You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2016/04/05 17:53:24 UTC
cxf git commit: Experimenting with saving the access tokens
Repository: cxf
Updated Branches:
refs/heads/3.1.x-fixes 3678640f1 -> a0bb3cc1b
Experimenting with saving the access tokens
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a0bb3cc1
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a0bb3cc1
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a0bb3cc1
Branch: refs/heads/3.1.x-fixes
Commit: a0bb3cc1ba2303ea13ba52da28c9edde22408398
Parents: 3678640
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Tue Apr 5 16:50:56 2016 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Tue Apr 5 16:53:00 2016 +0100
----------------------------------------------------------------------
.../rs/security/oauth2/common/AccessToken.java | 9 +++++++
.../oauth2/common/ServerAccessToken.java | 13 +++++++++-
.../oauth2/provider/JPAOAuthDataProvider.java | 27 ++++++++++++++++++--
.../oauth2/tokens/bearer/BearerAccessToken.java | 3 +++
.../grants/code/JPACodeDataProviderTest.java | 26 +++++++++++++++++++
.../src/test/resources/META-INF/persistence.xml | 4 +++
6 files changed, 79 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/a0bb3cc1/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessToken.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessToken.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessToken.java
index dd0415f..ade93b4 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessToken.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessToken.java
@@ -22,9 +22,15 @@ import java.io.Serializable;
import java.util.LinkedHashMap;
import java.util.Map;
+import javax.persistence.ElementCollection;
+import javax.persistence.Id;
+import javax.persistence.MapKeyColumn;
+import javax.persistence.MappedSuperclass;
+
/**
* Base Access Token representation
*/
+@MappedSuperclass
public abstract class AccessToken implements Serializable {
private static final long serialVersionUID = -5750544301887053480L;
@@ -80,6 +86,7 @@ public abstract class AccessToken implements Serializable {
* Returns the token key
* @return the key
*/
+ @Id
public String getTokenKey() {
return tokenKey;
}
@@ -110,6 +117,8 @@ public abstract class AccessToken implements Serializable {
* Gets token parameters
* @return
*/
+ @ElementCollection
+ @MapKeyColumn(name = "propName")
public Map<String, String> getParameters() {
return parameters;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/a0bb3cc1/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
index 1f13877..ac2ae7b 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
@@ -23,6 +23,11 @@ import java.util.LinkedList;
import java.util.List;
import java.util.Map;
+import javax.persistence.ElementCollection;
+import javax.persistence.MapKeyColumn;
+import javax.persistence.MappedSuperclass;
+import javax.persistence.OneToOne;
+
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
@@ -30,6 +35,7 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
/**
* Server Access Token representation
*/
+@MappedSuperclass
public abstract class ServerAccessToken extends AccessToken {
private static final long serialVersionUID = 638776204861456064L;
@@ -86,6 +92,7 @@ public abstract class ServerAccessToken extends AccessToken {
* Returns the Client associated with this token
* @return the client
*/
+ @OneToOne
public Client getClient() {
return client;
}
@@ -98,6 +105,7 @@ public abstract class ServerAccessToken extends AccessToken {
* Returns a list of opaque permissions/scopes
* @return the scopes
*/
+ @ElementCollection
public List<OAuthPermission> getScopes() {
return scopes;
}
@@ -126,6 +134,7 @@ public abstract class ServerAccessToken extends AccessToken {
* when authorizing a given client request
* @return UserSubject
*/
+ @OneToOne
public UserSubject getSubject() {
return subject;
}
@@ -162,7 +171,7 @@ public abstract class ServerAccessToken extends AccessToken {
return responseType;
}
-
+ @ElementCollection
public List<String> getAudiences() {
return audiences;
}
@@ -194,6 +203,8 @@ public abstract class ServerAccessToken extends AccessToken {
this.nonce = nonce;
}
+ @ElementCollection
+ @MapKeyColumn(name = "extraPropName")
public Map<String, String> getExtraProperties() {
return extraProperties;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/a0bb3cc1/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
index f3bb53d..4045f91 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
@@ -29,10 +29,13 @@ import javax.persistence.TypedQuery;
import org.apache.cxf.rs.security.oauth2.common.Client;
import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
import org.apache.cxf.rs.security.oauth2.common.UserSubject;
+import org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken;
import org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken;
public class JPAOAuthDataProvider extends AbstractOAuthDataProvider {
private static final String CLIENT_TABLE_NAME = Client.class.getSimpleName();
+ private static final String BEARER_TOKEN_TABLE_NAME = BearerAccessToken.class.getSimpleName();
+ private static final String REFRESH_TOKEN_TABLE_NAME = BearerAccessToken.class.getSimpleName();
private EntityManager entityManager;
public JPAOAuthDataProvider() {
@@ -74,17 +77,27 @@ public class JPAOAuthDataProvider extends AbstractOAuthDataProvider {
@Override
public ServerAccessToken getAccessToken(String accessToken) throws OAuthServiceException {
- return null;
+ try {
+ return getTokenQuery(accessToken).getSingleResult();
+ } catch (NoResultException ex) {
+ return null;
+ }
}
@Override
protected void doRevokeAccessToken(ServerAccessToken at) {
+ removeEntity(at);
}
@Override
protected RefreshToken getRefreshToken(String refreshTokenKey) {
- return null;
+ try {
+ return getRefreshTokenQuery(refreshTokenKey).getSingleResult();
+ } catch (NoResultException ex) {
+ return null;
+ }
}
@Override
protected void doRevokeRefreshToken(RefreshToken rt) {
+ removeEntity(rt);
}
protected void saveAccessToken(ServerAccessToken serverToken) {
@@ -111,6 +124,16 @@ public class JPAOAuthDataProvider extends AbstractOAuthDataProvider {
return entityManager.createQuery(
"SELECT c FROM " + CLIENT_TABLE_NAME + " c WHERE c.clientId = '" + clientId + "'", Client.class);
}
+ protected TypedQuery<ServerAccessToken> getTokenQuery(String tokenKey) {
+ return entityManager.createQuery(
+ "SELECT t FROM " + BEARER_TOKEN_TABLE_NAME + " t WHERE t.tokenKey = '" + tokenKey + "'",
+ ServerAccessToken.class);
+ }
+ protected TypedQuery<RefreshToken> getRefreshTokenQuery(String tokenKey) {
+ return entityManager.createQuery(
+ "SELECT t FROM " + REFRESH_TOKEN_TABLE_NAME + " t WHERE t.tokenKey = '" + tokenKey + "'",
+ RefreshToken.class);
+ }
protected TypedQuery<Client> getClientsQuery(UserSubject resourceOwnerSubject) {
if (resourceOwnerSubject == null) {
return entityManager.createQuery("SELECT c FROM " + CLIENT_TABLE_NAME + " c", Client.class);
http://git-wip-us.apache.org/repos/asf/cxf/blob/a0bb3cc1/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
index c0ecd61..1128c32 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
@@ -18,6 +18,8 @@
*/
package org.apache.cxf.rs.security.oauth2.tokens.bearer;
+import javax.persistence.Entity;
+
import org.apache.cxf.rs.security.oauth2.common.Client;
import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
@@ -26,6 +28,7 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
/**
* Simple Bearer Access Token implementations
*/
+@Entity
public class BearerAccessToken extends ServerAccessToken {
private static final long serialVersionUID = -3614732043728799245L;
http://git-wip-us.apache.org/repos/asf/cxf/blob/a0bb3cc1/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java
index 120d261..9cf80e5 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java
@@ -27,8 +27,12 @@ import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
import javax.persistence.Persistence;
+import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;
import org.apache.cxf.rs.security.oauth2.common.Client;
+import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
+import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
import org.apache.cxf.rs.security.oauth2.common.UserSubject;
+import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
import org.junit.After;
import org.junit.Assert;
@@ -53,6 +57,7 @@ public class JPACodeDataProviderTest extends Assert {
EntityManager em = emFactory.createEntityManager();
provider = new JPACodeDataProvider();
provider.setEntityManager(em);
+ provider.setSupportedScopes(Collections.singletonMap("a", "A Scope"));
} catch (Exception ex) {
ex.printStackTrace();
fail("Exception during JPA EntityManager creation.");
@@ -96,6 +101,27 @@ public class JPACodeDataProviderTest extends Assert {
}
+ @Test
+ public void testAddGetDeleteAccessToken() {
+ Client c = addClient("101", "bob");
+
+ AccessTokenRegistration atr = new AccessTokenRegistration();
+ atr.setClient(c);
+ atr.setApprovedScope(Collections.singletonList("a"));
+ atr.setSubject(c.getResourceOwnerSubject());
+
+ ServerAccessToken at = provider.createAccessToken(atr);
+ ServerAccessToken at2 = provider.getAccessToken(at.getTokenKey());
+ assertEquals(at.getTokenKey(), at2.getTokenKey());
+ List<OAuthPermission> scopes = at2.getScopes();
+ assertNotNull(scopes);
+ assertEquals(1, scopes.size());
+ OAuthPermission perm = scopes.get(0);
+ assertEquals("a", perm.getPermission());
+ provider.revokeToken(c, at.getTokenKey(), OAuthConstants.ACCESS_TOKEN);
+ assertNull(provider.getAccessToken(at.getTokenKey()));
+ }
+
private Client addClient(String clientId, String userLogin) {
Client c = new Client();
c.setRedirectUris(Collections.singletonList("http://client/redirect"));
http://git-wip-us.apache.org/repos/asf/cxf/blob/a0bb3cc1/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml b/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
index 78744d5..eb413f0 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
+++ b/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
@@ -6,6 +6,8 @@
<provider>org.hibernate.ejb.HibernatePersistence</provider>
<class>org.apache.cxf.rs.security.oauth2.common.Client</class>
<class>org.apache.cxf.rs.security.oauth2.common.UserSubject</class>
+ <class>org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken</class>
+ <class>org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken</class>
<exclude-unlisted-classes>true</exclude-unlisted-classes>
<properties>
<property name="hibernate.connection.url" value="jdbc:hsqldb:mem:oauth-jpa"/>
@@ -21,6 +23,8 @@
<provider>org.apache.openjpa.persistence.PersistenceProviderImpl</provider>
<class>org.apache.cxf.rs.security.oauth2.common.Client</class>
<class>org.apache.cxf.rs.security.oauth2.common.UserSubject</class>
+ <class>org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken</class>
+ <class>org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken</class>
<exclude-unlisted-classes>true</exclude-unlisted-classes>
<properties>
<property name="openjpa.ConnectionURL" value="jdbc:hsqldb:mem:oauth-jpa"/>