You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2013/08/28 17:18:26 UTC
svn commit: r1518260 - in /cxf/branches/2.6.x-fixes: ./
rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/
rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/
rt/rs/sec...
Author: sergeyb
Date: Wed Aug 28 15:18:26 2013
New Revision: 1518260
URL: http://svn.apache.org/r1518260
Log:
Merged revisions 1518252,1518257 via svnmerge from
https://svn.apache.org/repos/asf/cxf/branches/2.7.x-fixes
................
r1518252 | sergeyb | 2013-08-28 16:10:14 +0100 (Wed, 28 Aug 2013) | 9 lines
Merged revisions 1518208 via svnmerge from
https://svn.apache.org/repos/asf/cxf/trunk
........
r1518208 | sergeyb | 2013-08-28 15:00:14 +0100 (Wed, 28 Aug 2013) | 1 line
Support public clients having redirect URIs
........
................
r1518257 | sergeyb | 2013-08-28 16:13:05 +0100 (Wed, 28 Aug 2013) | 9 lines
Merged revisions 1518240 via svnmerge from
https://svn.apache.org/repos/asf/cxf/trunk
........
r1518240 | sergeyb | 2013-08-28 16:04:38 +0100 (Wed, 28 Aug 2013) | 1 line
[CXF-5236] Make most of OAuth2 model classes Serializable
........
................
Modified:
cxf/branches/2.6.x-fixes/ (props changed)
cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessToken.java
cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/Client.java
cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ClientAccessToken.java
cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/UserSubject.java
cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/mac/MacAccessToken.java
cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.java
Propchange: cxf/branches/2.6.x-fixes/
------------------------------------------------------------------------------
Merged /cxf/branches/2.7.x-fixes:r1518252-1518257
Merged /cxf/trunk:r1518208,1518240
Propchange: cxf/branches/2.6.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.
Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessToken.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessToken.java?rev=1518260&r1=1518259&r2=1518260&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessToken.java (original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessToken.java Wed Aug 28 15:18:26 2013
@@ -18,14 +18,17 @@
*/
package org.apache.cxf.rs.security.oauth2.common;
+import java.io.Serializable;
import java.util.LinkedHashMap;
import java.util.Map;
/**
* Base Access Token representation
*/
-public abstract class AccessToken {
+public abstract class AccessToken implements Serializable {
+ private static final long serialVersionUID = -5750544301887053480L;
+
private String tokenKey;
private String tokenType;
private String refreshToken;
Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/Client.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/Client.java?rev=1518260&r1=1518259&r2=1518260&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/Client.java (original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/Client.java Wed Aug 28 15:18:26 2013
@@ -18,13 +18,16 @@
*/
package org.apache.cxf.rs.security.oauth2.common;
+import java.io.Serializable;
import java.util.LinkedList;
import java.util.List;
/**
* Represents a registered third-party Client application
*/
-public class Client {
+public class Client implements Serializable {
+
+ private static final long serialVersionUID = -5550840247125850922L;
private String clientId;
// TODO: Consider introducing ClientCredentials instead
Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ClientAccessToken.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ClientAccessToken.java?rev=1518260&r1=1518259&r2=1518260&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ClientAccessToken.java (original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ClientAccessToken.java Wed Aug 28 15:18:26 2013
@@ -28,6 +28,7 @@ package org.apache.cxf.rs.security.oauth
*/
public class ClientAccessToken extends AccessToken {
+ private static final long serialVersionUID = 831870452726298523L;
private String scope;
public ClientAccessToken(String tokenType, String tokenKey) {
Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java?rev=1518260&r1=1518259&r2=1518260&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java (original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java Wed Aug 28 15:18:26 2013
@@ -25,6 +25,8 @@ import java.util.List;
* Server Access Token representation
*/
public abstract class ServerAccessToken extends AccessToken {
+ private static final long serialVersionUID = 638776204861456064L;
+
private String grantType;
private Client client;
private List<OAuthPermission> scopes = new LinkedList<OAuthPermission>();
Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/UserSubject.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/UserSubject.java?rev=1518260&r1=1518259&r2=1518260&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/UserSubject.java (original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/UserSubject.java Wed Aug 28 15:18:26 2013
@@ -18,6 +18,7 @@
*/
package org.apache.cxf.rs.security.oauth2.common;
+import java.io.Serializable;
import java.util.LinkedList;
import java.util.List;
@@ -28,7 +29,9 @@ import javax.xml.bind.annotation.XmlRoot
* may capture after the end user approved a given third party request
*/
@XmlRootElement
-public class UserSubject {
+public class UserSubject implements Serializable {
+
+ private static final long serialVersionUID = -1469694589163385689L;
private String login;
private String id;
Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java?rev=1518260&r1=1518259&r2=1518260&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java (original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java Wed Aug 28 15:18:26 2013
@@ -18,6 +18,7 @@
*/
package org.apache.cxf.rs.security.oauth2.grants.code;
+import java.io.Serializable;
import java.util.Collections;
import java.util.List;
@@ -29,7 +30,9 @@ import org.apache.cxf.rs.security.oauth2
/**
* The Authorization Code Grant representation visible to the server
*/
-public class ServerAuthorizationCodeGrant extends AuthorizationCodeGrant {
+public class ServerAuthorizationCodeGrant extends AuthorizationCodeGrant implements Serializable {
+ private static final long serialVersionUID = -5004608901535459036L;
+
private long issuedAt;
private long lifetime;
private Client client;
Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java?rev=1518260&r1=1518259&r2=1518260&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java (original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java Wed Aug 28 15:18:26 2013
@@ -189,7 +189,6 @@ public class AccessTokenService extends
if (canSupportPublicClients
&& !client.isConfidential()
&& client.getClientSecret() == null
- && client.getRedirectUris().isEmpty()
&& clientSecret == null) {
return client;
}
Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java?rev=1518260&r1=1518259&r2=1518260&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java (original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java Wed Aug 28 15:18:26 2013
@@ -124,13 +124,12 @@ public class AuthorizationCodeGrantServi
@Override
protected boolean canSupportPublicClient(Client c) {
- return canSupportPublicClients && !c.isConfidential()
- && c.getClientSecret() == null && c.getRedirectUris().isEmpty();
+ return canSupportPublicClients && !c.isConfidential() && c.getClientSecret() == null;
}
@Override
protected boolean canRedirectUriBeEmpty(Client c) {
- return canSupportPublicClient(c);
+ return canSupportPublicClient(c) && c.getRedirectUris().isEmpty();
}
public void setCanSupportPublicClients(boolean support) {
Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java?rev=1518260&r1=1518259&r2=1518260&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java (original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java Wed Aug 28 15:18:26 2013
@@ -27,6 +27,8 @@ import org.apache.cxf.rs.security.oauth2
* Simple Bearer Access Token implementations
*/
public class BearerAccessToken extends ServerAccessToken {
+ private static final long serialVersionUID = -3614732043728799245L;
+
public BearerAccessToken(Client client,
long lifetime) {
super(client,
Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/mac/MacAccessToken.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/mac/MacAccessToken.java?rev=1518260&r1=1518259&r2=1518260&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/mac/MacAccessToken.java (original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/mac/MacAccessToken.java Wed Aug 28 15:18:26 2013
@@ -26,6 +26,8 @@ import org.apache.cxf.rs.security.oauth2
//See http://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-01
public class MacAccessToken extends ServerAccessToken {
+ private static final long serialVersionUID = -4331703769692080818L;
+
public MacAccessToken(Client client,
long lifetime) {
this(client, HmacAlgorithm.HmacSHA256, lifetime);
Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.java?rev=1518260&r1=1518259&r2=1518260&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.java (original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.java Wed Aug 28 15:18:26 2013
@@ -31,6 +31,7 @@ import org.apache.cxf.rs.security.oauth2
*/
public class RefreshToken extends ServerAccessToken {
+ private static final long serialVersionUID = 2837120382251693874L;
private List<String> accessTokens = new LinkedList<String>();
public RefreshToken(Client client,