You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2016/01/28 17:16:06 UTC
cxf git commit: Passing a user preference about hiding already
authorized scopes in a form
Repository: cxf
Updated Branches:
refs/heads/master fadc6492c -> 86ad39342
Passing a user preference about hiding already authorized scopes in a form
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/86ad3934
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/86ad3934
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/86ad3934
Branch: refs/heads/master
Commit: 86ad393426e77313c34c45b447aad848c6f92be7
Parents: fadc649
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Thu Jan 28 16:14:41 2016 +0000
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Thu Jan 28 16:14:41 2016 +0000
----------------------------------------------------------------------
.../rs/security/oauth2/common/OAuthAuthorizationData.java | 9 +++++++++
.../oauth2/services/RedirectionBasedGrantService.java | 10 +++++++++-
2 files changed, 18 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/86ad3934/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthAuthorizationData.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthAuthorizationData.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthAuthorizationData.java
index d234f31..04618d6 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthAuthorizationData.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthAuthorizationData.java
@@ -50,6 +50,7 @@ public class OAuthAuthorizationData extends OAuthRedirectionState implements Ser
private List<OAuthPermission> permissions;
private List<OAuthPermission> alreadyAuthorizedPermissions;
+ private boolean hidePreauthorizedScopesInForm;
public OAuthAuthorizationData() {
}
@@ -219,4 +220,12 @@ public class OAuthAuthorizationData extends OAuthRedirectionState implements Ser
this.implicitFlow = implicitFlow;
}
+ public boolean isHidePreauthorizedScopesInForm() {
+ return hidePreauthorizedScopesInForm;
+ }
+
+ public void setHidePreauthorizedScopesInForm(boolean hidePreauthorizedScopesInForm) {
+ this.hidePreauthorizedScopesInForm = hidePreauthorizedScopesInForm;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/86ad3934/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
index 133ce30..597f7ea 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
@@ -65,6 +65,7 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService
private ResourceOwnerNameProvider resourceOwnerNameProvider;
private int maxDefaultSessionInterval;
private boolean matchRedirectUriWithApplicationUri;
+ private boolean hidePreauthorizedScopesInForm;
protected RedirectionBasedGrantService(String supportedResponseType,
String supportedGrantType) {
@@ -177,6 +178,9 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService
alreadyAuthorizedPerms = preAuthorizedToken.getScopes();
preAuthorizationComplete =
OAuthUtils.convertPermissionsToScopeList(alreadyAuthorizedPerms).containsAll(requestedScope);
+ if (!preAuthorizationComplete) {
+ preAuthorizedToken = null;
+ }
}
final boolean authorizationCanBeSkipped = preAuthorizationComplete
|| canAuthorizationBeSkipped(client, userSubject, requestedScope, requestedPermissions);
@@ -190,7 +194,7 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService
if (authorizationCanBeSkipped) {
List<OAuthPermission> approvedScopes =
- preAuthorizedToken != null ? preAuthorizedToken.getScopes() : requestedPermissions;
+ preAuthorizationComplete ? preAuthorizedToken.getScopes() : requestedPermissions;
return createGrant(data,
client,
requestedScope,
@@ -239,6 +243,7 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService
if (!authorizationCanBeSkipped) {
secData.setPermissions(requestedPerms);
secData.setAlreadyAuthorizedPermissions(alreadyAuthorizedPerms);
+ secData.setHidePreauthorizedScopesInForm(hidePreauthorizedScopesInForm);
secData.setApplicationName(client.getApplicationName());
secData.setApplicationWebUri(client.getApplicationWebUri());
secData.setApplicationDescription(client.getApplicationDescription());
@@ -503,4 +508,7 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService
public void setMatchRedirectUriWithApplicationUri(boolean matchRedirectUriWithApplicationUri) {
this.matchRedirectUriWithApplicationUri = matchRedirectUriWithApplicationUri;
}
+ public void setHidePreauthorizedScopesInForm(boolean hidePreauthorizedScopesInForm) {
+ this.hidePreauthorizedScopesInForm = hidePreauthorizedScopesInForm;
+ }
}