You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2016/01/19 11:46:34 UTC

cxf git commit: Checking some scope properties in the OAuth provider to minimize the amount of custom code

Repository: cxf
Updated Branches:
  refs/heads/master 7dcfe81d4 -> a9bd49ff0


Checking some scope properties in the OAuth provider to minimize the amount of custom code


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a9bd49ff
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a9bd49ff
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a9bd49ff

Branch: refs/heads/master
Commit: a9bd49ff0e18c4161260e91a2ff0b20ca164c221
Parents: 7dcfe81
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Tue Jan 19 10:46:16 2016 +0000
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Tue Jan 19 10:46:16 2016 +0000

----------------------------------------------------------------------
 .../provider/AbstractOAuthDataProvider.java     | 39 ++++++++++++++++++++
 1 file changed, 39 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/a9bd49ff/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
index 5bec101..38e1845 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
@@ -41,6 +41,9 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider, Cl
     private boolean recycleRefreshTokens = true;
     private Map<String, OAuthPermission> permissionMap = new HashMap<String, OAuthPermission>();
     private MessageContext messageContext;
+    private List<String> defaultScopes;
+    private List<String> requiredScopes;
+    private List<String> invisibleToClientScopes;
     
     
     protected AbstractOAuthDataProvider() {
@@ -154,6 +157,10 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider, Cl
         if (requestedScopes.isEmpty()) {
             return Collections.emptyList();
         } else if (!permissionMap.isEmpty()) {
+            if (requiredScopes != null && !requestedScopes.containsAll(requiredScopes)) {
+                throw new OAuthServiceException("Required scopes are missing");
+            }
+            
             List<OAuthPermission> list = new ArrayList<OAuthPermission>();
             for (String scope : requestedScopes) {
                 OAuthPermission permission = permissionMap.get(scope);
@@ -242,6 +249,14 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider, Cl
     }
     
     public void init() {
+        for (OAuthPermission perm : permissionMap.values()) {
+            if (defaultScopes != null && defaultScopes.contains(perm.getPermission())) {
+                perm.setDefault(true);
+            }
+            if (invisibleToClientScopes != null && invisibleToClientScopes.contains(perm.getPermission())) {
+                perm.setInvisibleToClient(true);
+            }
+        }
     }
     
     public void close() {
@@ -285,4 +300,28 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider, Cl
     protected abstract RefreshToken revokeRefreshToken(String refreshTokenKey);
     protected abstract RefreshToken getRefreshToken(String refreshTokenKey);
 
+    public List<String> getDefaultScopes() {
+        return defaultScopes;
+    }
+
+    public void setDefaultScopes(List<String> defaultScopes) {
+        this.defaultScopes = defaultScopes;
+    }
+
+    public List<String> getRequiredScopes() {
+        return requiredScopes;
+    }
+
+    public void setRequiredScopes(List<String> requiredScopes) {
+        this.requiredScopes = requiredScopes;
+    }
+
+    public List<String> getInvisibleToClientScopes() {
+        return invisibleToClientScopes;
+    }
+
+    public void setInvisibleToClientScopes(List<String> invisibleToClientScopes) {
+        this.invisibleToClientScopes = invisibleToClientScopes;
+    }
+
 }