You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by rg...@apache.org on 2016/02/10 02:26:17 UTC
svn commit: r1729515 - in
/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server: model/
security/auth/manager/oauth2/ security/auth/manager/oauth2/cloudfoundry/
security/auth/manager/oauth2/facebook/ security/auth/manager/oauth2/github/
sec...
Author: rgodfrey
Date: Wed Feb 10 01:26:17 2016
New Revision: 1729515
URL: http://svn.apache.org/viewvc?rev=1729515&view=rev
Log:
QPID-7028 : OAuth2 improvements - default URIs and scope from plugin resolver, add Microsoft Live plugin
Added:
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/microsoftlive/
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/microsoftlive/MicrosoftLiveOAuth2IdentityResolverService.java
- copied, changed from r1729493, qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/google/GoogleOAuth2IdentityResolverService.java
Modified:
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/AbstractConfiguredObject.java
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2AuthenticationProvider.java
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2AuthenticationProviderImpl.java
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2IdentityResolverService.java
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/cloudfoundry/CloudFoundryOAuth2IdentityResolverService.java
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/facebook/FacebookIdentityResolverService.java
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/github/GitHubOAuth2IdentityResolverService.java
qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/google/GoogleOAuth2IdentityResolverService.java
Modified: qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/AbstractConfiguredObject.java
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/AbstractConfiguredObject.java?rev=1729515&r1=1729514&r2=1729515&view=diff
==============================================================================
--- qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/AbstractConfiguredObject.java (original)
+++ qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/model/AbstractConfiguredObject.java Wed Feb 10 01:26:17 2016
@@ -1084,6 +1084,13 @@ public abstract class AbstractConfigured
+ autoAttr.validValues());
}
}
+ if(autoAttr.isMandatory() && autoAttr.getValue(this) == null)
+ {
+ throw new IllegalConfigurationException("Attribute '" + autoAttr.getName()
+ + "' instance of "+ getClass().getName()
+ + " named '" + getName() + "'"
+ + " cannot be null, as it is mandatory");
+ }
}
}
@@ -2550,6 +2557,13 @@ public abstract class AbstractConfigured
}
}
+ if(autoAttr.isMandatory() && autoAttr.getValue(proxyForValidation) == null)
+ {
+ throw new IllegalConfigurationException("Attribute '" + autoAttr.getName()
+ + "' instance of "+ getClass().getName()
+ + " named '" + getName() + "'"
+ + " cannot be null, as it is mandatory");
+ }
}
Modified: qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2AuthenticationProvider.java
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2AuthenticationProvider.java?rev=1729515&r1=1729514&r2=1729515&view=diff
==============================================================================
--- qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2AuthenticationProvider.java (original)
+++ qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2AuthenticationProvider.java Wed Feb 10 01:26:17 2016
@@ -23,6 +23,7 @@ import java.net.URI;
import java.util.List;
import org.apache.qpid.server.model.AuthenticationProvider;
+import org.apache.qpid.server.model.DerivedAttribute;
import org.apache.qpid.server.model.ManagedAttribute;
import org.apache.qpid.server.model.ManagedContextDefault;
import org.apache.qpid.server.model.ManagedObject;
@@ -40,16 +41,16 @@ public interface OAuth2AuthenticationPro
@ManagedContextDefault(name = AUTHENTICATION_OAUTH2_READ_TIMEOUT)
int DEFAULT_AUTHENTICATION_OAUTH2_READ_TIMEOUT = 60000;
- @ManagedAttribute( description = "Redirect URI to obtain authorization code grant", mandatory = true )
+ @ManagedAttribute( description = "Redirect URI to obtain authorization code grant", mandatory = true, defaultValue = "${this:defaultAuthorizationEndpointURI}")
URI getAuthorizationEndpointURI();
- @ManagedAttribute( description = "Token endpoint URI", mandatory = true )
+ @ManagedAttribute( description = "Token endpoint URI", mandatory = true, defaultValue = "${this:defaultTokenEndpointURI}" )
URI getTokenEndpointURI();
@ManagedAttribute( description = "Whether to use basic authentication when accessing the token endpoint", defaultValue = "false" )
boolean getTokenEndpointNeedsAuth();
- @ManagedAttribute( description = "Identity resolver endpoint URI", mandatory = true )
+ @ManagedAttribute( description = "Identity resolver endpoint URI", mandatory = true, defaultValue = "${this:defaultIdentityResolverEndpointURI}" )
URI getIdentityResolverEndpointURI();
@ManagedAttribute( description = "The type of the IdentityResolver", mandatory = true,
@@ -62,7 +63,7 @@ public interface OAuth2AuthenticationPro
@ManagedAttribute( description = "Client secret to identify qpid to the OAuth endpoints", mandatory = true, secure = true )
String getClientSecret();
- @ManagedAttribute( description = "The OAuth access token scope passed to the authorization endpoint" )
+ @ManagedAttribute( description = "The OAuth access token scope passed to the authorization endpoint", defaultValue = "${this:defaultScope}")
String getScope();
@ManagedAttribute( description = "TrustStore to use when contacting OAuth endpoints" )
@@ -74,4 +75,16 @@ public interface OAuth2AuthenticationPro
AuthenticationResult authenticateViaAuthorizationCode(String authorizationCode, final String redirectUri);
AuthenticationResult authenticateViaAccessToken(String accessToken);
+
+ @DerivedAttribute( description = "Default redirect URI to obtain authorization code grant")
+ URI getDefaultAuthorizationEndpointURI();
+
+ @DerivedAttribute( description = "Default token endpoint URI")
+ URI getDefaultTokenEndpointURI();
+
+ @DerivedAttribute( description = "Default identity resolver endpoint URI")
+ URI getDefaultIdentityResolverEndpointURI();
+
+ @DerivedAttribute( description = "Default OAuth access token scope passed to the authorization endpoint")
+ String getDefaultScope();
}
Modified: qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2AuthenticationProviderImpl.java
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2AuthenticationProviderImpl.java?rev=1729515&r1=1729514&r2=1729515&view=diff
==============================================================================
--- qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2AuthenticationProviderImpl.java (original)
+++ qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2AuthenticationProviderImpl.java Wed Feb 10 01:26:17 2016
@@ -350,6 +350,37 @@ public class OAuth2AuthenticationProvide
return _scope;
}
+ @Override
+ public URI getDefaultAuthorizationEndpointURI()
+ {
+ final OAuth2IdentityResolverService identityResolverService =
+ new QpidServiceLoader().getInstancesByType(OAuth2IdentityResolverService.class).get(getIdentityResolverType());
+ return identityResolverService == null ? null : identityResolverService.getDefaultAuthorizationEndpointURI(this);
+ }
+
+ @Override
+ public URI getDefaultTokenEndpointURI()
+ {
+ final OAuth2IdentityResolverService identityResolverService =
+ new QpidServiceLoader().getInstancesByType(OAuth2IdentityResolverService.class).get(getIdentityResolverType());
+ return identityResolverService == null ? null : identityResolverService.getDefaultTokenEndpointURI(this);
+ }
+
+ @Override
+ public URI getDefaultIdentityResolverEndpointURI()
+ {
+ final OAuth2IdentityResolverService identityResolverService =
+ new QpidServiceLoader().getInstancesByType(OAuth2IdentityResolverService.class).get(getIdentityResolverType());
+ return identityResolverService == null ? null : identityResolverService.getDefaultIdentityResolverEndpointURI(this);
+ }
+
+ @Override
+ public String getDefaultScope()
+ {
+ final OAuth2IdentityResolverService identityResolverService =
+ new QpidServiceLoader().getInstancesByType(OAuth2IdentityResolverService.class).get(getIdentityResolverType());
+ return identityResolverService == null ? null : identityResolverService.getDefaultScope(this); }
+
@SuppressWarnings("unused")
public static Collection<String> validIdentityResolvers()
{
Modified: qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2IdentityResolverService.java
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2IdentityResolverService.java?rev=1729515&r1=1729514&r2=1729515&view=diff
==============================================================================
--- qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2IdentityResolverService.java (original)
+++ qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2IdentityResolverService.java Wed Feb 10 01:26:17 2016
@@ -22,6 +22,7 @@
package org.apache.qpid.server.security.auth.manager.oauth2;
import java.io.IOException;
+import java.net.URI;
import java.security.Principal;
import org.apache.qpid.server.configuration.IllegalConfigurationException;
@@ -33,4 +34,12 @@ public interface OAuth2IdentityResolverS
Principal getUserPrincipal(final OAuth2AuthenticationProvider<?> authProvider,
String accessToken) throws IOException, IdentityResolverException;
+
+ URI getDefaultAuthorizationEndpointURI(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider);
+
+ URI getDefaultTokenEndpointURI(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider);
+
+ URI getDefaultIdentityResolverEndpointURI(OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider);
+
+ String getDefaultScope(OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider);
}
Modified: qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/cloudfoundry/CloudFoundryOAuth2IdentityResolverService.java
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/cloudfoundry/CloudFoundryOAuth2IdentityResolverService.java?rev=1729515&r1=1729514&r2=1729515&view=diff
==============================================================================
--- qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/cloudfoundry/CloudFoundryOAuth2IdentityResolverService.java (original)
+++ qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/cloudfoundry/CloudFoundryOAuth2IdentityResolverService.java Wed Feb 10 01:26:17 2016
@@ -141,4 +141,28 @@ public class CloudFoundryOAuth2IdentityR
}
}
}
+
+ @Override
+ public URI getDefaultAuthorizationEndpointURI(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider)
+ {
+ return null;
+ }
+
+ @Override
+ public URI getDefaultTokenEndpointURI(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider)
+ {
+ return null;
+ }
+
+ @Override
+ public URI getDefaultIdentityResolverEndpointURI(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider)
+ {
+ return null;
+ }
+
+ @Override
+ public String getDefaultScope(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider)
+ {
+ return "";
+ }
}
Modified: qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/facebook/FacebookIdentityResolverService.java
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/facebook/FacebookIdentityResolverService.java?rev=1729515&r1=1729514&r2=1729515&view=diff
==============================================================================
--- qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/facebook/FacebookIdentityResolverService.java (original)
+++ qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/facebook/FacebookIdentityResolverService.java Wed Feb 10 01:26:17 2016
@@ -132,4 +132,49 @@ public class FacebookIdentityResolverSer
return new UsernamePrincipal(facebookId);
}
}
+
+ @Override
+ public URI getDefaultAuthorizationEndpointURI(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider)
+ {
+ try
+ {
+ return new URI("https://www.facebook.com/dialog/oauth");
+ }
+ catch (URISyntaxException e)
+ {
+ return null;
+ }
+ }
+
+ @Override
+ public URI getDefaultTokenEndpointURI(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider)
+ {
+ try
+ {
+ return new URI("https://graph.facebook.com/v2.5/oauth/access_token");
+ }
+ catch (URISyntaxException e)
+ {
+ return null;
+ }
+ }
+
+ @Override
+ public URI getDefaultIdentityResolverEndpointURI(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider)
+ {
+ try
+ {
+ return new URI("https://graph.facebook.com/v2.5/me");
+ }
+ catch (URISyntaxException e)
+ {
+ return null;
+ }
+ }
+
+ @Override
+ public String getDefaultScope(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider)
+ {
+ return "";
+ }
}
Modified: qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/github/GitHubOAuth2IdentityResolverService.java
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/github/GitHubOAuth2IdentityResolverService.java?rev=1729515&r1=1729514&r2=1729515&view=diff
==============================================================================
--- qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/github/GitHubOAuth2IdentityResolverService.java (original)
+++ qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/github/GitHubOAuth2IdentityResolverService.java Wed Feb 10 01:26:17 2016
@@ -24,6 +24,7 @@ package org.apache.qpid.server.security.
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
+import java.net.URISyntaxException;
import java.nio.charset.StandardCharsets;
import java.security.Principal;
import java.util.Map;
@@ -137,4 +138,50 @@ public class GitHubOAuth2IdentityResolve
return new UsernamePrincipal(githubId);
}
}
+
+
+ @Override
+ public URI getDefaultAuthorizationEndpointURI(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider)
+ {
+ try
+ {
+ return new URI("https://github.com/login/oauth/authorize");
+ }
+ catch (URISyntaxException e)
+ {
+ return null;
+ }
+ }
+
+ @Override
+ public URI getDefaultTokenEndpointURI(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider)
+ {
+ try
+ {
+ return new URI("https://github.com/login/oauth/access_token");
+ }
+ catch (URISyntaxException e)
+ {
+ return null;
+ }
+ }
+
+ @Override
+ public URI getDefaultIdentityResolverEndpointURI(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider)
+ {
+ try
+ {
+ return new URI("https://api.github.com/user");
+ }
+ catch (URISyntaxException e)
+ {
+ return null;
+ }
+ }
+
+ @Override
+ public String getDefaultScope(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider)
+ {
+ return "user";
+ }
}
Modified: qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/google/GoogleOAuth2IdentityResolverService.java
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/google/GoogleOAuth2IdentityResolverService.java?rev=1729515&r1=1729514&r2=1729515&view=diff
==============================================================================
--- qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/google/GoogleOAuth2IdentityResolverService.java (original)
+++ qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/google/GoogleOAuth2IdentityResolverService.java Wed Feb 10 01:26:17 2016
@@ -24,6 +24,7 @@ package org.apache.qpid.server.security.
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
+import java.net.URISyntaxException;
import java.nio.charset.StandardCharsets;
import java.security.Principal;
import java.util.Map;
@@ -141,4 +142,49 @@ public class GoogleOAuth2IdentityResolve
return new UsernamePrincipal(googleId);
}
}
+
+ @Override
+ public URI getDefaultAuthorizationEndpointURI(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider)
+ {
+ try
+ {
+ return new URI("https://accounts.google.com/o/oauth2/v2/auth");
+ }
+ catch (URISyntaxException e)
+ {
+ return null;
+ }
+ }
+
+ @Override
+ public URI getDefaultTokenEndpointURI(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider)
+ {
+ try
+ {
+ return new URI("https://www.googleapis.com/oauth2/v4/token");
+ }
+ catch (URISyntaxException e)
+ {
+ return null;
+ }
+ }
+
+ @Override
+ public URI getDefaultIdentityResolverEndpointURI(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider)
+ {
+ try
+ {
+ return new URI("https://www.googleapis.com/oauth2/v3/userinfo");
+ }
+ catch (URISyntaxException e)
+ {
+ return null;
+ }
+ }
+
+ @Override
+ public String getDefaultScope(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider)
+ {
+ return "profile";
+ }
}
Copied: qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/microsoftlive/MicrosoftLiveOAuth2IdentityResolverService.java (from r1729493, qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/google/GoogleOAuth2IdentityResolverService.java)
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/microsoftlive/MicrosoftLiveOAuth2IdentityResolverService.java?p2=qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/microsoftlive/MicrosoftLiveOAuth2IdentityResolverService.java&p1=qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/google/GoogleOAuth2IdentityResolverService.java&r1=1729493&r2=1729515&rev=1729515&view=diff
==============================================================================
--- qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/google/GoogleOAuth2IdentityResolverService.java (original)
+++ qpid/java/trunk/broker-core/src/main/java/org/apache/qpid/server/security/auth/manager/oauth2/microsoftlive/MicrosoftLiveOAuth2IdentityResolverService.java Wed Feb 10 01:26:17 2016
@@ -19,11 +19,12 @@
*
*/
-package org.apache.qpid.server.security.auth.manager.oauth2.google;
+package org.apache.qpid.server.security.auth.manager.oauth2.microsoftlive;
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
+import java.net.URISyntaxException;
import java.nio.charset.StandardCharsets;
import java.security.Principal;
import java.util.Map;
@@ -46,22 +47,16 @@ import org.apache.qpid.server.security.a
import org.apache.qpid.server.security.auth.manager.oauth2.OAuth2Utils;
/**
- * An identity resolver that calls Google's userinfo endpoint https://www.googleapis.com/oauth2/v3/userinfo.
+ * An identity resolver that calls Microsoft Live's REST API.
*
- * It requires that the authentication request includes the scope 'profile' in order that 'sub'
- * (the user identifier) appears in userinfo's response.
- *
- * For endpoint is documented:
- *
- * https://developers.google.com/identity/protocols/OpenIDConnect
*/
@PluggableService
-public class GoogleOAuth2IdentityResolverService implements OAuth2IdentityResolverService
+public class MicrosoftLiveOAuth2IdentityResolverService implements OAuth2IdentityResolverService
{
- private static final Logger LOGGER = LoggerFactory.getLogger(GoogleOAuth2IdentityResolverService.class);
+ private static final Logger LOGGER = LoggerFactory.getLogger(MicrosoftLiveOAuth2IdentityResolverService.class);
private static final String UTF8 = StandardCharsets.UTF_8.name();
- public static final String TYPE = "GoogleUserInfo";
+ public static final String TYPE = "MicrosoftLive";
private final ObjectMapper _objectMapper = new ObjectMapper();
@@ -74,11 +69,6 @@ public class GoogleOAuth2IdentityResolve
@Override
public void validate(final OAuth2AuthenticationProvider<?> authProvider) throws IllegalConfigurationException
{
- if (!Sets.newHashSet(authProvider.getScope().split("\\s")).contains("profile"))
- {
- throw new IllegalConfigurationException("This identity resolver requires that scope 'profile' is included in"
- + " the authentication request.");
- }
}
@Override
@@ -102,7 +92,6 @@ public class GoogleOAuth2IdentityResolve
}
connection.setRequestProperty("Accept-Charset", UTF8);
- connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded;charset=" + UTF8);
connection.setRequestProperty("Accept", "application/json");
connection.setRequestProperty("Authorization", "Bearer " + accessToken);
@@ -131,14 +120,59 @@ public class GoogleOAuth2IdentityResolve
userInfoEndpoint, responseCode));
}
- final String googleId = responseMap.get("sub");
- if (googleId == null)
+ final String liveId = responseMap.get("id");
+ if (liveId == null)
{
throw new IdentityResolverException(String.format(
- "Identity resolver '%s' failed, response did not include 'sub'",
+ "Identity resolver '%s' failed, response did not include 'id'",
userInfoEndpoint));
}
- return new UsernamePrincipal(googleId);
+ return new UsernamePrincipal(liveId);
+ }
+ }
+
+ @Override
+ public URI getDefaultAuthorizationEndpointURI(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider)
+ {
+ try
+ {
+ return new URI("https://login.live.com/oauth20_authorize.srf");
+ }
+ catch (URISyntaxException e)
+ {
+ return null;
+ }
+ }
+
+ @Override
+ public URI getDefaultTokenEndpointURI(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider)
+ {
+ try
+ {
+ return new URI("https://login.live.com/oauth20_token.srf");
+ }
+ catch (URISyntaxException e)
+ {
+ return null;
+ }
+ }
+
+ @Override
+ public URI getDefaultIdentityResolverEndpointURI(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider)
+ {
+ try
+ {
+ return new URI("https://apis.live.net/v5.0/me");
+ }
+ catch (URISyntaxException e)
+ {
+ return null;
}
}
+
+ @Override
+ public String getDefaultScope(final OAuth2AuthenticationProvider<?> oAuth2AuthenticationProvider)
+ {
+ return "wl.basic";
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org