You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2012/07/13 14:15:50 UTC
svn commit: r1361176 - in /cxf/branches/2.6.x-fixes: ./
rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/
rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/
rt/rs/...
Author: sergeyb
Date: Fri Jul 13 12:15:50 2012
New Revision: 1361176
URL: http://svn.apache.org/viewvc?rev=1361176&view=rev
Log:
Merged revisions 1361175 via svnmerge from
https://svn.apache.org/repos/asf/cxf/trunk
........
r1361175 | sergeyb | 2012-07-13 13:10:14 +0100 (Fri, 13 Jul 2012) | 1 line
[CXF-4419] Prototyping a resource owner grant handler
........
Added:
cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/
- copied from r1361175, cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/
cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/JAASResourceOwnerLoginHandler.java
- copied unchanged from r1361175, cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/JAASResourceOwnerLoginHandler.java
cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
- copied unchanged from r1361175, cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerLoginHandler.java
- copied unchanged from r1361175, cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerLoginHandler.java
Modified:
cxf/branches/2.6.x-fixes/ (props changed)
cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
Propchange: cxf/branches/2.6.x-fixes/
------------------------------------------------------------------------------
Merged /cxf/trunk:r1361175
Propchange: cxf/branches/2.6.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.
Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java?rev=1361176&r1=1361175&r2=1361176&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java (original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java Fri Jul 13 12:15:50 2012
@@ -19,12 +19,9 @@
package org.apache.cxf.rs.security.oauth2.services;
-import java.security.Principal;
-import java.util.ArrayList;
import java.util.Collections;
import java.util.LinkedList;
import java.util.List;
-import java.util.Set;
import java.util.UUID;
import javax.servlet.http.HttpSession;
@@ -46,7 +43,6 @@ import org.apache.cxf.rs.security.oauth2
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
-import org.apache.cxf.security.LoginSecurityContext;
import org.apache.cxf.security.SecurityContext;
@@ -239,16 +235,7 @@ public abstract class RedirectionBasedGr
}
private UserSubject createUserSubject(SecurityContext securityContext) {
- List<String> roleNames = Collections.emptyList();
- if (securityContext instanceof LoginSecurityContext) {
- roleNames = new ArrayList<String>();
- Set<Principal> roles = ((LoginSecurityContext)securityContext).getUserRoles();
- for (Principal p : roles) {
- roleNames.add(p.getName());
- }
- }
- return
- new UserSubject(securityContext.getUserPrincipal().getName(), roleNames);
+ return OAuthUtils.createSubject(securityContext);
}
protected abstract Response createErrorResponse(MultivaluedMap<String, String> params,
Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java?rev=1361176&r1=1361175&r2=1361176&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java (original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java Fri Jul 13 12:15:50 2012
@@ -41,8 +41,8 @@ public final class OAuthConstants {
public static final String AUTHORIZATION_CODE_GRANT = "authorization_code";
public static final String CLIENT_CREDENTIALS_GRANT = "client_credentials";
public static final String IMPLICIT_GRANT = "implicit";
+ public static final String RESOURCE_OWNER_GRANT = "password";
public static final String REFRESH_TOKEN_GRANT = "refresh_token";
- // etc
// Well-known token types
public static final String BEARER_TOKEN_TYPE = "bearer";
@@ -64,6 +64,10 @@ public final class OAuthConstants {
public static final String AUTHORIZATION_DECISION_ALLOW = "allow";
public static final String AUTHORIZATION_DECISION_DENY = "deny";
+ // Resource Owner grant constants
+ public static final String RESOURCE_OWNER_NAME = "username";
+ public static final String RESOURCE_OWNER_PASSWORD = "password";
+
// Error constants
public static final String ERROR_KEY = "error";
public static final String ERROR_DESCRIPTION_KEY = "error_description";
Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java?rev=1361176&r1=1361175&r2=1361176&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java (original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java Fri Jul 13 12:15:50 2012
@@ -18,8 +18,12 @@
*/
package org.apache.cxf.rs.security.oauth2.utils;
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.Collections;
import java.util.LinkedList;
import java.util.List;
+import java.util.Set;
import java.util.UUID;
import javax.ws.rs.core.MultivaluedMap;
@@ -29,7 +33,10 @@ import org.apache.cxf.jaxrs.impl.Metadat
import org.apache.cxf.jaxrs.model.URITemplate;
import org.apache.cxf.rs.security.oauth2.common.Client;
import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
+import org.apache.cxf.rs.security.oauth2.common.UserSubject;
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
+import org.apache.cxf.security.LoginSecurityContext;
+import org.apache.cxf.security.SecurityContext;
/**
* Various utility methods
@@ -39,6 +46,19 @@ public final class OAuthUtils {
private OAuthUtils() {
}
+ public static UserSubject createSubject(SecurityContext securityContext) {
+ List<String> roleNames = Collections.emptyList();
+ if (securityContext instanceof LoginSecurityContext) {
+ roleNames = new ArrayList<String>();
+ Set<Principal> roles = ((LoginSecurityContext)securityContext).getUserRoles();
+ for (Principal p : roles) {
+ roleNames.add(p.getName());
+ }
+ }
+ return
+ new UserSubject(securityContext.getUserPrincipal().getName(), roleNames);
+ }
+
public static String convertPermissionsToScope(List<OAuthPermission> perms) {
StringBuilder sb = new StringBuilder();
for (OAuthPermission perm : perms) {