cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lmo...@apache.org
Subject svn commit: r993496 - in /cxf/sandbox/oauth_1.0a: distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/ distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/...
Date Tue, 07 Sep 2010 19:40:05 GMT
Author: lmoren
Date: Tue Sep  7 19:40:04 2010
New Revision: 993496

URL: http://svn.apache.org/viewvc?rev=993496&view=rev
Log:
- added possibility to define scopes

Added:
    cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientManager.java   (with props)
    cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/OAuthScope.java   (with props)
Modified:
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/AuthorizeResourceOwnerController.java
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/CallbackURLController.java
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/GetProtectedResourceController.java
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/model/OAuthParams.java
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/webapp/WEB-INF/views/accessToken.jsp
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/ClientApp.java
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/SampleResourceProvider.java
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/controllers/ApplicationController.java
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationSuccessfullHandler.java
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/oauth-beans.xml
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/security-beans.xml
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/views/displayVerifier.jsp
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/views/newClientForm.jsp
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp
    cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/AuthorizationServiceImpl.java
    cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialsServiceImpl.java
    cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TokenCredentialsServiceImpl.java
    cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/AbstractOAuthRequestHandler.java
    cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/OAuthRequestHandler.java
    cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/interceptors/OAuthSecurityInterceptor.java
    cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/MemoryOauthDataProvider.java
    cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthAuthorizationData.java
    cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java
    cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/Token.java
    cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/utils/OAuthUtils.java

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/AuthorizeResourceOwnerController.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/AuthorizeResourceOwnerController.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/AuthorizeResourceOwnerController.java (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/AuthorizeResourceOwnerController.java Tue Sep  7 19:40:04 2010
@@ -49,6 +49,7 @@ public class AuthorizeResourceOwnerContr
 
         response
             .sendRedirect(
-                resourceOwnerAuthorizationEndpoint + "?oauth_token=" + oauthToken);
+                resourceOwnerAuthorizationEndpoint + "?oauth_token=" + oauthToken + "&x_oauth_scope="
+                    + "read_info,modify_info");
     }
 }
\ No newline at end of file

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/CallbackURLController.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/CallbackURLController.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/CallbackURLController.java (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/CallbackURLController.java Tue Sep  7 19:40:04 2010
@@ -22,6 +22,7 @@ import javax.servlet.http.HttpServletReq
 
 import net.oauth.OAuth;
 import net.oauth.OAuthMessage;
+import net.oauth.OAuthProblemException;
 import net.oauth.server.OAuthServlet;
 
 import org.apache.cxf.auth.oauth.demo.client.model.Common;
@@ -46,12 +47,16 @@ public class CallbackURLController {
 
         OAuthMessage message = OAuthServlet.getMessage(request, request.getRequestURL().toString());
 
-        message.requireParameters(OAuth.OAUTH_TOKEN, OAuth.OAUTH_VERIFIER);
-        oAuthParams.setOauthToken(message.getToken());
-        oAuthParams.setOauthVerifier(message.getParameter(OAuth.OAUTH_VERIFIER));
-
-        oAuthParams.setClientID(Common.findCookieValue(request, "clientID"));
-        oAuthParams.setClientSecret(Common.findCookieValue(request, "clientSecret"));
+        try {
+            message.requireParameters(OAuth.OAUTH_TOKEN, OAuth.OAUTH_VERIFIER);
+            oAuthParams.setOauthToken(message.getToken());
+            oAuthParams.setOauthVerifier(message.getParameter(OAuth.OAUTH_VERIFIER));
+
+            oAuthParams.setClientID(Common.findCookieValue(request, "clientID"));
+            oAuthParams.setClientSecret(Common.findCookieValue(request, "clientSecret"));
+        } catch (OAuthProblemException e) {
+            oAuthParams.setErrorMessage("OAuth problem: " + e.getProblem() + e.getParameters().toString());
+        }
 
 
         return new ModelAndView("tokenRequest");

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/GetProtectedResourceController.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/GetProtectedResourceController.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/GetProtectedResourceController.java (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/controllers/GetProtectedResourceController.java Tue Sep  7 19:40:04 2010
@@ -25,6 +25,7 @@ import java.io.InputStreamReader;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.UUID;
+import javax.servlet.http.HttpServletRequest;
 
 import net.oauth.OAuth;
 import net.oauth.OAuthAccessor;
@@ -51,7 +52,8 @@ import org.springframework.web.servlet.M
 public class GetProtectedResourceController {
 
     @RequestMapping("/getProtectedResource")
-    protected ModelAndView handleRequest(@ModelAttribute("oAuthParams") OAuthParams oAuthParams)
+    protected ModelAndView handleRequest(@ModelAttribute("oAuthParams") OAuthParams oAuthParams,
+                                         HttpServletRequest request)
         throws Exception {
 
         OAuthServiceProvider provider = new OAuthServiceProvider(
@@ -71,11 +73,21 @@ public class GetProtectedResourceControl
         parameters.put(OAuth.OAUTH_TOKEN, oAuthParams.getOauthToken());
         parameters.put(OAuth.OAUTH_CONSUMER_KEY, oAuthParams.getClientID());
 
-        OAuthMessage msg = accessor
-            .newRequestMessage(OAuthMessage.GET, oAuthParams.getResourceURL(), parameters.entrySet());
+        OAuthMessage msg = null;
+        String method = request.getParameter("op");
 
-        OAuthClient client = new OAuthClient(new URLConnectionClient());
 
+        if ("GET".equals(method)) {
+            msg = accessor
+                .newRequestMessage(OAuthMessage.GET, oAuthParams.getGetResourceURL(), parameters.entrySet());
+        } else {
+            msg = accessor
+                .newRequestMessage(OAuthMessage.POST, oAuthParams.getPostResourceURL(),
+                    parameters.entrySet());
+        }
+
+
+        OAuthClient client = new OAuthClient(new URLConnectionClient());
 
         msg = client.access(msg, ParameterStyle.AUTHORIZATION_HEADER);
 

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/model/OAuthParams.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/model/OAuthParams.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/model/OAuthParams.java (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/java/org/apache/cxf/auth/oauth/demo/client/model/OAuthParams.java Tue Sep  7 19:40:04 2010
@@ -29,7 +29,8 @@ public class OAuthParams implements Seri
     private String temporaryCredentialsEndpoint = "http://localhost:8081/auth/oauth/initiate";
     private String resourceOwnerAuthorizationEndpoint = "http://localhost:8081/auth/oauth/authorize";
     private String tokenRequestEndpoint = "http://localhost:8081/auth/oauth/token";
-    private String resourceURL = "http://localhost:8081/auth/resources/person/john";
+    private String getResourceURL = "http://localhost:8081/auth/resources/person/john";
+    private String postResourceURL = "http://localhost:8081/auth/resources/person/john";
 
     private String callbackURL = "http://localhost:8080/app/callback";
 
@@ -137,12 +138,12 @@ public class OAuthParams implements Seri
         this.errorMessage = errorMessage;
     }
 
-    public String getResourceURL() {
-        return resourceURL;
+    public String getGetResourceURL() {
+        return getResourceURL;
     }
 
-    public void setResourceURL(String resourceURL) {
-        this.resourceURL = resourceURL;
+    public void setGetResourceURL(String getResourceURL) {
+        this.getResourceURL = getResourceURL;
     }
 
     public String getCallbackURL() {
@@ -177,6 +178,14 @@ public class OAuthParams implements Seri
         this.methods = methods;
     }
 
+    public String getPostResourceURL() {
+        return postResourceURL;
+    }
+
+    public void setPostResourceURL(String postResourceURL) {
+        this.postResourceURL = postResourceURL;
+    }
+
     static class SignatureMethod {
         private String methodName;
 

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/webapp/WEB-INF/views/accessToken.jsp
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/webapp/WEB-INF/views/accessToken.jsp?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/webapp/WEB-INF/views/accessToken.jsp (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/client/src/main/webapp/WEB-INF/views/accessToken.jsp Tue Sep  7 19:40:04 2010
@@ -53,8 +53,12 @@ under the License.
             <td><form:input size="70" path="clientSecret"/></td>
         </tr>
         <tr>
-            <td>OAuth Protected Resource URI:</td>
-            <td><form:input size="70" path="resourceURL"/></td>
+            <td>GET Protected Resource, need scope: 'read_info'</td>
+            <td><form:input size="70" path="getResourceURL"/></td>
+        </tr>
+        <tr>
+            <td>POST Protected Resource, need scope: 'modify_info'</td>
+            <td><form:input size="70" path="postResourceURL"/></td>
         </tr>
         <tr>
             <td>Signature Method:</td>
@@ -65,7 +69,12 @@ under the License.
         </tr>
         <tr>
             <td colspan="2">
-                <input type="submit" value="Get Protected Resource"/>
+                <input type="submit" name="op" value="GET"/>
+            </td>
+        </tr>
+        <tr>
+            <td colspan="2">
+                <input type="submit" name="op" value="POST"/>
             </td>
         </tr>
     </table>

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/ClientApp.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/ClientApp.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/ClientApp.java (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/ClientApp.java Tue Sep  7 19:40:04 2010
@@ -22,7 +22,7 @@ import java.io.Serializable;
 
 /**
  * @author Lukasz Moren
- */ //todo add functionality to revoke credentials
+ */
 //todo deny does not work
 public class ClientApp implements Serializable {
     private String clientName = "OAuth 1.0a client";

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/SampleResourceProvider.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/SampleResourceProvider.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/SampleResourceProvider.java (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/SampleResourceProvider.java Tue Sep  7 19:40:04 2010
@@ -18,11 +18,15 @@
  */
 package org.apache.cxf.auth.oauth.demo.server;
 
+import javax.servlet.http.HttpServletRequest;
 import javax.ws.rs.GET;
+import javax.ws.rs.POST;
 import javax.ws.rs.Path;
 import javax.ws.rs.PathParam;
 import javax.ws.rs.Produces;
+import javax.ws.rs.core.Context;
 import javax.ws.rs.core.Response;
+import javax.xml.ws.handler.MessageContext;
 
 /**
  * Sample JAX-RS resource service
@@ -32,10 +36,20 @@ import javax.ws.rs.core.Response;
 @Path("/")
 public class SampleResourceProvider {
 
+    @Context
+    private MessageContext mc;
+
     @GET
     @Produces("text/html")
     @Path("/person/{name}")
-    public Response returnSampleImage(@PathParam("name") String name) {
+    public Response getInfo(@PathParam("name") String name, @Context HttpServletRequest request) {
         return Response.ok("Successfully accessed OAuth protected person: " + name).build();
     }
+
+    @POST
+    @Produces("text/html")
+    @Path("/person/{name}")
+    public Response modifyInfo(@PathParam("name") String name) {
+        return Response.ok("Successfully modified OAuth protected person: " + name).build();
+    }
 }

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/controllers/ApplicationController.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/controllers/ApplicationController.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/controllers/ApplicationController.java (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/controllers/ApplicationController.java Tue Sep  7 19:40:04 2010
@@ -21,11 +21,13 @@ package org.apache.cxf.auth.oauth.demo.s
 import java.security.Principal;
 import java.security.SecureRandom;
 import java.util.Set;
+import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
 
 import org.apache.cxf.auth.oauth.demo.server.ClientApp;
 import org.apache.cxf.auth.oauth.provider.Client;
 import org.apache.cxf.auth.oauth.provider.ClientImpl;
+import org.apache.cxf.auth.oauth.provider.ClientManager;
 import org.apache.cxf.auth.oauth.provider.OAuthDataProvider;
 import org.apache.cxf.auth.oauth.token.MD5TokenGenerator;
 import org.apache.cxf.auth.oauth.token.TokenGenerator;
@@ -49,6 +51,9 @@ public class ApplicationController {
     @Autowired
     private OAuthDataProvider oauthDataProvider;
 
+    @Resource(name = "oauthDataProvider")
+    private ClientManager clientManager;
+
     @RequestMapping("/newClientForm")
     public ModelAndView handleRequest(@ModelAttribute("client") ClientApp clientApp) {
         return new ModelAndView("newClientForm");
@@ -78,7 +83,7 @@ public class ApplicationController {
             secretKey, clientApp.getCallbackURL(), clientApp.getClientName());
 
 
-        Client authNInfo = oauthDataProvider.registerNewClient(principal, consumerKey, clientInfo);
+        Client authNInfo = clientManager.registerNewClient(principal, consumerKey, clientInfo);
         if (authNInfo != null) {
             clientApp.setError("Client already exists!");
 
@@ -94,7 +99,7 @@ public class ApplicationController {
     @RequestMapping("/listRegisteredClients")
     public ModelAndView listRegisteredClients() {
         Principal user = SecurityContextHolder.getContext().getAuthentication();
-        Set<Client> apps = oauthDataProvider.listRegisteredClients(user);
+        Set<Client> apps = clientManager.listRegisteredClients(user);
 
         ModelAndView modelAndView = new ModelAndView("registeredClientsList");
         modelAndView.getModelMap().put("clients", apps);
@@ -104,7 +109,7 @@ public class ApplicationController {
     @RequestMapping("/listAuthorizedClients")
     public ModelAndView listAuthorizedClients() {
         Principal user = SecurityContextHolder.getContext().getAuthentication();
-        Set<Client> apps = oauthDataProvider.listAuthorizedClients(user);
+        Set<Client> apps = clientManager.listAuthorizedClients(user);
 
         ModelAndView modelAndView = new ModelAndView("authorizedClientsList");
         modelAndView.getModelMap().put("clients", apps);
@@ -116,7 +121,7 @@ public class ApplicationController {
         Principal user = SecurityContextHolder.getContext().getAuthentication();
         String consumerKey = request.getParameter("consumerKey");
 
-        oauthDataProvider.removeRegisteredClient(user, consumerKey);
+        clientManager.removeRegisteredClient(user, consumerKey);
 
 
         ModelAndView modelAndView = new ModelAndView(new RedirectView("/app/listRegisteredClients"));

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java Tue Sep  7 19:40:04 2010
@@ -25,6 +25,9 @@ import javax.servlet.http.HttpServletRes
 
 import net.oauth.OAuth;
 
+import org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler;
+import org.apache.cxf.common.util.StringUtils;
+
 
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
@@ -39,12 +42,18 @@ public class AuthenticationFailureHandle
     public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
                                         AuthenticationException exception)
         throws IOException, ServletException {
-
+        String xOAuthScope = request.getParameter(OAuthRequestHandler.X_OAUTH_SCOPE);
         String oauthToken = request.getParameter(OAuth.OAUTH_TOKEN);
 
-        setDefaultFailureUrl(new StringBuffer(authorizeUrl).append("?").append(OAuth.OAUTH_TOKEN).append("=")
-            .append(oauthToken).toString());
+        StringBuffer url = new StringBuffer(authorizeUrl).append("?").append(OAuth.OAUTH_TOKEN).append("=")
+            .append(oauthToken);
+
+        if (!StringUtils.isEmpty(xOAuthScope)) {
+            url.append("&").append(OAuthRequestHandler.X_OAUTH_SCOPE).append("=")
+                .append(xOAuthScope);
+        }
 
+        setDefaultFailureUrl(url.toString());
         super.onAuthenticationFailure(request, response,
             exception);
     }

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationSuccessfullHandler.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationSuccessfullHandler.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationSuccessfullHandler.java (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationSuccessfullHandler.java Tue Sep  7 19:40:04 2010
@@ -48,6 +48,8 @@ public class AuthenticationSuccessfullHa
 
         String oauthToken = request.getParameter(OAuth.OAUTH_TOKEN);
         String authToken = request.getParameter(OAuthRequestHandler.AUTHENTICITY_TOKEN);
+        String decision = request.getParameter(OAuthRequestHandler.AUTHORIZATION_DECISION_KEY);
+        String xOAuthScope = request.getParameter(OAuthRequestHandler.X_OAUTH_SCOPE);
 
         if (StringUtils.isEmpty(oauthToken)) {
             return super.determineTargetUrl(request, response);
@@ -57,6 +59,16 @@ public class AuthenticationSuccessfullHa
             .append(oauthToken).append("&").append(OAuthRequestHandler.AUTHENTICITY_TOKEN).append("=")
             .append(authToken);
 
+        if (!StringUtils.isEmpty(decision)) {
+            url.append("&").append(OAuthRequestHandler.AUTHORIZATION_DECISION_KEY).append("=")
+                .append(decision);
+        }
+
+        if (!StringUtils.isEmpty(xOAuthScope)) {
+            url.append("&").append(OAuthRequestHandler.X_OAUTH_SCOPE).append("=")
+                .append(xOAuthScope);
+        }
+
         return url.toString();
     }
 

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/oauth-beans.xml
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/oauth-beans.xml?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/oauth-beans.xml (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/oauth-beans.xml Tue Sep  7 19:40:04 2010
@@ -62,19 +62,6 @@
         <property name="resourcePath" value="/oAuthLogin.jsp"/>
     </bean>
 
-    <!-- Endpoint serves OAuth protected resource -->
-    <jaxrs:server id="resourceServer" address="/resources/">
-        <jaxrs:serviceBeans>
-            <ref bean="resource"/>
-        </jaxrs:serviceBeans>
-        <jaxrs:inInterceptors>
-            <ref bean="oauthSecurityInterceptor"/>
-        </jaxrs:inInterceptors>
-    </jaxrs:server>
-
-    <!-- Resource Provider -->
-    <bean id="resource" class="org.apache.cxf.auth.oauth.demo.server.SampleResourceProvider"/>
-
     <!-- Intercept request to OAuth protected resources -->
     <bean id="oauthSecurityInterceptor"
           class="org.apache.cxf.auth.oauth.interceptors.OAuthSecurityInterceptor">
@@ -108,4 +95,18 @@
           class="org.apache.cxf.auth.oauth.endpoints.TemporaryCredentialsServiceImpl">
         <property name="handler" ref="requestHandler"/>
     </bean>
+
+
+    <!-- Endpoint serves OAuth protected resource -->
+    <jaxrs:server id="resourceServer" address="/resources/">
+        <jaxrs:serviceBeans>
+            <ref bean="resource"/>
+        </jaxrs:serviceBeans>
+        <jaxrs:inInterceptors>
+            <ref bean="oauthSecurityInterceptor"/>
+        </jaxrs:inInterceptors>
+    </jaxrs:server>
+
+    <!-- Resource Provider -->
+    <bean id="resource" class="org.apache.cxf.auth.oauth.demo.server.SampleResourceProvider"/>
 </beans>
\ No newline at end of file

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/security-beans.xml
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/security-beans.xml?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/security-beans.xml (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/security-beans.xml Tue Sep  7 19:40:04 2010
@@ -59,6 +59,7 @@
         <authentication-provider>
             <user-service>
                 <user name="user1" password="1111" authorities="ROLE_USER"/>
+                <user name="user2" password="2222" authorities="ROLE_USER"/>
             </user-service>
         </authentication-provider>
     </authentication-manager>

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/views/displayVerifier.jsp
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/views/displayVerifier.jsp?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/views/displayVerifier.jsp (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/views/displayVerifier.jsp Tue Sep  7 19:40:04 2010
@@ -28,7 +28,6 @@ under the License.
 </h4>
 <table>
     <tr>
-        <%--todo display properly--%>
         <td>OAuth verifier:</td>
         <td>${oauth_verifier}</td>
     </tr>

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/views/newClientForm.jsp
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/views/newClientForm.jsp?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/views/newClientForm.jsp (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/views/newClientForm.jsp Tue Sep  7 19:40:04 2010
@@ -33,7 +33,8 @@ under the License.
         <tr>
             <td>Consumer key:</td>
             <td><form:input size="70" path="consumerKey"/> - You can provide consumer key,
-                if not it will be automatically generated</td>
+                if not it will be automatically generated
+            </td>
         </tr>
         <tr>
             <td>Client Name:</td>

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp (original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp Tue Sep  7 19:40:04 2010
@@ -38,12 +38,18 @@ under the License.
                                    value="${oauthauthorizationdata.oauthToken}"/>
                             <input type="hidden" name="<%=OAuthRequestHandler.AUTHENTICITY_TOKEN%>"
                                    value="${oauthauthorizationdata.authenticityToken}"/>
+                            <input type="hidden" name="<%=OAuthRequestHandler.X_OAUTH_SCOPE%>"
+                                   value="<%=request.getParameter("x_oauth_scope")%>"/>
 
                             <p>The application <b>${oauthauthorizationdata.applicationName}</b> would like the
-                                ability to access and update your data on Sample OAuth CXF server.
+                                ability to access and update your data on Sample OAuth CXF server:
                                 <br/>
-                                Please ensure that you trust this website with your information before
-                                proceeding!</p>
+                            <ul>
+                                <c:forEach items="${oauthauthorizationdata.scopes}" var="scope">
+                                    <li><b>${scope.description}</b></li>
+                                </c:forEach></ul>
+                            Please ensure that you trust this website with your information before
+                            proceeding!</p>
                             <c:if test="${not empty param.login_error}">
                                 <font color="red">
                                     Your login attempt was not successful, try again.<br/><br/>
@@ -63,8 +69,14 @@ under the License.
                             <label for="password">Password</label>
                             <input type="password" id="password" name="j_password"/>
                             <br>
-                            <input type="submit" class="button" name="commit" value="Allow"/>
-                            <input type="submit" class="button" name="commit" value="Deny"/>
+                            <button name="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_KEY%>" type="submit"
+                                    value="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_DENY%>">
+                                Deny
+                            </button>
+                            <button name="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_KEY%>" type="submit"
+                                    value="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_ALLOW%>">
+                                Allow
+                            </button>
                         </form>
                     </c:when>
                         <%--user is logged in, just ask user to allow third party app access--%>
@@ -74,15 +86,29 @@ under the License.
                                        value="${oauthauthorizationdata.oauthToken}"/>
                                 <input type="hidden" name="<%=OAuthRequestHandler.AUTHENTICITY_TOKEN%>"
                                        value="${oauthauthorizationdata.authenticityToken}"/>
+                                <input type="hidden" name="<%=OAuthRequestHandler.X_OAUTH_SCOPE%>"
+                                       value="<%=request.getParameter("x_oauth_scope")%>"/>
 
                                 <p>The application <b>${oauthauthorizationdata.applicationName}</b> would like
                                     the
                                     ability to access and update your data on Sample OAuth CXF server.
                                     <br/>
-                                    Please ensure that you trust this website with your information before
-                                    proceeding!</p>
-                                <input type="submit" class="button" name="commit" value="Allow"/>
-                                <input type="submit" class="button" name="commit" value="Deny"/>
+                                <ul>
+                                    <c:forEach items="${oauthauthorizationdata.scopes}" var="scope">
+                                        <li><b>${scope.description}</b></li>
+                                    </c:forEach></ul>
+                                Please ensure that you trust this website with your information before
+                                proceeding!</p>
+                                <button name="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_KEY%>"
+                                        type="submit"
+                                        value="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_DENY%>">
+                                    Deny
+                                </button>
+                                <button name="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_KEY%>"
+                                        type="submit"
+                                        value="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_ALLOW%>">
+                                    Allow
+                                </button>
                             </form>
                         </c:otherwise>
                     </c:choose>

Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/AuthorizationServiceImpl.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/AuthorizationServiceImpl.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/AuthorizationServiceImpl.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/AuthorizationServiceImpl.java Tue Sep  7 19:40:04 2010
@@ -19,9 +19,7 @@
 
 package org.apache.cxf.auth.oauth.endpoints;
 
-import java.io.IOException;
 import java.net.URI;
-import java.net.URISyntaxException;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 import javax.servlet.http.HttpServletRequest;
@@ -31,7 +29,7 @@ import javax.ws.rs.Path;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.Response;
 
-import net.oauth.OAuthException;
+import net.oauth.OAuth;
 import net.oauth.OAuthProblemException;
 
 import org.apache.cxf.auth.oauth.provider.Client;
@@ -47,6 +45,7 @@ import org.apache.cxf.common.util.String
 public class AuthorizationServiceImpl extends OAuthAbstractService implements AuthorizationService {
 
     private static final Logger LOG = LogUtils.getL7dLogger(AuthorizationServiceImpl.class);
+
     private String displayVerifierURL;
 
     @GET
@@ -59,7 +58,7 @@ public class AuthorizationServiceImpl ex
             String callback = oauthData.getCallback();
             String verifier = oauthData.getOauthVerifier();
 
-            if (StringUtils.isEmpty(callback) || StringUtils.isEmpty(verifier)) {
+            if (StringUtils.isEmpty(callback)) {
                 return Response.ok(oauthData).build();
             }
 
@@ -69,8 +68,18 @@ public class AuthorizationServiceImpl ex
                     .build();
             }
 
-            StringBuffer redirectUrl = new StringBuffer(callback).append("?oauth_token=")
-                .append(oauthData.getOauthToken()).append("&oauth_verifier=").append(verifier);
+            String sep = "?";
+            if (callback.contains(sep)) {
+                sep = "&";
+            }
+            StringBuffer redirectUrl = new StringBuffer(callback).append(sep);
+            if (StringUtils.isEmpty(verifier)) {
+                //user did not authorize application
+                redirectUrl.append(OAuth.Problems.USER_REFUSED).append("=User_refused_client");
+            } else {
+                redirectUrl.append("oauth_token=")
+                    .append(oauthData.getOauthToken()).append("&oauth_verifier=").append(verifier);
+            }
 
             return Response
                 .status(HttpServletResponse.SC_MOVED_TEMPORARILY)
@@ -79,26 +88,16 @@ public class AuthorizationServiceImpl ex
 
         } catch (OAuthProblemException e) {
             if (LOG.isLoggable(Level.WARNING)) {
-                LOG.log(Level.WARNING, "An OAuth related problem: {0}", new Object[] {e.toString()});
-            }
-            OAuthUtils.handleException(response, e, e.getHttpStatusCode());
-        } catch (IOException e) {
-            if (LOG.isLoggable(Level.SEVERE)) {
-                LOG.log(Level.SEVERE, "OAuth module exception: {0}", new Object[] {e.toString()});
-            }
-            OAuthUtils.handleException(response, e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
-        } catch (OAuthException e) {
-            if (LOG.isLoggable(Level.SEVERE)) {
-                LOG.log(Level.SEVERE, "OAuth library exception: {0}", new Object[] {e.toString()});
+                LOG.log(Level.WARNING, "An OAuth related problem: {0}", new Object[] {e.fillInStackTrace()});
             }
-            OAuthUtils.handleException(response, e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
-        } catch (URISyntaxException e) {
+            return OAuthUtils.handleException(e, e.getHttpStatusCode(),
+                String.valueOf(e.getParameters().get("realm")));
+        } catch (Exception e) {
             if (LOG.isLoggable(Level.SEVERE)) {
-                LOG.log(Level.SEVERE, "OAuth module exception: {0}", new Object[] {e.toString()});
+                LOG.log(Level.SEVERE, "Server exception: {0}", new Object[] {e.fillInStackTrace()});
             }
-            OAuthUtils.handleException(response, e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+            return OAuthUtils.handleException(e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
         }
-        return null;
     }
 
     public void setDisplayVerifierURL(String displayVerifierURL) {

Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialsServiceImpl.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialsServiceImpl.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialsServiceImpl.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialsServiceImpl.java Tue Sep  7 19:40:04 2010
@@ -29,7 +29,6 @@ import javax.ws.rs.Produces;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.Response;
 
-import net.oauth.OAuthException;
 import net.oauth.OAuthProblemException;
 
 import org.apache.cxf.auth.oauth.utils.OAuthUtils;
@@ -52,27 +51,20 @@ public class TemporaryCredentialsService
     @Produces("application/x-www-form-urlencoded")
     public Response getTemporaryCredentials(@Context HttpServletRequest request,
                                             @Context HttpServletResponse response) {
-        //todo add realm optional parameter
-        //todo check if entity-body single part?
-
         try {
             return handler.handleTemporaryCredentials(request);
         } catch (OAuthProblemException e) {
             if (LOG.isLoggable(Level.WARNING)) {
-                LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[] {e.toString()});
-            }
-            throw OAuthUtils.handleException(e, e.getHttpStatusCode());
-        } catch (OAuthException e) {
-            if (LOG.isLoggable(Level.SEVERE)) {
-                LOG.log(Level.SEVERE, "OAuth library exception: {0}", new Object[] {e.toString()});
+                LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[] {e.fillInStackTrace()});
             }
-            throw OAuthUtils.handleException(e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+            return OAuthUtils.handleException(e, e.getHttpStatusCode(),
+                String.valueOf(e.getParameters().get("realm")));
         } catch (Exception e) {
             if (LOG.isLoggable(Level.SEVERE)) {
                 LOG.log(Level.SEVERE, "Unexpected internal server exception: {0}",
-                    new Object[] {e.toString()});
+                    new Object[] {e.fillInStackTrace()});
             }
-            throw OAuthUtils.handleException(e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+            return OAuthUtils.handleException(e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
         }
 
     }

Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TokenCredentialsServiceImpl.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TokenCredentialsServiceImpl.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TokenCredentialsServiceImpl.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TokenCredentialsServiceImpl.java Tue Sep  7 19:40:04 2010
@@ -19,7 +19,6 @@
 
 package org.apache.cxf.auth.oauth.endpoints;
 
-import java.io.IOException;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 import javax.servlet.http.HttpServletRequest;
@@ -30,7 +29,6 @@ import javax.ws.rs.Produces;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.Response;
 
-import net.oauth.OAuthException;
 import net.oauth.OAuthProblemException;
 
 import org.apache.cxf.auth.oauth.utils.OAuthUtils;
@@ -52,19 +50,15 @@ public class TokenCredentialsServiceImpl
 
         } catch (OAuthProblemException e) {
             if (LOG.isLoggable(Level.WARNING)) {
-                LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[] {e.toString()});
+                LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[] {e.fillInStackTrace()});
             }
-            throw OAuthUtils.handleException(e, e.getHttpStatusCode());
-        } catch (IOException e) {
+            return OAuthUtils.handleException(e, e.getHttpStatusCode(),
+                String.valueOf(e.getParameters().get("realm")));
+        } catch (Exception e) {
             if (LOG.isLoggable(Level.WARNING)) {
-                LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[] {e.toString()});
+                LOG.log(Level.WARNING, "Server Exception: {0}", new Object[] {e.fillInStackTrace()});
             }
-            throw OAuthUtils.handleException(e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
-        } catch (OAuthException e) {
-            if (LOG.isLoggable(Level.WARNING)) {
-                LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[] {e.toString()});
-            }
-            throw OAuthUtils.handleException(e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+            return OAuthUtils.handleException(e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
         }
     }
 }

Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/AbstractOAuthRequestHandler.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/AbstractOAuthRequestHandler.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/AbstractOAuthRequestHandler.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/AbstractOAuthRequestHandler.java Tue Sep  7 19:40:04 2010
@@ -22,12 +22,14 @@ import java.io.IOException;
 import java.net.URISyntaxException;
 import java.security.Principal;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 import java.util.UUID;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 import javax.ws.rs.core.Response;
@@ -44,7 +46,9 @@ import org.apache.cxf.auth.oauth.provide
 import org.apache.cxf.auth.oauth.provider.OAuthAuthorizationData;
 import org.apache.cxf.auth.oauth.provider.OAuthDataProvider;
 import org.apache.cxf.auth.oauth.tokens.AccessToken;
+import org.apache.cxf.auth.oauth.tokens.OAuthScope;
 import org.apache.cxf.auth.oauth.tokens.RequestToken;
+import org.apache.cxf.auth.oauth.utils.OAuthUtils;
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.common.util.StringUtils;
 
@@ -59,8 +63,7 @@ public abstract class AbstractOAuthReque
 
     public Response handleTemporaryCredentials(HttpServletRequest request)
         throws IOException, ServletException, OAuthException {
-        //todo add realm optional parameter
-        //todo check if entity-body single part?
+
         if (LOG.isLoggable(Level.FINE)) {
             LOG.log(Level.FINE, "Temporary Service Credentials service invoked by host: {0}",
                 new Object[] {request.getRemoteHost()});
@@ -153,6 +156,9 @@ public abstract class AbstractOAuthReque
         Principal principal = loggedPrincipal(request);
         if (principal == null || StringUtils.isEmpty(principal.getName())) {
             //add authenticity token into session
+            List<String> scopes = OAuthUtils.parseScopesFromRequest(oAuthMessage);
+            secData.setScopes(dataProvider.getAvailableScopes(scopes));
+
             addAuthenticityTokenToSession(secData, request);
             return addAdditionalParams(secData, token, principal);
         }
@@ -163,18 +169,30 @@ public abstract class AbstractOAuthReque
         }
 
         //check if token from session equals token from request
+        List<String> scopes = OAuthUtils.parseScopesFromRequest(oAuthMessage);
+        scopes = OAuthUtils.parseScopesFromRequest(oAuthMessage);
+        List<OAuthScope> availableScopes = dataProvider.getAvailableScopes(scopes);
         boolean authentic = compareRequestSessionTokens(request);
         if (!authentic) {
+            secData.setScopes(availableScopes);
+
             addAuthenticityTokenToSession(secData, request);
             return addAdditionalParams(secData, token, principal);
         }
 
+        String decision = request.getParameter(AUTHORIZATION_DECISION_KEY);
+        Client clientInfo = token.getClient();
+        if (!AUTHORIZATION_DECISION_ALLOW.equals(decision)) {
+            //user not authorized client
+            secData.setCallback(clientInfo.getCallbackURL());
+            return secData;
+        }
+
         token = dataProvider
-            .generateVerifier(oAuthMessage.getToken(), principal);
+            .generateVerifier(oAuthMessage.getToken(), principal, availableScopes);
         if (token == null) {
-            return secData;
+            throw new OAuthProblemException(OAuth.Problems.TOKEN_EXPIRED);
         }
-        Client clientInfo = token.getClient();
 
         secData.setCallback(clientInfo.getCallbackURL());
         secData.setOauthVerifier(token.getOauthVerifier());
@@ -241,10 +259,10 @@ public abstract class AbstractOAuthReque
     }
 
 
-    public void handleAuthenticatedRequest(HttpServletRequest request)
-        throws IOException, OAuthException {
+    public HttpServletRequest handleAuthenticatedRequest(HttpServletRequest request,
+                                                         HttpServletResponse response)
+        throws Exception, OAuthProblemException {
         OAuthMessage oAuthMessage = OAuthServlet.getMessage(request, request.getRequestURL().toString());
-
         oAuthMessage.requireParameters(OAuth.OAUTH_CONSUMER_KEY,
             OAuth.OAUTH_TOKEN,
             OAuth.OAUTH_SIGNATURE_METHOD,
@@ -255,18 +273,30 @@ public abstract class AbstractOAuthReque
         AccessToken accessToken = dataProvider
             .getAccessToken(oAuthMessage.getToken(), oAuthMessage.getConsumerKey());
         Client authInfo = accessToken.getClient();
-        //todo check if exists
 
         OAuthConsumer consumer = new OAuthConsumer(authInfo.getCallbackURL(), authInfo.getConsumerKey(),
             authInfo.getSecretKey(), null);
 
         OAuthAccessor accessor = new OAuthAccessor(consumer);
 
-        try {
-            dataProvider.getValidator().validateMessage(oAuthMessage, accessor);
-        } catch (URISyntaxException e) {
-            throw new OAuthException(e);
-        }
+
+        dataProvider.getValidator().validateMessage(oAuthMessage, accessor);
+        //todo add roles to request
+
+        final List<OAuthScope> scopes = accessToken.getScopes();
+
+        request = new HttpServletRequestWrapper(request) {
+            public boolean isUserInRole(String role) {
+                for (OAuthScope scope : scopes) {
+                    if (scope.getRole().equals(role)) {
+                        return true;
+                    }
+                }
+
+                return false;
+            }
+        };
+        return request;
     }
 
 

Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/OAuthRequestHandler.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/OAuthRequestHandler.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/OAuthRequestHandler.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/handlers/OAuthRequestHandler.java Tue Sep  7 19:40:04 2010
@@ -26,6 +26,7 @@ import javax.servlet.http.HttpServletRes
 import javax.ws.rs.core.Response;
 
 import net.oauth.OAuthException;
+import net.oauth.OAuthProblemException;
 
 import org.apache.cxf.auth.oauth.provider.OAuthAuthorizationData;
 import org.apache.cxf.auth.oauth.provider.OAuthDataProvider;
@@ -42,6 +43,12 @@ public interface OAuthRequestHandler {
 
     String AUTHENTICITY_TOKEN = "authenticityToken";
 
+    String AUTHORIZATION_DECISION_KEY = "oauthDecision";
+    String AUTHORIZATION_DECISION_ALLOW = "allow";
+    String AUTHORIZATION_DECISION_DENY = "deny";
+
+    String X_OAUTH_SCOPE = "x_oauth_scope";
+
 
     Response handleTemporaryCredentials(HttpServletRequest request)
         throws IOException, ServletException, OAuthException;
@@ -53,11 +60,11 @@ public interface OAuthRequestHandler {
     Response handleAccessToken(HttpServletRequest request)
         throws IOException, OAuthException;
 
-    void handleAuthenticatedRequest(HttpServletRequest request)
-        throws IOException, OAuthException;
+    HttpServletRequest handleAuthenticatedRequest(HttpServletRequest request, HttpServletResponse response)
+        throws Exception, OAuthProblemException;
 
     /**
-     * Returns logged user name, or null if no user is logged
+     * Returns logged principal, or null if no user is logged
      */
     Principal loggedPrincipal(HttpServletRequest request);
 

Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/interceptors/OAuthSecurityInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/interceptors/OAuthSecurityInterceptor.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/interceptors/OAuthSecurityInterceptor.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/interceptors/OAuthSecurityInterceptor.java Tue Sep  7 19:40:04 2010
@@ -22,14 +22,14 @@ import java.util.logging.Level;
 import java.util.logging.Logger;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.ws.rs.core.Response;
 
-import net.oauth.OAuthException;
 import net.oauth.OAuthProblemException;
 
 import org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler;
-import org.apache.cxf.auth.oauth.utils.OAuthUtils;
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.jaxrs.utils.JAXRSUtils;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.phase.AbstractPhaseInterceptor;
 import org.apache.cxf.phase.Phase;
@@ -55,30 +55,24 @@ public class OAuthSecurityInterceptor ex
         HttpServletRequest request = (HttpServletRequest)message.get(AbstractHTTPDestination.HTTP_REQUEST);
         HttpServletResponse response = (HttpServletResponse)message
             .get(AbstractHTTPDestination.HTTP_RESPONSE);
+
         try {
-            handler.handleAuthenticatedRequest(request);
+            if (LOG.isLoggable(Level.FINE)) {
+                LOG.log(Level.FINE, "OAuth security interceptor for url: {0}", request.getRequestURL());
+            }
+            request = handler.handleAuthenticatedRequest(request, response);
+            message.put(AbstractHTTPDestination.HTTP_REQUEST, request);
 
         } catch (OAuthProblemException e) {
-            if (LOG.isLoggable(Level.WARNING)) {
-                LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[] {e.toString()});
-            }
-            handleException(message, response, e, e.getHttpStatusCode());
-        } catch (OAuthException e) {
-            if (LOG.isLoggable(Level.SEVERE)) {
-                LOG.log(Level.SEVERE, "An OAuth-related problem: {0}", new Object[] {e.toString()});
-            }
-            handleException(message, response, e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
-        } catch (Exception ex) {
-            if (LOG.isLoggable(Level.SEVERE)) {
-                LOG.log(Level.SEVERE, "Server error: {0}", new Object[] {ex.toString()});
-            }
-            handleException(message, response, ex, HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+            Response resp = Response.status(401)
+                .header(" WWW-Authenticate: OAuth realm=", request.getRequestURL()).build();
+            message.getExchange().put(Response.class, resp);
+        } catch (Exception e) {
+            Response excResp = JAXRSUtils.convertFaultToResponse(e, message);
+            message.getExchange().put(Response.class, excResp);
+            return;
         }
-    }
 
-    protected void handleException(Message m, HttpServletResponse response, Exception e, int status) {
-        OAuthUtils.handleException(response, e, status);
-        m.getInterceptorChain().abort();
     }
 
     public void setHandler(OAuthRequestHandler handler) {

Added: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientManager.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientManager.java?rev=993496&view=auto
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientManager.java (added)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientManager.java Tue Sep  7 19:40:04 2010
@@ -0,0 +1,36 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.auth.oauth.provider;
+
+import java.security.Principal;
+import java.util.Set;
+
+/**
+ * @author Lukasz Moren
+ */
+public interface ClientManager {
+    Client registerNewClient(Principal user, String consumerKey, Client client);
+
+    Set<Client> listRegisteredClients(Principal user);
+
+    Set<Client> listAuthorizedClients(Principal user);
+
+    void removeRegisteredClient(Principal user, String consumerKey);
+
+}

Propchange: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientManager.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientManager.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/MemoryOauthDataProvider.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/MemoryOauthDataProvider.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/MemoryOauthDataProvider.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/MemoryOauthDataProvider.java Tue Sep  7 19:40:04 2010
@@ -20,6 +20,7 @@
 package org.apache.cxf.auth.oauth.provider;
 
 import java.security.Principal;
+import java.util.ArrayList;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
@@ -34,6 +35,7 @@ import net.oauth.OAuthProblemException;
 import org.apache.cxf.auth.oauth.token.MD5TokenGenerator;
 import org.apache.cxf.auth.oauth.token.TokenGenerator;
 import org.apache.cxf.auth.oauth.tokens.AccessToken;
+import org.apache.cxf.auth.oauth.tokens.OAuthScope;
 import org.apache.cxf.auth.oauth.tokens.RequestToken;
 import org.apache.cxf.auth.oauth.tokens.Token;
 import org.apache.cxf.auth.oauth.validation.OAuthMessageValidator;
@@ -44,7 +46,7 @@ import org.apache.cxf.jaxrs.impl.Metadat
 /**
  * @author Lukasz Moren
  */
-public class MemoryOauthDataProvider implements OAuthDataProvider {
+public class MemoryOauthDataProvider implements OAuthDataProvider, ClientManager {
 
     protected ConcurrentHashMap<String, Client> clientAuthInfo
         = new ConcurrentHashMap<String, Client>();
@@ -62,6 +64,16 @@ public class MemoryOauthDataProvider imp
 
     protected OAuthValidator validator;
 
+    protected ConcurrentHashMap<String, OAuthScope> sampleScopes
+        = new ConcurrentHashMap<String, OAuthScope>();
+
+    {
+        sampleScopes
+            .put("read_info", new OAuthScope("read_info", "Read your personal information", "ROLE_USER"));
+        sampleScopes.put("modify_info",
+            new OAuthScope("modify_info", "Modify your personal information", "ROLE_ADMIN"));
+    }
+
     public Client getClientAuthenticationInfo(String consumerKey) {
         return clientAuthInfo.get(consumerKey);
     }
@@ -100,12 +112,13 @@ public class MemoryOauthDataProvider imp
         return requestToken;
     }
 
-    public RequestToken generateVerifier(String token, Principal principal)
+    public RequestToken generateVerifier(String token, Principal principal, List<OAuthScope> scopes)
         throws OAuthException {
         RequestToken requestToken = getRequestToken(token, null);
         if (requestToken != null) {
             requestToken.setOauthVerifier(generateToken());
             requestToken.setPrincipal(principal);
+            requestToken.setScopes(scopes);
         }
 
         return requestToken;
@@ -119,6 +132,16 @@ public class MemoryOauthDataProvider imp
         this.validator = v;
     }
 
+    public List<OAuthScope> getAvailableScopes(List<String> requestScopes) {
+        List<OAuthScope> scopes = new ArrayList<OAuthScope>();
+        for (String requestScope : requestScopes) {
+            OAuthScope oAuthScope = sampleScopes.get(requestScope);
+            scopes.add(oAuthScope);
+        }
+
+        return scopes;
+    }
+
     public AccessToken generateAccessToken(Principal principal, RequestToken requestToken)
         throws OAuthException {
 
@@ -131,6 +154,8 @@ public class MemoryOauthDataProvider imp
         AccessToken accessToken = new AccessToken(client, accessTokenString, tokenSecretString, 3600,
             principal);
 
+        accessToken.setScopes(requestToken.getScopes());
+
         synchronized (oauthTokens) {
             oauthTokens.remove(requestToken.getTokenString());
             oauthTokens.put(accessTokenString, accessToken);
@@ -205,9 +230,25 @@ public class MemoryOauthDataProvider imp
     public synchronized void removeRegisteredClient(Principal user, String consumerKey) {
         List<String> registeredApps = this.userRegisteredClients.get(user.getName());
         this.clientAuthInfo.remove(consumerKey);
-        
+
+        //remove registered app
         registeredApps.remove(consumerKey);
-        removeTokenCredentials(user, consumerKey);
+        this.userRegisteredClients.put(user.getName(), registeredApps);
+
+        //remove all authorized apps from other clients
+        for (Map.Entry<String, List<String>> userAuthorizedClientsSet : userAuthorizedClients.entrySet()) {
+            String principalName = userAuthorizedClientsSet.getKey();
+            List<String> clients = userAuthorizedClientsSet.getValue();
+            clients.remove(consumerKey);
+            userAuthorizedClients.put(principalName, clients);
+        }
+        //remove access tokens
+        for (Token token : oauthTokens.values()) {
+            Client authNInfo = token.getClient();
+            if (consumerKey.equals(authNInfo.getConsumerKey())) {
+                oauthTokens.remove(token.getTokenString());
+            }
+        }
     }
 
     protected String generateToken() throws OAuthException {

Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthAuthorizationData.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthAuthorizationData.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthAuthorizationData.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthAuthorizationData.java Tue Sep  7 19:40:04 2010
@@ -19,6 +19,9 @@
 package org.apache.cxf.auth.oauth.provider;
 
 import java.io.Serializable;
+import java.util.List;
+
+import org.apache.cxf.auth.oauth.tokens.OAuthScope;
 
 /**
  * Additional parameters passed to sign in page
@@ -32,6 +35,7 @@ public class OAuthAuthorizationData impl
     private String userName;
     private String callback;
     private String oauthVerifier;
+    private List<OAuthScope> scopes;
 
     public OAuthAuthorizationData() {
     }
@@ -87,4 +91,12 @@ public class OAuthAuthorizationData impl
     public void setOauthVerifier(String oauthVerifier) {
         this.oauthVerifier = oauthVerifier;
     }
+
+    public List<OAuthScope> getScopes() {
+        return scopes;
+    }
+
+    public void setScopes(List<OAuthScope> scopes) {
+        this.scopes = scopes;
+    }
 }

Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java Tue Sep  7 19:40:04 2010
@@ -20,19 +20,19 @@
 package org.apache.cxf.auth.oauth.provider;
 
 import java.security.Principal;
-import java.util.Set;
+import java.util.List;
 
 import net.oauth.OAuthException;
 import net.oauth.OAuthProblemException;
 
 import org.apache.cxf.auth.oauth.tokens.AccessToken;
+import org.apache.cxf.auth.oauth.tokens.OAuthScope;
 import org.apache.cxf.auth.oauth.tokens.RequestToken;
 import org.apache.cxf.auth.oauth.validation.OAuthValidator;
 
 /**
  * @author Lukasz Moren
  */
-//todo add client credentials checking
 public interface OAuthDataProvider {
 
     Client getClientAuthenticationInfo(String consumerKey);
@@ -46,20 +46,14 @@ public interface OAuthDataProvider {
     RequestToken getRequestToken(String tokenString, String oauthVerifier)
         throws OAuthProblemException;
 
-    Client registerNewClient(Principal user, String consumerKey, Client client);
-
-    Set<Client> listRegisteredClients(Principal user);
-
-    Set<Client> listAuthorizedClients(Principal user);
-
-    void removeRegisteredClient(Principal user, String consumerKey);
-
     void removeTokenCredentials(Principal user, String consumerKey);
 
-    RequestToken generateVerifier(String token, Principal principal)
+    RequestToken generateVerifier(String token, Principal principal, List<OAuthScope> scopes)
         throws OAuthException;
 
     OAuthValidator getValidator();
 
     void setValidator(OAuthValidator validator);
+
+    List<OAuthScope> getAvailableScopes(List<String> requestScopes);
 }

Added: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/OAuthScope.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/OAuthScope.java?rev=993496&view=auto
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/OAuthScope.java (added)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/OAuthScope.java Tue Sep  7 19:40:04 2010
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.auth.oauth.tokens;
+
+/**
+ * @author Lukasz Moren
+ */
+public class OAuthScope {
+    private String scope;
+    private String description;
+    private String role;
+
+    public OAuthScope(String scope, String description, String role) {
+        this.description = description;
+        this.role = role;
+        this.scope = scope;
+    }
+
+    public String getDescription() {
+        return description;
+    }
+
+    public void setDescription(String description) {
+        this.description = description;
+    }
+
+    public String getScope() {
+        return scope;
+    }
+
+    public void setScope(String scope) {
+        this.scope = scope;
+    }
+
+    public String getRole() {
+        return role;
+    }
+
+    public void setRole(String role) {
+        this.role = role;
+    }
+}

Propchange: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/OAuthScope.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/OAuthScope.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/Token.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/Token.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/Token.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/tokens/Token.java Tue Sep  7 19:40:04 2010
@@ -19,6 +19,7 @@
 package org.apache.cxf.auth.oauth.tokens;
 
 import java.security.Principal;
+import java.util.List;
 
 import org.apache.cxf.auth.oauth.provider.Client;
 
@@ -33,6 +34,7 @@ public abstract class Token {
     protected long lifetime = -1;
     protected Client client;
     protected Principal principal;
+    protected List<OAuthScope> scopes;
 
     protected Token(Client client, String tokenString,
                     String tokenSecret, long lifetime, Principal principal) {
@@ -80,4 +82,12 @@ public abstract class Token {
     public void setPrincipal(Principal principal) {
         this.principal = principal;
     }
+
+    public List<OAuthScope> getScopes() {
+        return scopes;
+    }
+
+    public void setScopes(List<OAuthScope> scopes) {
+        this.scopes = scopes;
+    }
 }

Modified: cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/utils/OAuthUtils.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/utils/OAuthUtils.java?rev=993496&r1=993495&r2=993496&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/utils/OAuthUtils.java (original)
+++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/utils/OAuthUtils.java Tue Sep  7 19:40:04 2010
@@ -19,6 +19,9 @@
 package org.apache.cxf.auth.oauth.utils;
 
 import java.io.IOException;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.StringTokenizer;
 import javax.servlet.http.HttpServletResponse;
 import javax.ws.rs.WebApplicationException;
 import javax.ws.rs.core.Response;
@@ -26,9 +29,10 @@ import javax.ws.rs.core.Response;
 import net.oauth.OAuth;
 import net.oauth.OAuthMessage;
 import net.oauth.OAuthProblemException;
-import net.oauth.server.OAuthServlet;
 
+import org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler;
 import org.apache.cxf.auth.oauth.tokens.RequestToken;
+import org.apache.cxf.common.util.StringUtils;
 
 /**
  * @author Lukasz Moren
@@ -36,48 +40,44 @@ import org.apache.cxf.auth.oauth.tokens.
 public final class OAuthUtils {
 
     private OAuthUtils() {
-
     }
 
-    public static WebApplicationException handleException(Exception e, int status) {
+    public static Response handleException(Exception e, int status) {
         return handleException(e, status, null);
     }
 
-    public static WebApplicationException handleException(Exception e, int status,
-                                                          String realm) {
+    public static Response handleException(Exception e, int status,
+                                           String realm) {
         if (e instanceof OAuthProblemException) {
             OAuthProblemException problem = (OAuthProblemException)e;
             OAuthMessage message = new OAuthMessage(null, null, problem
                 .getParameters().entrySet());
             try {
-                return new WebApplicationException(
+                return
                     Response.status(status).header("WWW-Authenticate", message.getAuthorizationHeader(realm))
-                        .entity(e.getMessage()).build());
+                        .entity(e.getMessage()).build();
             } catch (IOException e1) {
-                return new WebApplicationException(
+                throw new WebApplicationException(
                     Response.status(status).entity(e.getMessage()).build());
             }
         }
-        return new WebApplicationException(
+        throw new WebApplicationException(
             Response.status(status).entity(e.getMessage()).build());
     }
 
-    public static void handleException(HttpServletResponse response, Exception e, int status, String realm,
-                                       boolean sendBody) {
-        try {
-            OAuthServlet.handleException(response, e, realm, sendBody);
-        } catch (Exception ex) {
-            try {
-                response.sendError(status);
-            } catch (IOException e1) {
-                e1.printStackTrace();
-                //todo add handling
+    public static List<String> parseScopesFromRequest(OAuthMessage message) throws IOException {
+        String scopes = message.getParameter(OAuthRequestHandler.X_OAUTH_SCOPE);
+        List<String> scopeList = new ArrayList<String>();
+
+        if (!StringUtils.isEmpty(scopes)) {
+            StringTokenizer tokenizer = new StringTokenizer(scopes, ",");
+
+            while (tokenizer.hasMoreTokens()) {
+                String token = tokenizer.nextToken();
+                scopeList.add(token);
             }
         }
-    }
-
-    public static void handleException(HttpServletResponse response, Exception e, int status) {
-        handleException(response, e, status, null, true);
+        return scopeList;
     }
 
     public static RequestToken handleTokenRejectedException() throws OAuthProblemException {



Mime
View raw message