You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by lm...@apache.org on 2010/09/07 21:40:05 UTC
svn commit: r993496 - in /cxf/sandbox/oauth_1.0a:
distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/
distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/...
Author: lmoren
Date: Tue Sep 7 19:40:04 2010
New Revision: 993496
URL: http://svn.apache.org/viewvc?rev=993496&view=rev
Log:
- added possibility to define scopes
Added:
cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientManager.java (with props)
cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/OAuthScope.java (with props)
Modified:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/AuthorizeResourceOwnerController.java
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/CallbackURLController.java
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/GetProtectedResourceController.java
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/model/OAuthParams.java
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/webapp/WEB-INF/views/accessToken.jsp
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/ClientApp.java
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/SampleResourceProvider.java
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/controllers/ApplicationController.java
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationSuccessfullHandler.java
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/oauth-beans.xml
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/security-beans.xml
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/views/displayVerifier.jsp
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/views/newClientForm.jsp
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp
cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/AuthorizationServiceImpl.java
cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialsServiceImpl.java
cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TokenCredentialsServiceImpl.java
cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/AbstractOAuthRequestHandler.java
cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/OAuthRequestHandler.java
cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/interceptors/OAuthSecurityInterceptor.java
cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/MemoryOauthDataProvider.java
cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthAuthorizationData.java
cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java
cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/Token.java
cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/utils/OAuthUtils.java
Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/AuthorizeResourceOwnerController.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/AuthorizeResourceOwnerController.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/AuthorizeResourceOwnerController.java (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/AuthorizeResourceOwnerController.java Tue Sep 7 19:40:04 2010
@@ -49,6 +49,7 @@ public class AuthorizeResourceOwnerContr
response
.sendRedirect(
- resourceOwnerAuthorizationEndpoint + "?oauth_token=" + oauthToken);
+ resourceOwnerAuthorizationEndpoint + "?oauth_token=" + oauthToken + "&x_oauth_scope="
+ + "read_info,modify_info");
}
}
\ No newline at end of file
Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/CallbackURLController.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/CallbackURLController.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/CallbackURLController.java (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/CallbackURLController.java Tue Sep 7 19:40:04 2010
@@ -22,6 +22,7 @@ import javax.servlet.http.HttpServletReq
import net.oauth.OAuth;
import net.oauth.OAuthMessage;
+import net.oauth.OAuthProblemException;
import net.oauth.server.OAuthServlet;
import org.apache.cxf.auth.oauth.demo.client.model.Common;
@@ -46,12 +47,16 @@ public class CallbackURLController {
OAuthMessage message = OAuthServlet.getMessage(request, request.getRequestURL().toString());
- message.requireParameters(OAuth.OAUTH_TOKEN, OAuth.OAUTH_VERIFIER);
- oAuthParams.setOauthToken(message.getToken());
- oAuthParams.setOauthVerifier(message.getParameter(OAuth.OAUTH_VERIFIER));
-
- oAuthParams.setClientID(Common.findCookieValue(request, "clientID"));
- oAuthParams.setClientSecret(Common.findCookieValue(request, "clientSecret"));
+ try {
+ message.requireParameters(OAuth.OAUTH_TOKEN, OAuth.OAUTH_VERIFIER);
+ oAuthParams.setOauthToken(message.getToken());
+ oAuthParams.setOauthVerifier(message.getParameter(OAuth.OAUTH_VERIFIER));
+
+ oAuthParams.setClientID(Common.findCookieValue(request, "clientID"));
+ oAuthParams.setClientSecret(Common.findCookieValue(request, "clientSecret"));
+ } catch (OAuthProblemException e) {
+ oAuthParams.setErrorMessage("OAuth problem: " + e.getProblem() + e.getParameters().toString());
+ }
return new ModelAndView("tokenRequest");
Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/GetProtectedResourceController.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/GetProtectedResourceController.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/GetProtectedResourceController.java (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/GetProtectedResourceController.java Tue Sep 7 19:40:04 2010
@@ -25,6 +25,7 @@ import java.io.InputStreamReader;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
+import javax.servlet.http.HttpServletRequest;
import net.oauth.OAuth;
import net.oauth.OAuthAccessor;
@@ -51,7 +52,8 @@ import org.springframework.web.servlet.M
public class GetProtectedResourceController {
@RequestMapping("/getProtectedResource")
- protected ModelAndView handleRequest(@ModelAttribute("oAuthParams") OAuthParams oAuthParams)
+ protected ModelAndView handleRequest(@ModelAttribute("oAuthParams") OAuthParams oAuthParams,
+ HttpServletRequest request)
throws Exception {
OAuthServiceProvider provider = new OAuthServiceProvider(
@@ -71,11 +73,21 @@ public class GetProtectedResourceControl
parameters.put(OAuth.OAUTH_TOKEN, oAuthParams.getOauthToken());
parameters.put(OAuth.OAUTH_CONSUMER_KEY, oAuthParams.getClientID());
- OAuthMessage msg = accessor
- .newRequestMessage(OAuthMessage.GET, oAuthParams.getResourceURL(), parameters.entrySet());
+ OAuthMessage msg = null;
+ String method = request.getParameter("op");
- OAuthClient client = new OAuthClient(new URLConnectionClient());
+ if ("GET".equals(method)) {
+ msg = accessor
+ .newRequestMessage(OAuthMessage.GET, oAuthParams.getGetResourceURL(), parameters.entrySet());
+ } else {
+ msg = accessor
+ .newRequestMessage(OAuthMessage.POST, oAuthParams.getPostResourceURL(),
+ parameters.entrySet());
+ }
+
+
+ OAuthClient client = new OAuthClient(new URLConnectionClient());
msg = client.access(msg, ParameterStyle.AUTHORIZATION_HEADER);
Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/model/OAuthParams.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/model/OAuthParams.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/model/OAuthParams.java (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/model/OAuthParams.java Tue Sep 7 19:40:04 2010
@@ -29,7 +29,8 @@ public class OAuthParams implements Seri
private String temporaryCredentialsEndpoint = "http://localhost:8081/auth/oauth/initiate";
private String resourceOwnerAuthorizationEndpoint = "http://localhost:8081/auth/oauth/authorize";
private String tokenRequestEndpoint = "http://localhost:8081/auth/oauth/token";
- private String resourceURL = "http://localhost:8081/auth/resources/person/john";
+ private String getResourceURL = "http://localhost:8081/auth/resources/person/john";
+ private String postResourceURL = "http://localhost:8081/auth/resources/person/john";
private String callbackURL = "http://localhost:8080/app/callback";
@@ -137,12 +138,12 @@ public class OAuthParams implements Seri
this.errorMessage = errorMessage;
}
- public String getResourceURL() {
- return resourceURL;
+ public String getGetResourceURL() {
+ return getResourceURL;
}
- public void setResourceURL(String resourceURL) {
- this.resourceURL = resourceURL;
+ public void setGetResourceURL(String getResourceURL) {
+ this.getResourceURL = getResourceURL;
}
public String getCallbackURL() {
@@ -177,6 +178,14 @@ public class OAuthParams implements Seri
this.methods = methods;
}
+ public String getPostResourceURL() {
+ return postResourceURL;
+ }
+
+ public void setPostResourceURL(String postResourceURL) {
+ this.postResourceURL = postResourceURL;
+ }
+
static class SignatureMethod {
private String methodName;
Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/webapp/WEB-INF/views/accessToken.jsp
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/webapp/WEB-INF/views/accessToken.jsp?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/webapp/WEB-INF/views/accessToken.jsp (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/webapp/WEB-INF/views/accessToken.jsp Tue Sep 7 19:40:04 2010
@@ -53,8 +53,12 @@ under the License.
<td><form:input size="70" path="clientSecret"/></td>
</tr>
<tr>
- <td>OAuth Protected Resource URI:</td>
- <td><form:input size="70" path="resourceURL"/></td>
+ <td>GET Protected Resource, need scope: 'read_info'</td>
+ <td><form:input size="70" path="getResourceURL"/></td>
+ </tr>
+ <tr>
+ <td>POST Protected Resource, need scope: 'modify_info'</td>
+ <td><form:input size="70" path="postResourceURL"/></td>
</tr>
<tr>
<td>Signature Method:</td>
@@ -65,7 +69,12 @@ under the License.
</tr>
<tr>
<td colspan="2">
- <input type="submit" value="Get Protected Resource"/>
+ <input type="submit" name="op" value="GET"/>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="2">
+ <input type="submit" name="op" value="POST"/>
</td>
</tr>
</table>
Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/ClientApp.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/ClientApp.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/ClientApp.java (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/ClientApp.java Tue Sep 7 19:40:04 2010
@@ -22,7 +22,7 @@ import java.io.Serializable;
/**
* @author Lukasz Moren
- */ //todo add functionality to revoke credentials
+ */
//todo deny does not work
public class ClientApp implements Serializable {
private String clientName = "OAuth 1.0a client";
Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/SampleResourceProvider.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/SampleResourceProvider.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/SampleResourceProvider.java (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/SampleResourceProvider.java Tue Sep 7 19:40:04 2010
@@ -18,11 +18,15 @@
*/
package org.apache.cxf.auth.oauth.demo.server;
+import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.GET;
+import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
+import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
+import javax.xml.ws.handler.MessageContext;
/**
* Sample JAX-RS resource service
@@ -32,10 +36,20 @@ import javax.ws.rs.core.Response;
@Path("/")
public class SampleResourceProvider {
+ @Context
+ private MessageContext mc;
+
@GET
@Produces("text/html")
@Path("/person/{name}")
- public Response returnSampleImage(@PathParam("name") String name) {
+ public Response getInfo(@PathParam("name") String name, @Context HttpServletRequest request) {
return Response.ok("Successfully accessed OAuth protected person: " + name).build();
}
+
+ @POST
+ @Produces("text/html")
+ @Path("/person/{name}")
+ public Response modifyInfo(@PathParam("name") String name) {
+ return Response.ok("Successfully modified OAuth protected person: " + name).build();
+ }
}
Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/controllers/ApplicationController.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/controllers/ApplicationController.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/controllers/ApplicationController.java (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/controllers/ApplicationController.java Tue Sep 7 19:40:04 2010
@@ -21,11 +21,13 @@ package org.apache.cxf.auth.oauth.demo.s
import java.security.Principal;
import java.security.SecureRandom;
import java.util.Set;
+import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import org.apache.cxf.auth.oauth.demo.server.ClientApp;
import org.apache.cxf.auth.oauth.provider.Client;
import org.apache.cxf.auth.oauth.provider.ClientImpl;
+import org.apache.cxf.auth.oauth.provider.ClientManager;
import org.apache.cxf.auth.oauth.provider.OAuthDataProvider;
import org.apache.cxf.auth.oauth.token.MD5TokenGenerator;
import org.apache.cxf.auth.oauth.token.TokenGenerator;
@@ -49,6 +51,9 @@ public class ApplicationController {
@Autowired
private OAuthDataProvider oauthDataProvider;
+ @Resource(name = "oauthDataProvider")
+ private ClientManager clientManager;
+
@RequestMapping("/newClientForm")
public ModelAndView handleRequest(@ModelAttribute("client") ClientApp clientApp) {
return new ModelAndView("newClientForm");
@@ -78,7 +83,7 @@ public class ApplicationController {
secretKey, clientApp.getCallbackURL(), clientApp.getClientName());
- Client authNInfo = oauthDataProvider.registerNewClient(principal, consumerKey, clientInfo);
+ Client authNInfo = clientManager.registerNewClient(principal, consumerKey, clientInfo);
if (authNInfo != null) {
clientApp.setError("Client already exists!");
@@ -94,7 +99,7 @@ public class ApplicationController {
@RequestMapping("/listRegisteredClients")
public ModelAndView listRegisteredClients() {
Principal user = SecurityContextHolder.getContext().getAuthentication();
- Set<Client> apps = oauthDataProvider.listRegisteredClients(user);
+ Set<Client> apps = clientManager.listRegisteredClients(user);
ModelAndView modelAndView = new ModelAndView("registeredClientsList");
modelAndView.getModelMap().put("clients", apps);
@@ -104,7 +109,7 @@ public class ApplicationController {
@RequestMapping("/listAuthorizedClients")
public ModelAndView listAuthorizedClients() {
Principal user = SecurityContextHolder.getContext().getAuthentication();
- Set<Client> apps = oauthDataProvider.listAuthorizedClients(user);
+ Set<Client> apps = clientManager.listAuthorizedClients(user);
ModelAndView modelAndView = new ModelAndView("authorizedClientsList");
modelAndView.getModelMap().put("clients", apps);
@@ -116,7 +121,7 @@ public class ApplicationController {
Principal user = SecurityContextHolder.getContext().getAuthentication();
String consumerKey = request.getParameter("consumerKey");
- oauthDataProvider.removeRegisteredClient(user, consumerKey);
+ clientManager.removeRegisteredClient(user, consumerKey);
ModelAndView modelAndView = new ModelAndView(new RedirectView("/app/listRegisteredClients"));
Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java Tue Sep 7 19:40:04 2010
@@ -25,6 +25,9 @@ import javax.servlet.http.HttpServletRes
import net.oauth.OAuth;
+import org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler;
+import org.apache.cxf.common.util.StringUtils;
+
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
@@ -39,12 +42,18 @@ public class AuthenticationFailureHandle
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
AuthenticationException exception)
throws IOException, ServletException {
-
+ String xOAuthScope = request.getParameter(OAuthRequestHandler.X_OAUTH_SCOPE);
String oauthToken = request.getParameter(OAuth.OAUTH_TOKEN);
- setDefaultFailureUrl(new StringBuffer(authorizeUrl).append("?").append(OAuth.OAUTH_TOKEN).append("=")
- .append(oauthToken).toString());
+ StringBuffer url = new StringBuffer(authorizeUrl).append("?").append(OAuth.OAUTH_TOKEN).append("=")
+ .append(oauthToken);
+
+ if (!StringUtils.isEmpty(xOAuthScope)) {
+ url.append("&").append(OAuthRequestHandler.X_OAUTH_SCOPE).append("=")
+ .append(xOAuthScope);
+ }
+ setDefaultFailureUrl(url.toString());
super.onAuthenticationFailure(request, response,
exception);
}
Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationSuccessfullHandler.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationSuccessfullHandler.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationSuccessfullHandler.java (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationSuccessfullHandler.java Tue Sep 7 19:40:04 2010
@@ -48,6 +48,8 @@ public class AuthenticationSuccessfullHa
String oauthToken = request.getParameter(OAuth.OAUTH_TOKEN);
String authToken = request.getParameter(OAuthRequestHandler.AUTHENTICITY_TOKEN);
+ String decision = request.getParameter(OAuthRequestHandler.AUTHORIZATION_DECISION_KEY);
+ String xOAuthScope = request.getParameter(OAuthRequestHandler.X_OAUTH_SCOPE);
if (StringUtils.isEmpty(oauthToken)) {
return super.determineTargetUrl(request, response);
@@ -57,6 +59,16 @@ public class AuthenticationSuccessfullHa
.append(oauthToken).append("&").append(OAuthRequestHandler.AUTHENTICITY_TOKEN).append("=")
.append(authToken);
+ if (!StringUtils.isEmpty(decision)) {
+ url.append("&").append(OAuthRequestHandler.AUTHORIZATION_DECISION_KEY).append("=")
+ .append(decision);
+ }
+
+ if (!StringUtils.isEmpty(xOAuthScope)) {
+ url.append("&").append(OAuthRequestHandler.X_OAUTH_SCOPE).append("=")
+ .append(xOAuthScope);
+ }
+
return url.toString();
}
Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/oauth-beans.xml
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/oauth-beans.xml?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/oauth-beans.xml (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/oauth-beans.xml Tue Sep 7 19:40:04 2010
@@ -62,19 +62,6 @@
<property name="resourcePath" value="/oAuthLogin.jsp"/>
</bean>
- <!-- Endpoint serves OAuth protected resource -->
- <jaxrs:server id="resourceServer" address="/resources/">
- <jaxrs:serviceBeans>
- <ref bean="resource"/>
- </jaxrs:serviceBeans>
- <jaxrs:inInterceptors>
- <ref bean="oauthSecurityInterceptor"/>
- </jaxrs:inInterceptors>
- </jaxrs:server>
-
- <!-- Resource Provider -->
- <bean id="resource" class="org.apache.cxf.auth.oauth.demo.server.SampleResourceProvider"/>
-
<!-- Intercept request to OAuth protected resources -->
<bean id="oauthSecurityInterceptor"
class="org.apache.cxf.auth.oauth.interceptors.OAuthSecurityInterceptor">
@@ -108,4 +95,18 @@
class="org.apache.cxf.auth.oauth.endpoints.TemporaryCredentialsServiceImpl">
<property name="handler" ref="requestHandler"/>
</bean>
+
+
+ <!-- Endpoint serves OAuth protected resource -->
+ <jaxrs:server id="resourceServer" address="/resources/">
+ <jaxrs:serviceBeans>
+ <ref bean="resource"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:inInterceptors>
+ <ref bean="oauthSecurityInterceptor"/>
+ </jaxrs:inInterceptors>
+ </jaxrs:server>
+
+ <!-- Resource Provider -->
+ <bean id="resource" class="org.apache.cxf.auth.oauth.demo.server.SampleResourceProvider"/>
</beans>
\ No newline at end of file
Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/security-beans.xml
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/security-beans.xml?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/security-beans.xml (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/security-beans.xml Tue Sep 7 19:40:04 2010
@@ -59,6 +59,7 @@
<authentication-provider>
<user-service>
<user name="user1" password="1111" authorities="ROLE_USER"/>
+ <user name="user2" password="2222" authorities="ROLE_USER"/>
</user-service>
</authentication-provider>
</authentication-manager>
Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/views/displayVerifier.jsp
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/views/displayVerifier.jsp?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/views/displayVerifier.jsp (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/views/displayVerifier.jsp Tue Sep 7 19:40:04 2010
@@ -28,7 +28,6 @@ under the License.
</h4>
<table>
<tr>
- <%--todo display properly--%>
<td>OAuth verifier:</td>
<td>${oauth_verifier}</td>
</tr>
Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/views/newClientForm.jsp
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/views/newClientForm.jsp?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/views/newClientForm.jsp (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/views/newClientForm.jsp Tue Sep 7 19:40:04 2010
@@ -33,7 +33,8 @@ under the License.
<tr>
<td>Consumer key:</td>
<td><form:input size="70" path="consumerKey"/> - You can provide consumer key,
- if not it will be automatically generated</td>
+ if not it will be automatically generated
+ </td>
</tr>
<tr>
<td>Client Name:</td>
Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp Tue Sep 7 19:40:04 2010
@@ -38,12 +38,18 @@ under the License.
value="${oauthauthorizationdata.oauthToken}"/>
<input type="hidden" name="<%=OAuthRequestHandler.AUTHENTICITY_TOKEN%>"
value="${oauthauthorizationdata.authenticityToken}"/>
+ <input type="hidden" name="<%=OAuthRequestHandler.X_OAUTH_SCOPE%>"
+ value="<%=request.getParameter("x_oauth_scope")%>"/>
<p>The application <b>${oauthauthorizationdata.applicationName}</b> would like the
- ability to access and update your data on Sample OAuth CXF server.
+ ability to access and update your data on Sample OAuth CXF server:
<br/>
- Please ensure that you trust this website with your information before
- proceeding!</p>
+ <ul>
+ <c:forEach items="${oauthauthorizationdata.scopes}" var="scope">
+ <li><b>${scope.description}</b></li>
+ </c:forEach></ul>
+ Please ensure that you trust this website with your information before
+ proceeding!</p>
<c:if test="${not empty param.login_error}">
<font color="red">
Your login attempt was not successful, try again.<br/><br/>
@@ -63,8 +69,14 @@ under the License.
<label for="password">Password</label>
<input type="password" id="password" name="j_password"/>
<br>
- <input type="submit" class="button" name="commit" value="Allow"/>
- <input type="submit" class="button" name="commit" value="Deny"/>
+ <button name="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_KEY%>" type="submit"
+ value="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_DENY%>">
+ Deny
+ </button>
+ <button name="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_KEY%>" type="submit"
+ value="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_ALLOW%>">
+ Allow
+ </button>
</form>
</c:when>
<%--user is logged in, just ask user to allow third party app access--%>
@@ -74,15 +86,29 @@ under the License.
value="${oauthauthorizationdata.oauthToken}"/>
<input type="hidden" name="<%=OAuthRequestHandler.AUTHENTICITY_TOKEN%>"
value="${oauthauthorizationdata.authenticityToken}"/>
+ <input type="hidden" name="<%=OAuthRequestHandler.X_OAUTH_SCOPE%>"
+ value="<%=request.getParameter("x_oauth_scope")%>"/>
<p>The application <b>${oauthauthorizationdata.applicationName}</b> would like
the
ability to access and update your data on Sample OAuth CXF server.
<br/>
- Please ensure that you trust this website with your information before
- proceeding!</p>
- <input type="submit" class="button" name="commit" value="Allow"/>
- <input type="submit" class="button" name="commit" value="Deny"/>
+ <ul>
+ <c:forEach items="${oauthauthorizationdata.scopes}" var="scope">
+ <li><b>${scope.description}</b></li>
+ </c:forEach></ul>
+ Please ensure that you trust this website with your information before
+ proceeding!</p>
+ <button name="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_KEY%>"
+ type="submit"
+ value="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_DENY%>">
+ Deny
+ </button>
+ <button name="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_KEY%>"
+ type="submit"
+ value="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_ALLOW%>">
+ Allow
+ </button>
</form>
</c:otherwise>
</c:choose>
Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/AuthorizationServiceImpl.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/AuthorizationServiceImpl.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/AuthorizationServiceImpl.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/AuthorizationServiceImpl.java Tue Sep 7 19:40:04 2010
@@ -19,9 +19,7 @@
package org.apache.cxf.auth.oauth.endpoints;
-import java.io.IOException;
import java.net.URI;
-import java.net.URISyntaxException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;
@@ -31,7 +29,7 @@ import javax.ws.rs.Path;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
-import net.oauth.OAuthException;
+import net.oauth.OAuth;
import net.oauth.OAuthProblemException;
import org.apache.cxf.auth.oauth.provider.Client;
@@ -47,6 +45,7 @@ import org.apache.cxf.common.util.String
public class AuthorizationServiceImpl extends OAuthAbstractService implements AuthorizationService {
private static final Logger LOG = LogUtils.getL7dLogger(AuthorizationServiceImpl.class);
+
private String displayVerifierURL;
@GET
@@ -59,7 +58,7 @@ public class AuthorizationServiceImpl ex
String callback = oauthData.getCallback();
String verifier = oauthData.getOauthVerifier();
- if (StringUtils.isEmpty(callback) || StringUtils.isEmpty(verifier)) {
+ if (StringUtils.isEmpty(callback)) {
return Response.ok(oauthData).build();
}
@@ -69,8 +68,18 @@ public class AuthorizationServiceImpl ex
.build();
}
- StringBuffer redirectUrl = new StringBuffer(callback).append("?oauth_token=")
- .append(oauthData.getOauthToken()).append("&oauth_verifier=").append(verifier);
+ String sep = "?";
+ if (callback.contains(sep)) {
+ sep = "&";
+ }
+ StringBuffer redirectUrl = new StringBuffer(callback).append(sep);
+ if (StringUtils.isEmpty(verifier)) {
+ //user did not authorize application
+ redirectUrl.append(OAuth.Problems.USER_REFUSED).append("=User_refused_client");
+ } else {
+ redirectUrl.append("oauth_token=")
+ .append(oauthData.getOauthToken()).append("&oauth_verifier=").append(verifier);
+ }
return Response
.status(HttpServletResponse.SC_MOVED_TEMPORARILY)
@@ -79,26 +88,16 @@ public class AuthorizationServiceImpl ex
} catch (OAuthProblemException e) {
if (LOG.isLoggable(Level.WARNING)) {
- LOG.log(Level.WARNING, "An OAuth related problem: {0}", new Object[] {e.toString()});
- }
- OAuthUtils.handleException(response, e, e.getHttpStatusCode());
- } catch (IOException e) {
- if (LOG.isLoggable(Level.SEVERE)) {
- LOG.log(Level.SEVERE, "OAuth module exception: {0}", new Object[] {e.toString()});
- }
- OAuthUtils.handleException(response, e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
- } catch (OAuthException e) {
- if (LOG.isLoggable(Level.SEVERE)) {
- LOG.log(Level.SEVERE, "OAuth library exception: {0}", new Object[] {e.toString()});
+ LOG.log(Level.WARNING, "An OAuth related problem: {0}", new Object[] {e.fillInStackTrace()});
}
- OAuthUtils.handleException(response, e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
- } catch (URISyntaxException e) {
+ return OAuthUtils.handleException(e, e.getHttpStatusCode(),
+ String.valueOf(e.getParameters().get("realm")));
+ } catch (Exception e) {
if (LOG.isLoggable(Level.SEVERE)) {
- LOG.log(Level.SEVERE, "OAuth module exception: {0}", new Object[] {e.toString()});
+ LOG.log(Level.SEVERE, "Server exception: {0}", new Object[] {e.fillInStackTrace()});
}
- OAuthUtils.handleException(response, e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+ return OAuthUtils.handleException(e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
- return null;
}
public void setDisplayVerifierURL(String displayVerifierURL) {
Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialsServiceImpl.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialsServiceImpl.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialsServiceImpl.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialsServiceImpl.java Tue Sep 7 19:40:04 2010
@@ -29,7 +29,6 @@ import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
-import net.oauth.OAuthException;
import net.oauth.OAuthProblemException;
import org.apache.cxf.auth.oauth.utils.OAuthUtils;
@@ -52,27 +51,20 @@ public class TemporaryCredentialsService
@Produces("application/x-www-form-urlencoded")
public Response getTemporaryCredentials(@Context HttpServletRequest request,
@Context HttpServletResponse response) {
- //todo add realm optional parameter
- //todo check if entity-body single part?
-
try {
return handler.handleTemporaryCredentials(request);
} catch (OAuthProblemException e) {
if (LOG.isLoggable(Level.WARNING)) {
- LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[] {e.toString()});
- }
- throw OAuthUtils.handleException(e, e.getHttpStatusCode());
- } catch (OAuthException e) {
- if (LOG.isLoggable(Level.SEVERE)) {
- LOG.log(Level.SEVERE, "OAuth library exception: {0}", new Object[] {e.toString()});
+ LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[] {e.fillInStackTrace()});
}
- throw OAuthUtils.handleException(e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+ return OAuthUtils.handleException(e, e.getHttpStatusCode(),
+ String.valueOf(e.getParameters().get("realm")));
} catch (Exception e) {
if (LOG.isLoggable(Level.SEVERE)) {
LOG.log(Level.SEVERE, "Unexpected internal server exception: {0}",
- new Object[] {e.toString()});
+ new Object[] {e.fillInStackTrace()});
}
- throw OAuthUtils.handleException(e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+ return OAuthUtils.handleException(e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
}
Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TokenCredentialsServiceImpl.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TokenCredentialsServiceImpl.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TokenCredentialsServiceImpl.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TokenCredentialsServiceImpl.java Tue Sep 7 19:40:04 2010
@@ -19,7 +19,6 @@
package org.apache.cxf.auth.oauth.endpoints;
-import java.io.IOException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;
@@ -30,7 +29,6 @@ import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
-import net.oauth.OAuthException;
import net.oauth.OAuthProblemException;
import org.apache.cxf.auth.oauth.utils.OAuthUtils;
@@ -52,19 +50,15 @@ public class TokenCredentialsServiceImpl
} catch (OAuthProblemException e) {
if (LOG.isLoggable(Level.WARNING)) {
- LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[] {e.toString()});
+ LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[] {e.fillInStackTrace()});
}
- throw OAuthUtils.handleException(e, e.getHttpStatusCode());
- } catch (IOException e) {
+ return OAuthUtils.handleException(e, e.getHttpStatusCode(),
+ String.valueOf(e.getParameters().get("realm")));
+ } catch (Exception e) {
if (LOG.isLoggable(Level.WARNING)) {
- LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[] {e.toString()});
+ LOG.log(Level.WARNING, "Server Exception: {0}", new Object[] {e.fillInStackTrace()});
}
- throw OAuthUtils.handleException(e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
- } catch (OAuthException e) {
- if (LOG.isLoggable(Level.WARNING)) {
- LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[] {e.toString()});
- }
- throw OAuthUtils.handleException(e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+ return OAuthUtils.handleException(e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
}
}
Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/AbstractOAuthRequestHandler.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/AbstractOAuthRequestHandler.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/AbstractOAuthRequestHandler.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/AbstractOAuthRequestHandler.java Tue Sep 7 19:40:04 2010
@@ -22,12 +22,14 @@ import java.io.IOException;
import java.net.URISyntaxException;
import java.security.Principal;
import java.util.HashMap;
+import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.ws.rs.core.Response;
@@ -44,7 +46,9 @@ import org.apache.cxf.auth.oauth.provide
import org.apache.cxf.auth.oauth.provider.OAuthAuthorizationData;
import org.apache.cxf.auth.oauth.provider.OAuthDataProvider;
import org.apache.cxf.auth.oauth.tokens.AccessToken;
+import org.apache.cxf.auth.oauth.tokens.OAuthScope;
import org.apache.cxf.auth.oauth.tokens.RequestToken;
+import org.apache.cxf.auth.oauth.utils.OAuthUtils;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.common.util.StringUtils;
@@ -59,8 +63,7 @@ public abstract class AbstractOAuthReque
public Response handleTemporaryCredentials(HttpServletRequest request)
throws IOException, ServletException, OAuthException {
- //todo add realm optional parameter
- //todo check if entity-body single part?
+
if (LOG.isLoggable(Level.FINE)) {
LOG.log(Level.FINE, "Temporary Service Credentials service invoked by host: {0}",
new Object[] {request.getRemoteHost()});
@@ -153,6 +156,9 @@ public abstract class AbstractOAuthReque
Principal principal = loggedPrincipal(request);
if (principal == null || StringUtils.isEmpty(principal.getName())) {
//add authenticity token into session
+ List<String> scopes = OAuthUtils.parseScopesFromRequest(oAuthMessage);
+ secData.setScopes(dataProvider.getAvailableScopes(scopes));
+
addAuthenticityTokenToSession(secData, request);
return addAdditionalParams(secData, token, principal);
}
@@ -163,18 +169,30 @@ public abstract class AbstractOAuthReque
}
//check if token from session equals token from request
+ List<String> scopes = OAuthUtils.parseScopesFromRequest(oAuthMessage);
+ scopes = OAuthUtils.parseScopesFromRequest(oAuthMessage);
+ List<OAuthScope> availableScopes = dataProvider.getAvailableScopes(scopes);
boolean authentic = compareRequestSessionTokens(request);
if (!authentic) {
+ secData.setScopes(availableScopes);
+
addAuthenticityTokenToSession(secData, request);
return addAdditionalParams(secData, token, principal);
}
+ String decision = request.getParameter(AUTHORIZATION_DECISION_KEY);
+ Client clientInfo = token.getClient();
+ if (!AUTHORIZATION_DECISION_ALLOW.equals(decision)) {
+ //user not authorized client
+ secData.setCallback(clientInfo.getCallbackURL());
+ return secData;
+ }
+
token = dataProvider
- .generateVerifier(oAuthMessage.getToken(), principal);
+ .generateVerifier(oAuthMessage.getToken(), principal, availableScopes);
if (token == null) {
- return secData;
+ throw new OAuthProblemException(OAuth.Problems.TOKEN_EXPIRED);
}
- Client clientInfo = token.getClient();
secData.setCallback(clientInfo.getCallbackURL());
secData.setOauthVerifier(token.getOauthVerifier());
@@ -241,10 +259,10 @@ public abstract class AbstractOAuthReque
}
- public void handleAuthenticatedRequest(HttpServletRequest request)
- throws IOException, OAuthException {
+ public HttpServletRequest handleAuthenticatedRequest(HttpServletRequest request,
+ HttpServletResponse response)
+ throws Exception, OAuthProblemException {
OAuthMessage oAuthMessage = OAuthServlet.getMessage(request, request.getRequestURL().toString());
-
oAuthMessage.requireParameters(OAuth.OAUTH_CONSUMER_KEY,
OAuth.OAUTH_TOKEN,
OAuth.OAUTH_SIGNATURE_METHOD,
@@ -255,18 +273,30 @@ public abstract class AbstractOAuthReque
AccessToken accessToken = dataProvider
.getAccessToken(oAuthMessage.getToken(), oAuthMessage.getConsumerKey());
Client authInfo = accessToken.getClient();
- //todo check if exists
OAuthConsumer consumer = new OAuthConsumer(authInfo.getCallbackURL(), authInfo.getConsumerKey(),
authInfo.getSecretKey(), null);
OAuthAccessor accessor = new OAuthAccessor(consumer);
- try {
- dataProvider.getValidator().validateMessage(oAuthMessage, accessor);
- } catch (URISyntaxException e) {
- throw new OAuthException(e);
- }
+
+ dataProvider.getValidator().validateMessage(oAuthMessage, accessor);
+ //todo add roles to request
+
+ final List<OAuthScope> scopes = accessToken.getScopes();
+
+ request = new HttpServletRequestWrapper(request) {
+ public boolean isUserInRole(String role) {
+ for (OAuthScope scope : scopes) {
+ if (scope.getRole().equals(role)) {
+ return true;
+ }
+ }
+
+ return false;
+ }
+ };
+ return request;
}
Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/OAuthRequestHandler.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/OAuthRequestHandler.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/OAuthRequestHandler.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/OAuthRequestHandler.java Tue Sep 7 19:40:04 2010
@@ -26,6 +26,7 @@ import javax.servlet.http.HttpServletRes
import javax.ws.rs.core.Response;
import net.oauth.OAuthException;
+import net.oauth.OAuthProblemException;
import org.apache.cxf.auth.oauth.provider.OAuthAuthorizationData;
import org.apache.cxf.auth.oauth.provider.OAuthDataProvider;
@@ -42,6 +43,12 @@ public interface OAuthRequestHandler {
String AUTHENTICITY_TOKEN = "authenticityToken";
+ String AUTHORIZATION_DECISION_KEY = "oauthDecision";
+ String AUTHORIZATION_DECISION_ALLOW = "allow";
+ String AUTHORIZATION_DECISION_DENY = "deny";
+
+ String X_OAUTH_SCOPE = "x_oauth_scope";
+
Response handleTemporaryCredentials(HttpServletRequest request)
throws IOException, ServletException, OAuthException;
@@ -53,11 +60,11 @@ public interface OAuthRequestHandler {
Response handleAccessToken(HttpServletRequest request)
throws IOException, OAuthException;
- void handleAuthenticatedRequest(HttpServletRequest request)
- throws IOException, OAuthException;
+ HttpServletRequest handleAuthenticatedRequest(HttpServletRequest request, HttpServletResponse response)
+ throws Exception, OAuthProblemException;
/**
- * Returns logged user name, or null if no user is logged
+ * Returns logged principal, or null if no user is logged
*/
Principal loggedPrincipal(HttpServletRequest request);
Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/interceptors/OAuthSecurityInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/interceptors/OAuthSecurityInterceptor.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/interceptors/OAuthSecurityInterceptor.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/interceptors/OAuthSecurityInterceptor.java Tue Sep 7 19:40:04 2010
@@ -22,14 +22,14 @@ import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.ws.rs.core.Response;
-import net.oauth.OAuthException;
import net.oauth.OAuthProblemException;
import org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler;
-import org.apache.cxf.auth.oauth.utils.OAuthUtils;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.jaxrs.utils.JAXRSUtils;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.apache.cxf.phase.Phase;
@@ -55,30 +55,24 @@ public class OAuthSecurityInterceptor ex
HttpServletRequest request = (HttpServletRequest)message.get(AbstractHTTPDestination.HTTP_REQUEST);
HttpServletResponse response = (HttpServletResponse)message
.get(AbstractHTTPDestination.HTTP_RESPONSE);
+
try {
- handler.handleAuthenticatedRequest(request);
+ if (LOG.isLoggable(Level.FINE)) {
+ LOG.log(Level.FINE, "OAuth security interceptor for url: {0}", request.getRequestURL());
+ }
+ request = handler.handleAuthenticatedRequest(request, response);
+ message.put(AbstractHTTPDestination.HTTP_REQUEST, request);
} catch (OAuthProblemException e) {
- if (LOG.isLoggable(Level.WARNING)) {
- LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[] {e.toString()});
- }
- handleException(message, response, e, e.getHttpStatusCode());
- } catch (OAuthException e) {
- if (LOG.isLoggable(Level.SEVERE)) {
- LOG.log(Level.SEVERE, "An OAuth-related problem: {0}", new Object[] {e.toString()});
- }
- handleException(message, response, e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
- } catch (Exception ex) {
- if (LOG.isLoggable(Level.SEVERE)) {
- LOG.log(Level.SEVERE, "Server error: {0}", new Object[] {ex.toString()});
- }
- handleException(message, response, ex, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+ Response resp = Response.status(401)
+ .header(" WWW-Authenticate: OAuth realm=", request.getRequestURL()).build();
+ message.getExchange().put(Response.class, resp);
+ } catch (Exception e) {
+ Response excResp = JAXRSUtils.convertFaultToResponse(e, message);
+ message.getExchange().put(Response.class, excResp);
+ return;
}
- }
- protected void handleException(Message m, HttpServletResponse response, Exception e, int status) {
- OAuthUtils.handleException(response, e, status);
- m.getInterceptorChain().abort();
}
public void setHandler(OAuthRequestHandler handler) {
Added: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientManager.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientManager.java?rev=993496&view=auto
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientManager.java (added)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientManager.java Tue Sep 7 19:40:04 2010
@@ -0,0 +1,36 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.auth.oauth.provider;
+
+import java.security.Principal;
+import java.util.Set;
+
+/**
+ * @author Lukasz Moren
+ */
+public interface ClientManager {
+ Client registerNewClient(Principal user, String consumerKey, Client client);
+
+ Set<Client> listRegisteredClients(Principal user);
+
+ Set<Client> listAuthorizedClients(Principal user);
+
+ void removeRegisteredClient(Principal user, String consumerKey);
+
+}
Propchange: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientManager.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientManager.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/MemoryOauthDataProvider.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/MemoryOauthDataProvider.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/MemoryOauthDataProvider.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/MemoryOauthDataProvider.java Tue Sep 7 19:40:04 2010
@@ -20,6 +20,7 @@
package org.apache.cxf.auth.oauth.provider;
import java.security.Principal;
+import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
@@ -34,6 +35,7 @@ import net.oauth.OAuthProblemException;
import org.apache.cxf.auth.oauth.token.MD5TokenGenerator;
import org.apache.cxf.auth.oauth.token.TokenGenerator;
import org.apache.cxf.auth.oauth.tokens.AccessToken;
+import org.apache.cxf.auth.oauth.tokens.OAuthScope;
import org.apache.cxf.auth.oauth.tokens.RequestToken;
import org.apache.cxf.auth.oauth.tokens.Token;
import org.apache.cxf.auth.oauth.validation.OAuthMessageValidator;
@@ -44,7 +46,7 @@ import org.apache.cxf.jaxrs.impl.Metadat
/**
* @author Lukasz Moren
*/
-public class MemoryOauthDataProvider implements OAuthDataProvider {
+public class MemoryOauthDataProvider implements OAuthDataProvider, ClientManager {
protected ConcurrentHashMap<String, Client> clientAuthInfo
= new ConcurrentHashMap<String, Client>();
@@ -62,6 +64,16 @@ public class MemoryOauthDataProvider imp
protected OAuthValidator validator;
+ protected ConcurrentHashMap<String, OAuthScope> sampleScopes
+ = new ConcurrentHashMap<String, OAuthScope>();
+
+ {
+ sampleScopes
+ .put("read_info", new OAuthScope("read_info", "Read your personal information", "ROLE_USER"));
+ sampleScopes.put("modify_info",
+ new OAuthScope("modify_info", "Modify your personal information", "ROLE_ADMIN"));
+ }
+
public Client getClientAuthenticationInfo(String consumerKey) {
return clientAuthInfo.get(consumerKey);
}
@@ -100,12 +112,13 @@ public class MemoryOauthDataProvider imp
return requestToken;
}
- public RequestToken generateVerifier(String token, Principal principal)
+ public RequestToken generateVerifier(String token, Principal principal, List<OAuthScope> scopes)
throws OAuthException {
RequestToken requestToken = getRequestToken(token, null);
if (requestToken != null) {
requestToken.setOauthVerifier(generateToken());
requestToken.setPrincipal(principal);
+ requestToken.setScopes(scopes);
}
return requestToken;
@@ -119,6 +132,16 @@ public class MemoryOauthDataProvider imp
this.validator = v;
}
+ public List<OAuthScope> getAvailableScopes(List<String> requestScopes) {
+ List<OAuthScope> scopes = new ArrayList<OAuthScope>();
+ for (String requestScope : requestScopes) {
+ OAuthScope oAuthScope = sampleScopes.get(requestScope);
+ scopes.add(oAuthScope);
+ }
+
+ return scopes;
+ }
+
public AccessToken generateAccessToken(Principal principal, RequestToken requestToken)
throws OAuthException {
@@ -131,6 +154,8 @@ public class MemoryOauthDataProvider imp
AccessToken accessToken = new AccessToken(client, accessTokenString, tokenSecretString, 3600,
principal);
+ accessToken.setScopes(requestToken.getScopes());
+
synchronized (oauthTokens) {
oauthTokens.remove(requestToken.getTokenString());
oauthTokens.put(accessTokenString, accessToken);
@@ -205,9 +230,25 @@ public class MemoryOauthDataProvider imp
public synchronized void removeRegisteredClient(Principal user, String consumerKey) {
List<String> registeredApps = this.userRegisteredClients.get(user.getName());
this.clientAuthInfo.remove(consumerKey);
-
+
+ //remove registered app
registeredApps.remove(consumerKey);
- removeTokenCredentials(user, consumerKey);
+ this.userRegisteredClients.put(user.getName(), registeredApps);
+
+ //remove all authorized apps from other clients
+ for (Map.Entry<String, List<String>> userAuthorizedClientsSet : userAuthorizedClients.entrySet()) {
+ String principalName = userAuthorizedClientsSet.getKey();
+ List<String> clients = userAuthorizedClientsSet.getValue();
+ clients.remove(consumerKey);
+ userAuthorizedClients.put(principalName, clients);
+ }
+ //remove access tokens
+ for (Token token : oauthTokens.values()) {
+ Client authNInfo = token.getClient();
+ if (consumerKey.equals(authNInfo.getConsumerKey())) {
+ oauthTokens.remove(token.getTokenString());
+ }
+ }
}
protected String generateToken() throws OAuthException {
Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthAuthorizationData.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthAuthorizationData.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthAuthorizationData.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthAuthorizationData.java Tue Sep 7 19:40:04 2010
@@ -19,6 +19,9 @@
package org.apache.cxf.auth.oauth.provider;
import java.io.Serializable;
+import java.util.List;
+
+import org.apache.cxf.auth.oauth.tokens.OAuthScope;
/**
* Additional parameters passed to sign in page
@@ -32,6 +35,7 @@ public class OAuthAuthorizationData impl
private String userName;
private String callback;
private String oauthVerifier;
+ private List<OAuthScope> scopes;
public OAuthAuthorizationData() {
}
@@ -87,4 +91,12 @@ public class OAuthAuthorizationData impl
public void setOauthVerifier(String oauthVerifier) {
this.oauthVerifier = oauthVerifier;
}
+
+ public List<OAuthScope> getScopes() {
+ return scopes;
+ }
+
+ public void setScopes(List<OAuthScope> scopes) {
+ this.scopes = scopes;
+ }
}
Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java Tue Sep 7 19:40:04 2010
@@ -20,19 +20,19 @@
package org.apache.cxf.auth.oauth.provider;
import java.security.Principal;
-import java.util.Set;
+import java.util.List;
import net.oauth.OAuthException;
import net.oauth.OAuthProblemException;
import org.apache.cxf.auth.oauth.tokens.AccessToken;
+import org.apache.cxf.auth.oauth.tokens.OAuthScope;
import org.apache.cxf.auth.oauth.tokens.RequestToken;
import org.apache.cxf.auth.oauth.validation.OAuthValidator;
/**
* @author Lukasz Moren
*/
-//todo add client credentials checking
public interface OAuthDataProvider {
Client getClientAuthenticationInfo(String consumerKey);
@@ -46,20 +46,14 @@ public interface OAuthDataProvider {
RequestToken getRequestToken(String tokenString, String oauthVerifier)
throws OAuthProblemException;
- Client registerNewClient(Principal user, String consumerKey, Client client);
-
- Set<Client> listRegisteredClients(Principal user);
-
- Set<Client> listAuthorizedClients(Principal user);
-
- void removeRegisteredClient(Principal user, String consumerKey);
-
void removeTokenCredentials(Principal user, String consumerKey);
- RequestToken generateVerifier(String token, Principal principal)
+ RequestToken generateVerifier(String token, Principal principal, List<OAuthScope> scopes)
throws OAuthException;
OAuthValidator getValidator();
void setValidator(OAuthValidator validator);
+
+ List<OAuthScope> getAvailableScopes(List<String> requestScopes);
}
Added: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/OAuthScope.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/OAuthScope.java?rev=993496&view=auto
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/OAuthScope.java (added)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/OAuthScope.java Tue Sep 7 19:40:04 2010
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.auth.oauth.tokens;
+
+/**
+ * @author Lukasz Moren
+ */
+public class OAuthScope {
+ private String scope;
+ private String description;
+ private String role;
+
+ public OAuthScope(String scope, String description, String role) {
+ this.description = description;
+ this.role = role;
+ this.scope = scope;
+ }
+
+ public String getDescription() {
+ return description;
+ }
+
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ public String getScope() {
+ return scope;
+ }
+
+ public void setScope(String scope) {
+ this.scope = scope;
+ }
+
+ public String getRole() {
+ return role;
+ }
+
+ public void setRole(String role) {
+ this.role = role;
+ }
+}
Propchange: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/OAuthScope.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/OAuthScope.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/Token.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/Token.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/Token.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/Token.java Tue Sep 7 19:40:04 2010
@@ -19,6 +19,7 @@
package org.apache.cxf.auth.oauth.tokens;
import java.security.Principal;
+import java.util.List;
import org.apache.cxf.auth.oauth.provider.Client;
@@ -33,6 +34,7 @@ public abstract class Token {
protected long lifetime = -1;
protected Client client;
protected Principal principal;
+ protected List<OAuthScope> scopes;
protected Token(Client client, String tokenString,
String tokenSecret, long lifetime, Principal principal) {
@@ -80,4 +82,12 @@ public abstract class Token {
public void setPrincipal(Principal principal) {
this.principal = principal;
}
+
+ public List<OAuthScope> getScopes() {
+ return scopes;
+ }
+
+ public void setScopes(List<OAuthScope> scopes) {
+ this.scopes = scopes;
+ }
}
Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/utils/OAuthUtils.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/utils/OAuthUtils.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/utils/OAuthUtils.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/utils/OAuthUtils.java Tue Sep 7 19:40:04 2010
@@ -19,6 +19,9 @@
package org.apache.cxf.auth.oauth.utils;
import java.io.IOException;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.StringTokenizer;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
@@ -26,9 +29,10 @@ import javax.ws.rs.core.Response;
import net.oauth.OAuth;
import net.oauth.OAuthMessage;
import net.oauth.OAuthProblemException;
-import net.oauth.server.OAuthServlet;
+import org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler;
import org.apache.cxf.auth.oauth.tokens.RequestToken;
+import org.apache.cxf.common.util.StringUtils;
/**
* @author Lukasz Moren
@@ -36,48 +40,44 @@ import org.apache.cxf.auth.oauth.tokens.
public final class OAuthUtils {
private OAuthUtils() {
-
}
- public static WebApplicationException handleException(Exception e, int status) {
+ public static Response handleException(Exception e, int status) {
return handleException(e, status, null);
}
- public static WebApplicationException handleException(Exception e, int status,
- String realm) {
+ public static Response handleException(Exception e, int status,
+ String realm) {
if (e instanceof OAuthProblemException) {
OAuthProblemException problem = (OAuthProblemException)e;
OAuthMessage message = new OAuthMessage(null, null, problem
.getParameters().entrySet());
try {
- return new WebApplicationException(
+ return
Response.status(status).header("WWW-Authenticate", message.getAuthorizationHeader(realm))
- .entity(e.getMessage()).build());
+ .entity(e.getMessage()).build();
} catch (IOException e1) {
- return new WebApplicationException(
+ throw new WebApplicationException(
Response.status(status).entity(e.getMessage()).build());
}
}
- return new WebApplicationException(
+ throw new WebApplicationException(
Response.status(status).entity(e.getMessage()).build());
}
- public static void handleException(HttpServletResponse response, Exception e, int status, String realm,
- boolean sendBody) {
- try {
- OAuthServlet.handleException(response, e, realm, sendBody);
- } catch (Exception ex) {
- try {
- response.sendError(status);
- } catch (IOException e1) {
- e1.printStackTrace();
- //todo add handling
+ public static List<String> parseScopesFromRequest(OAuthMessage message) throws IOException {
+ String scopes = message.getParameter(OAuthRequestHandler.X_OAUTH_SCOPE);
+ List<String> scopeList = new ArrayList<String>();
+
+ if (!StringUtils.isEmpty(scopes)) {
+ StringTokenizer tokenizer = new StringTokenizer(scopes, ",");
+
+ while (tokenizer.hasMoreTokens()) {
+ String token = tokenizer.nextToken();
+ scopeList.add(token);
}
}
- }
-
- public static void handleException(HttpServletResponse response, Exception e, int status) {
- handleException(response, e, status, null, true);
+ return scopeList;
}
public static RequestToken handleTokenRejectedException() throws OAuthProblemException {