You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2014/02/11 13:21:29 UTC
svn commit: r1567081 - in /cxf/trunk/rt:
frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/lifecycle/
frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/
frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/
frontend/jaxrs/src/main/java/o...
Author: sergeyb
Date: Tue Feb 11 12:21:28 2014
New Revision: 1567081
URL: http://svn.apache.org/r1567081
Log:
[CXF-5556] Minor updates
Modified:
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/lifecycle/PerRequestResourceProvider.java
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/AbstractJAXBProvider.java
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/KerberosAuthenticationFilter.java
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/ExceptionUtils.java
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/JAXRSUtils.java
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/SpecExceptions.java
cxf/trunk/rt/rs/extensions/providers/src/main/java/org/apache/cxf/jaxrs/provider/atom/AtomPojoProvider.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthHandler.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractTokenService.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java
cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlInHandler.java
cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java
Modified: cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/lifecycle/PerRequestResourceProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/lifecycle/PerRequestResourceProvider.java?rev=1567081&r1=1567080&r2=1567081&view=diff
==============================================================================
--- cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/lifecycle/PerRequestResourceProvider.java (original)
+++ cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/lifecycle/PerRequestResourceProvider.java Tue Feb 11 12:21:28 2014
@@ -102,7 +102,7 @@ public class PerRequestResourceProvider
}
private Response serverError(String msg) {
- return Response.serverError().entity(msg).build();
+ return JAXRSUtils.toResponseBuilder(500).entity(msg).build();
}
/**
Modified: cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/AbstractJAXBProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/AbstractJAXBProvider.java?rev=1567081&r1=1567080&r2=1567081&view=diff
==============================================================================
--- cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/AbstractJAXBProvider.java (original)
+++ cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/AbstractJAXBProvider.java Tue Feb 11 12:21:28 2014
@@ -691,7 +691,7 @@ public abstract class AbstractJAXBProvid
protected static void handleExceptionEnd(Throwable t, String message, boolean read) {
Response.Status status = read
? Response.Status.BAD_REQUEST : Response.Status.INTERNAL_SERVER_ERROR;
- Response r = Response.status(status)
+ Response r = JAXRSUtils.toResponseBuilder(status)
.type(MediaType.TEXT_PLAIN).entity(message).build();
WebApplicationException ex = read ? ExceptionUtils.toBadRequestException(t, r)
: ExceptionUtils.toInternalServerErrorException(t, r);
Modified: cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/KerberosAuthenticationFilter.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/KerberosAuthenticationFilter.java?rev=1567081&r1=1567080&r2=1567081&view=diff
==============================================================================
--- cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/KerberosAuthenticationFilter.java (original)
+++ cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/KerberosAuthenticationFilter.java Tue Feb 11 12:21:28 2014
@@ -168,7 +168,7 @@ public class KerberosAuthenticationFilte
}
private static Response getFaultResponse() {
- return Response.status(401).header(HttpHeaders.WWW_AUTHENTICATE, NEGOTIATE_SCHEME).build();
+ return JAXRSUtils.toResponseBuilder(401).header(HttpHeaders.WWW_AUTHENTICATE, NEGOTIATE_SCHEME).build();
}
protected String getCompleteServicePrincipalName() {
Modified: cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/ExceptionUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/ExceptionUtils.java?rev=1567081&r1=1567080&r2=1567081&view=diff
==============================================================================
--- cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/ExceptionUtils.java (original)
+++ cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/ExceptionUtils.java Tue Feb 11 12:21:28 2014
@@ -128,6 +128,14 @@ public final class ExceptionUtils {
}
}
+ public static WebApplicationException toForbiddenException(Throwable cause, Response response) {
+ try {
+ return SpecExceptions.toForbiddenException(cause, response);
+ } catch (NoClassDefFoundError ex) {
+ return toWebApplicationException(ex, response);
+ }
+ }
+
public static WebApplicationException toNotAcceptableException(Throwable cause, Response response) {
try {
return SpecExceptions.toNotAcceptableException(cause, response);
Modified: cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java?rev=1567081&r1=1567080&r2=1567081&view=diff
==============================================================================
--- cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java (original)
+++ cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java Tue Feb 11 12:21:28 2014
@@ -459,7 +459,7 @@ public final class InjectionUtils {
if (logError) {
LOG.severe(errorMessage.toString());
}
- Response r = Response.status(Response.Status.INTERNAL_SERVER_ERROR)
+ Response r = JAXRSUtils.toResponseBuilder(Response.Status.INTERNAL_SERVER_ERROR)
.type(MediaType.TEXT_PLAIN_TYPE)
.entity(errorMessage.toString()).build();
throw ExceptionUtils.toInternalServerErrorException(null, r);
@@ -1241,12 +1241,12 @@ public final class InjectionUtils {
} catch (InvocationTargetException ex) {
String msg = "Method " + method.getName() + " can not be invoked"
+ " due to InvocationTargetException";
- throw new WebApplicationException(Response.serverError().entity(msg).build());
+ throw new WebApplicationException(JAXRSUtils.toResponseBuilder(500).entity(msg).build());
} catch (IllegalAccessException ex) {
String msg = "Method " + method.getName() + " can not be invoked"
+ " due to IllegalAccessException";
throw ExceptionUtils.toInternalServerErrorException(ex,
- Response.serverError().entity(msg).build());
+ JAXRSUtils.toResponseBuilder(500).entity(msg).build());
}
}
}
Modified: cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/JAXRSUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/JAXRSUtils.java?rev=1567081&r1=1567080&r2=1567081&view=diff
==============================================================================
--- cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/JAXRSUtils.java (original)
+++ cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/JAXRSUtils.java Tue Feb 11 12:21:28 2014
@@ -580,7 +580,7 @@ public final class JAXRSUtils {
public static Response createResponse(List<ClassResourceInfo> cris, Message msg,
String responseMessage, int status, boolean addAllow) {
- ResponseBuilder rb = Response.status(status);
+ ResponseBuilder rb = toResponseBuilder(status);
if (addAllow) {
Set<String> allowedMethods = new HashSet<String>();
for (ClassResourceInfo cri : cris) {
Modified: cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/SpecExceptions.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/SpecExceptions.java?rev=1567081&r1=1567080&r2=1567081&view=diff
==============================================================================
--- cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/SpecExceptions.java (original)
+++ cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/SpecExceptions.java Tue Feb 11 12:21:28 2014
@@ -37,7 +37,7 @@ import javax.ws.rs.ServiceUnavailableExc
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
-public final class SpecExceptions {
+final class SpecExceptions {
private static final Map<Integer, Class<?>> EXCEPTIONS_MAP;
@@ -94,6 +94,11 @@ public final class SpecExceptions {
return new NotAuthorizedException(checkResponse(response, 401), cause);
}
+ public static ForbiddenException toForbiddenException(Throwable cause, Response response) {
+
+ return new ForbiddenException(checkResponse(response, 403), cause);
+ }
+
public static NotAcceptableException toNotAcceptableException(Throwable cause, Response response) {
return new NotAcceptableException(checkResponse(response, 406), cause);
Modified: cxf/trunk/rt/rs/extensions/providers/src/main/java/org/apache/cxf/jaxrs/provider/atom/AtomPojoProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/extensions/providers/src/main/java/org/apache/cxf/jaxrs/provider/atom/AtomPojoProvider.java?rev=1567081&r1=1567080&r2=1567081&view=diff
==============================================================================
--- cxf/trunk/rt/rs/extensions/providers/src/main/java/org/apache/cxf/jaxrs/provider/atom/AtomPojoProvider.java (original)
+++ cxf/trunk/rt/rs/extensions/providers/src/main/java/org/apache/cxf/jaxrs/provider/atom/AtomPojoProvider.java Tue Feb 11 12:21:28 2014
@@ -62,6 +62,7 @@ import org.apache.cxf.jaxrs.provider.Abs
import org.apache.cxf.jaxrs.provider.JAXBElementProvider;
import org.apache.cxf.jaxrs.utils.ExceptionUtils;
import org.apache.cxf.jaxrs.utils.InjectionUtils;
+import org.apache.cxf.jaxrs.utils.JAXRSUtils;
@Produces({"application/atom+xml", "application/atom+xml;type=feed", "application/atom+xml;type=entry" })
@Consumes({"application/atom+xml", "application/atom+xml;type=feed", "application/atom+xml;type=entry" })
@@ -548,7 +549,7 @@ public class AtomPojoProvider extends Ab
}
private void reportError(String message, Exception ex, int status) {
LOG.warning(message);
- Response response = Response.status(status).type("text/plain").entity(message).build();
+ Response response = JAXRSUtils.toResponseBuilder(status).type("text/plain").entity(message).build();
throw ExceptionUtils.toHttpException(ex, response);
}
private void reportError(String message, Exception ex) {
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthHandler.java?rev=1567081&r1=1567080&r2=1567081&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthHandler.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthHandler.java Tue Feb 11 12:21:28 2014
@@ -25,7 +25,6 @@ import java.io.InputStream;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.MultivaluedMap;
-import javax.ws.rs.core.Response;
import org.w3c.dom.Element;
@@ -63,7 +62,7 @@ public class Saml2BearerAuthHandler exte
String assertionType = formData.getFirst(Constants.CLIENT_AUTH_ASSERTION_TYPE);
String decodedAssertionType = assertionType != null ? HttpUtils.urlDecode(assertionType) : null;
if (decodedAssertionType == null || !Constants.CLIENT_AUTH_SAML2_BEARER.equals(decodedAssertionType)) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
String assertion = formData.getFirst(Constants.CLIENT_AUTH_ASSERTION_PARAM);
@@ -80,7 +79,7 @@ public class Saml2BearerAuthHandler exte
try {
FormUtils.restoreForm(provider, form, message);
} catch (Exception ex) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
}
@@ -88,20 +87,20 @@ public class Saml2BearerAuthHandler exte
try {
return FormUtils.readForm(provider, message);
} catch (Exception ex) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
}
protected Element readToken(Message message, String assertion) {
if (assertion == null) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
try {
byte[] deflatedToken = Base64UrlUtility.decode(assertion);
InputStream is = new ByteArrayInputStream(deflatedToken);
return readToken(message, is);
} catch (Base64Exception ex) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
}
@@ -116,18 +115,15 @@ public class Saml2BearerAuthHandler exte
// Introduce SAMLOAuth2Validator to be reused between auth and grant handlers
Subject subject = SAMLUtils.getSubject(message, wrapper);
if (subject.getName() == null) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
if (clientId != null && !clientId.equals(subject.getName())) {
//TODO: Attempt to map client_id to subject.getName()
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
samlOAuthValidator.validate(message, wrapper);
message.put(OAuthConstants.CLIENT_ID, subject.getName());
}
- private static Response errorResponse() {
- return Response.status(401).build();
- }
}
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java?rev=1567081&r1=1567080&r2=1567081&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java Tue Feb 11 12:21:28 2014
@@ -21,7 +21,6 @@ package org.apache.cxf.rs.security.oauth
import java.util.List;
-import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
import org.apache.cxf.jaxrs.impl.UriInfoImpl;
@@ -72,11 +71,11 @@ public class SamlOAuthValidator {
String expectedIssuer = OAuthConstants.CLIENT_ID.equals(issuer)
? wrapper.getSaml2().getSubject().getNameID().getValue() : issuer;
if (actualIssuer == null || !actualIssuer.equals(expectedIssuer)) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
}
if (!validateAuthenticationSubject(message, cs, wrapper.getSaml2().getSubject())) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
}
@@ -97,7 +96,7 @@ public class SamlOAuthValidator {
}
}
}
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
private String getAbsoluteTargetAddress(Message m) {
@@ -142,19 +141,19 @@ public class SamlOAuthValidator {
&& cs.getNotOnOrAfter() != null && !cs.getNotOnOrAfter().isBeforeNow()) {
return;
}
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
// Recipient must match assertion consumer URL
String recipient = subjectConfData.getRecipient();
if (recipient == null || !recipient.equals(getAbsoluteTargetAddress(m))) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
// We must have a NotOnOrAfter timestamp
if (subjectConfData.getNotOnOrAfter() == null
|| subjectConfData.getNotOnOrAfter().isBeforeNow()) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
//TODO: replay cache, same as with SAML SSO case
@@ -162,13 +161,10 @@ public class SamlOAuthValidator {
// Check address
if (subjectConfData.getAddress() != null
&& (clientAddress == null || !subjectConfData.getAddress().equals(clientAddress))) {
- throw ExceptionUtils.toNotAuthorizedException(null, errorResponse());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
}
- private static Response errorResponse() {
- return Response.status(401).build();
- }
}
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java?rev=1567081&r1=1567080&r2=1567081&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java Tue Feb 11 12:21:28 2014
@@ -23,12 +23,12 @@ import java.util.logging.Logger;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedMap;
-import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.ResponseBuilder;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.jaxrs.utils.ExceptionUtils;
+import org.apache.cxf.jaxrs.utils.JAXRSUtils;
import org.apache.cxf.rs.security.oauth2.common.Client;
import org.apache.cxf.rs.security.oauth2.common.OAuthError;
import org.apache.cxf.rs.security.oauth2.provider.OAuthDataProvider;
@@ -122,7 +122,7 @@ public abstract class AbstractOAuthServi
}
protected void reportInvalidRequestError(OAuthError entity, MediaType mt) {
- ResponseBuilder rb = Response.status(400);
+ ResponseBuilder rb = JAXRSUtils.toResponseBuilder(400);
if (mt != null) {
rb.type(mt);
}
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractTokenService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractTokenService.java?rev=1567081&r1=1567080&r2=1567081&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractTokenService.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractTokenService.java Tue Feb 11 12:21:28 2014
@@ -28,6 +28,7 @@ import javax.ws.rs.core.Response.Respons
import javax.ws.rs.core.SecurityContext;
import org.apache.cxf.jaxrs.utils.ExceptionUtils;
+import org.apache.cxf.jaxrs.utils.JAXRSUtils;
import org.apache.cxf.rs.security.oauth2.common.Client;
import org.apache.cxf.rs.security.oauth2.common.OAuthError;
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
@@ -97,7 +98,7 @@ public class AbstractTokenService extend
if (clientSecret == null || client.getClientSecret() == null
|| !client.getClientId().equals(clientId)
|| !client.getClientSecret().equals(clientSecret)) {
- throw ExceptionUtils.toNotAuthorizedException(null, Response.status(401).build());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
return client;
}
@@ -117,7 +118,7 @@ public class AbstractTokenService extend
}
protected Response createErrorResponseFromBean(OAuthError errorBean) {
- return Response.status(400).entity(errorBean).build();
+ return JAXRSUtils.toResponseBuilder(400).entity(errorBean).build();
}
/**
@@ -151,7 +152,7 @@ public class AbstractTokenService extend
}
protected void reportInvalidClient(OAuthError error) {
- ResponseBuilder rb = Response.status(401);
+ ResponseBuilder rb = JAXRSUtils.toResponseBuilder(401);
throw ExceptionUtils.toNotAuthorizedException(null,
rb.type(MediaType.APPLICATION_JSON_TYPE).entity(error).build());
}
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java?rev=1567081&r1=1567080&r2=1567081&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java Tue Feb 11 12:21:28 2014
@@ -302,7 +302,7 @@ public abstract class RedirectionBasedGr
SecurityContext securityContext =
(SecurityContext)getMessageContext().get(SecurityContext.class.getName());
if (securityContext == null || securityContext.getUserPrincipal() == null) {
- throw ExceptionUtils.toNotAuthorizedException(null, Response.status(401).build());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
checkTransportSecurity();
return securityContext;
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java?rev=1567081&r1=1567080&r2=1567081&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java Tue Feb 11 12:21:28 2014
@@ -30,6 +30,7 @@ import javax.ws.rs.core.Response.Respons
import org.apache.cxf.common.util.Base64Utility;
import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.jaxrs.utils.ExceptionUtils;
+import org.apache.cxf.jaxrs.utils.JAXRSUtils;
/**
* Authorization helpers
@@ -49,7 +50,7 @@ public final class AuthorizationUtils {
if (authInfo.length == 2) {
return authInfo;
}
- throw ExceptionUtils.toNotAuthorizedException(null, Response.status(401).build());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
public static String[] getAuthorizationParts(MessageContext mc) {
@@ -74,7 +75,7 @@ public final class AuthorizationUtils {
}
public static void throwAuthorizationFailure(Set<String> challenges, String realm) {
- ResponseBuilder rb = Response.status(401);
+ ResponseBuilder rb = JAXRSUtils.toResponseBuilder(401);
StringBuilder sb = new StringBuilder();
for (String challenge : challenges) {
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java?rev=1567081&r1=1567080&r2=1567081&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java Tue Feb 11 12:21:28 2014
@@ -20,10 +20,6 @@ package org.apache.cxf.rs.security.oauth
import java.util.List;
-import javax.ws.rs.WebApplicationException;
-import javax.ws.rs.core.Response;
-import javax.ws.rs.core.Response.Status;
-
import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.jaxrs.utils.ExceptionUtils;
import org.apache.cxf.rs.security.oauth2.common.OAuthContext;
@@ -82,7 +78,7 @@ public final class OAuthContextUtils {
*/
public static void assertRole(final MessageContext mc, final String role) {
if (!isUserInRole(mc, role)) {
- throw new WebApplicationException(Status.FORBIDDEN);
+ throw ExceptionUtils.toForbiddenException(null, null);
}
}
@@ -124,7 +120,7 @@ public final class OAuthContextUtils {
public static void assertClient(MessageContext mc, String client) {
String cl = resolveClient(mc);
if ((cl == null) || !cl.equals(client)) {
- throw new WebApplicationException(Status.FORBIDDEN);
+ throw ExceptionUtils.toForbiddenException(null, null);
}
}
@@ -136,7 +132,7 @@ public final class OAuthContextUtils {
public static OAuthContext getContext(final MessageContext mc) {
final OAuthContext oauth = mc.getContent(OAuthContext.class);
if ((oauth == null) || (oauth.getSubject() == null) || (oauth.getSubject().getLogin() == null)) {
- throw ExceptionUtils.toNotAuthorizedException(null, Response.status(401).build());
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
return oauth;
}
Modified: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlInHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlInHandler.java?rev=1567081&r1=1567080&r2=1567081&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlInHandler.java (original)
+++ cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlInHandler.java Tue Feb 11 12:21:28 2014
@@ -39,6 +39,7 @@ import org.w3c.dom.Node;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.jaxrs.utils.ExceptionUtils;
+import org.apache.cxf.jaxrs.utils.JAXRSUtils;
import org.apache.cxf.message.Message;
import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.rs.security.common.CryptoLoader;
@@ -218,7 +219,7 @@ public abstract class AbstractSamlInHand
// TODO: get bundle resource message once this filter is moved
// to rt/rs/security
LOG.warning(error);
- Response response = Response.status(401).entity(error).build();
+ Response response = JAXRSUtils.toResponseBuilder(401).entity(error).build();
throw ExceptionUtils.toNotAuthorizedException(null, response);
}
Modified: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java?rev=1567081&r1=1567080&r2=1567081&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java (original)
+++ cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/AbstractXmlSecInHandler.java Tue Feb 11 12:21:28 2014
@@ -32,6 +32,7 @@ import org.w3c.dom.NodeList;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.jaxrs.utils.ExceptionUtils;
+import org.apache.cxf.jaxrs.utils.JAXRSUtils;
import org.apache.cxf.message.Message;
import org.apache.cxf.staxutils.StaxUtils;
import org.apache.cxf.staxutils.W3CDOMStreamReader;
@@ -80,7 +81,7 @@ public abstract class AbstractXmlSecInHa
protected void throwFault(String error, Exception ex) {
LOG.warning(error);
- Response response = Response.status(400).entity(error).build();
+ Response response = JAXRSUtils.toResponseBuilder(400).entity(error).build();
throw ExceptionUtils.toBadRequestException(null, response);
}
Modified: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java?rev=1567081&r1=1567080&r2=1567081&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java (original)
+++ cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecInInterceptor.java Tue Feb 11 12:21:28 2014
@@ -41,6 +41,7 @@ import org.apache.cxf.common.logging.Log
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.interceptor.StaxInInterceptor;
import org.apache.cxf.jaxrs.utils.ExceptionUtils;
+import org.apache.cxf.jaxrs.utils.JAXRSUtils;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.phase.PhaseInterceptor;
@@ -293,7 +294,7 @@ public class XmlSecInInterceptor impleme
protected void throwFault(String error, Exception ex) {
LOG.warning(error);
- Response response = Response.status(400).entity(error).build();
+ Response response = JAXRSUtils.toResponseBuilder(400).entity(error).build();
throw ExceptionUtils.toBadRequestException(null, response);
}
Modified: cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java?rev=1567081&r1=1567080&r2=1567081&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java (original)
+++ cxf/trunk/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/xml/XmlSecOutInterceptor.java Tue Feb 11 12:21:28 2014
@@ -42,6 +42,7 @@ import org.apache.cxf.interceptor.Abstra
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.interceptor.StaxOutInterceptor;
import org.apache.cxf.jaxrs.utils.ExceptionUtils;
+import org.apache.cxf.jaxrs.utils.JAXRSUtils;
import org.apache.cxf.message.Exchange;
import org.apache.cxf.message.Message;
import org.apache.cxf.message.MessageUtils;
@@ -314,7 +315,7 @@ public class XmlSecOutInterceptor implem
protected void throwFault(String error, Exception ex) {
LOG.warning(error);
- Response response = Response.status(400).entity(error).build();
+ Response response = JAXRSUtils.toResponseBuilder(400).entity(error).build();
throw ExceptionUtils.toBadRequestException(null, response);
}