cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1233478 - in /cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth: data/ filters/ services/
Date Thu, 19 Jan 2012 17:16:12 GMT
Author: sergeyb
Date: Thu Jan 19 17:16:12 2012
New Revision: 1233478

URL: http://svn.apache.org/viewvc?rev=1233478&view=rev
Log:
[CXF-4047] OAuthContext needs to provide an access to OAuthPermissions

Modified:
    cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthContext.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthPermission.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/UserSubject.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthInfo.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthContext.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthContext.java?rev=1233478&r1=1233477&r2=1233478&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthContext.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthContext.java
Thu Jan 19 17:16:12 2012
@@ -18,23 +18,30 @@
  */
 package org.apache.cxf.rs.security.oauth.data;
 
+import java.util.Collections;
+import java.util.List;
+
 
 /**
  * Captures the information which custom filters may use to further protect the endpoints
  */
 public class OAuthContext {
-    
-    private UserSubject subject;
 
-    public void setSubject(UserSubject subject) {
+    private UserSubject subject;
+    private List<OAuthPermission> permissions;
+    
+    public OAuthContext(UserSubject subject, List<OAuthPermission> perms) {
         this.subject = subject;
+        this.permissions = perms;
     }
-
+    
     public UserSubject getSubject() {
         return subject;
     }
     
-    
+    public List<OAuthPermission> getPermissions() {
+        return Collections.unmodifiableList(permissions);
+    }
     
 
 }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthPermission.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthPermission.java?rev=1233478&r1=1233477&r2=1233478&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthPermission.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthPermission.java
Thu Jan 19 17:16:12 2012
@@ -33,26 +33,35 @@ public class OAuthPermission extends Per
     public OAuthPermission(String permission, String description, String role) {
         this(permission, description, Collections.singletonList(role));
     }
-
+    
     public OAuthPermission(String permission, String description, List<String> roles)
{
         super(permission, description);
         this.roles = roles;
     }
     
+    public OAuthPermission(String permission, String description, 
+                           List<String> roles, List<String> httpVerbs) {
+        this(permission, description, roles);
+        this.httpVerbs = httpVerbs;
+    }
+    
+    public OAuthPermission(String permission, 
+                           String description, 
+                           List<String> roles, 
+                           List<String> httpVerbs, 
+                           List<String> uris,
+                           boolean authorizeKeyRequired) {
+        this(permission, description, roles, httpVerbs);
+        this.uri = uris;
+        this.authorizationKeyRequired = authorizeKeyRequired;
+    }
+    
     /**
      * Returns an optional list of role names
      * @return the roles
      */
     public List<String> getRoles() {
-        return roles;
-    }
-
-    /**
-     * Sets an optional list of HTTP verbs 
-     * @param httpVerbs the verbs
-     */
-    public void setHttpVerbs(List<String> httpVerbs) {
-        this.httpVerbs = httpVerbs;
+        return Collections.unmodifiableList(roles);
     }
 
     /**
@@ -60,15 +69,7 @@ public class OAuthPermission extends Per
      * @return the list of verbs
      */
     public List<String> getHttpVerbs() {
-        return httpVerbs;
-    }
-
-    /**
-     * Sets an optional list of URIs
-     * @param uri the uris
-     */
-    public void setUris(List<String> uris) {
-        this.uri = uris;
+        return Collections.unmodifiableList(httpVerbs);
     }
 
     /**
@@ -76,16 +77,7 @@ public class OAuthPermission extends Per
      * @return the uri
      */
     public List<String> getUris() {
-        return uri;
-    }
-
-    /**
-     * Can be used to disable the default requirement for all
-     * consumer requests to contain an access token
-     * @param authorizationKeyRequired the boolean value
-     */
-    public void setAuthorizationKeyRequired(boolean authorizationKeyRequired) {
-        this.authorizationKeyRequired = authorizationKeyRequired;
+        return Collections.unmodifiableList(uri);
     }
 
     /**

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/UserSubject.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/UserSubject.java?rev=1233478&r1=1233477&r2=1233478&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/UserSubject.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/UserSubject.java
Thu Jan 19 17:16:12 2012
@@ -18,6 +18,7 @@
  */
 package org.apache.cxf.rs.security.oauth.data;
 
+import java.util.Collections;
 import java.util.List;
 
 /**
@@ -29,20 +30,17 @@ public class UserSubject {
     private String login;
     private List<String> roles;
     
-    public void setLogin(String login) {
+    public UserSubject(String login, List<String> roles) {
         this.login = login;
+        this.roles = roles;
     }
-
+    
     public String getLogin() {
         return login;
     }
 
-    public void setRoles(List<String> roles) {
-        this.roles = roles;
-    }
-
     public List<String> getRoles() {
-        return roles;
+        return Collections.unmodifiableList(roles);
     }
     
 

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java?rev=1233478&r1=1233477&r2=1233478&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java
Thu Jan 19 17:16:12 2012
@@ -199,10 +199,10 @@ public class AbstractAuthFilter {
     }
     
     protected OAuthContext createOAuthContext(OAuthInfo info) {
-        OAuthContext context = new OAuthContext();
+        UserSubject subject = null;
         if (info.getToken() != null) {
-            context.setSubject(info.getToken().getSubject());
+            subject = info.getToken().getSubject();
         }
-        return context;
+        return new OAuthContext(subject, info.getPermissions());
     }
 }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthInfo.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthInfo.java?rev=1233478&r1=1233477&r2=1233478&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthInfo.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthInfo.java
Thu Jan 19 17:16:12 2012
@@ -57,6 +57,10 @@ public class OAuthInfo {
         return authorities;
     }
     
+    public List<OAuthPermission> getPermissions() {
+        return permissions;
+    }
+    
     public boolean useUserSubject() {
         return useUserSubject;
     }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java?rev=1233478&r1=1233477&r2=1233478&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java
Thu Jan 19 17:16:12 2012
@@ -22,6 +22,7 @@ import java.io.IOException;
 import java.net.URI;
 import java.security.Principal;
 import java.util.ArrayList;
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -87,18 +88,16 @@ public class AuthorizationRequestHandler
             Map<String, String> queryParams = new HashMap<String, String>();
             if (allow) {
                 SecurityContext sc = mc.getSecurityContext();
-                
-                UserSubject subject = new UserSubject();
-                subject.setLogin(sc.getUserPrincipal().getName());
+                List<String> roleNames = Collections.emptyList();
                 if (sc instanceof LoginSecurityContext) {
-                    List<String> roleNames = new ArrayList<String>();
+                    roleNames = new ArrayList<String>();
                     Set<Principal> roles = ((LoginSecurityContext)sc).getUserRoles();
                     for (Principal p : roles) {
                         roleNames.add(p.getName());
                     }
-                    subject.setRoles(roleNames);
                 }
-                token.setSubject(subject);
+                token.setSubject(new UserSubject(sc.getUserPrincipal().getName(),
+                                                 roleNames));
                 
                 String verifier = dataProvider.setRequestTokenVerifier(token);
                 queryParams.put(OAuth.OAUTH_VERIFIER, verifier);



Mime
View raw message