You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2013/07/26 14:39:53 UTC
svn commit: r1507293 - in /cxf/branches/2.7.x-fixes: ./
rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/
rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/
systests/rs-se...
Author: sergeyb
Date: Fri Jul 26 12:39:53 2013
New Revision: 1507293
URL: http://svn.apache.org/r1507293
Log:
Merged revisions 1507286-1507287 via svnmerge from
https://svn.apache.org/repos/asf/cxf/trunk
........
r1507286 | sergeyb | 2013-07-26 13:31:12 +0100 (Fri, 26 Jul 2013) | 1 line
[CXF-5161] Fixing AbstractGrantHandler typo and updating it to correctly work in a case where a concrete implementation wants to support more than one grant type
........
r1507287 | sergeyb | 2013-07-26 13:33:15 +0100 (Fri, 26 Jul 2013) | 1 line
Reverting a change to JAXRSXmlSecTest
........
Added:
cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/
- copied from r1507287, cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/
cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java
- copied unchanged from r1507287, cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java
Modified:
cxf/branches/2.7.x-fixes/ (props changed)
cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
cxf/branches/2.7.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java
Propchange: cxf/branches/2.7.x-fixes/
------------------------------------------------------------------------------
Merged /cxf/trunk:r1507286-1507287
Propchange: cxf/branches/2.7.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.
Modified: cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java?rev=1507293&r1=1507292&r2=1507293&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java (original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java Fri Jul 26 12:39:53 2013
@@ -21,7 +21,11 @@ package org.apache.cxf.rs.security.oauth
import java.util.Collections;
import java.util.List;
+import java.util.logging.Logger;
+import javax.ws.rs.WebApplicationException;
+
+import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;
import org.apache.cxf.rs.security.oauth2.common.Client;
import org.apache.cxf.rs.security.oauth2.common.OAuthError;
@@ -38,13 +42,21 @@ import org.apache.cxf.rs.security.oauth2
* Abstract access token grant handler
*/
public abstract class AbstractGrantHandler implements AccessTokenGrantHandler {
+ private static final Logger LOG = LogUtils.getL7dLogger(AbstractGrantHandler.class);
- private String supportedGrant;
+ private List<String> supportedGrants;
private OAuthDataProvider dataProvider;
private boolean partialMatchScopeValidation;
private boolean canSupportPublicClients;
protected AbstractGrantHandler(String grant) {
- supportedGrant = grant;
+ supportedGrants = Collections.singletonList(grant);
+ }
+
+ protected AbstractGrantHandler(List<String> grants) {
+ if (grants.isEmpty()) {
+ throw new IllegalArgumentException("The list of grant types can not be empty");
+ }
+ supportedGrants = grants;
}
public void setDataProvider(OAuthDataProvider dataProvider) {
@@ -55,13 +67,17 @@ public abstract class AbstractGrantHandl
}
public List<String> getSupportedGrantTypes() {
- return Collections.singletonList(supportedGrant);
+ return Collections.unmodifiableList(supportedGrants);
}
protected void checkIfGrantSupported(Client client) {
+ checkIfGrantSupported(client, getSingleGrantType());
+ }
+
+ protected void checkIfGrantSupported(Client client, String requestedGrant) {
if (!OAuthUtils.isGrantSupportedForClient(client,
canSupportPublicClients,
- OAuthConstants.AUTHORIZATION_CODE_GRANT)) {
+ requestedGrant)) {
throw new OAuthServiceException(OAuthConstants.UNAUTHORIZED_CLIENT);
}
}
@@ -69,13 +85,30 @@ public abstract class AbstractGrantHandl
protected ServerAccessToken doCreateAccessToken(Client client,
UserSubject subject,
List<String> requestedScope) {
+
+ return doCreateAccessToken(client, subject, getSingleGrantType(), requestedScope);
+ }
+
+ private String getSingleGrantType() {
+ if (supportedGrants.size() > 1) {
+ String errorMessage = "Request grant type must be specified";
+ LOG.warning(errorMessage);
+ throw new WebApplicationException(500);
+ }
+ return supportedGrants.get(0);
+ }
+
+ protected ServerAccessToken doCreateAccessToken(Client client,
+ UserSubject subject,
+ String requestedGrant,
+ List<String> requestedScope) {
if (!OAuthUtils.validateScopes(requestedScope, client.getRegisteredScopes(),
partialMatchScopeValidation)) {
throw new OAuthServiceException(new OAuthError(OAuthConstants.INVALID_SCOPE));
}
// Check if a pre-authorized token available
ServerAccessToken token = dataProvider.getPreauthorizedToken(
- client, requestedScope, subject, supportedGrant);
+ client, requestedScope, subject, requestedGrant);
if (token != null) {
return token;
}
@@ -83,7 +116,7 @@ public abstract class AbstractGrantHandl
// Delegate to the data provider to create the one
AccessTokenRegistration reg = new AccessTokenRegistration();
reg.setClient(client);
- reg.setGrantType(supportedGrant);
+ reg.setGrantType(requestedGrant);
reg.setSubject(subject);
reg.setRequestedScope(requestedScope);
Modified: cxf/branches/2.7.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java?rev=1507293&r1=1507292&r2=1507293&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java (original)
+++ cxf/branches/2.7.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java Fri Jul 26 12:39:53 2013
@@ -27,6 +27,7 @@ import org.apache.cxf.rs.security.oauth2
import org.apache.cxf.rs.security.oauth2.common.UserSubject;
import org.apache.cxf.rs.security.oauth2.provider.OAuthDataProvider;
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
+import org.apache.cxf.rs.security.oauth2.saml.Constants;
import org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken;
@@ -34,7 +35,9 @@ public class OAuthDataProviderImpl imple
@Override
public Client getClient(String clientId) throws OAuthServiceException {
- return new Client("alice", "alice", true);
+ Client client = new Client("alice", "alice", true);
+ client.getAllowedGrantTypes().add(Constants.SAML2_BEARER_GRANT);
+ return client;
}
@Override