure(Set<String> challenges, String realm) {
ResponseBuilder rb = Response.status(401);
StringBuilder sb = new StringBuilder();
@@ -83,6 +87,9 @@ public final class AuthorizationUtils {
sb.append(challenge);
}
if (sb.length() > 0) {
+ if (realm != null) {
+ sb.append(" realm=\"" + realm + "\"");
+ }
rb.header(HttpHeaders.WWW_AUTHENTICATE, sb.toString());
}
Response r = rb.build();