cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1292416 [1/2] - in /cxf/trunk/rt/rs/security/oauth-parent: ./ oauth2/ oauth2/src/ oauth2/src/main/ oauth2/src/main/java/ oauth2/src/main/java/org/ oauth2/src/main/java/org/apache/ oauth2/src/main/java/org/apache/cxf/ oauth2/src/main/java/o...
Date Wed, 22 Feb 2012 17:44:06 GMT
Author: sergeyb
Date: Wed Feb 22 17:44:04 2012
New Revision: 1292416

URL: http://svn.apache.org/viewvc?rev=1292416&view=rev
Log:
[CXF-4112] Initial OAuth 2.0 Authorization Code support

Added:
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/pom.xml   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/client/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/client/OAuthClientUtils.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessToken.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenGrant.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenGrantType.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenType.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/Client.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/ClientAccessToken.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthAuthorizationData.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthContext.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthError.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthPermission.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/Permission.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/ServerAccessToken.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/UserSubject.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/filters/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthRequestFilter.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeDataProvider.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeGrant.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeGrantHandler.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeRegistration.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/ServerAuthorizationCodeGrant.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/AccessTokenGrantHandler.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/AccessTokenValidator.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthDataProvider.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthServiceException.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AbstractOAuthService.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenService.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationCodeGrantService.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/tokens/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/tokens/bearer/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/tokens/bearer/BearerAccessToken.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/AuthorizationUtils.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/MD5SequenceGenerator.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthConstants.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthUtils.java   (with props)
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/
Modified:
    cxf/trunk/rt/rs/security/oauth-parent/pom.xml

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/pom.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/pom.xml?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/pom.xml (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/pom.xml Wed Feb 22 17:44:04 2012
@@ -0,0 +1,58 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <groupId>org.apache.cxf</groupId>
+    <artifactId>cxf-rt-rs-security-oauth2</artifactId>
+    <version>2.6.0-SNAPSHOT</version>
+
+    <packaging>jar</packaging>
+    <name>Apache CXF Runtime OAuth 2.0</name>
+    <description>Apache CXF Runtime OAuth 2.0</description>
+    <url>http://cxf.apache.org</url>
+
+    <parent>
+        <artifactId>cxf-rt-rs-security-oauth-parent</artifactId>
+        <groupId>org.apache.cxf</groupId>
+        <version>2.6.0-SNAPSHOT</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.apache.cxf</groupId>
+            <artifactId>cxf-rt-frontend-jaxrs</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+
+        <dependency>
+            <groupId>${cxf.servlet-api.group}</groupId>
+            <artifactId>${cxf.servlet-api.artifact}</artifactId>
+            <version>${cxf.servlet-api.version}</version>
+        </dependency>
+        <!--test dependencies-->
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+    
+</project>

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/pom.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/pom.xml
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/pom.xml
------------------------------------------------------------------------------
    svn:mime-type = text/xml

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/client/OAuthClientUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/client/OAuthClientUtils.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/client/OAuthClientUtils.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/client/OAuthClientUtils.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,158 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.client;
+
+import java.net.URI;
+
+import javax.ws.rs.core.UriBuilder;
+
+import org.apache.cxf.common.util.Base64Utility;
+import org.apache.cxf.jaxrs.client.ClientWebApplicationException;
+import org.apache.cxf.jaxrs.client.WebClient;
+import org.apache.cxf.jaxrs.ext.form.Form;
+import org.apache.cxf.rs.security.oauth.common.AccessTokenGrant;
+import org.apache.cxf.rs.security.oauth.common.AccessTokenType;
+import org.apache.cxf.rs.security.oauth.common.ClientAccessToken;
+import org.apache.cxf.rs.security.oauth.provider.OAuthServiceException;
+
+/**
+ * The utility class for simplifying making OAuth request and access token
+ * requests as well as for creating Authorization OAuth headers
+ */
+public final class OAuthClientUtils {
+    private OAuthClientUtils() {
+        
+    }
+    
+    /**
+     * Returns URI of the authorization service with the query parameter containing 
+     * the request token key 
+     * @param authorizationServiceURI the service URI
+     * @param requestToken the request token key
+     * @return
+     */
+    public static URI getAuthorizationURI(String authorizationServiceURI, 
+                                          String clientId,
+                                          String redirectUri,
+                                          String state,
+                                          String scope) {
+        UriBuilder ub = getAuthorizationURIBuilder(authorizationServiceURI, 
+                                                   clientId,
+                                                   scope);
+        if (redirectUri != null) {
+            ub.queryParam("redirect_uri", redirectUri);
+        }
+        if (state != null) {
+            ub.queryParam("state", state);
+        }
+        return ub.build();
+    }
+    
+    public static UriBuilder getAuthorizationURIBuilder(String authorizationServiceURI, 
+                                                 String clientId,
+                                                 String scope) {
+        UriBuilder ub = UriBuilder.fromUri(authorizationServiceURI);
+        if (clientId != null) {
+            ub.queryParam("client_id", clientId);
+        }
+        if (scope != null) {
+            ub.queryParam("scope", scope);
+        }
+        return ub;                                   
+    }
+    
+    public static ClientAccessToken getAccessToken(WebClient accessTokenService,
+                                                   Consumer consumer,
+                                                   AccessTokenGrant grant) throws OAuthServiceException {
+        
+        return getAccessToken(accessTokenService, consumer, grant, true);
+    }
+    
+    public static ClientAccessToken getAccessToken(WebClient accessTokenService,
+                                                   Consumer consumer,
+                                                   AccessTokenGrant grant,
+                                                   boolean setAuthorizationHeader) 
+        throws OAuthServiceException {
+        
+        StringBuilder sb = new StringBuilder();
+        sb.append("Basic ");
+        try {
+            String data = consumer.getKey() + ":" + consumer.getSecret();
+            sb.append(Base64Utility.encode(data.getBytes("UTF-8")));
+        } catch (Exception ex) {
+            throw new ClientWebApplicationException(ex);
+        }
+        accessTokenService.header("Authorization", sb.toString());
+        
+        Form form = new Form(grant.toMap());
+        accessTokenService.accept("application/json");
+        return accessTokenService.post(form, ClientAccessToken.class);
+    }
+    
+    /**
+     * Creates OAuth Authorization header
+     * @return the header value
+     */
+    public static String createAuthorizationHeader(Consumer consumer,
+                                                   ClientAccessToken accessToken)
+        throws OAuthServiceException {
+        StringBuilder sb = new StringBuilder();
+        appendTokenData(sb, accessToken);  
+        return sb.toString();
+    }
+    
+
+    private static void appendTokenData(StringBuilder sb, ClientAccessToken token) 
+        throws OAuthServiceException {
+        // this should all be handled by token specific serializers
+        AccessTokenType type = token.getTokenType();
+        if (type == AccessTokenType.BEARER) {
+            sb.append("Bearer");
+            sb.append(" ");
+            sb.append(token.getTokenKey());
+        } else {
+            // deal with MAC and other tokens
+            throw new OAuthServiceException("Unsupported token type");
+        }
+        
+    }
+    
+    /**
+     * Simple consumer representation
+     */
+    public static class Consumer {
+        
+        private String key;
+        private String secret;
+        
+        public Consumer(String key, String secret) {
+            this.key = key;
+            this.secret = secret;
+        }
+        public String getKey() {
+            return key;
+        }
+    
+        public String getSecret() {
+            return secret;
+        }
+        
+        
+    }
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/client/OAuthClientUtils.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/client/OAuthClientUtils.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessToken.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessToken.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessToken.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,61 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.common;
+
+import java.util.Map;
+
+import javax.xml.bind.annotation.XmlElement;
+
+/**
+ * Base Token representation
+ */
+public abstract class AccessToken {
+
+    @XmlElement(name = "access_token")
+    private String tokenKey;
+    @XmlElement(name = "token_type")
+    private AccessTokenType tokenType;
+    private Map<String, String> parameters;
+    
+    protected AccessToken(AccessTokenType type, String tokenKey) {
+        this.tokenType = type;
+        this.tokenKey = tokenKey;
+    }
+
+    public AccessTokenType getTokenType() {
+        return tokenType;
+    }
+    
+    /**
+     * Returns the token key
+     * @return the key
+     */
+    public String getTokenKey() {
+        return tokenKey;
+    }
+
+    public void setParameters(Map<String, String> parameters) {
+        this.parameters = parameters;
+    }
+
+    public Map<String, String> getParameters() {
+        return parameters;
+    }
+
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessToken.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessToken.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenGrant.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenGrant.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenGrant.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,26 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.common;
+
+import javax.ws.rs.core.MultivaluedMap;
+
+public interface AccessTokenGrant {
+    AccessTokenGrantType getType(); 
+    MultivaluedMap<String, String> toMap();
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenGrant.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenGrant.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenGrantType.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenGrantType.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenGrantType.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenGrantType.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,42 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.common;
+
+public enum AccessTokenGrantType {
+    AUTHORIZATION_CODE("authorization_code"),
+    IMPLICIT("token"),
+    CLIENT_CREDENTIALS("client_credentials"),
+    RESOURCE_OWNER_CREDENTIALS("password"),
+    SAML2(""),
+    JWT("");
+    
+    private String type;
+    
+    private AccessTokenGrantType(String type) {
+        this.type = type;
+    }
+
+    public String getGrantType() {
+        return type;
+    }
+    
+    public String toString() {
+        return type;
+    }
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenGrantType.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenGrantType.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenType.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenType.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenType.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenType.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,38 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.common;
+
+public enum AccessTokenType {
+    BEARER("bearer"),
+    MAC("mac");
+    
+    private String type;
+    
+    private AccessTokenType(String type) {
+        this.type = type;
+    }
+
+    public String getTokenType() {
+        return type;
+    }
+    
+    public String toString() {
+        return type;
+    }
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenType.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenType.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/Client.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/Client.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/Client.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/Client.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,173 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.common;
+
+import java.util.Collections;
+import java.util.List;
+
+/**
+ * Represents a registered third-party Client application
+ */
+public class Client {
+    
+    private String clientId;
+    // TODO: Consider introducing ClientCredentials instead
+    // so that a secret, public key, etc can be kept
+    private String clientSecret;
+    
+    private String applicationName;
+    private String applicationDescription;
+    private String applicationWebUri;
+    private String applicationLogoUri;
+    
+    private List<String> redirectUris = Collections.emptyList();
+    private boolean isConfidential;
+    
+    private String loginName;
+        
+    public Client(String clientId, String clientSecret, boolean isConfidential) {
+        this.clientId = clientId;
+        this.clientSecret = clientSecret;
+        this.isConfidential = isConfidential;
+    }
+
+    public Client(String clientId, 
+                  String clientSecret,
+                  boolean isConfidential,
+                  String applicationName,
+                  String applicationWebUri) {
+        this(clientId, clientSecret, isConfidential);
+        this.applicationName = applicationName;
+        this.applicationWebUri = applicationWebUri;
+        
+    }
+    
+    /**
+     * Gets the consumer registration id
+     * @return the consumer key
+     */
+    public String getClientId() {
+        return clientId;
+    }
+
+    /**
+     * Gets the secret key
+     * @return the secret key
+     */
+    public String getClientSecret() {
+        return clientSecret;
+    }
+
+    /**
+     * Gets the name of the third-party application
+     * this client represents
+     * @return the application name
+     */
+    public String getApplicationName() {
+        return applicationName;
+    }
+
+    /**
+     * Sets the name of the third-party application
+     * this client represents
+     * @param applicationName the name
+     */
+    public void setApplicationName(String applicationName) {
+        this.applicationName = applicationName;
+    }
+
+    /**
+     * Gets the public URI of the third-party application.
+     * For example, this property can be used to validate 
+     * request token callbacks
+     * @return the application URI
+     */
+    public String getApplicationWebUri() {
+        return applicationWebUri;
+    }
+
+    /**
+     * Sets the public URI of the third-party application.
+     */
+    public void setApplicationWebUri(String applicationWebUri) {
+        this.applicationWebUri = applicationWebUri;
+    }
+
+    /**
+     * Sets the description of the third-party application.
+     */
+    public void setApplicationDescription(String applicationDescription) {
+        this.applicationDescription = applicationDescription;
+    }
+
+    /**
+     * Gets the description of the third-party application.
+     * @return the application description
+     */
+    public String getApplicationDescription() {
+        return applicationDescription;
+    }
+    
+    /**
+     * Sets the uri pointing to a client logo image.
+     * At the moment it must be a relative URI
+     * @param logoPath
+     */
+    public void setApplicationLogoUri(String logoPath) {
+        this.applicationLogoUri = logoPath;
+    }
+
+    public String getApplicationLogoUri() {
+        return applicationLogoUri;
+    }
+
+    /**
+     * Gets the optional login name which does not necessarily matches
+     * the clientId; can be used for enforcing the existing RBAC rules.
+     *  
+     * @return the login name
+     */
+    public String getLoginName() {
+        return loginName;
+    }
+    
+    /**
+     * Sets the optional login name
+     * @param name the login name
+     */
+    public void setLoginName(String name) {
+        this.loginName = name;
+    }
+
+    public void setConfidential(boolean isConf) {
+        this.isConfidential = isConf;
+    }
+
+    public boolean isConfidential() {
+        return isConfidential;
+    }
+
+    public void setRedirectUris(List<String> redirectUris) {
+        this.redirectUris = redirectUris;
+    }
+
+    public List<String> getRedirectUris() {
+        return redirectUris;
+    }
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/Client.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/Client.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/ClientAccessToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/ClientAccessToken.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/ClientAccessToken.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/ClientAccessToken.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,56 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.common;
+
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+
+
+/**
+ * Base Token representation
+ */
+@XmlRootElement
+public class ClientAccessToken extends AccessToken {
+
+    @XmlElement(name = "scope")
+    private String approvedScope;
+    @XmlElement(name = "refresh_token")
+    private String refreshToken;
+       
+    public ClientAccessToken(AccessTokenType type, String tokenKey) {
+        super(type, tokenKey);
+    }
+
+    public void setApprovedScope(String approvedScope) {
+        this.approvedScope = approvedScope;
+    }
+
+    public String getApprovedScope() {
+        return approvedScope;
+    }
+
+    public void setRefreshToken(String refreshToken) {
+        this.refreshToken = refreshToken;
+    }
+
+    public String getRefreshToken() {
+        return refreshToken;
+    }
+
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/ClientAccessToken.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/ClientAccessToken.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthAuthorizationData.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthAuthorizationData.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthAuthorizationData.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthAuthorizationData.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,131 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.common;
+
+import java.io.Serializable;
+import java.util.List;
+
+import javax.xml.bind.annotation.XmlRootElement;
+
+/**
+ * This bean represents a resource owner authorization challenge.
+ * Typically, an HTML view will be returned to a resource owner who
+ * will authorize or deny the third-party consumer
+ */
+@XmlRootElement(name = "authorizationData", 
+                namespace = "http://org.apache.cxf.rs.security.oauth")
+public class OAuthAuthorizationData implements Serializable {
+    private static final long serialVersionUID = -7755998413495017637L;
+    
+    private String clientId;
+    private String redirectUri;
+    private String state;
+    private String proposedScope;
+    private String authenticityToken;
+    
+    private String applicationName;
+    private String applicationWebUri;
+    private String applicationDescription;
+    private String applicationLogoUri;
+    private List<? extends Permission> permissions;
+    
+    public OAuthAuthorizationData() {
+    }
+
+    public String getApplicationName() {
+        return applicationName;
+    }
+
+    public void setApplicationName(String applicationName) {
+        this.applicationName = applicationName;
+    }
+
+    public List<? extends Permission> getPermissions() {
+        return permissions;
+    }
+
+    public void setPermissions(List<? extends Permission> permissions) {
+        this.permissions = permissions;
+    }
+
+    public void setAuthenticityToken(String authenticityToken) {
+        this.authenticityToken = authenticityToken;
+    }
+
+    public String getAuthenticityToken() {
+        return authenticityToken;
+    }
+
+    public void setApplicationDescription(String applicationDescription) {
+        this.applicationDescription = applicationDescription;
+    }
+
+    public String getApplicationDescription() {
+        return applicationDescription;
+    }
+
+    public void setClientId(String clientId) {
+        this.clientId = clientId;
+    }
+
+    public String getClientId() {
+        return clientId;
+    }
+
+    public void setRedirectUri(String redirectUri) {
+        this.redirectUri = redirectUri;
+    }
+
+    public String getRedirectUri() {
+        return redirectUri;
+    }
+
+    public void setState(String state) {
+        this.state = state;
+    }
+
+    public String getState() {
+        return state;
+    }
+
+    public void setApplicationWebUri(String applicationWebUri) {
+        this.applicationWebUri = applicationWebUri;
+    }
+
+    public String getApplicationWebUri() {
+        return applicationWebUri;
+    }
+
+    public void setApplicationLogoUri(String applicationLogoUri) {
+        this.applicationLogoUri = applicationLogoUri;
+    }
+
+    public String getApplicationLogoUri() {
+        return applicationLogoUri;
+    }
+
+    public void setProposedScope(String proposedScope) {
+        this.proposedScope = proposedScope;
+    }
+
+    public String getProposedScope() {
+        return proposedScope;
+    }
+
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthAuthorizationData.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthAuthorizationData.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthContext.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthContext.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthContext.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthContext.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,47 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.common;
+
+import java.util.Collections;
+import java.util.List;
+
+
+/**
+ * Captures the information which custom filters may use to further protect the endpoints
+ */
+public class OAuthContext {
+
+    private UserSubject subject;
+    private List<OAuthPermission> permissions;
+    
+    public OAuthContext(UserSubject subject, List<OAuthPermission> perms) {
+        this.subject = subject;
+        this.permissions = perms;
+    }
+    
+    public UserSubject getSubject() {
+        return subject;
+    }
+    
+    public List<OAuthPermission> getPermissions() {
+        return Collections.unmodifiableList(permissions);
+    }
+    
+
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthContext.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthContext.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthError.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthError.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthError.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthError.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,75 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.common;
+
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+
+@XmlRootElement
+public class OAuthError {
+    
+    public static final String INVALID_REQUEST = "invalid_request";
+    
+    @XmlElement(name = "error")
+    private String error;
+    @XmlElement(name = "error_description")
+    private String errorDescription;
+    @XmlElement(name = "error_uri")
+    private String errorUri;
+    @XmlElement(name = "state")
+    private String state;
+    
+    public OAuthError() {
+        
+    }
+    
+    public OAuthError(String error) {
+        this.error = error;
+    }
+    
+    public OAuthError(String error, String descr) {
+        this.error = error;
+        this.errorDescription = descr;
+    }
+    
+    public void setError(String error) {
+        this.error = error;
+    }
+    public String getError() {
+        return error;
+    }
+    public void setErrorDescription(String errorDescription) {
+        this.errorDescription = errorDescription;
+    }
+    public String getErrorDescription() {
+        return errorDescription;
+    }
+    public void setErrorUri(String errorUri) {
+        this.errorUri = errorUri;
+    }
+    public String getErrorUri() {
+        return errorUri;
+    }
+    public void setState(String state) {
+        this.state = state;
+    }
+    public String getState() {
+        return state;
+    }
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthError.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthError.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthPermission.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthPermission.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthPermission.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthPermission.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,65 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.common;
+
+import java.util.Collections;
+import java.util.List;
+
+/**
+ * Provides the complete information about a given opaque permission.
+ */
+public class OAuthPermission extends Permission {
+    private List<String> roles = Collections.emptyList();
+    private List<String> httpVerbs = Collections.emptyList();
+    private List<String> uris = Collections.emptyList();
+    
+    public OAuthPermission(String permission, String description) {
+        super(permission, description);
+    }
+    
+    public OAuthPermission(String permission, String description, List<String> roles) {
+        super(permission, description);
+        this.roles = roles;
+    }
+
+    public void setRoles(List<String> roles) {
+        this.roles = roles;
+    }
+
+    public List<String> getRoles() {
+        return roles;
+    }
+
+    public void setHttpVerbs(List<String> httpVerbs) {
+        this.httpVerbs = httpVerbs;
+    }
+
+    public List<String> getHttpVerbs() {
+        return httpVerbs;
+    }
+
+    public void setUris(List<String> uri) {
+        this.uris = uri;
+    }
+
+    public List<String> getUris() {
+        return uris;
+    }
+    
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthPermission.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthPermission.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/Permission.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/Permission.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/Permission.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/Permission.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,69 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.common;
+
+/**
+ * Base permission description which is visible to 
+ * authorization handlers
+ * @see OAuthAuthorizationData
+ */
+public class Permission {
+    private String permission;
+    private String description;
+    private boolean isDefault;
+    
+    public Permission() {
+        
+    }
+    
+    public Permission(String permission, String description) {
+        this.description = description;
+        this.permission = permission;
+    }
+    
+    public String getDescription() {
+        return description;
+    }
+
+    public void setDescription(String description) {
+        this.description = description;
+    }
+
+    public String getPermission() {
+        return permission;
+    }
+
+    public void setPermission(String permission) {
+        this.permission = permission;
+    }
+
+    /**
+     * Indicates that this permission has been allocated by default.
+     * Authorization View handlers may use this property in order to restrict
+     * the list of scopes which may be refused to non-default scopes only
+     * @param isDefault
+     */
+    public void setDefault(boolean value) {
+        this.isDefault = value;
+    }
+
+    public boolean isDefault() {
+        return isDefault;
+    }
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/Permission.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/Permission.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/ServerAccessToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/ServerAccessToken.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/ServerAccessToken.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/ServerAccessToken.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,106 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.common;
+
+import java.util.Collections;
+import java.util.List;
+
+/**
+ * Base Token representation
+ */
+public abstract class ServerAccessToken extends AccessToken {
+
+    private long issuedAt;
+    private long lifetime;
+    private Client client;
+    private List<OAuthPermission> scopes = Collections.emptyList();
+    private UserSubject subject;
+    
+    protected ServerAccessToken(Client client, 
+                                        AccessTokenType type,
+                                        String tokenKey,
+                                        long lifetime, 
+                                        long issuedAt) {
+        super(type, tokenKey);
+        this.client = client;
+        this.lifetime = lifetime;
+        this.issuedAt = issuedAt;
+    }
+
+    /**
+     * Returns the Client associated with this token
+     * @return the client
+     */
+    public Client getClient() {
+        return client;
+    }
+
+    /**
+     * Returns the time (in seconds) when this token was issued at
+     * @return the seconds
+     */
+    public long getIssuedAt() {
+        return issuedAt;
+    }
+
+    /**
+     * Returns the number of seconds this token can be valid after it was issued
+     * @return the seconds
+     */
+    public long getLifetime() {
+        return lifetime;
+    }
+
+    /**
+     * Returns a list of opaque permissions/scopes
+     * @return the scopes
+     */
+    public List<OAuthPermission> getScopes() {
+        return scopes;
+    }
+
+    /**
+     * Sets a list of opaque permissions/scopes
+     * @param scopes the scopes
+     */
+    public void setScopes(List<OAuthPermission> scopes) {
+        this.scopes = scopes;
+    }
+    
+    /**
+     * Sets a subject capturing the login name 
+     * the end user used to login to the resource server
+     * when authorizing a given client request
+     * @param subject
+     */
+    public void setSubject(UserSubject subject) {
+        this.subject = subject;
+    }
+
+    /**
+     * Returns a subject capturing the login name 
+     * the end user used to login to the resource server
+     * when authorizing a given client request
+     * @return UserSubject
+     */
+    public UserSubject getSubject() {
+        return subject;
+    }
+
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/ServerAccessToken.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/ServerAccessToken.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/UserSubject.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/UserSubject.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/UserSubject.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/UserSubject.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,47 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.common;
+
+import java.util.Collections;
+import java.util.List;
+
+/**
+ * Represents a user alias or login name which AuthorizationService
+ * may capture after the end user approved a given third party request
+ */
+public class UserSubject {
+    
+    private String login;
+    private List<String> roles;
+    
+    public UserSubject(String login, List<String> roles) {
+        this.login = login;
+        this.roles = roles;
+    }
+    
+    public String getLogin() {
+        return login;
+    }
+
+    public List<String> getRoles() {
+        return Collections.unmodifiableList(roles);
+    }
+    
+
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/UserSubject.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/UserSubject.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthRequestFilter.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthRequestFilter.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthRequestFilter.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthRequestFilter.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,255 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.filters;
+
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+import java.util.logging.Logger;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.Response;
+import javax.ws.rs.ext.Provider;
+
+import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.common.security.SimplePrincipal;
+import org.apache.cxf.jaxrs.ext.MessageContext;
+import org.apache.cxf.jaxrs.ext.RequestHandler;
+import org.apache.cxf.jaxrs.model.ClassResourceInfo;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.rs.security.oauth.common.OAuthContext;
+import org.apache.cxf.rs.security.oauth.common.OAuthPermission;
+import org.apache.cxf.rs.security.oauth.common.ServerAccessToken;
+import org.apache.cxf.rs.security.oauth.common.UserSubject;
+import org.apache.cxf.rs.security.oauth.provider.AccessTokenValidator;
+import org.apache.cxf.rs.security.oauth.provider.OAuthDataProvider;
+import org.apache.cxf.rs.security.oauth.provider.OAuthServiceException;
+import org.apache.cxf.rs.security.oauth.utils.AuthorizationUtils;
+import org.apache.cxf.rs.security.oauth.utils.OAuthUtils;
+import org.apache.cxf.security.SecurityContext;
+
+/**
+ * JAX-RS OAuth filter which can be used to protect end user endpoints
+ */
+@Provider
+public class OAuthRequestFilter implements RequestHandler {
+    private static final Logger LOG = LogUtils.getL7dLogger(OAuthRequestFilter.class);
+    
+    private static final String DEFAULT_AUTH_SCHEME = "Bearer"; 
+    
+    private MessageContext mc;
+
+    private List<AccessTokenValidator> tokenHandlers = Collections.emptyList();
+    private Set<String> supportedSchemes = new HashSet<String>();
+    private boolean useUserSubject;
+    private OAuthDataProvider dataProvider;
+    
+    public void setGrantHandlers(List<AccessTokenValidator> handlers) {
+        tokenHandlers = handlers;
+        for (AccessTokenValidator handler : handlers) {
+            supportedSchemes.addAll(handler.getSupportedAuthorizationSchemes());
+        }
+    }
+    
+    public Response handleRequest(Message m, ClassResourceInfo resourceClass) {
+        ServerAccessToken accessToken = getAccessToken(); 
+        
+        List<OAuthPermission> permissions = accessToken.getScopes();
+        List<OAuthPermission> matchingPermissions = new ArrayList<OAuthPermission>();
+        
+        HttpServletRequest req = mc.getHttpServletRequest();
+        for (OAuthPermission perm : permissions) {
+            boolean uriOK = checkRequestURI(req, perm.getUris());
+            boolean verbOK = checkHttpVerb(req, perm.getHttpVerbs());
+            if (uriOK && verbOK) {
+                matchingPermissions.add(perm);
+            }
+        }
+        
+        if (permissions.size() > 0 && matchingPermissions.isEmpty()) {
+            String message = "Client has no valid permissions";
+            LOG.warning(message);
+            throw new WebApplicationException(403);
+        }
+      
+        OAuthInfo info = new OAuthInfo(accessToken, matchingPermissions);
+        SecurityContext sc = createSecurityContext(req, info);
+        m.setContent(SecurityContext.class, sc);
+        m.setContent(OAuthContext.class, createOAuthContext(info));
+        
+        return null;
+    }
+
+    protected boolean checkHttpVerb(HttpServletRequest req, List<String> verbs) {
+        if (!verbs.isEmpty() 
+            && !verbs.contains(req.getMethod())) {
+            String message = "Invalid http verb";
+            LOG.fine(message);
+            return false;
+        }
+        return true;
+    }
+    
+    protected boolean checkRequestURI(HttpServletRequest request, List<String> uris) {
+        
+        if (uris.isEmpty()) {
+            return true;
+        }
+        String servletPath = request.getPathInfo();
+        boolean foundValidScope = false;
+        for (String uri : uris) {
+            if (OAuthUtils.checkRequestURI(servletPath, uri)) {
+                foundValidScope = true;
+                break;
+            }
+        }
+        if (!foundValidScope) {
+            String message = "Invalid request URI";
+            LOG.fine(message);
+        }
+        return foundValidScope;
+    }
+    
+    public void setDataProvider(OAuthDataProvider provider) {
+        dataProvider = provider;
+    }
+    
+    public void setUseUserSubject(boolean useUserSubject) {
+        this.useUserSubject = useUserSubject;
+    }
+    
+    @Context
+    public void setMessageContext(MessageContext context) {
+        this.mc = context;
+    }
+
+    protected AccessTokenValidator findTokenHandler(String authScheme) {
+        for (AccessTokenValidator handler : tokenHandlers) {
+            if (handler.getSupportedAuthorizationSchemes().contains(authScheme)) {
+                return handler;
+            }
+        }
+        return null;        
+    }
+    
+    protected ServerAccessToken getAccessToken() {
+        ServerAccessToken accessToken = null;
+        if (dataProvider == null && tokenHandlers.isEmpty()) {
+            throw new WebApplicationException(500);
+        }
+        
+        String[] authParts = AuthorizationUtils.getAuthorizationParts(mc, supportedSchemes);
+        String authScheme = authParts[0];
+        String authSchemeData = authParts[1];
+        
+        AccessTokenValidator handler = findTokenHandler(authScheme);
+        if (handler != null) {
+            try {
+                accessToken = handler.getAccessToken(authSchemeData);
+            } catch (OAuthServiceException ex) {
+                AuthorizationUtils.throwAuthorizationFailure(
+                    Collections.singleton(authScheme));
+            }
+        }
+        if (accessToken == null && authScheme.equals(DEFAULT_AUTH_SCHEME)) {
+            try {
+                accessToken = dataProvider.getAccessToken(authSchemeData);
+            } catch (OAuthServiceException ex) {
+                AuthorizationUtils.throwAuthorizationFailure(
+                    Collections.singleton(authScheme));
+            }
+        }
+        if (accessToken == null) {
+            AuthorizationUtils.throwAuthorizationFailure(supportedSchemes);
+        }
+        return accessToken;
+    }
+    
+    protected SecurityContext createSecurityContext(HttpServletRequest request, 
+                                                    final OAuthInfo info) {
+        // TODO: 
+        // This custom parameter is only needed by the "oauth" 
+        // demo shipped in the distribution; needs to be removed.
+        request.setAttribute("oauth_authorities", info.getRoles());
+        
+        UserSubject subject = info.getToken().getSubject();
+
+        final UserSubject theSubject = subject;
+        return new SecurityContext() {
+
+            public Principal getUserPrincipal() {
+                String login = OAuthRequestFilter.this.useUserSubject 
+                    ? (theSubject != null ? theSubject.getLogin() : null)
+                    : info.getToken().getClient().getLoginName();  
+                return new SimplePrincipal(login);
+            }
+
+            public boolean isUserInRole(String role) {
+                List<String> roles = null;
+                if (OAuthRequestFilter.this.useUserSubject && theSubject != null) {
+                    roles = theSubject.getRoles();    
+                } else {
+                    roles = info.getRoles();
+                }
+                return roles == null ? false : roles.contains(role);
+            }
+             
+        };
+    }
+    
+    protected OAuthContext createOAuthContext(OAuthInfo info) {
+        UserSubject subject = null;
+        if (info.getToken() != null) {
+            subject = info.getToken().getSubject();
+        }
+        return new OAuthContext(subject, info.getMatchedPermissions());
+    }
+    
+    private static class OAuthInfo {
+        private ServerAccessToken token;
+        private List<OAuthPermission> permissions;
+        public OAuthInfo(ServerAccessToken token, 
+                         List<OAuthPermission> matchedPermissions) {
+            this.token = token;
+            this.permissions = matchedPermissions;
+        }
+        public ServerAccessToken getToken() {
+            return token;
+        }
+        
+        public List<String> getRoles() {
+            List<String> authorities = new ArrayList<String>();
+            for (OAuthPermission permission : permissions) {
+                authorities.addAll(permission.getRoles());
+            }
+            return authorities;
+        }
+        
+        public List<OAuthPermission> getMatchedPermissions() {
+            return permissions;
+        }
+        
+            
+    }
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthRequestFilter.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthRequestFilter.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeDataProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeDataProvider.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeDataProvider.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeDataProvider.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,60 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.rs.security.oauth.grants.code;
+
+import java.util.List;
+
+import org.apache.cxf.rs.security.oauth.common.OAuthPermission;
+import org.apache.cxf.rs.security.oauth.provider.OAuthDataProvider;
+import org.apache.cxf.rs.security.oauth.provider.OAuthServiceException;
+
+/**
+ * OAuth provider responsible for persisting the information about 
+ * OAuth consumers, request and access tokens.
+ */
+public interface AuthorizationCodeDataProvider extends OAuthDataProvider {
+
+    /**
+     * Converts the requested scope to the list of permissions  
+     * @param requestedScope
+     * @return list of permissions
+     */
+    List<OAuthPermission> convertScopeToPermissions(List<String> requestedScope);
+    
+    /**
+     * Creates a temporarily code grant which will capture the
+     * information about the {@link Client} attempting to access or
+     * modify the resource owner's resource 
+     * @param reg AuthorizationCodeRegistration
+     * @return new code grant
+     * @see AuthorizationCodeRegistration
+     * @throws OAuthServiceException
+     */
+    ServerAuthorizationCodeGrant createCodeGrant(AuthorizationCodeRegistration reg) 
+        throws OAuthServiceException;
+
+    /**
+     * Returns the previously registered {@link ServerAuthorizationCodeGrant}
+     * @param code the code grant
+     * @return AuthorizationCodeGrant
+     * @throws OAuthServiceException
+     */
+    ServerAuthorizationCodeGrant removeCodeGrant(String code) throws OAuthServiceException;
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeDataProvider.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeDataProvider.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeGrant.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeGrant.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeGrant.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,66 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.grants.code;
+
+import javax.ws.rs.core.MultivaluedMap;
+
+import org.apache.cxf.jaxrs.impl.MetadataMap;
+import org.apache.cxf.rs.security.oauth.common.AccessTokenGrant;
+import org.apache.cxf.rs.security.oauth.common.AccessTokenGrantType;
+
+
+
+/**
+ * Authorization Code Token representation
+ */
+public class AuthorizationCodeGrant implements AccessTokenGrant {
+    private String code;
+    private String redirectUri;
+    
+    public AuthorizationCodeGrant(String code) {
+        this.code = code;
+    }
+
+    public void setRedirectUri(String redirectUri) {
+        this.redirectUri = redirectUri;
+    }
+
+    public String getRedirectUri() {
+        return redirectUri;
+    }
+
+    public String getCode() {
+        return code;
+    }
+
+    public AccessTokenGrantType getType() {
+        return AccessTokenGrantType.AUTHORIZATION_CODE;
+    }
+
+    public MultivaluedMap<String, String> toMap() {
+        MultivaluedMap<String, String> map = new MetadataMap<String, String>();
+        map.putSingle("grant_type", AccessTokenGrantType.AUTHORIZATION_CODE.getGrantType());
+        map.putSingle("code", code);
+        if (redirectUri != null) {
+            map.putSingle("redirect_uri", redirectUri);
+        }
+        return map;
+    }
+
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeGrant.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeGrant.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeGrantHandler.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeGrantHandler.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeGrantHandler.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,88 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.rs.security.oauth.grants.code;
+
+import java.util.Collections;
+import java.util.List;
+import java.util.UUID;
+
+import javax.ws.rs.core.MultivaluedMap;
+
+import org.apache.cxf.rs.security.oauth.common.Client;
+import org.apache.cxf.rs.security.oauth.common.ServerAccessToken;
+import org.apache.cxf.rs.security.oauth.provider.AccessTokenGrantHandler;
+import org.apache.cxf.rs.security.oauth.provider.OAuthServiceException;
+import org.apache.cxf.rs.security.oauth.tokens.bearer.BearerAccessToken;
+import org.apache.cxf.rs.security.oauth.utils.MD5SequenceGenerator;
+
+
+
+public class AuthorizationCodeGrantHandler implements AccessTokenGrantHandler {
+    private static final String GRANT_TYPE = "grant_type";
+    private static final String AUTHORIZATION_CODE_GRANT = "authorization_code";
+    private static final String REDIRECT_URI = "redirect_uri";
+    
+    private static final long DEFAULT_TOKEN_LIFETIME = 3600L;
+    
+    private AuthorizationCodeDataProvider codeProvider;
+    private long tokenLifetime = DEFAULT_TOKEN_LIFETIME;
+    
+    public List<String> getSupportedGrantTypes() {
+        return Collections.singletonList(AUTHORIZATION_CODE_GRANT);
+    }
+    public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String> params) 
+        throws OAuthServiceException {
+        
+        ServerAuthorizationCodeGrant grant = codeProvider.removeCodeGrant(params.getFirst(GRANT_TYPE));
+        if (grant == null) {
+            return null;
+        }
+        String expectedRedirectUri = grant.getRedirectUri();
+        if (expectedRedirectUri != null) {
+            String providedRedirectUri = params.getFirst(REDIRECT_URI);
+            if (providedRedirectUri == null || !providedRedirectUri.equals(expectedRedirectUri)) {
+                throw new OAuthServiceException("invalid_request");
+            }
+        }
+        BearerAccessToken token = new BearerAccessToken(client, 
+                                                        generateTokenKey(),
+                                                        tokenLifetime, 
+                                                        System.currentTimeMillis() / 1000);
+        token.setScopes(grant.getApprovedScopes());
+        token.setSubject(grant.getSubject());
+        return token;
+    }
+    public void setCodeProvider(AuthorizationCodeDataProvider codeProvider) {
+        this.codeProvider = codeProvider;
+    }
+    
+    protected String generateTokenKey() throws OAuthServiceException {
+        try {
+            byte[] bytes = UUID.randomUUID().toString().getBytes("UTF-8");
+            return new MD5SequenceGenerator().generate(bytes);
+        } catch (Exception ex) {
+            throw new OAuthServiceException("server_error", ex);
+        }
+    }
+    public void setTokenLifetime(long tokenLifetime) {
+        this.tokenLifetime = tokenLifetime;
+    }
+    
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeGrantHandler.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeGrantHandler.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeRegistration.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeRegistration.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeRegistration.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeRegistration.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,82 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.grants.code;
+
+import java.util.List;
+
+import org.apache.cxf.rs.security.oauth.common.Client;
+import org.apache.cxf.rs.security.oauth.common.UserSubject;
+
+/**
+ * Captures the information associated with the code grant registration request.
+ * @see ServerAuthorizationCodeGrant  
+ */
+public class AuthorizationCodeRegistration {
+    private Client client; 
+    private List<String> requestedScope;
+    private List<String> approvedScope;
+    private long lifetime;
+    private long issuedAt;
+    private String redirectUri;
+    private UserSubject subject;
+    
+    public void setClient(Client client) {
+        this.client = client;
+    }
+    public Client getClient() {
+        return client;
+    }
+    
+    public void setLifetime(long lifetime) {
+        this.lifetime = lifetime;
+    }
+    public long getLifetime() {
+        return lifetime;
+    }
+    public void setIssuedAt(long issuedAt) {
+        this.issuedAt = issuedAt;
+    }
+    public long getIssuedAt() {
+        return issuedAt;
+    }
+    public void setRedirectUri(String redirectUri) {
+        this.redirectUri = redirectUri;
+    }
+    public String getRedirectUri() {
+        return redirectUri;
+    }
+    public void setRequestedScope(List<String> requestedScope) {
+        this.requestedScope = requestedScope;
+    }
+    public List<String> getRequestedScope() {
+        return requestedScope;
+    }
+    public void setApprovedScope(List<String> approvedScope) {
+        this.approvedScope = approvedScope;
+    }
+    public List<String> getApprovedScope() {
+        return approvedScope;
+    }
+    public void setSubject(UserSubject subject) {
+        this.subject = subject;
+    }
+    public UserSubject getSubject() {
+        return subject;
+    }
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeRegistration.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeRegistration.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date



Mime
View raw message