cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lmo...@apache.org
Subject svn commit: r1037651 - in /cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main: java/org/apache/cxf/auth/oauth/demo/server/oauth/ java/org/apache/cxf/auth/oauth/demo/server/spring/ webapp/ webapp/WEB-INF/
Date Mon, 22 Nov 2010 09:51:56 GMT
Author: lmoren
Date: Mon Nov 22 09:51:56 2010
New Revision: 1037651

URL: http://svn.apache.org/viewvc?rev=1037651&view=rev
Log:
- added scope-permission authorization style
- support for wildcards in scope url

Modified:
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/oauth/SampleOAuthDataProvider.java
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationSuccessfullHandler.java
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/oauth-beans.xml
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/oauth/SampleOAuthDataProvider.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/oauth/SampleOAuthDataProvider.java?rev=1037651&r1=1037650&r2=1037651&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/oauth/SampleOAuthDataProvider.java
(original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/oauth/SampleOAuthDataProvider.java
Mon Nov 22 09:51:56 2010
@@ -26,8 +26,8 @@ import javax.servlet.http.HttpServletReq
 import javax.servlet.http.HttpSession;
 
 import org.apache.cxf.auth.oauth.provider.MemoryOauthDataProvider;
-import org.apache.cxf.auth.oauth.tokens.OAuthScope;
 
+import org.apache.cxf.auth.oauth.tokens.OAuthPermission;
 import org.springframework.security.core.context.SecurityContext;
 import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
 
@@ -36,32 +36,33 @@ import org.springframework.security.web.
  */
 public class SampleOAuthDataProvider extends MemoryOauthDataProvider {
 
-    protected ConcurrentHashMap<String, OAuthScope> availableScopes
-        = new ConcurrentHashMap<String, OAuthScope>();
+    protected ConcurrentHashMap<String, OAuthPermission> availablePermissions
+            = new ConcurrentHashMap<String, OAuthPermission>();
 
     {
-        availableScopes
-            .put("read_info", new OAuthScope("read_info", "Read your personal information",
"ROLE_USER"));
-        availableScopes.put("modify_info",
-            new OAuthScope("modify_info", "Modify your personal information", "ROLE_ADMIN"));
+        availablePermissions
+                .put("read_info", new OAuthPermission("read_info", "Read your personal information",
+                        "ROLE_USER"));
+        availablePermissions.put("modify_info",
+                new OAuthPermission("modify_info", "Modify your personal information", "ROLE_ADMIN"));
     }
 
     @Override
-    public List<OAuthScope> getAvailableScopes(List<String> requestScopes) {
-        List<OAuthScope> scopes = new ArrayList<OAuthScope>();
-        for (String requestScope : requestScopes) {
-            OAuthScope oAuthScope = availableScopes.get(requestScope);
-            scopes.add(oAuthScope);
+    public List<OAuthPermission> getAvailablePermissions(List<String> strings)
{
+        List<OAuthPermission> permissions = new ArrayList<OAuthPermission>();
+        for (String requestScope : strings) {
+            OAuthPermission oAuthScope = availablePermissions.get(requestScope);
+            permissions.add(oAuthScope);
         }
 
-        return scopes;
+        return permissions;
     }
 
     @Override
     public Principal loggedPrincipal(HttpServletRequest request) {
         HttpSession session = request.getSession();
-        SecurityContext ctx = (SecurityContext)session
-            .getAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY);
+        SecurityContext ctx = (SecurityContext) session
+                .getAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY);
         if (ctx != null) {
             return ctx.getAuthentication();
         }

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java?rev=1037651&r1=1037650&r2=1037651&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java
(original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java
Mon Nov 22 09:51:56 2010
@@ -26,6 +26,7 @@ import javax.servlet.http.HttpServletRes
 import net.oauth.OAuth;
 
 import org.apache.cxf.auth.oauth.endpoints.AuthorizationService;
+import org.apache.cxf.auth.oauth.handlers.AuthorizationRequestHandler;
 import org.apache.cxf.common.util.StringUtils;
 
 import org.springframework.security.core.AuthenticationException;
@@ -41,14 +42,14 @@ public class AuthenticationFailureHandle
     public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
                                         AuthenticationException exception)
         throws IOException, ServletException {
-        String xOAuthScope = request.getParameter(AuthorizationService.X_OAUTH_SCOPE);
+        String xOAuthScope = request.getParameter(AuthorizationRequestHandler.X_OAUTH_SCOPE);
         String oauthToken = request.getParameter(OAuth.OAUTH_TOKEN);
 
         StringBuffer url = new StringBuffer(authorizeUrl).append("?").append(OAuth.OAUTH_TOKEN).append("=")
             .append(oauthToken);
 
         if (!StringUtils.isEmpty(xOAuthScope)) {
-            url.append("&").append(AuthorizationService.X_OAUTH_SCOPE).append("=")
+            url.append("&").append(AuthorizationRequestHandler.X_OAUTH_SCOPE).append("=")
                 .append(xOAuthScope);
         }
 

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationSuccessfullHandler.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationSuccessfullHandler.java?rev=1037651&r1=1037650&r2=1037651&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationSuccessfullHandler.java
(original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationSuccessfullHandler.java
Mon Nov 22 09:51:56 2010
@@ -25,7 +25,7 @@ import javax.servlet.http.HttpServletRes
 
 import net.oauth.OAuth;
 
-import org.apache.cxf.auth.oauth.endpoints.AuthorizationService;
+import org.apache.cxf.auth.oauth.handlers.AuthorizationRequestHandler;
 import org.apache.cxf.common.util.StringUtils;
 
 import org.springframework.security.core.Authentication;
@@ -39,33 +39,42 @@ public class AuthenticationSuccessfullHa
     private String confirmationUrl;
 
     public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
-                                        Authentication authentication) throws IOException,
ServletException {
+                                        Authentication authentication) throws IOException,
+            ServletException {
         super.onAuthenticationSuccess(request, response, authentication);
     }
 
     protected String determineTargetUrl(HttpServletRequest request, HttpServletResponse response)
{
 
         String oauthToken = request.getParameter(OAuth.OAUTH_TOKEN);
-        String authToken = request.getParameter(AuthorizationService.AUTHENTICITY_TOKEN);
-        String decision = request.getParameter(AuthorizationService.AUTHORIZATION_DECISION_KEY);
-        String xOAuthScope = request.getParameter(AuthorizationService.X_OAUTH_SCOPE);
+        String authToken = request.getParameter(AuthorizationRequestHandler.AUTHENTICITY_TOKEN);
+        String decision = request.getParameter(AuthorizationRequestHandler.AUTHORIZATION_DECISION_KEY);
+        String xOAuthScope = request.getParameter(AuthorizationRequestHandler.X_OAUTH_SCOPE);
+        String xPermission = request.getParameter(AuthorizationRequestHandler.X_OAUTH_PERMISSION);
 
         if (StringUtils.isEmpty(oauthToken)) {
             return super.determineTargetUrl(request, response);
         }
 
-        StringBuffer url = new StringBuffer(confirmationUrl).append("?").append(OAuth.OAUTH_TOKEN).append("=")
-            .append(oauthToken).append("&").append(AuthorizationService.AUTHENTICITY_TOKEN).append("=")
-            .append(authToken);
+        StringBuffer url = new StringBuffer(confirmationUrl).append("?").append(OAuth.OAUTH_TOKEN).append
+                ("=")
+                .append(oauthToken).append("&").append(AuthorizationRequestHandler.AUTHENTICITY_TOKEN)
+                .append("=")
+                .append(authToken);
 
         if (!StringUtils.isEmpty(decision)) {
-            url.append("&").append(AuthorizationService.AUTHORIZATION_DECISION_KEY).append("=")
-                .append(decision);
+            url.append("&").append(AuthorizationRequestHandler.AUTHORIZATION_DECISION_KEY).append("=")
+                    .append(decision);
         }
 
         if (!StringUtils.isEmpty(xOAuthScope)) {
-            url.append("&").append(AuthorizationService.X_OAUTH_SCOPE).append("=")
-                .append(xOAuthScope);
+            url.append("&").append(AuthorizationRequestHandler.X_OAUTH_SCOPE).append("=")
+                    .append(xOAuthScope);
+        }
+
+        if (!StringUtils.isEmpty(xPermission)) {
+            url.append("&").append(AuthorizationRequestHandler.X_OAUTH_PERMISSION).append("=").append
+                    (xPermission);
         }
 
         return url.toString();

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/oauth-beans.xml
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/oauth-beans.xml?rev=1037651&r1=1037650&r2=1037651&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/oauth-beans.xml
(original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/oauth-beans.xml
Mon Nov 22 09:51:56 2010
@@ -41,34 +41,24 @@
 
 
     <!-- Publish OAuth endpoints-->
-    <jaxrs:server id="oauthServer" address="/oauth/" >
+    <jaxrs:server id="oauthServer" address="/oauth/">
         <jaxrs:serviceBeans>
-            <ref bean="temporaryCredentialService"/>
-            <ref bean="resourceOwnerAuthorizationEndpoint"/>
-            <ref bean="tokenService"/>
+            <ref bean="oauthServices"/>
         </jaxrs:serviceBeans>
         <jaxrs:providers>
             <ref bean="dispatchProvider"/>
         </jaxrs:providers>
     </jaxrs:server>
 
-    <!--Redirects from Resource Owner Authorization Endpoint to sign in page-->
-    <bean id="dispatchProvider" class="org.apache.cxf.jaxrs.provider.RequestDispatcherProvider">
-        <property name="resourcePath" value="/oAuthLogin.jsp"/>
-    </bean>
-
     <!--Definitions of OAuth module endpoints-->
-    <bean id="resourceOwnerAuthorizationEndpoint"
-          class="org.apache.cxf.auth.oauth.endpoints.AuthorizationServiceImpl">
+    <bean id="oauthServices"
+          class="org.apache.cxf.auth.oauth.endpoints.OAuthDefaultServices">
         <property name="displayVerifierURL" value="http://localhost:8081/app/displayVerifier"/>
     </bean>
 
-    <bean id="tokenService"
-          class="org.apache.cxf.auth.oauth.endpoints.TokenCredentialsServiceImpl">
-    </bean>
-
-    <bean id="temporaryCredentialService"
-          class="org.apache.cxf.auth.oauth.endpoints.TemporaryCredentialsServiceImpl">
+    <!--Redirects from Resource Owner Authorization Endpoint to sign in page-->
+    <bean id="dispatchProvider" class="org.apache.cxf.jaxrs.provider.RequestDispatcherProvider">
+        <property name="resourcePath" value="/oAuthLogin.jsp"/>
     </bean>
 
 

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp?rev=1037651&r1=1037650&r2=1037651&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp
(original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp
Mon Nov 22 09:51:56 2010
@@ -1,4 +1,3 @@
-<%@ page import="org.apache.cxf.auth.oauth.endpoints.AuthorizationService" %>
 <!--
 Licensed to the Apache Software Foundation (ASF) under one
 or more contributor license agreements. See the NOTICE file
@@ -18,7 +17,8 @@ specific language governing permissions 
 under the License.
 -->
 <%--@elvariable id="text" type="java.lang.String"--%>
-<%--@elvariable id="oauthauthorizationdata" type="org.apache.cxf.auth.oauth.provider.OAuthAuthorizationData"--%>
+<%--@elvariable id="oauthauthorizationdata" type="org.apache.cxf.auth.oauth.provider
+.OAuthAuthorizationData"--%>
 <%@ page contentType="text/html;charset=UTF-8" language="java" %>
 <%@ page isELIgnored="false" %>
 <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
@@ -37,18 +37,32 @@ under the License.
                             <input type="hidden" name="oauth_token"
                                    value="${oauthauthorizationdata.oauthToken}"/>
                             <input type="hidden"
-                                   name="<%=org.apache.cxf.auth.oauth.endpoints.AuthorizationService.AUTHENTICITY_TOKEN%>"
+                                   name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                                   .AUTHENTICITY_TOKEN%>"
                                    value="${oauthauthorizationdata.authenticityToken}"/>
                             <input type="hidden"
-                                   name="<%=org.apache.cxf.auth.oauth.endpoints.AuthorizationService.X_OAUTH_SCOPE%>"
+                                   name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                                   .X_OAUTH_SCOPE%>"
                                    value="<%=request.getParameter("x_oauth_scope")%>"/>
+                            <input type="hidden"
+                                   name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                                   .X_OAUTH_PERMISSION%>"
+                                   value="<%=request.getParameter("x_oauth_permission")%>"/>
 
-                            <p>The application <b>${oauthauthorizationdata.applicationName}</b>
would like the
+                            <p>The application <b>${oauthauthorizationdata.applicationName}</b>
would like
+                                the
                                 ability to access and update your data on Sample OAuth CXF
server:
                                 <br/>
+                                <b>Scopes:</b>
                             <ul>
                                 <c:forEach items="${oauthauthorizationdata.scopes}" var="scope">
-                                    <li><b>${scope.description}</b></li>
+                                    <li><b>${scope}</b></li>
+                                </c:forEach></ul>
+                            <br/>
+                            <b>Permissions:</b>
+                            <ul>
+                                <c:forEach items="${oauthauthorizationdata.permissions}"
var="permission">
+                                    <li><b>${permission.description}</b></li>
                                 </c:forEach></ul>
                             Please ensure that you trust this website with your information
before
                             proceeding!</p>
@@ -65,20 +79,25 @@ under the License.
                             <br>
                             <label for="login">User</label>
                             <input type="text" id="login" name='j_username'
-                                   value='<c:if test="${not empty param.login_error}"><c:out
value="${SPRING_SECURITY_LAST_USERNAME}"/></c:if>'/>
+                                   value='<c:if test="${not empty param.login_error}"><c:out
+                                   value="${SPRING_SECURITY_LAST_USERNAME}"/></c:if>'/>
 
                             <div class="clear"></div>
                             <label for="password">Password</label>
                             <input type="password" id="password" name="j_password"/>
                             <br>
-                            <button name="<%=org.apache.cxf.auth.oauth.endpoints.AuthorizationService.AUTHORIZATION_DECISION_KEY%>"
+                            <button name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                            .AUTHORIZATION_DECISION_KEY%>"
                                     type="submit"
-                                    value="<%=org.apache.cxf.auth.oauth.endpoints.AuthorizationService.AUTHORIZATION_DECISION_DENY%>">
+                                    value="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                                    .AUTHORIZATION_DECISION_DENY%>">
                                 Deny
                             </button>
-                            <button name="<%=org.apache.cxf.auth.oauth.endpoints.AuthorizationService.AUTHORIZATION_DECISION_KEY%>"
+                            <button name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                            .AUTHORIZATION_DECISION_KEY%>"
                                     type="submit"
-                                    value="<%=org.apache.cxf.auth.oauth.endpoints.AuthorizationService.AUTHORIZATION_DECISION_ALLOW%>">
+                                    value="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                                    .AUTHORIZATION_DECISION_ALLOW%>">
                                 Allow
                             </button>
                         </form>
@@ -89,30 +108,49 @@ under the License.
                                 <input type="hidden" name="oauth_token"
                                        value="${oauthauthorizationdata.oauthToken}"/>
                                 <input type="hidden"
-                                       name="<%=org.apache.cxf.auth.oauth.endpoints.AuthorizationService.AUTHENTICITY_TOKEN%>"
+                                       name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                                       .AUTHENTICITY_TOKEN%>"
                                        value="${oauthauthorizationdata.authenticityToken}"/>
                                 <input type="hidden"
-                                       name="<%=org.apache.cxf.auth.oauth.endpoints.AuthorizationService.X_OAUTH_SCOPE%>"
+                                       name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                                       .X_OAUTH_SCOPE%>"
                                        value="<%=request.getParameter("x_oauth_scope")%>"/>
+                                <input type="hidden"
+                                       name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                                       .X_OAUTH_PERMISSION%>"
+                                       value="<%=request.getParameter("x_oauth_permission")%>"/>
 
-                                <p>The application <b>${oauthauthorizationdata.applicationName}</b>
would like
+                                <p>The application <b>${oauthauthorizationdata.applicationName}</b>
would
+                                    like
                                     the
                                     ability to access and update your data on Sample OAuth
CXF server.
                                     <br/>
+                                    <b>Scopes:</b>
                                 <ul>
                                     <c:forEach items="${oauthauthorizationdata.scopes}"
var="scope">
-                                        <li><b>${scope.description}</b></li>
+                                        <li><b>${scope}</b></li>
+                                    </c:forEach></ul>
+                                <br/>
+                                <b>Permissions:</b>
+                                <ul>
+                                    <c:forEach items="${oauthauthorizationdata.permissions}"
+                                               var="permission">
+                                        <li><b>${permission.description}</b></li>
                                     </c:forEach></ul>
                                 Please ensure that you trust this website with your information
before
                                 proceeding!</p>
-                                <button name="<%=AuthorizationService.AUTHORIZATION_DECISION_KEY%>"
+                                <button name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                                .AUTHORIZATION_DECISION_KEY%>"
                                         type="submit"
-                                        value="<%=AuthorizationService.AUTHORIZATION_DECISION_DENY%>">
+                                        value="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                                        .AUTHORIZATION_DECISION_DENY%>">
                                     Deny
                                 </button>
-                                <button name="<%=AuthorizationService.AUTHORIZATION_DECISION_KEY%>"
+                                <button name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                                .AUTHORIZATION_DECISION_KEY%>"
                                         type="submit"
-                                        value="<%=AuthorizationService.AUTHORIZATION_DECISION_ALLOW%>">
+                                        value="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                                        .AUTHORIZATION_DECISION_ALLOW%>">
                                     Allow
                                 </button>
                             </form>



Mime
View raw message