You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2012/05/21 12:19:16 UTC
svn commit: r1340958 - in
/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2:
grants/refresh/ provider/ utils/
Author: sergeyb
Date: Mon May 21 10:19:16 2012
New Revision: 1340958
URL: http://svn.apache.org/viewvc?rev=1340958&view=rev
Log:
Prototyping a refresh token grant handler
Added:
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrantHandler.java (with props)
Modified:
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthDataProvider.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrantHandler.java?rev=1340958&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrantHandler.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrantHandler.java Mon May 21 10:19:16 2012
@@ -0,0 +1,68 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth2.grants.refresh;
+
+import java.util.Collections;
+import java.util.List;
+
+import javax.ws.rs.core.MultivaluedMap;
+
+import org.apache.cxf.rs.security.oauth2.common.Client;
+import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
+import org.apache.cxf.rs.security.oauth2.provider.AccessTokenGrantHandler;
+import org.apache.cxf.rs.security.oauth2.provider.OAuthDataProvider;
+import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
+import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
+import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
+
+public class RefreshTokenGrantHandler implements AccessTokenGrantHandler {
+
+ private OAuthDataProvider dataProvider;
+
+ public void setDataProvider(OAuthDataProvider dataProvider) {
+ this.dataProvider = dataProvider;
+ }
+
+ public List<String> getSupportedGrantTypes() {
+ return Collections.singletonList(OAuthConstants.REFRESH_TOKEN_GRANT);
+ }
+
+ @Override
+ public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String> params)
+ throws OAuthServiceException {
+ if (!OAuthUtils.isGrantSupportedForClient(client, true, OAuthConstants.REFRESH_TOKEN_GRANT)) {
+ throw new OAuthServiceException(OAuthConstants.UNAUTHORIZED_CLIENT);
+ }
+ String refreshToken = params.getFirst(OAuthConstants.REFRESH_TOKEN);
+
+ ServerAccessToken token = dataProvider.refreshAccessToken(client.getClientId(), refreshToken);
+ if (token == null) {
+ return null;
+ }
+ String scope = params.getFirst(OAuthConstants.SCOPE);
+ if (scope != null) {
+ List<String> tokenScopes = OAuthUtils.convertPermissionsToScopeList(token.getScopes());
+ if (tokenScopes.containsAll(OAuthUtils.parseScope(scope))) {
+ throw new OAuthServiceException(OAuthConstants.INVALID_SCOPE);
+ }
+ }
+
+ return token;
+ }
+}
Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrantHandler.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrantHandler.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthDataProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthDataProvider.java?rev=1340958&r1=1340957&r2=1340958&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthDataProvider.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthDataProvider.java Mon May 21 10:19:16 2012
@@ -59,10 +59,10 @@ public interface OAuthDataProvider {
ServerAccessToken getAccessToken(String accessToken) throws OAuthServiceException;
/**
- * TODO: Consider introducing a dedicated entity representing a user pre authorization
* Get preauthorized access token
- * @param accessToken the token key
- * @return AccessToken
+ * @param client Client
+ * @param subject End User subject
+ * @return AccessToken access token
* @throws OAuthServiceException
*/
ServerAccessToken getPreauthorizedToken(Client client, UserSubject subject, String grantType)
@@ -71,7 +71,7 @@ public interface OAuthDataProvider {
/**
* Refresh access token
* @param clientId the client id
- * @param refreshToken the token key
+ * @param refreshToken refresh token key
* @return AccessToken
* @throws OAuthServiceException
*/
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java?rev=1340958&r1=1340957&r2=1340958&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java Mon May 21 10:19:16 2012
@@ -41,6 +41,7 @@ public final class OAuthConstants {
public static final String AUTHORIZATION_CODE_GRANT = "authorization_code";
public static final String CLIENT_CREDENTIALS_GRANT = "client_credentials";
public static final String IMPLICIT_GRANT = "implicit";
+ public static final String REFRESH_TOKEN_GRANT = "refresh_token";
// etc
// Well-known token types
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java?rev=1340958&r1=1340957&r2=1340958&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java Mon May 21 10:19:16 2012
@@ -50,6 +50,14 @@ public final class OAuthUtils {
return sb.toString();
}
+ public static List<String> convertPermissionsToScopeList(List<OAuthPermission> perms) {
+ List<String> list = new LinkedList<String>();
+ for (OAuthPermission perm : perms) {
+ list.add(perm.getPermission());
+ }
+ return list;
+ }
+
public static boolean isGrantSupportedForClient(Client client,
boolean isConfidential,
String grantType) {