Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 4A85D92A6 for ; Tue, 11 Oct 2011 10:49:51 +0000 (UTC) Received: (qmail 24048 invoked by uid 500); 11 Oct 2011 10:49:51 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 23993 invoked by uid 500); 11 Oct 2011 10:49:50 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 23986 invoked by uid 99); 11 Oct 2011 10:49:50 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 11 Oct 2011 10:49:50 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 11 Oct 2011 10:49:47 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 29E182388900 for ; Tue, 11 Oct 2011 10:49:26 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1181700 - in /cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth: data/OAuthAuthorizationData.java services/AuthorizationRequestHandler.java Date: Tue, 11 Oct 2011 10:49:26 -0000 To: commits@cxf.apache.org From: sergeyb@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20111011104926.29E182388900@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: sergeyb Date: Tue Oct 11 10:49:25 2011 New Revision: 1181700 URL: http://svn.apache.org/viewvc?rev=1181700&view=rev Log: [CXF-2759] Removing redundant callback property from OAuthAuthorizationData Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthAuthorizationData.java cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthAuthorizationData.java URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthAuthorizationData.java?rev=1181700&r1=1181699&r2=1181700&view=diff ============================================================================== --- cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthAuthorizationData.java (original) +++ cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthAuthorizationData.java Tue Oct 11 10:49:25 2011 @@ -30,8 +30,6 @@ public class OAuthAuthorizationData impl private String authenticityToken; private String applicationName; private String userName; - private String callback; - private String oauthVerifier; private List permissions; private List uris; @@ -66,22 +64,6 @@ public class OAuthAuthorizationData impl this.userName = userName; } - public String getCallback() { - return callback; - } - - public void setCallback(String callback) { - this.callback = callback; - } - - public String getOauthVerifier() { - return oauthVerifier; - } - - public void setOauthVerifier(String oauthVerifier) { - this.oauthVerifier = oauthVerifier; - } - public List getPermissions() { return permissions; } Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java?rev=1181700&r1=1181699&r2=1181700&view=diff ============================================================================== --- cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java (original) +++ cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java Tue Oct 11 10:49:25 2011 @@ -29,6 +29,7 @@ import javax.servlet.http.HttpServletReq import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import javax.ws.rs.core.Response; +import javax.ws.rs.core.UriBuilder; import net.oauth.OAuth; import net.oauth.OAuthMessage; @@ -74,29 +75,20 @@ public class AuthorizationRequestHandler } String decision = request.getParameter(OAuthConstants.AUTHORIZATION_DECISION_KEY); - if (!OAuthConstants.AUTHORIZATION_DECISION_ALLOW.equals(decision)) { - //user not authorized client - secData.setCallback(token.getCallback()); - return Response.ok(addAdditionalParams(secData, token)).build(); - } - - String verifier = dataProvider.createRequestTokenVerifier(token); - - - String callbackURL = getCallbackURI(token); - + boolean allow = OAuthConstants.AUTHORIZATION_DECISION_ALLOW.equals(decision); Map queryParams = new HashMap(); - queryParams.put(OAuth.OAUTH_VERIFIER, verifier); + if (allow) { + String verifier = dataProvider.createRequestTokenVerifier(token); + queryParams.put(OAuth.OAUTH_VERIFIER, verifier); + } queryParams.put(OAuth.OAUTH_TOKEN, token.getTokenString()); if (token.getState() != null) { queryParams.put("state", token.getState()); } - callbackURL = buildCallbackUrl(callbackURL, queryParams); - - - return Response.seeOther(URI.create(callbackURL)) - .build(); + URI callback = buildCallbackURI(getCallbackURI(token), queryParams); + return Response.seeOther(callback).build(); + } catch (OAuthProblemException e) { if (LOG.isLoggable(Level.WARNING)) { LOG.log(Level.WARNING, "An OAuth related problem: {0}", new Object[]{e.fillInStackTrace()}); @@ -122,23 +114,14 @@ public class AuthorizationRequestHandler return callback; } - protected String buildCallbackUrl(String callbackURL, final Map queryParams) { - - boolean containsQuestionMark = callbackURL.contains("?"); + private URI buildCallbackURI(String callback, final Map queryParams) { - - StringBuffer query = new StringBuffer(OAuthUtils.format(queryParams.entrySet(), "UTF-8")); - StringBuffer url = new StringBuffer(callbackURL); - - if (!StringUtils.isEmpty(url.toString())) { - if (containsQuestionMark) { - url.append("&").append(query); - } else { - url.append("?").append(query); - } + UriBuilder builder = UriBuilder.fromUri(callback); + for (Map.Entry entry : queryParams.entrySet()) { + builder.queryParam(entry.getKey(), entry.getValue()); } - return url.toString(); + return builder.build(); } protected OAuthAuthorizationData addAdditionalParams(OAuthAuthorizationData secData,