cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lmo...@apache.org
Subject svn commit: r1038384 - in /cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main: java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java webapp/oAuthLogin.jsp
Date Tue, 23 Nov 2010 23:34:14 GMT
Author: lmoren
Date: Tue Nov 23 23:34:13 2010
New Revision: 1038384

URL: http://svn.apache.org/viewvc?rev=1038384&view=rev
Log:
- minor fixes

Modified:
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java
    cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java?rev=1038384&r1=1038383&r2=1038384&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java
(original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java
Tue Nov 23 23:34:13 2010
@@ -42,8 +42,9 @@ public class AuthenticationFailureHandle
     public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
                                         AuthenticationException exception)
         throws IOException, ServletException {
-        String xOAuthScope = request.getParameter(AuthorizationRequestHandler.X_OAUTH_SCOPE);
         String oauthToken = request.getParameter(OAuth.OAUTH_TOKEN);
+        String xOAuthScope = request.getParameter(AuthorizationRequestHandler.X_OAUTH_SCOPE);
+        String xPermission = request.getParameter(AuthorizationRequestHandler.X_OAUTH_PERMISSION);
 
         StringBuffer url = new StringBuffer(authorizeUrl).append("?").append(OAuth.OAUTH_TOKEN).append("=")
             .append(oauthToken);
@@ -53,6 +54,11 @@ public class AuthenticationFailureHandle
                 .append(xOAuthScope);
         }
 
+        if (!StringUtils.isEmpty(xPermission)) {
+            url.append("&").append(AuthorizationRequestHandler.X_OAUTH_PERMISSION).append("=").append
+                (xPermission);
+        }
+
         setDefaultFailureUrl(url.toString());
         super.onAuthenticationFailure(request, response,
             exception);

Modified: cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp
URL: http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp?rev=1038384&r1=1038383&r2=1038384&view=diff
==============================================================================
--- cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp
(original)
+++ cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp
Tue Nov 23 23:34:13 2010
@@ -17,8 +17,7 @@ specific language governing permissions 
 under the License.
 -->
 <%--@elvariable id="text" type="java.lang.String"--%>
-<%--@elvariable id="oauthauthorizationdata" type="org.apache.cxf.auth.oauth.provider
-.OAuthAuthorizationData"--%>
+<%--@elvariable id="oauthauthorizationdata" type="org.apache.cxf.auth.oauth.provider.OAuthAuthorizationData"--%>
 <%@ page contentType="text/html;charset=UTF-8" language="java" %>
 <%@ page isELIgnored="false" %>
 <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
@@ -31,131 +30,75 @@ under the License.
         <table align="center">
             <tr align="center">
                 <td>
-                        <%--user not logged in, login and allow thir party app access--%>
-                    <c:choose><c:when test="${empty oauthauthorizationdata.userName}">
-                        <form name="f" action="/j_spring_security_check" method="POST">
-                            <input type="hidden" name="oauth_token"
-                                   value="${oauthauthorizationdata.oauthToken}"/>
-                            <input type="hidden"
-                                   name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                    <form name="f" action="/j_spring_security_check" method="POST">
+                        <input type="hidden" name="oauth_token"
+                               value="${oauthauthorizationdata.oauthToken}"/>
+                        <input type="hidden"
+                               name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
                                    .AUTHENTICITY_TOKEN%>"
-                                   value="${oauthauthorizationdata.authenticityToken}"/>
-                            <input type="hidden"
-                                   name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                               value="${oauthauthorizationdata.authenticityToken}"/>
+                        <input type="hidden"
+                               name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
                                    .X_OAUTH_SCOPE%>"
-                                   value="<%=request.getParameter("x_oauth_scope")%>"/>
-                            <input type="hidden"
-                                   name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                               value="<%=request.getParameter("x_oauth_scope")%>"/>
+                        <input type="hidden"
+                               name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
                                    .X_OAUTH_PERMISSION%>"
-                                   value="<%=request.getParameter("x_oauth_permission")%>"/>
+                               value="<%=request.getParameter("x_oauth_permission")%>"/>
 
-                            <p>The application <b>${oauthauthorizationdata.applicationName}</b>
would like
-                                the
-                                ability to access and update your data on Sample OAuth CXF
server:
-                                <br/>
-                                <b>Scopes:</b>
-                            <ul>
-                                <c:forEach items="${oauthauthorizationdata.scopes}" var="scope">
-                                    <li><b>${scope}</b></li>
-                                </c:forEach></ul>
-                            <br/>
-                            <b>Permissions:</b>
-                            <ul>
-                                <c:forEach items="${oauthauthorizationdata.permissions}"
var="permission">
-                                    <li><b>${permission.description}</b></li>
-                                </c:forEach></ul>
-                            Please ensure that you trust this website with your information
before
-                            proceeding!</p>
-                            <c:if test="${not empty param.login_error}">
-                                <font color="red">
-                                    Your login attempt was not successful, try again.<br/><br/>
-                                    Reason: <c:out value="${SPRING_SECURITY_LAST_EXCEPTION.message}"/>.
-                                </font>
-                            </c:if>
-                            <br>
-                            User: user1
-                            <br>
-                            Password: 1111
-                            <br>
-                            <label for="login">User</label>
-                            <input type="text" id="login" name='j_username'
-                                   value='<c:if test="${not empty param.login_error}"><c:out
+                        <p>The application <b>${oauthauthorizationdata.applicationName}</b>
would like
+                            the
+                            ability to access and update your data on Sample OAuth CXF server:
+                            <br/></p>
+                        <b>Scopes:</b>
+                        <c:forEach items="${oauthauthorizationdata.scopes}" var="scope">
+                            <li>${scope}</li>
+                        </c:forEach>
+
+                        <br/>
+                        <b>Permissions:</b>
+
+                        <c:forEach items="${oauthauthorizationdata.permissions}" var="permission">
+                            <li>${permission.description}</li>
+                        </c:forEach>
+                        <br/>
+                        Please ensure that you trust this website with your information before
+                        proceeding!
+                        <c:if test="${not empty param.login_error}">
+                            <font color="red">
+                                Your login attempt was not successful, try again.<br/><br/>
+                                Reason: <c:out value="${SPRING_SECURITY_LAST_EXCEPTION.message}"/>.
+                            </font>
+                        </c:if>
+                        <br>
+                        User: user2
+                        <br>
+                        Password: 2222
+                        <br>
+                        <label for="login">User</label>
+                        <input type="text" id="login" name='j_username'
+                               value='<c:if test="${not empty param.login_error}"><c:out
                                    value="${SPRING_SECURITY_LAST_USERNAME}"/></c:if>'/>
 
-                            <div class="clear"></div>
-                            <label for="password">Password</label>
-                            <input type="password" id="password" name="j_password"/>
-                            <br>
-                            <button name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                        <div class="clear"></div>
+                        <label for="password">Password</label>
+                        <input type="password" id="password" name="j_password"/>
+                        <br>
+                        <button name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
                             .AUTHORIZATION_DECISION_KEY%>"
-                                    type="submit"
-                                    value="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                                type="submit"
+                                value="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
                                     .AUTHORIZATION_DECISION_DENY%>">
-                                Deny
-                            </button>
-                            <button name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                            Deny
+                        </button>
+                        <button name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
                             .AUTHORIZATION_DECISION_KEY%>"
-                                    type="submit"
-                                    value="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
+                                type="submit"
+                                value="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
                                     .AUTHORIZATION_DECISION_ALLOW%>">
-                                Allow
-                            </button>
-                        </form>
-                    </c:when>
-                        <%--user is logged in, just ask user to allow third party app
access--%>
-                        <c:otherwise>
-                            <form action="/auth/oauth/authorize">
-                                <input type="hidden" name="oauth_token"
-                                       value="${oauthauthorizationdata.oauthToken}"/>
-                                <input type="hidden"
-                                       name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
-                                       .AUTHENTICITY_TOKEN%>"
-                                       value="${oauthauthorizationdata.authenticityToken}"/>
-                                <input type="hidden"
-                                       name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
-                                       .X_OAUTH_SCOPE%>"
-                                       value="<%=request.getParameter("x_oauth_scope")%>"/>
-                                <input type="hidden"
-                                       name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
-                                       .X_OAUTH_PERMISSION%>"
-                                       value="<%=request.getParameter("x_oauth_permission")%>"/>
-
-                                <p>The application <b>${oauthauthorizationdata.applicationName}</b>
would
-                                    like
-                                    the
-                                    ability to access and update your data on Sample OAuth
CXF server.
-                                    <br/>
-                                    <b>Scopes:</b>
-                                <ul>
-                                    <c:forEach items="${oauthauthorizationdata.scopes}"
var="scope">
-                                        <li><b>${scope}</b></li>
-                                    </c:forEach></ul>
-                                <br/>
-                                <b>Permissions:</b>
-                                <ul>
-                                    <c:forEach items="${oauthauthorizationdata.permissions}"
-                                               var="permission">
-                                        <li><b>${permission.description}</b></li>
-                                    </c:forEach></ul>
-                                Please ensure that you trust this website with your information
before
-                                proceeding!</p>
-                                <button name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
-                                .AUTHORIZATION_DECISION_KEY%>"
-                                        type="submit"
-                                        value="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
-                                        .AUTHORIZATION_DECISION_DENY%>">
-                                    Deny
-                                </button>
-                                <button name="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
-                                .AUTHORIZATION_DECISION_KEY%>"
-                                        type="submit"
-                                        value="<%=org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler
-                                        .AUTHORIZATION_DECISION_ALLOW%>">
-                                    Allow
-                                </button>
-                            </form>
-                        </c:otherwise>
-                    </c:choose>
+                            Allow
+                        </button>
+                    </form>
                 </td>
             </tr>
         </table>



Mime
View raw message