You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2013/12/20 14:26:12 UTC
svn commit: r1552655 - in /cxf/trunk/rt/rs/security/oauth-parent:
oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/
oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/
oauth2/src/main/java/org/apache/cxf/rs/security/oa...
Author: sergeyb
Date: Fri Dec 20 13:26:12 2013
New Revision: 1552655
URL: http://svn.apache.org/r1552655
Log:
Updating OAuth2 Code Grant handler to support the last code verifier dratt
Modified:
cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrant.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/SamlBearerClientCredentialsGrant.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrant.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/mac/MacAccessToken.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrant.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrant.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrant.java Fri Dec 20 13:26:12 2013
@@ -23,6 +23,8 @@ import javax.ws.rs.core.MultivaluedMap;
import org.apache.cxf.rs.security.oauth2.saml.Constants;
public class Saml2BearerGrant extends AbstractSaml2BearerGrant {
+ private static final long serialVersionUID = -7296527609343431294L;
+
public Saml2BearerGrant(String assertion) {
this(assertion, false);
}
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/SamlBearerClientCredentialsGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/SamlBearerClientCredentialsGrant.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/SamlBearerClientCredentialsGrant.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/SamlBearerClientCredentialsGrant.java Fri Dec 20 13:26:12 2013
@@ -25,6 +25,8 @@ import org.apache.cxf.rs.security.oauth2
public class SamlBearerClientCredentialsGrant extends AbstractSaml2BearerGrant {
+ private static final long serialVersionUID = 4801583498206813025L;
+
public SamlBearerClientCredentialsGrant(String assertion, boolean encoded, String scope) {
super(OAuthConstants.CLIENT_CREDENTIALS_GRANT, assertion, encoded, scope);
}
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java Fri Dec 20 13:26:12 2013
@@ -32,6 +32,7 @@ import javax.xml.bind.annotation.XmlRoot
*/
@XmlRootElement
public class OAuthPermission extends Permission {
+ private static final long serialVersionUID = -6486616235830491290L;
private List<String> httpVerbs = new LinkedList<String>();
private List<String> uris = new LinkedList<String>();
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java Fri Dec 20 13:26:12 2013
@@ -21,6 +21,8 @@ package org.apache.cxf.rs.security.oauth
import java.util.LinkedList;
import java.util.List;
+import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
+
/**
* Server Access Token representation
*/
@@ -36,8 +38,15 @@ public abstract class ServerAccessToken
protected ServerAccessToken(Client client,
String tokenType,
String tokenKey,
- long expiresIn,
- long issuedAt) {
+ long expiresIn) {
+ this(client, tokenType, tokenKey, expiresIn, OAuthUtils.getIssuedAt());
+ }
+
+ protected ServerAccessToken(Client client,
+ String tokenType,
+ String tokenKey,
+ long expiresIn,
+ long issuedAt) {
super(tokenType, tokenKey, expiresIn, issuedAt);
this.client = client;
}
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrant.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrant.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrant.java Fri Dec 20 13:26:12 2013
@@ -23,6 +23,8 @@ import org.apache.cxf.rs.security.oauth2
public class ClientCredentialsGrant extends AbstractGrant {
+ private static final long serialVersionUID = 5586488165697954347L;
+
public ClientCredentialsGrant() {
this(null);
}
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java Fri Dec 20 13:26:12 2013
@@ -74,10 +74,10 @@ public class AuthorizationCodeGrantHandl
throw new OAuthServiceException(OAuthConstants.INVALID_REQUEST);
}
- String tempClientSecretHash = grant.getTempClientSecretHash();
- if (tempClientSecretHash != null) {
- String tempClientSecret = params.getFirst(OAuthConstants.TEMP_CLIENT_SECRET);
- if (!compareTcshWithTch(tempClientSecretHash, tempClientSecret)) {
+ String clientCodeVerifier = grant.getClientCodeVerifier();
+ if (clientCodeVerifier != null) {
+ String clientCodeChallenge = params.getFirst(OAuthConstants.AUTHORIZATION_CODE_VERIFIER);
+ if (!compareCodeVerifierWithChallenge(clientCodeVerifier, clientCodeChallenge)) {
throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
}
}
@@ -88,12 +88,12 @@ public class AuthorizationCodeGrantHandl
grant.getAudience());
}
- private boolean compareTcshWithTch(String tempClientSecretHash, String tempClientSecret) {
- if (tempClientSecret == null) {
+ private boolean compareCodeVerifierWithChallenge(String clientCodeVerifier, String clientCodeChallenge) {
+ if (clientCodeChallenge == null) {
return false;
}
MessageDigestGenerator mdg = new MessageDigestGenerator();
- byte[] digest = mdg.createDigest(tempClientSecret, "SHA-256");
+ byte[] digest = mdg.createDigest(clientCodeVerifier, "SHA-256");
int length = digest.length > 128 / 8 ? 128 / 8 : digest.length;
StringWriter stringWriter = new StringWriter();
@@ -103,7 +103,7 @@ public class AuthorizationCodeGrantHandl
throw new OAuthServiceException("server_error", e);
}
String expectedHash = stringWriter.toString();
- return tempClientSecretHash.equals(expectedHash);
+ return clientCodeChallenge.equals(expectedHash);
}
}
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java Fri Dec 20 13:26:12 2013
@@ -35,7 +35,7 @@ public class AuthorizationCodeRegistrati
private String redirectUri;
private UserSubject subject;
private String audience;
- private String tempClientSecretHash;
+ private String clientCodeVerifier;
/**
* Sets the {@link Client} reference
@@ -120,10 +120,10 @@ public class AuthorizationCodeRegistrati
public void setAudience(String audience) {
this.audience = audience;
}
- public String getTempClientSecretHash() {
- return tempClientSecretHash;
+ public String getClientCodeVerifier() {
+ return clientCodeVerifier;
}
- public void setTempClientSecretHash(String tempClientSecretHash) {
- this.tempClientSecretHash = tempClientSecretHash;
+ public void setClientCodeVerifier(String clientCodeVerifier) {
+ this.clientCodeVerifier = clientCodeVerifier;
}
}
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java Fri Dec 20 13:26:12 2013
@@ -18,7 +18,6 @@
*/
package org.apache.cxf.rs.security.oauth2.grants.code;
-import java.io.Serializable;
import java.util.Collections;
import java.util.List;
@@ -30,7 +29,7 @@ import org.apache.cxf.rs.security.oauth2
/**
* The Authorization Code Grant representation visible to the server
*/
-public class ServerAuthorizationCodeGrant extends AuthorizationCodeGrant implements Serializable {
+public class ServerAuthorizationCodeGrant extends AuthorizationCodeGrant {
private static final long serialVersionUID = -5004608901535459036L;
private long issuedAt;
@@ -39,12 +38,12 @@ public class ServerAuthorizationCodeGran
private List<String> approvedScopes = Collections.emptyList();
private UserSubject subject;
private String audience;
- private String tempClientSecretHash;
+ private String clientCodeVerifier;
public ServerAuthorizationCodeGrant(Client client,
long lifetime) {
this(client, OAuthUtils.generateRandomTokenKey(), lifetime,
- System.currentTimeMillis() / 1000);
+ OAuthUtils.getIssuedAt());
}
public ServerAuthorizationCodeGrant(Client client,
@@ -125,11 +124,11 @@ public class ServerAuthorizationCodeGran
this.audience = audience;
}
- public String getTempClientSecretHash() {
- return tempClientSecretHash;
+ public String getClientCodeVerifier() {
+ return clientCodeVerifier;
}
- public void setTempClientSecretHash(String tempClientSecretHash) {
- this.tempClientSecretHash = tempClientSecretHash;
+ public void setClientCodeVerifier(String clientCodeVerifier) {
+ this.clientCodeVerifier = clientCodeVerifier;
}
}
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java Fri Dec 20 13:26:12 2013
@@ -24,6 +24,7 @@ import org.apache.cxf.rs.security.oauth2
import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
public class ResourceOwnerGrant extends AbstractGrant {
+ private static final long serialVersionUID = -1673025972824906386L;
private String ownerName;
private String ownerPassword;
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java Fri Dec 20 13:26:12 2013
@@ -72,7 +72,7 @@ public class AuthorizationCodeGrantServi
codeReg.setApprovedScope(approvedScope);
codeReg.setSubject(userSubject);
codeReg.setAudience(params.getFirst(OAuthConstants.CLIENT_AUDIENCE));
- codeReg.setTempClientSecretHash(params.getFirst(OAuthConstants.TEMP_CLIENT_SECRET_HASH));
+ codeReg.setClientCodeVerifier(params.getFirst(OAuthConstants.AUTHORIZATION_CODE_VERIFIER));
ServerAuthorizationCodeGrant grant = null;
try {
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java Fri Dec 20 13:26:12 2013
@@ -35,7 +35,7 @@ public class BearerAccessToken extends S
OAuthConstants.BEARER_TOKEN_TYPE,
OAuthUtils.generateRandomTokenKey(),
lifetime,
- System.currentTimeMillis() / 1000);
+ OAuthUtils.getIssuedAt());
}
public BearerAccessToken(Client client,
String tokenKey,
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/mac/MacAccessToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/mac/MacAccessToken.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/mac/MacAccessToken.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/mac/MacAccessToken.java Fri Dec 20 13:26:12 2013
@@ -46,7 +46,7 @@ public class MacAccessToken extends Serv
macAlgo,
OAuthUtils.generateRandomTokenKey(),
lifetime,
- System.currentTimeMillis() / 1000);
+ OAuthUtils.getIssuedAt());
}
public MacAccessToken(Client client,
HmacAlgorithm algo,
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.java Fri Dec 20 13:26:12 2013
@@ -40,7 +40,7 @@ public class RefreshToken extends Server
OAuthConstants.REFRESH_TOKEN_TYPE,
OAuthUtils.generateRandomTokenKey(),
lifetime,
- System.currentTimeMillis() / 1000);
+ OAuthUtils.getIssuedAt());
}
public RefreshToken(Client client,
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java Fri Dec 20 13:26:12 2013
@@ -26,8 +26,6 @@ public final class OAuthConstants {
// Common OAuth2 constants
public static final String CLIENT_ID = "client_id";
public static final String CLIENT_SECRET = "client_secret";
- public static final String TEMP_CLIENT_SECRET = "tcs";
- public static final String TEMP_CLIENT_SECRET_HASH = "tcsh";
public static final String CLIENT_AUDIENCE = "audience";
public static final String REDIRECT_URI = "redirect_uri";
@@ -53,6 +51,11 @@ public final class OAuthConstants {
// Well-known token types
public static final String BEARER_TOKEN_TYPE = "bearer";
public static final String MAC_TOKEN_TYPE = "mac";
+
+ // http://datatracker.ietf.org/doc/draft-sakimura-oauth-tcse
+ public static final String AUTHORIZATION_CODE_VERIFIER = "code_verifier";
+ public static final String AUTHORIZATION_CODE_CHALLENGE = "code_challenge";
+
// CXF-specific
public static final String REFRESH_TOKEN_TYPE = "refresh";
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java Fri Dec 20 13:26:12 2013
@@ -105,6 +105,10 @@ public final class OAuthUtils {
return generateRandomTokenKey(null);
}
+ public static long getIssuedAt() {
+ return System.currentTimeMillis() / 1000;
+ }
+
public static String generateRandomTokenKey(String digestAlgo) throws OAuthServiceException {
try {
byte[] bytes = UUID.randomUUID().toString().getBytes("UTF-8");