You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2016/04/04 17:57:36 UTC
cxf git commit: Coninuing experimenting with OAuth2 JPA
Repository: cxf
Updated Branches:
refs/heads/master 3a8661b2f -> 0b9cb3da9
Coninuing experimenting with OAuth2 JPA
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/0b9cb3da
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/0b9cb3da
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/0b9cb3da
Branch: refs/heads/master
Commit: 0b9cb3da97cba099de8e898b65008a3d959f5b21
Parents: 3a8661b
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Mon Apr 4 16:57:20 2016 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Mon Apr 4 16:57:20 2016 +0100
----------------------------------------------------------------------
.../cxf/rs/security/oauth2/common/Client.java | 3 ++
.../rs/security/oauth2/common/UserSubject.java | 4 ++
.../oauth2/provider/JPAOAuthDataProvider.java | 33 ++++++++----
.../grants/code/JPACodeDataProviderTest.java | 55 ++++++++++++++++----
.../src/test/resources/META-INF/persistence.xml | 2 +
5 files changed, 79 insertions(+), 18 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/0b9cb3da/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/Client.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/Client.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/Client.java
index ec54db4..02d4d26 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/Client.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/Client.java
@@ -28,6 +28,7 @@ import javax.persistence.ElementCollection;
import javax.persistence.Entity;
import javax.persistence.Id;
import javax.persistence.MapKeyColumn;
+import javax.persistence.OneToOne;
/**
@@ -254,6 +255,7 @@ public class Client implements Serializable {
* authentication
* @return the user subject
*/
+ @OneToOne
public UserSubject getSubject() {
return subject;
}
@@ -276,6 +278,7 @@ public class Client implements Serializable {
* who has registered this client
* @return the resource owner user subject
*/
+ @OneToOne
public UserSubject getResourceOwnerSubject() {
return resourceOwnerSubject;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/0b9cb3da/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/UserSubject.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/UserSubject.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/UserSubject.java
index 7ad88fb..8bd9571 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/UserSubject.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/UserSubject.java
@@ -25,6 +25,8 @@ import java.util.List;
import java.util.Map;
import javax.persistence.ElementCollection;
+import javax.persistence.Entity;
+import javax.persistence.Id;
import javax.persistence.MapKeyColumn;
import javax.xml.bind.annotation.XmlRootElement;
@@ -33,6 +35,7 @@ import javax.xml.bind.annotation.XmlRootElement;
* may capture after the end user approved a given third party request
*/
@XmlRootElement
+@Entity
public class UserSubject implements Serializable {
private static final long serialVersionUID = -1469694589163385689L;
@@ -77,6 +80,7 @@ public class UserSubject implements Serializable {
* Return the user login name
* @return the login name
*/
+ @Id
public String getLogin() {
return login;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/0b9cb3da/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
index aa565a4..f3bb53d 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
@@ -21,6 +21,7 @@ package org.apache.cxf.rs.security.oauth2.provider;
import java.util.Collections;
import java.util.List;
+import javax.persistence.EntityExistsException;
import javax.persistence.EntityManager;
import javax.persistence.NoResultException;
import javax.persistence.TypedQuery;
@@ -40,15 +41,14 @@ public class JPAOAuthDataProvider extends AbstractOAuthDataProvider {
@Override
public Client getClient(String clientId) throws OAuthServiceException {
try {
- TypedQuery<Client> query = entityManager.createQuery(
- "SELECT c FROM " + CLIENT_TABLE_NAME + " c WHERE c.clientId = '" + clientId + "'", Client.class);
- return query.getSingleResult();
+ return getClientQuery(clientId).getSingleResult();
} catch (NoResultException ex) {
return null;
}
}
public void setClient(Client client) {
+ persistEntity(client.getResourceOwnerSubject());
persistEntity(client);
}
@@ -59,7 +59,7 @@ public class JPAOAuthDataProvider extends AbstractOAuthDataProvider {
@Override
public List<Client> getClients(UserSubject resourceOwner) {
- return null;
+ return getClientsQuery(resourceOwner).getResultList();
}
@Override
@@ -93,18 +93,33 @@ public class JPAOAuthDataProvider extends AbstractOAuthDataProvider {
protected void saveRefreshToken(ServerAccessToken at, RefreshToken refreshToken) {
}
-
protected void persistEntity(Object entity) {
- entityManager.getTransaction().begin();
- entityManager.persist(entity);
- entityManager.getTransaction().commit();
+ try {
+ entityManager.getTransaction().begin();
+ entityManager.persist(entity);
+ entityManager.getTransaction().commit();
+ } catch (EntityExistsException ex) {
+ entityManager.getTransaction().rollback();
+ }
}
protected void removeEntity(Object entity) {
entityManager.getTransaction().begin();
entityManager.remove(entity);
entityManager.getTransaction().commit();
}
-
+ protected TypedQuery<Client> getClientQuery(String clientId) {
+ return entityManager.createQuery(
+ "SELECT c FROM " + CLIENT_TABLE_NAME + " c WHERE c.clientId = '" + clientId + "'", Client.class);
+ }
+ protected TypedQuery<Client> getClientsQuery(UserSubject resourceOwnerSubject) {
+ if (resourceOwnerSubject == null) {
+ return entityManager.createQuery("SELECT c FROM " + CLIENT_TABLE_NAME + " c", Client.class);
+ } else {
+ return entityManager.createQuery(
+ "SELECT c FROM " + CLIENT_TABLE_NAME + " c JOIN c.resourceOwnerSubject r WHERE r.login = '"
+ + resourceOwnerSubject.getLogin() + "'", Client.class);
+ }
+ }
public void setEntityManager(EntityManager entityManager) {
this.entityManager = entityManager;
}
http://git-wip-us.apache.org/repos/asf/cxf/blob/0b9cb3da/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java
index 4463b9d..120d261 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java
@@ -21,6 +21,7 @@ package org.apache.cxf.rs.security.oauth2.grants.code;
import java.sql.Connection;
import java.sql.DriverManager;
import java.util.Collections;
+import java.util.List;
import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
@@ -60,22 +61,58 @@ public class JPACodeDataProviderTest extends Assert {
@Test
public void testAddGetDeleteClient() {
- Client c = new Client();
- c.setRedirectUris(Collections.singletonList("http://client/redirect"));
- c.setClientId("12345");
- c.setResourceOwnerSubject(new UserSubject("alice"));
- provider.setClient(c);
+ Client c = addClient("12345", "alice");
Client c2 = provider.getClient(c.getClientId());
- assertNotNull(c2);
- assertEquals(c.getClientId(), c2.getClientId());
- assertEquals(c.getRedirectUris(), c.getRedirectUris());
- assertEquals("alice", c.getResourceOwnerSubject().getLogin());
+ compareClients(c, c2);
provider.removeClient(c.getClientId());
Client c3 = provider.getClient(c.getClientId());
assertNull(c3);
}
+ @Test
+ public void testAddGetDeleteClients() {
+ Client c = addClient("12345", "alice");
+ Client c2 = addClient("56789", "alice");
+ Client c3 = addClient("09876", "bob");
+
+ List<Client> aliceClients = provider.getClients(new UserSubject("alice"));
+ assertNotNull(aliceClients);
+ assertEquals(2, aliceClients.size());
+ compareClients(c, aliceClients.get(0).getClientId().equals("12345")
+ ? aliceClients.get(0) : aliceClients.get(1));
+ compareClients(c2, aliceClients.get(0).getClientId().equals("56789")
+ ? aliceClients.get(0) : aliceClients.get(1));
+
+ List<Client> bobClients = provider.getClients(new UserSubject("bob"));
+ assertNotNull(bobClients);
+ assertEquals(1, bobClients.size());
+ Client bobClient = bobClients.get(0);
+ compareClients(c3, bobClient);
+
+ List<Client> allClients = provider.getClients(null);
+ assertNotNull(allClients);
+ assertEquals(3, allClients.size());
+
+ }
+
+ private Client addClient(String clientId, String userLogin) {
+ Client c = new Client();
+ c.setRedirectUris(Collections.singletonList("http://client/redirect"));
+ c.setClientId(clientId);
+ c.setResourceOwnerSubject(new UserSubject(userLogin));
+ provider.setClient(c);
+ return c;
+ }
+ private void compareClients(Client c, Client c2) {
+ assertNotNull(c2);
+ assertEquals(c.getClientId(), c2.getClientId());
+ assertEquals(1, c.getRedirectUris().size());
+ assertEquals(1, c2.getRedirectUris().size());
+ assertEquals("http://client/redirect", c.getRedirectUris().get(0));
+ assertEquals(c.getResourceOwnerSubject().getLogin(), c2.getResourceOwnerSubject().getLogin());
+ }
+
@After
public void tearDown() throws Exception {
try {
http://git-wip-us.apache.org/repos/asf/cxf/blob/0b9cb3da/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml b/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
index 2e63a46..78744d5 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
+++ b/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
@@ -5,6 +5,7 @@
<persistence-unit name="testUnitHibernate" transaction-type="RESOURCE_LOCAL">
<provider>org.hibernate.ejb.HibernatePersistence</provider>
<class>org.apache.cxf.rs.security.oauth2.common.Client</class>
+ <class>org.apache.cxf.rs.security.oauth2.common.UserSubject</class>
<exclude-unlisted-classes>true</exclude-unlisted-classes>
<properties>
<property name="hibernate.connection.url" value="jdbc:hsqldb:mem:oauth-jpa"/>
@@ -19,6 +20,7 @@
<persistence-unit name="testUnitOpenJPA" transaction-type="RESOURCE_LOCAL">
<provider>org.apache.openjpa.persistence.PersistenceProviderImpl</provider>
<class>org.apache.cxf.rs.security.oauth2.common.Client</class>
+ <class>org.apache.cxf.rs.security.oauth2.common.UserSubject</class>
<exclude-unlisted-classes>true</exclude-unlisted-classes>
<properties>
<property name="openjpa.ConnectionURL" value="jdbc:hsqldb:mem:oauth-jpa"/>