You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2012/10/16 18:14:13 UTC
svn commit: r1398869 -
/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java
Author: sergeyb
Date: Tue Oct 16 16:14:13 2012
New Revision: 1398869
URL: http://svn.apache.org/viewvc?rev=1398869&view=rev
Log:
[CXF-4568] Adding OAuthContextUtils, patch from Thorsten Hoeger applied, thanks
Added:
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java (with props)
Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java?rev=1398869&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java Tue Oct 16 16:14:13 2012
@@ -0,0 +1,134 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth2.utils;
+
+import java.util.List;
+
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.Response.Status;
+
+import org.apache.cxf.jaxrs.ext.MessageContext;
+import org.apache.cxf.rs.security.oauth2.common.OAuthContext;
+import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
+
+public final class OAuthContextUtils {
+ private OAuthContextUtils() {
+ }
+
+ /**
+ * @param mc the {@link MessageContext}
+ * @return the name of the UserSubject of the logged in user
+ * @throws WebApplicationException with Status 401 if not authenticated
+ */
+ public static String resolveUserName(final MessageContext mc) {
+ final OAuthContext oauth = getContext(mc);
+ return oauth.getSubject().getLogin();
+ }
+
+ /**
+ * @param mc the {@link MessageContext}
+ * @return the list of roles of the logged in user
+ * @throws WebApplicationException with Status 401 if not authenticated
+ */
+ public static List<String> resolveUserRoles(final MessageContext mc) {
+ final OAuthContext oauth = getContext(mc);
+ return oauth.getSubject().getRoles();
+ }
+
+ /**
+ * @param mc the {@link MessageContext}
+ * @param role the user role to check
+ * @return true if user has given role; false otherwise
+ * @throws WebApplicationException with Status 401 if not authenticated
+ */
+ public static boolean isUserInRole(final MessageContext mc, final String role) {
+ final List<String> userroles = resolveUserRoles(mc);
+ return userroles.contains(role);
+ }
+
+ /**
+ * @param mc the {@link MessageContext}
+ * @param role the role to check
+ * @throws WebApplicationException with Status 401 if not authenticated
+ * @throws WebApplicationException with Status 403 if user doesn't have needed role
+ */
+ public static void assertRole(final MessageContext mc, final String role) {
+ if (!isUserInRole(mc, role)) {
+ throw new WebApplicationException(Status.FORBIDDEN);
+ }
+ }
+
+ /**
+ * @param mc the {@link MessageContext}
+ * @return the list of permissions of the used access token
+ * @throws WebApplicationException with Status 401 if not authenticated
+ */
+ public static List<OAuthPermission> resolvePermissions(final MessageContext mc) {
+ final OAuthContext oauth = getContext(mc);
+ return oauth.getPermissions();
+ }
+
+ /**
+ * @param mc the {@link MessageContext}
+ * @return the token key used to access
+ * @throws WebApplicationException with Status 401 if not authenticated
+ */
+ public static String resolveTokenKey(MessageContext mc) {
+ OAuthContext oauth = getContext(mc);
+ return oauth.getTokenKey();
+ }
+
+ /**
+ * @param mc the {@link MessageContext}
+ * @return the client the user is using to access
+ * @throws WebApplicationException with Status 401 if not authenticated
+ */
+ public static String resolveClient(MessageContext mc) {
+ OAuthContext oauth = getContext(mc);
+ return oauth.getClientId();
+ }
+
+ /**
+ * @param mc the {@link MessageContext}
+ * @param client the desired client
+ * @throws WebApplicationException with Status 401 if not authenticated
+ * @throws WebApplicationException with Status 403 if user doesn't have needed role
+ */
+ public static void assertClient(MessageContext mc, String client) {
+ String cl = resolveClient(mc);
+ if ((cl == null) || !cl.equals(client)) {
+ throw new WebApplicationException(Status.FORBIDDEN);
+ }
+ }
+
+ /**
+ * @param mc the {@link MessageContext}
+ * @return the {@link OAuthContext} of the given {@link MessageContext}
+ * @throws WebApplicationException with Status 401 if not authenticated
+ */
+ public static OAuthContext getContext(final MessageContext mc) {
+ final OAuthContext oauth = mc.getContent(OAuthContext.class);
+ if ((oauth == null) || (oauth.getSubject() == null) || (oauth.getSubject().getLogin() == null)) {
+ throw new WebApplicationException(Status.UNAUTHORIZED);
+ }
+ return oauth;
+ }
+
+}
+
Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java
------------------------------------------------------------------------------
svn:keywords = Rev Date