You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2012/01/19 18:29:40 UTC
svn commit: r1233491 - in /cxf/branches/2.5.x-fixes: ./
rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/
rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/
rt/rs/security/oaut...
Author: sergeyb
Date: Thu Jan 19 17:29:40 2012
New Revision: 1233491
URL: http://svn.apache.org/viewvc?rev=1233491&view=rev
Log:
Merged revisions 1233478 via svnmerge from
https://svn.apache.org/repos/asf/cxf/trunk
........
r1233478 | sergeyb | 2012-01-19 17:16:12 +0000 (Thu, 19 Jan 2012) | 1 line
[CXF-4047] OAuthContext needs to provide an access to OAuthPermissions
........
Modified:
cxf/branches/2.5.x-fixes/ (props changed)
cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthContext.java
cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthPermission.java
cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/UserSubject.java
cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java
cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthInfo.java
cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java
Propchange: cxf/branches/2.5.x-fixes/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Thu Jan 19 17:29:40 2012
@@ -1 +1 @@
-/cxf/trunk:1233075,1233112,1233289-1233294,1233308,1233355,1233401
+/cxf/trunk:1233075,1233112,1233289-1233294,1233308,1233355,1233401,1233478
Propchange: cxf/branches/2.5.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.
Modified: cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthContext.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthContext.java?rev=1233491&r1=1233490&r2=1233491&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthContext.java (original)
+++ cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthContext.java Thu Jan 19 17:29:40 2012
@@ -18,23 +18,30 @@
*/
package org.apache.cxf.rs.security.oauth.data;
+import java.util.Collections;
+import java.util.List;
+
/**
* Captures the information which custom filters may use to further protect the endpoints
*/
public class OAuthContext {
-
- private UserSubject subject;
- public void setSubject(UserSubject subject) {
+ private UserSubject subject;
+ private List<OAuthPermission> permissions;
+
+ public OAuthContext(UserSubject subject, List<OAuthPermission> perms) {
this.subject = subject;
+ this.permissions = perms;
}
-
+
public UserSubject getSubject() {
return subject;
}
-
+ public List<OAuthPermission> getPermissions() {
+ return Collections.unmodifiableList(permissions);
+ }
}
Modified: cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthPermission.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthPermission.java?rev=1233491&r1=1233490&r2=1233491&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthPermission.java (original)
+++ cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthPermission.java Thu Jan 19 17:29:40 2012
@@ -33,26 +33,35 @@ public class OAuthPermission extends Per
public OAuthPermission(String permission, String description, String role) {
this(permission, description, Collections.singletonList(role));
}
-
+
public OAuthPermission(String permission, String description, List<String> roles) {
super(permission, description);
this.roles = roles;
}
+ public OAuthPermission(String permission, String description,
+ List<String> roles, List<String> httpVerbs) {
+ this(permission, description, roles);
+ this.httpVerbs = httpVerbs;
+ }
+
+ public OAuthPermission(String permission,
+ String description,
+ List<String> roles,
+ List<String> httpVerbs,
+ List<String> uris,
+ boolean authorizeKeyRequired) {
+ this(permission, description, roles, httpVerbs);
+ this.uri = uris;
+ this.authorizationKeyRequired = authorizeKeyRequired;
+ }
+
/**
* Returns an optional list of role names
* @return the roles
*/
public List<String> getRoles() {
- return roles;
- }
-
- /**
- * Sets an optional list of HTTP verbs
- * @param httpVerbs the verbs
- */
- public void setHttpVerbs(List<String> httpVerbs) {
- this.httpVerbs = httpVerbs;
+ return Collections.unmodifiableList(roles);
}
/**
@@ -60,15 +69,7 @@ public class OAuthPermission extends Per
* @return the list of verbs
*/
public List<String> getHttpVerbs() {
- return httpVerbs;
- }
-
- /**
- * Sets an optional list of URIs
- * @param uri the uris
- */
- public void setUris(List<String> uris) {
- this.uri = uris;
+ return Collections.unmodifiableList(httpVerbs);
}
/**
@@ -76,16 +77,7 @@ public class OAuthPermission extends Per
* @return the uri
*/
public List<String> getUris() {
- return uri;
- }
-
- /**
- * Can be used to disable the default requirement for all
- * consumer requests to contain an access token
- * @param authorizationKeyRequired the boolean value
- */
- public void setAuthorizationKeyRequired(boolean authorizationKeyRequired) {
- this.authorizationKeyRequired = authorizationKeyRequired;
+ return Collections.unmodifiableList(uri);
}
/**
Modified: cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/UserSubject.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/UserSubject.java?rev=1233491&r1=1233490&r2=1233491&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/UserSubject.java (original)
+++ cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/UserSubject.java Thu Jan 19 17:29:40 2012
@@ -18,6 +18,7 @@
*/
package org.apache.cxf.rs.security.oauth.data;
+import java.util.Collections;
import java.util.List;
/**
@@ -29,20 +30,17 @@ public class UserSubject {
private String login;
private List<String> roles;
- public void setLogin(String login) {
+ public UserSubject(String login, List<String> roles) {
this.login = login;
+ this.roles = roles;
}
-
+
public String getLogin() {
return login;
}
- public void setRoles(List<String> roles) {
- this.roles = roles;
- }
-
public List<String> getRoles() {
- return roles;
+ return Collections.unmodifiableList(roles);
}
Modified: cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java?rev=1233491&r1=1233490&r2=1233491&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java (original)
+++ cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java Thu Jan 19 17:29:40 2012
@@ -199,10 +199,10 @@ public class AbstractAuthFilter {
}
protected OAuthContext createOAuthContext(OAuthInfo info) {
- OAuthContext context = new OAuthContext();
+ UserSubject subject = null;
if (info.getToken() != null) {
- context.setSubject(info.getToken().getSubject());
+ subject = info.getToken().getSubject();
}
- return context;
+ return new OAuthContext(subject, info.getPermissions());
}
}
Modified: cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthInfo.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthInfo.java?rev=1233491&r1=1233490&r2=1233491&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthInfo.java (original)
+++ cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthInfo.java Thu Jan 19 17:29:40 2012
@@ -57,6 +57,10 @@ public class OAuthInfo {
return authorities;
}
+ public List<OAuthPermission> getPermissions() {
+ return permissions;
+ }
+
public boolean useUserSubject() {
return useUserSubject;
}
Modified: cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java?rev=1233491&r1=1233490&r2=1233491&view=diff
==============================================================================
--- cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java (original)
+++ cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java Thu Jan 19 17:29:40 2012
@@ -22,6 +22,7 @@ import java.io.IOException;
import java.net.URI;
import java.security.Principal;
import java.util.ArrayList;
+import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -87,18 +88,16 @@ public class AuthorizationRequestHandler
Map<String, String> queryParams = new HashMap<String, String>();
if (allow) {
SecurityContext sc = mc.getSecurityContext();
-
- UserSubject subject = new UserSubject();
- subject.setLogin(sc.getUserPrincipal().getName());
+ List<String> roleNames = Collections.emptyList();
if (sc instanceof LoginSecurityContext) {
- List<String> roleNames = new ArrayList<String>();
+ roleNames = new ArrayList<String>();
Set<Principal> roles = ((LoginSecurityContext)sc).getUserRoles();
for (Principal p : roles) {
roleNames.add(p.getName());
}
- subject.setRoles(roleNames);
}
- token.setSubject(subject);
+ token.setSubject(new UserSubject(sc.getUserPrincipal().getName(),
+ roleNames));
String verifier = dataProvider.setRequestTokenVerifier(token);
queryParams.put(OAuth.OAUTH_VERIFIER, verifier);