You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2012/08/28 18:15:53 UTC
svn commit: r1378202 - in
/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth:
services/ utils/
Author: sergeyb
Date: Tue Aug 28 16:15:52 2012
New Revision: 1378202
URL: http://svn.apache.org/viewvc?rev=1378202&view=rev
Log:
[CXF-4432] Adding a utility form OOB provider
Added:
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/OOBResponseProvider.java (with props)
Modified:
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestService.java
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/RequestTokenHandler.java
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthConstants.java
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java?rev=1378202&r1=1378201&r2=1378202&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java Tue Aug 28 16:15:52 2012
@@ -145,7 +145,7 @@ public class AuthorizationRequestHandler
}
queryParams.put(OAuth.OAUTH_TOKEN, token.getTokenKey());
if (token.getState() != null) {
- queryParams.put("state", token.getState());
+ queryParams.put(OAuthConstants.X_OAUTH_STATE, token.getState());
}
String callbackValue = getCallbackValue(token);
if (OAuthConstants.OAUTH_CALLBACK_OOB.equals(callbackValue)) {
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestService.java?rev=1378202&r1=1378201&r2=1378202&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestService.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestService.java Tue Aug 28 16:15:52 2012
@@ -59,7 +59,11 @@ public class AuthorizationRequestService
@GET
@Path("/decision")
- @Produces({"application/xhtml+xml", "text/html", "application/xml;q=0.9", "application/json;q=0.9" })
+ @Produces({"application/xhtml+xml",
+ "text/html",
+ "application/xml;q=0.9",
+ "application/json;q=0.9",
+ "application/x-www-form-urlencoded" })
public Response authorizeDecision() {
return authorize();
}
Added: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/OOBResponseProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/OOBResponseProvider.java?rev=1378202&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/OOBResponseProvider.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/OOBResponseProvider.java Tue Aug 28 16:15:52 2012
@@ -0,0 +1,95 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.rs.security.oauth.services;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.lang.annotation.Annotation;
+import java.lang.reflect.Type;
+
+import javax.ws.rs.Consumes;
+import javax.ws.rs.Produces;
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.MultivaluedMap;
+import javax.ws.rs.ext.MessageBodyReader;
+import javax.ws.rs.ext.MessageBodyWriter;
+import javax.ws.rs.ext.Provider;
+
+import net.oauth.OAuth;
+
+import org.apache.cxf.jaxrs.ext.form.Form;
+import org.apache.cxf.jaxrs.provider.FormEncodingProvider;
+import org.apache.cxf.rs.security.oauth.utils.OAuthConstants;
+
+@Produces({"application/x-www-form-urlencoded" })
+@Consumes({"application/x-www-form-urlencoded" })
+@Provider
+public class OOBResponseProvider implements
+ MessageBodyReader<OOBAuthorizationResponse>, MessageBodyWriter<OOBAuthorizationResponse> {
+
+ private FormEncodingProvider<Form> formProvider = new FormEncodingProvider<Form>();
+
+ public boolean isReadable(Class<?> type, Type genericType,
+ Annotation[] annotations, MediaType mt) {
+ return OOBAuthorizationResponse.class.isAssignableFrom(type);
+ }
+
+ public OOBAuthorizationResponse readFrom(
+ Class<OOBAuthorizationResponse> clazz, Type genericType, Annotation[] annotations, MediaType mt,
+ MultivaluedMap<String, String> headers, InputStream is) throws IOException {
+ Form form = formProvider.readFrom(Form.class, Form.class, annotations, mt, headers, is);
+ MultivaluedMap<String, String> data = form.getData();
+ OOBAuthorizationResponse resp = new OOBAuthorizationResponse();
+
+ resp.setRequestToken(data.getFirst(OAuth.OAUTH_TOKEN));
+ resp.setVerifier(data.getFirst(OAuth.OAUTH_VERIFIER));
+ resp.setState(data.getFirst(OAuthConstants.X_OAUTH_STATE));
+
+ return resp;
+ }
+
+
+ public long getSize(OOBAuthorizationResponse t, Class<?> type,
+ Type genericType, Annotation[] annotations,
+ MediaType mediaType) {
+ return -1;
+ }
+
+ public boolean isWriteable(Class<?> type, Type genericType, Annotation[] annotations,
+ MediaType mt) {
+ return OOBAuthorizationResponse.class.isAssignableFrom(type);
+ }
+
+ public void writeTo(OOBAuthorizationResponse obj, Class<?> c, Type t,
+ Annotation[] anns,
+ MediaType mt, MultivaluedMap<String, Object> headers, OutputStream os)
+ throws IOException, WebApplicationException {
+
+ Form form = new Form();
+ form.set(OAuth.OAUTH_VERIFIER, obj.getVerifier());
+ form.set(OAuth.OAUTH_TOKEN, obj.getRequestToken());
+ if (obj.getState() != null) {
+ form.set(OAuthConstants.X_OAUTH_STATE, obj.getState());
+ }
+ }
+
+}
Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/OOBResponseProvider.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/OOBResponseProvider.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/RequestTokenHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/RequestTokenHandler.java?rev=1378202&r1=1378201&r2=1378202&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/RequestTokenHandler.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/RequestTokenHandler.java Tue Aug 28 16:15:52 2012
@@ -85,7 +85,7 @@ public class RequestTokenHandler {
RequestTokenRegistration reg = new RequestTokenRegistration();
reg.setClient(client);
reg.setCallback(callback);
- reg.setState(oAuthMessage.getParameter("state"));
+ reg.setState(oAuthMessage.getParameter(OAuthConstants.X_OAUTH_STATE));
reg.setScopes(scopes);
reg.setLifetime(tokenLifetime);
reg.setIssuedAt(System.currentTimeMillis() / 1000);
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthConstants.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthConstants.java?rev=1378202&r1=1378201&r2=1378202&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthConstants.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthConstants.java Tue Aug 28 16:15:52 2012
@@ -38,6 +38,7 @@ public final class OAuthConstants {
public static final String AUTHORIZATION_DECISION_DENY = "deny";
public static final String X_OAUTH_SCOPE = "scope";
+ public static final String X_OAUTH_STATE = "state";
public static final String OAUTH_CONSUMER_SECRET = "oauth_consumer_secret";
public static final String OAUTH_CALLBACK_OOB = "oob";