cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lmo...@apache.org
Subject svn commit: r985029 - in /cxf/sandbox/oauth_1.0a: distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/ rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/ rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ rt/rs...
Date Thu, 12 Aug 2010 22:57:59 GMT
Author: lmoren
Date: Thu Aug 12 22:57:59 2010
New Revision: 985029

URL: http://svn.apache.org/viewvc?rev=985029&view=rev
Log:
- bug fixes

Modified:
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/index.jsp
    cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/AbstractOAuthRequestHandler.java
    cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/MemoryOauthDataProvider.java
    cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java
    cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/validation/OAuthMessageValidator.java

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/index.jsp
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/index.jsp?rev=985029&r1=985028&r2=985029&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/index.jsp
(original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/index.jsp
Thu Aug 12 22:57:59 2010
@@ -16,9 +16,12 @@ KIND, either express or implied. See the
 specific language governing permissions and limitations
 under the License.
 -->
+<%--@elvariable id="text" type="java.lang.String"--%>
+<%--@elvariable id="oauthauthorizationdata" type="org.apache.cxf.auth.oauth.provider.OAuthAuthorizationData"--%>
 <%@ page contentType="text/html;charset=UTF-8" language="java" %>
 <%@ page isELIgnored="false" %>
 <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form" %>
 <html>
 <head><title>OAuth 1.0a CXF server</title></head>
 <body>
@@ -50,11 +53,22 @@ under the License.
     </tr>
     <tr align="center">
         <td>
-            <form name="authZForm" action="authorize" method="POST">
-                <input type="text" name="userId" value="" size="20"/><br>
-                <input type="hidden" name="oauth_token" value="<%= token %>"/>
-                <input type="hidden" name="oauth_callback" value="<%= callback %>"/>
-                <input type="submit" name="Authorize" value="Authorize"/>
+            <form name="f" action="/j_spring_security_check" method="POST">
+                <c:if test="${not empty param.login_error}">
+                    <font color="red">
+                        Your login attempt was not successful, try again.<br/><br/>
+                        Reason: <c:out value="${SPRING_SECURITY_LAST_EXCEPTION.message}"/>.
+                    </font>
+                </c:if>
+                <label for="login">User</label>
+                <input type="text" id="login" name='j_username'
+                       value='<c:if test="${not empty param.login_error}"><c:out
value="${SPRING_SECURITY_LAST_USERNAME}"/></c:if>'/>
+
+                <div class="clear"></div>
+                <label for="password">Password</label>
+                <input type="password" id="password" name="j_password"/>
+                <br>
+                <input type="submit" class="button" name="commit" value="Log in"/>
             </form>
         </td>
     </tr>

Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/AbstractOAuthRequestHandler.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/AbstractOAuthRequestHandler.java?rev=985029&r1=985028&r2=985029&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/AbstractOAuthRequestHandler.java
(original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/AbstractOAuthRequestHandler.java
Thu Aug 12 22:57:59 2010
@@ -144,7 +144,7 @@ public abstract class AbstractOAuthReque
         }
 
         RequestToken token = dataProvider
-            .getRequestToken(oAuthMessage.getToken(), oAuthMessage.getConsumerKey(), null);
+            .getRequestToken(oAuthMessage.getToken(), null);
         if (token == null) {
             return secData;
         }
@@ -157,7 +157,7 @@ public abstract class AbstractOAuthReque
             return addAdditionalParams(secData, token, principal);
         }
 
-        token = dataProvider.getRequestToken(oAuthMessage.getToken(), oAuthMessage.getConsumerKey(),
null);
+        token = dataProvider.getRequestToken(oAuthMessage.getToken(), null);
         if (token == null) {
             return secData;
         }
@@ -170,7 +170,7 @@ public abstract class AbstractOAuthReque
         }
 
         token = dataProvider
-            .generateVerifier(oAuthMessage.getToken(), oAuthMessage.getConsumerKey(), principal);
+            .generateVerifier(oAuthMessage.getToken(), principal);
         if (token == null) {
             return secData;
         }
@@ -217,8 +217,7 @@ public abstract class AbstractOAuthReque
             OAuth.OAUTH_VERIFIER);
 
         RequestToken token = dataProvider
-            .getRequestToken(oAuthMessage.getToken(), oAuthMessage.getConsumerKey(),
-                oAuthMessage.getParameter(OAuth.OAUTH_VERIFIER));
+            .getRequestToken(oAuthMessage.getToken(), oAuthMessage.getParameter(OAuth.OAUTH_VERIFIER));
 
         Client authInfo = token.getClient();
         OAuthConsumer consumer = new OAuthConsumer(authInfo.getCallbackURL(), authInfo.getConsumerKey(),

Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/MemoryOauthDataProvider.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/MemoryOauthDataProvider.java?rev=985029&r1=985028&r2=985029&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/MemoryOauthDataProvider.java
(original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/MemoryOauthDataProvider.java
Thu Aug 12 22:57:59 2010
@@ -77,7 +77,7 @@ public class MemoryOauthDataProvider imp
         return reqToken;
     }
 
-    public RequestToken getRequestToken(String tokenString, String consumerKey, String oauthVerifier)
+    public RequestToken getRequestToken(String tokenString, String oauthVerifier)
         throws OAuthProblemException {
 
         Token token = oauthTokens.get(tokenString);
@@ -87,7 +87,7 @@ public class MemoryOauthDataProvider imp
         RequestToken requestToken = (RequestToken)token;
 
         String expectedVerifier = requestToken.getOauthVerifier();
-        if (!expectedVerifier.equals(oauthVerifier)) {
+        if (oauthVerifier != null && !expectedVerifier.equals(oauthVerifier)) {
             throw new OAuthProblemException(OAuthMessageValidator.VERIFIER_INVALID);
         }
 
@@ -95,18 +95,14 @@ public class MemoryOauthDataProvider imp
         if (c == null) {
             throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_UNKNOWN);
         }
-        String key = c.getConsumerKey();
-        if (StringUtils.isEmpty(key) || !key.equals(consumerKey)) {
-            throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_REFUSED);
-        }
 
         validator.validateToken(requestToken);
         return requestToken;
     }
 
-    public RequestToken generateVerifier(String token, String consumerKey, Principal principal)
+    public RequestToken generateVerifier(String token, Principal principal)
         throws OAuthException {
-        RequestToken requestToken = getRequestToken(token, consumerKey, null);
+        RequestToken requestToken = getRequestToken(token, null);
         if (requestToken != null) {
             requestToken.setOauthVerifier(generateToken());
             requestToken.setPrincipal(principal);
@@ -127,7 +123,7 @@ public class MemoryOauthDataProvider imp
         throws OAuthException {
 
         Client client = requestToken.getClient();
-        requestToken = getRequestToken(requestToken.getTokenString(), client.getConsumerKey(),
null);
+        requestToken = getRequestToken(requestToken.getTokenString(), null);
 
         String accessTokenString = generateToken();
         String tokenSecretString = generateToken();

Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java?rev=985029&r1=985028&r2=985029&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java
(original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java
Thu Aug 12 22:57:59 2010
@@ -43,7 +43,7 @@ public interface OAuthDataProvider {
 
     AccessToken getAccessToken(String accessToken, String consumerKey) throws OAuthProblemException;
 
-    RequestToken getRequestToken(String tokenString, String consumerKey, String oauthVerifier)
+    RequestToken getRequestToken(String tokenString, String oauthVerifier)
         throws OAuthProblemException;
 
     Client registerNewClient(Principal user, String consumerKey, Client client);
@@ -56,7 +56,7 @@ public interface OAuthDataProvider {
 
     void removeTokenCredentials(Principal user, String consumerKey);
 
-    RequestToken generateVerifier(String token, String consumerKey, Principal principal)
+    RequestToken generateVerifier(String token, Principal principal)
         throws OAuthException;
 
     OAuthValidator getValidator();

Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/validation/OAuthMessageValidator.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/validation/OAuthMessageValidator.java?rev=985029&r1=985028&r2=985029&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/validation/OAuthMessageValidator.java
(original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/validation/OAuthMessageValidator.java
Thu Aug 12 22:57:59 2010
@@ -51,7 +51,7 @@ public class OAuthMessageValidator exten
         } else {
             Long issuedAt = token.getIssuedAt();
             Long lifetime = token.getLifetime();
-            if (lifetime != null
+            if (lifetime != -1
                 && (issuedAt + lifetime < (System.currentTimeMillis() / 1000)))
{
                 throw new OAuthProblemException(OAuth.Problems.TOKEN_EXPIRED);
             }



Mime
View raw message