You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2012/07/13 14:15:50 UTC

svn commit: r1361176 - in /cxf/branches/2.6.x-fixes: ./ rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ rt/rs/...

Author: sergeyb
Date: Fri Jul 13 12:15:50 2012
New Revision: 1361176

URL: http://svn.apache.org/viewvc?rev=1361176&view=rev
Log:
Merged revisions 1361175 via svnmerge from 
https://svn.apache.org/repos/asf/cxf/trunk

........
  r1361175 | sergeyb | 2012-07-13 13:10:14 +0100 (Fri, 13 Jul 2012) | 1 line
  
  [CXF-4419] Prototyping a resource owner grant handler
........

Added:
    cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/
      - copied from r1361175, cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/
    cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/JAASResourceOwnerLoginHandler.java
      - copied unchanged from r1361175, cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/JAASResourceOwnerLoginHandler.java
    cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
      - copied unchanged from r1361175, cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
    cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerLoginHandler.java
      - copied unchanged from r1361175, cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerLoginHandler.java
Modified:
    cxf/branches/2.6.x-fixes/   (props changed)
    cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
    cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
    cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java

Propchange: cxf/branches/2.6.x-fixes/
------------------------------------------------------------------------------
  Merged /cxf/trunk:r1361175

Propchange: cxf/branches/2.6.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.

Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java?rev=1361176&r1=1361175&r2=1361176&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java (original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java Fri Jul 13 12:15:50 2012
@@ -19,12 +19,9 @@
 
 package org.apache.cxf.rs.security.oauth2.services;
 
-import java.security.Principal;
-import java.util.ArrayList;
 import java.util.Collections;
 import java.util.LinkedList;
 import java.util.List;
-import java.util.Set;
 import java.util.UUID;
 
 import javax.servlet.http.HttpSession;
@@ -46,7 +43,6 @@ import org.apache.cxf.rs.security.oauth2
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
-import org.apache.cxf.security.LoginSecurityContext;
 import org.apache.cxf.security.SecurityContext;
 
 
@@ -239,16 +235,7 @@ public abstract class RedirectionBasedGr
     }
     
     private UserSubject createUserSubject(SecurityContext securityContext) {
-        List<String> roleNames = Collections.emptyList();
-        if (securityContext instanceof LoginSecurityContext) {
-            roleNames = new ArrayList<String>();
-            Set<Principal> roles = ((LoginSecurityContext)securityContext).getUserRoles();
-            for (Principal p : roles) {
-                roleNames.add(p.getName());
-            }
-        }
-        return 
-            new UserSubject(securityContext.getUserPrincipal().getName(), roleNames);
+        return OAuthUtils.createSubject(securityContext);
     }
     
     protected abstract Response createErrorResponse(MultivaluedMap<String, String> params,

Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java?rev=1361176&r1=1361175&r2=1361176&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java (original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java Fri Jul 13 12:15:50 2012
@@ -41,8 +41,8 @@ public final class OAuthConstants {
     public static final String AUTHORIZATION_CODE_GRANT = "authorization_code";
     public static final String CLIENT_CREDENTIALS_GRANT = "client_credentials";
     public static final String IMPLICIT_GRANT = "implicit";
+    public static final String RESOURCE_OWNER_GRANT = "password";
     public static final String REFRESH_TOKEN_GRANT = "refresh_token";
-    // etc
     
     // Well-known token types
     public static final String BEARER_TOKEN_TYPE = "bearer";
@@ -64,6 +64,10 @@ public final class OAuthConstants {
     public static final String AUTHORIZATION_DECISION_ALLOW = "allow";
     public static final String AUTHORIZATION_DECISION_DENY = "deny";
     
+    // Resource Owner grant constants
+    public static final String RESOURCE_OWNER_NAME = "username";
+    public static final String RESOURCE_OWNER_PASSWORD = "password";
+    
     // Error constants
     public static final String ERROR_KEY = "error";
     public static final String ERROR_DESCRIPTION_KEY = "error_description";

Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java?rev=1361176&r1=1361175&r2=1361176&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java (original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java Fri Jul 13 12:15:50 2012
@@ -18,8 +18,12 @@
  */
 package org.apache.cxf.rs.security.oauth2.utils;
 
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.Collections;
 import java.util.LinkedList;
 import java.util.List;
+import java.util.Set;
 import java.util.UUID;
 
 import javax.ws.rs.core.MultivaluedMap;
@@ -29,7 +33,10 @@ import org.apache.cxf.jaxrs.impl.Metadat
 import org.apache.cxf.jaxrs.model.URITemplate;
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
+import org.apache.cxf.rs.security.oauth2.common.UserSubject;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
+import org.apache.cxf.security.LoginSecurityContext;
+import org.apache.cxf.security.SecurityContext;
 
 /**
  * Various utility methods 
@@ -39,6 +46,19 @@ public final class OAuthUtils {
     private OAuthUtils() {
     }
 
+    public static UserSubject createSubject(SecurityContext securityContext) {
+        List<String> roleNames = Collections.emptyList();
+        if (securityContext instanceof LoginSecurityContext) {
+            roleNames = new ArrayList<String>();
+            Set<Principal> roles = ((LoginSecurityContext)securityContext).getUserRoles();
+            for (Principal p : roles) {
+                roleNames.add(p.getName());
+            }
+        }
+        return 
+            new UserSubject(securityContext.getUserPrincipal().getName(), roleNames);
+    }
+    
     public static String convertPermissionsToScope(List<OAuthPermission> perms) {
         StringBuilder sb = new StringBuilder();
         for (OAuthPermission perm : perms) {