You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2015/05/12 13:15:17 UTC
cxf git commit: making it easy to use Bearer client tokens as header
parameters
Repository: cxf
Updated Branches:
refs/heads/master 8ee1ce727 -> ad75192db
making it easy to use Bearer client tokens as header parameters
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/ad75192d
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/ad75192d
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/ad75192d
Branch: refs/heads/master
Commit: ad75192db72294e6d117e020aea890a50c166f79
Parents: 8ee1ce7
Author: Sergey Beryozkin <sb...@talend.com>
Authored: Tue May 12 12:14:55 2015 +0100
Committer: Sergey Beryozkin <sb...@talend.com>
Committed: Tue May 12 12:14:55 2015 +0100
----------------------------------------------------------------------
.../oauth2/client/ClientCodeRequestFilter.java | 34 +++++++++++---------
.../oauth2/common/ClientAccessToken.java | 10 ++++++
.../oidc/rp/OidcClientCodeRequestFilter.java | 6 ++--
3 files changed, 33 insertions(+), 17 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/ad75192d/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
index aa58ba2..478566c 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
@@ -59,6 +59,7 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter {
private ClientCodeStateManager clientStateManager;
private ClientTokenContextManager clientTokenContextManager;
private WebClient accessTokenService;
+ private boolean decodeRequestParameters;
@Override
public void filter(ContainerRequestContext rc) throws IOException {
@@ -101,23 +102,21 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter {
protected void processCodeResponse(ContainerRequestContext rc, SecurityContext sc, UriInfo ui) {
MultivaluedMap<String, String> params = toRequestState(rc, ui);
String codeParam = params.getFirst(OAuthConstants.AUTHORIZATION_CODE_VALUE);
+ ClientAccessToken at = null;
if (codeParam != null) {
AccessTokenGrant grant = new AuthorizationCodeGrant(codeParam, getAbsoluteRedirectUri(ui));
- ClientAccessToken at = OAuthClientUtils.getAccessToken(accessTokenService,
- consumer,
- grant);
- ClientTokenContext request = createTokenContext(at);
- MultivaluedMap<String, String> state = null;
- if (clientStateManager != null) {
- state = clientStateManager.fromRedirectState(mc, params);
- }
- ((ClientTokenContextImpl)request).setToken(at);
+ at = OAuthClientUtils.getAccessToken(accessTokenService, consumer, grant);
+ }
+ ClientTokenContext request = createTokenContext(at);
+ ((ClientTokenContextImpl)request).setToken(at);
+ if (clientStateManager != null) {
+ MultivaluedMap<String, String> state = clientStateManager.fromRedirectState(mc, params);
((ClientTokenContextImpl)request).setState(state);
- if (clientTokenContextManager != null) {
- clientTokenContextManager.setClientTokenContext(mc, request);
- }
- setClientCodeRequest(request);
}
+ if (at != null && clientTokenContextManager != null) {
+ clientTokenContextManager.setClientTokenContext(mc, request);
+ }
+ setClientCodeRequest(request);
}
protected ClientTokenContext createTokenContext(ClientAccessToken at) {
@@ -138,10 +137,11 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter {
private MultivaluedMap<String, String> toRequestState(ContainerRequestContext rc, UriInfo ui) {
MultivaluedMap<String, String> requestState = new MetadataMap<String, String>();
- requestState.putAll(ui.getQueryParameters(false));
+ requestState.putAll(ui.getQueryParameters(decodeRequestParameters));
if (MediaType.APPLICATION_FORM_URLENCODED_TYPE.isCompatible(rc.getMediaType())) {
String body = FormUtils.readBody(rc.getEntityStream(), "UTF-8");
- FormUtils.populateMapFromString(requestState, JAXRSUtils.getCurrentMessage(), body, "UTF-8", false);
+ FormUtils.populateMapFromString(requestState, JAXRSUtils.getCurrentMessage(), body,
+ "UTF-8", decodeRequestParameters);
}
return requestState;
}
@@ -190,4 +190,8 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter {
return consumer;
}
+ public void setDecodeRequestParameters(boolean decodeRequestParameters) {
+ this.decodeRequestParameters = decodeRequestParameters;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/ad75192d/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ClientAccessToken.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ClientAccessToken.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ClientAccessToken.java
index e59075d..2b6b642 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ClientAccessToken.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ClientAccessToken.java
@@ -18,6 +18,8 @@
*/
package org.apache.cxf.rs.security.oauth2.common;
+import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
+
/**
@@ -57,4 +59,12 @@ public class ClientAccessToken extends AccessToken {
return scope;
}
+ @Override
+ public String toString() {
+ if (OAuthConstants.BEARER_AUTHORIZATION_SCHEME.equalsIgnoreCase(super.getTokenType())) {
+ return OAuthConstants.BEARER_AUTHORIZATION_SCHEME + " " + super.getTokenKey();
+ } else {
+ return super.toString();
+ }
+ }
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/ad75192d/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
index f40f921..aba4d3c 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
@@ -28,8 +28,10 @@ public class OidcClientCodeRequestFilter extends ClientCodeRequestFilter {
@Override
protected ClientTokenContext createTokenContext(ClientAccessToken at) {
OidcClientTokenContextImpl ctx = new OidcClientTokenContextImpl();
- ctx.setIdToken(userInfoClient.getIdToken(at, getConsumer().getKey()));
- ctx.setUserInfo(userInfoClient.getUserInfo(at, ctx.getIdToken()));
+ if (at != null) {
+ ctx.setIdToken(userInfoClient.getIdToken(at, getConsumer().getKey()));
+ ctx.setUserInfo(userInfoClient.getUserInfo(at, ctx.getIdToken()));
+ }
return ctx;
}
public void setUserInfoClient(UserInfoClient userInfoClient) {