You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2016/04/14 18:14:10 UTC
cxf git commit: Setting a correct token to permission relationship
Repository: cxf
Updated Branches:
refs/heads/master 1963e01b4 -> 0caf56378
Setting a correct token to permission relationship
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/0caf5637
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/0caf5637
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/0caf5637
Branch: refs/heads/master
Commit: 0caf563789f6968e2480bc885abd9ab01c8eae35
Parents: 1963e01
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Thu Apr 14 17:13:55 2016 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Thu Apr 14 17:13:55 2016 +0100
----------------------------------------------------------------------
rt/rs/security/oauth-parent/oauth2/pom.xml | 13 +++++----
.../oauth2/common/ServerAccessToken.java | 4 +--
.../oauth2/provider/JPAOAuthDataProvider.java | 12 ++++----
.../provider/JPAOAuthDataProviderTest.java | 6 ++++
.../src/test/resources/META-INF/persistence.xml | 1 +
rt/rs/security/sso/oidc/pom.xml | 30 ++++++++++----------
.../oidc/idp/JPAOidcUserSubjectTest.java | 22 +++++++-------
.../src/test/resources/META-INF/persistence.xml | 1 -
8 files changed, 49 insertions(+), 40 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/0caf5637/rt/rs/security/oauth-parent/oauth2/pom.xml
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/pom.xml b/rt/rs/security/oauth-parent/oauth2/pom.xml
index e0d78f9..b15a3b6 100644
--- a/rt/rs/security/oauth-parent/oauth2/pom.xml
+++ b/rt/rs/security/oauth-parent/oauth2/pom.xml
@@ -96,6 +96,12 @@
<artifactId>easymock</artifactId>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>hsqldb</groupId>
+ <artifactId>hsqldb</artifactId>
+ <version>${hsqldb.version}</version>
+ <scope>test</scope>
+ </dependency>
<!--
<dependency>
<groupId>org.apache.openjpa</groupId>
@@ -110,12 +116,7 @@
<version>${hibernate.em.version}</version>
<scope>test</scope>
</dependency>
- <dependency>
- <groupId>hsqldb</groupId>
- <artifactId>hsqldb</artifactId>
- <version>${hsqldb.version}</version>
- <scope>test</scope>
- </dependency>
+
</dependencies>
<!--
<build>
http://git-wip-us.apache.org/repos/asf/cxf/blob/0caf5637/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
index 7d64ea5..903c864 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
@@ -24,9 +24,9 @@ import java.util.List;
import java.util.Map;
import javax.persistence.ElementCollection;
+import javax.persistence.ManyToMany;
import javax.persistence.MapKeyColumn;
import javax.persistence.MappedSuperclass;
-import javax.persistence.OneToMany;
import javax.persistence.OneToOne;
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
@@ -107,7 +107,7 @@ public abstract class ServerAccessToken extends AccessToken {
* Returns a list of opaque permissions/scopes
* @return the scopes
*/
- @OneToMany
+ @ManyToMany
public List<OAuthPermission> getScopes() {
return scopes;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/0caf5637/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
index 87e37c6..e5cbdc6 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
@@ -51,11 +51,13 @@ public class JPAOAuthDataProvider extends AbstractOAuthDataProvider {
}
public void setClient(Client client) {
- UserSubject sub = getEntityManager().find(UserSubject.class, client.getResourceOwnerSubject().getLogin());
- if (sub == null) {
- persistEntity(client.getResourceOwnerSubject());
- } else {
- client.setResourceOwnerSubject(sub);
+ if (client.getResourceOwnerSubject() != null) {
+ UserSubject sub = getEntityManager().find(UserSubject.class, client.getResourceOwnerSubject().getLogin());
+ if (sub == null) {
+ persistEntity(client.getResourceOwnerSubject());
+ } else {
+ client.setResourceOwnerSubject(sub);
+ }
}
persistEntity(client);
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/0caf5637/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java
index 25d981e..ec0c020 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java
@@ -73,6 +73,11 @@ public class JPAOAuthDataProviderTest extends Assert {
Client c2 = provider.getClient(c.getClientId());
compareClients(c, c2);
+ c2.setClientSecret("567");
+ provider.setClient(c);
+ Client c22 = provider.getClient(c.getClientId());
+ compareClients(c2, c22);
+
provider.removeClient(c.getClientId());
Client c3 = provider.getClient(c.getClientId());
assertNull(c3);
@@ -179,6 +184,7 @@ public class JPAOAuthDataProviderTest extends Assert {
Client c = new Client();
c.setRedirectUris(Collections.singletonList("http://client/redirect"));
c.setClientId(clientId);
+ c.setClientSecret("123");
c.setResourceOwnerSubject(new UserSubject(userLogin));
provider.setClient(c);
return c;
http://git-wip-us.apache.org/repos/asf/cxf/blob/0caf5637/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml b/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
index 1e8328b..814650c 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
+++ b/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
@@ -24,6 +24,7 @@
<property name="javax.persistence.validation.mode" value="none"/>
</properties>
</persistence-unit>
+
<!--
<persistence-unit name="testUnitOpenJPA" transaction-type="RESOURCE_LOCAL">
<provider>org.apache.openjpa.persistence.PersistenceProviderImpl</provider>
http://git-wip-us.apache.org/repos/asf/cxf/blob/0caf5637/rt/rs/security/sso/oidc/pom.xml
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/pom.xml b/rt/rs/security/sso/oidc/pom.xml
index db5f424..c271cd3 100644
--- a/rt/rs/security/sso/oidc/pom.xml
+++ b/rt/rs/security/sso/oidc/pom.xml
@@ -53,16 +53,21 @@
<scope>provided</scope>
<optional>true</optional>
</dependency>
+ <!--test dependencies-->
<dependency>
- <groupId>hsqldb</groupId>
- <artifactId>hsqldb</artifactId>
- <version>${hsqldb.version}</version>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
<dependency>
- <groupId>org.hibernate</groupId>
- <artifactId>hibernate-entitymanager</artifactId>
- <version>${hibernate.em.version}</version>
+ <groupId>org.easymock</groupId>
+ <artifactId>easymock</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>hsqldb</groupId>
+ <artifactId>hsqldb</artifactId>
+ <version>${hsqldb.version}</version>
<scope>test</scope>
</dependency>
<!--
@@ -70,18 +75,13 @@
<groupId>org.apache.openjpa</groupId>
<artifactId>openjpa</artifactId>
<version>${openjpa.version}</version>
- <scope>provided</scope>
+ <scope>test</scope>
</dependency>
-->
- <!--test dependencies-->
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <scope>test</scope>
- </dependency>
<dependency>
- <groupId>org.easymock</groupId>
- <artifactId>easymock</artifactId>
+ <groupId>org.hibernate</groupId>
+ <artifactId>hibernate-entitymanager</artifactId>
+ <version>${hibernate.em.version}</version>
<scope>test</scope>
</dependency>
</dependencies>
http://git-wip-us.apache.org/repos/asf/cxf/blob/0caf5637/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java b/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java
index 6799297..4b18902 100644
--- a/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java
+++ b/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java
@@ -86,17 +86,17 @@ public class JPAOidcUserSubjectTest extends Assert {
OidcUserSubject oidcSubject2 = (OidcUserSubject)at2.getSubject();
assertEquals(c.getClientId(), oidcSubject2.getIdToken().getAudience());
-// OidcUserSubject oidcSubject3 = new OidcUserSubject();
-// oidcSubject3.setLogin("bob");
-// IdToken idToken2 = new IdToken();
-// idToken2.setAudience(c.getClientId());
-// oidcSubject3.setIdToken(idToken2);
-// atr.setSubject(oidcSubject3);
-//
-// ServerAccessToken at3 = provider.createAccessToken(atr);
-// ServerAccessToken at4 = provider.getAccessToken(at3.getTokenKey());
-// OidcUserSubject oidcSubject4 = (OidcUserSubject)at4.getSubject();
-// assertEquals(c.getClientId(), oidcSubject4.getIdToken().getAudience());
+ OidcUserSubject oidcSubject3 = new OidcUserSubject();
+ oidcSubject3.setLogin("bob");
+ IdToken idToken2 = new IdToken();
+ idToken2.setAudience(c.getClientId());
+ oidcSubject3.setIdToken(idToken2);
+ atr.setSubject(oidcSubject3);
+
+ ServerAccessToken at3 = provider.createAccessToken(atr);
+ ServerAccessToken at4 = provider.getAccessToken(at3.getTokenKey());
+ OidcUserSubject oidcSubject4 = (OidcUserSubject)at4.getSubject();
+ assertEquals(c.getClientId(), oidcSubject4.getIdToken().getAudience());
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/0caf5637/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml b/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml
index 80a1e82..0966633 100644
--- a/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml
+++ b/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml
@@ -2,7 +2,6 @@
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_2_0.xsd"
version="2.0">
-
<persistence-unit name="testUnitHibernate" transaction-type="RESOURCE_LOCAL">
<provider>org.hibernate.ejb.HibernatePersistence</provider>
<class>org.apache.cxf.rs.security.oidc.idp.OidcUserSubject</class>