cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1176457 - in /cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth: data/Token.java filters/AbstractAuthFilter.java filters/OAuthInfo.java
Date Tue, 27 Sep 2011 16:17:49 GMT
Author: sergeyb
Date: Tue Sep 27 16:17:49 2011
New Revision: 1176457

URL: http://svn.apache.org/viewvc?rev=1176457&view=rev
Log:
[CXF-2759] Removing optional HTTP verbs from Token

Modified:
    cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/Token.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthInfo.java

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/Token.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/Token.java?rev=1176457&r1=1176456&r2=1176457&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/Token.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/Token.java
Tue Sep 27 16:17:49 2011
@@ -30,7 +30,6 @@ public abstract class Token {
     protected Client client;
     protected List<String> scopes;
     protected List<String> uris;
-    private List<String> httpVerbs;
     
     protected Token(Client client, String tokenString,
                     String tokenSecret, long lifetime) {
@@ -86,14 +85,5 @@ public abstract class Token {
     public void setUris(List<String> uris) {
         this.uris = uris;
     }
-
-    public void setHttpVerbs(List<String> httpVerbs) {
-        this.httpVerbs = httpVerbs;
-    }
-
-    public List<String> getHttpVerbs() {
-        return httpVerbs;
-    }
-    
     
 }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java?rev=1176457&r1=1176456&r2=1176457&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java
Tue Sep 27 16:17:49 2011
@@ -34,6 +34,7 @@ import org.apache.cxf.common.logging.Log
 import org.apache.cxf.common.security.SimplePrincipal;
 import org.apache.cxf.rs.security.oauth.data.AccessToken;
 import org.apache.cxf.rs.security.oauth.data.Client;
+import org.apache.cxf.rs.security.oauth.data.OAuthPermission;
 import org.apache.cxf.rs.security.oauth.provider.OAuthDataProvider;
 import org.apache.cxf.rs.security.oauth.utils.OAuthUtils;
 import org.apache.cxf.security.SecurityContext;
@@ -81,19 +82,18 @@ public class AbstractAuthFilter {
             if (accessToken == null) {
                 throw new OAuthProblemException();
             }
-            //check valid scope
+            //check valid URI
             if (!checkRequestURI(req, accessToken.getUris())) {
                 throw new OAuthProblemException();
             }
-            if (accessToken.getHttpVerbs() != null 
-                && !accessToken.getHttpVerbs().contains(req.getMethod())) {
-                throw new OAuthProblemException();
-            }
             authInfo = accessToken.getClient(); 
             
         } else {
             String consumerKey = oAuthMessage.getParameter(OAuth.OAUTH_CONSUMER_KEY);
             authInfo = dataProvider.getClient(consumerKey);
+            if (authInfo == null) {
+                throw new OAuthProblemException();
+            }
             if (!checkRequestURI(req, authInfo.getUris())) {
                 throw new OAuthProblemException();
             }
@@ -101,7 +101,19 @@ public class AbstractAuthFilter {
 
         OAuthUtils.validateMessage(oAuthMessage, authInfo, accessToken);
 
-        return new OAuthInfo(authInfo, accessToken, dataProvider);
+        List<OAuthPermission> permissions = dataProvider.getPermissionsInfo(
+                accessToken != null ? accessToken.getScopes() : authInfo.getScopes());
+        boolean matched = false;
+        for (OAuthPermission perm : permissions) {
+            if (perm.getHttpVerbs() == null 
+                    || perm.getHttpVerbs().contains(req.getMethod())) {
+                matched = true;
+            }
+        }
+        if (!matched) {
+            throw new OAuthProblemException();
+        }
+        return new OAuthInfo(authInfo, accessToken, permissions);
         
     }
 

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthInfo.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthInfo.java?rev=1176457&r1=1176456&r2=1176457&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthInfo.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthInfo.java
Tue Sep 27 16:17:49 2011
@@ -24,16 +24,15 @@ import java.util.List;
 import org.apache.cxf.rs.security.oauth.data.AccessToken;
 import org.apache.cxf.rs.security.oauth.data.Client;
 import org.apache.cxf.rs.security.oauth.data.OAuthPermission;
-import org.apache.cxf.rs.security.oauth.provider.OAuthDataProvider;
 
 public class OAuthInfo {
     private Client client;
     private AccessToken token;
-    private OAuthDataProvider provider;
-    public OAuthInfo(Client client, AccessToken token, OAuthDataProvider provider) {
+    private List<OAuthPermission> permissions;
+    public OAuthInfo(Client client, AccessToken token, List<OAuthPermission> permissions)
{
         this.client = client;
         this.token = token;
-        this.provider = provider;
+        this.permissions = permissions;
     }
     public Client getClient() {
         return client;
@@ -43,8 +42,6 @@ public class OAuthInfo {
     }
     
     public List<String> getRoles() {
-        List<OAuthPermission> permissions = provider.getPermissionsInfo(
-            token != null ? token.getScopes() : client.getScopes());
         List<String> authorities = new ArrayList<String>();
         if (permissions != null) {
             for (OAuthPermission permission : permissions) {



Mime
View raw message