cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1292416 [2/2] - in /cxf/trunk/rt/rs/security/oauth-parent: ./ oauth2/ oauth2/src/ oauth2/src/main/ oauth2/src/main/java/ oauth2/src/main/java/org/ oauth2/src/main/java/org/apache/ oauth2/src/main/java/org/apache/cxf/ oauth2/src/main/java/o...
Date Wed, 22 Feb 2012 17:44:06 GMT
Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/ServerAuthorizationCodeGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/ServerAuthorizationCodeGrant.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/ServerAuthorizationCodeGrant.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/ServerAuthorizationCodeGrant.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,81 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.grants.code;
+
+import java.util.Collections;
+import java.util.List;
+
+import org.apache.cxf.rs.security.oauth.common.Client;
+import org.apache.cxf.rs.security.oauth.common.OAuthPermission;
+import org.apache.cxf.rs.security.oauth.common.UserSubject;
+
+
+/**
+ * Authorization Code Token representation
+ */
+public class ServerAuthorizationCodeGrant extends AuthorizationCodeGrant {
+    private long issuedAt;
+    private long lifetime;
+    private Client client;
+    private List<OAuthPermission> approvedScopes = Collections.emptyList();
+    private UserSubject subject;
+    
+    public ServerAuthorizationCodeGrant(Client client, 
+                                  String code,
+                                  long lifetime, 
+                                  long issuedAt) {
+        super(code);
+        this.client = client;
+        this.lifetime = lifetime;
+        this.issuedAt = issuedAt;
+    }
+
+    
+    public long getIssuedAt() {
+        return issuedAt;
+    }
+
+    public long getLifetime() {
+        return lifetime;
+    }
+
+    public Client getClient() {
+        return client;
+    }
+
+
+    public void setApprovedScopes(List<OAuthPermission> scopes) {
+        this.approvedScopes = scopes;
+    }
+
+
+    public List<OAuthPermission> getApprovedScopes() {
+        return approvedScopes;
+    }
+
+
+    public void setSubject(UserSubject subject) {
+        this.subject = subject;
+    }
+
+
+    public UserSubject getSubject() {
+        return subject;
+    }
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/ServerAuthorizationCodeGrant.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/ServerAuthorizationCodeGrant.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/AccessTokenGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/AccessTokenGrantHandler.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/AccessTokenGrantHandler.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/AccessTokenGrantHandler.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,35 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.rs.security.oauth.provider;
+
+import java.util.List;
+
+import javax.ws.rs.core.MultivaluedMap;
+
+import org.apache.cxf.rs.security.oauth.common.Client;
+import org.apache.cxf.rs.security.oauth.common.ServerAccessToken;
+
+
+
+public interface AccessTokenGrantHandler {
+    List<String> getSupportedGrantTypes();
+    ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String> params)
+        throws OAuthServiceException;
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/AccessTokenGrantHandler.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/AccessTokenGrantHandler.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/AccessTokenValidator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/AccessTokenValidator.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/AccessTokenValidator.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/AccessTokenValidator.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,30 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.rs.security.oauth.provider;
+
+import java.util.List;
+
+import org.apache.cxf.rs.security.oauth.common.ServerAccessToken;
+
+public interface AccessTokenValidator {
+    List<String> getSupportedAuthorizationSchemes();
+    ServerAccessToken getAccessToken(String schemeData)
+        throws OAuthServiceException;
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/AccessTokenValidator.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/AccessTokenValidator.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthDataProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthDataProvider.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthDataProvider.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthDataProvider.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,72 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.rs.security.oauth.provider;
+
+import org.apache.cxf.rs.security.oauth.common.AccessToken;
+import org.apache.cxf.rs.security.oauth.common.Client;
+import org.apache.cxf.rs.security.oauth.common.ServerAccessToken;
+
+/**
+ * OAuth provider responsible for persisting the information about 
+ * OAuth consumers, request and access tokens.
+ */
+public interface OAuthDataProvider {
+
+    /**
+     * Returns the previously registered third-party {@link Client} 
+     * @param clientId the client id
+     * @return Client
+     * @throws OAuthServiceException
+     */
+    Client getClient(String clientId) throws OAuthServiceException;
+
+    /**
+     * Create access token 
+     * @param accessToken the token registration info 
+     * @return AccessToken
+     * @throws OAuthServiceException
+     */
+    void persistAccessToken(ServerAccessToken accessToken) throws OAuthServiceException;
+    
+    /**
+     * Get access token 
+     * @param accessToken the token key 
+     * @return AccessToken
+     * @throws OAuthServiceException
+     */
+    ServerAccessToken getAccessToken(String accessToken) throws OAuthServiceException;
+    
+    /**
+     * Refresh access token 
+     * @param clientId the client id
+     * @param refreshToken the token key 
+     * @return AccessToken
+     * @throws OAuthServiceException
+     */
+    AccessToken refreshAccessToken(String clientId, String refreshToken) throws OAuthServiceException;
+
+    /**
+     * Removes the token
+     * @param token the token
+     * @throws OAuthServiceException
+     */
+    void removeAccessToken(String accessToken) throws OAuthServiceException;
+    
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthDataProvider.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthDataProvider.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthServiceException.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthServiceException.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthServiceException.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthServiceException.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,40 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.rs.security.oauth.provider;
+
+
+/**
+ * Encapsulates OAuth-related problems
+ */
+public class OAuthServiceException extends RuntimeException {
+
+    private static final long serialVersionUID = 343738539234766320L;
+    
+    public OAuthServiceException(String message) {
+        super(message);
+    }
+    
+    public OAuthServiceException(String message, Throwable cause) {
+        super(message, cause);
+    }
+    
+    
+    
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthServiceException.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthServiceException.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AbstractOAuthService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AbstractOAuthService.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AbstractOAuthService.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AbstractOAuthService.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,88 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.services;
+
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.MultivaluedMap;
+import javax.ws.rs.core.Response;
+
+import org.apache.cxf.jaxrs.ext.MessageContext;
+import org.apache.cxf.rs.security.oauth.common.Client;
+import org.apache.cxf.rs.security.oauth.common.OAuthError;
+import org.apache.cxf.rs.security.oauth.provider.OAuthDataProvider;
+import org.apache.cxf.rs.security.oauth.provider.OAuthServiceException;
+
+/**
+ * Abstract utility class which OAuth services extend
+ */
+public abstract class AbstractOAuthService {
+    protected static final String CLIENT_ID = "client_id";
+    
+    private MessageContext mc;
+    private OAuthDataProvider dataProvider;
+    
+    @Context 
+    public void setMessageContext(MessageContext context) {
+        this.mc = context;    
+    }
+    
+    public MessageContext getMessageContext() {
+        return mc;
+    }
+
+    public void setDataProvider(OAuthDataProvider dataProvider) {
+        this.dataProvider = dataProvider;
+    }
+
+    public OAuthDataProvider getDataProvider() {
+        return dataProvider;
+    }
+    
+    protected MultivaluedMap<String, String> getQueryParameters() {
+        return getMessageContext().getUriInfo().getQueryParameters();
+    }
+    
+    protected Client getClient(MultivaluedMap<String, String> params) {
+        return getClient(params.getFirst(CLIENT_ID));
+    }
+    protected Client getClient(String clientId) {
+        Client client = null;
+        
+        if (clientId != null) {
+            try {
+                client = dataProvider.getClient(clientId);
+            } catch (OAuthServiceException ex) {
+                // log it
+            }
+        }
+        if (client == null) {
+            reportInvalidRequestError("Client ID is invalid");
+        }
+        return client;
+        
+    }
+    
+    protected void reportInvalidRequestError(String errorDescription) {
+        OAuthError error = new OAuthError(OAuthError.INVALID_REQUEST, errorDescription);
+        throw new WebApplicationException(
+                  Response.status(400).type(MediaType.APPLICATION_JSON).entity(error).build());
+    }
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AbstractOAuthService.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AbstractOAuthService.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenService.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenService.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenService.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,159 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.rs.security.oauth.services;
+
+import java.security.Principal;
+import java.util.List;
+
+import javax.ws.rs.Consumes;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.MultivaluedMap;
+import javax.ws.rs.core.Response;
+import javax.ws.rs.core.SecurityContext;
+
+import org.apache.cxf.rs.security.oauth.common.Client;
+import org.apache.cxf.rs.security.oauth.common.ClientAccessToken;
+import org.apache.cxf.rs.security.oauth.common.OAuthError;
+import org.apache.cxf.rs.security.oauth.common.ServerAccessToken;
+import org.apache.cxf.rs.security.oauth.grants.code.AuthorizationCodeGrantHandler;
+import org.apache.cxf.rs.security.oauth.provider.AccessTokenGrantHandler;
+import org.apache.cxf.rs.security.oauth.provider.OAuthServiceException;
+import org.apache.cxf.rs.security.oauth.utils.AuthorizationUtils;
+
+
+@Path("/token")
+public class AccessTokenService extends AbstractOAuthService {
+    private static final String CLIENT_SECRET = "client_secret";
+    private static final String GRANT_TYPE = "grant_type";
+    private static final String INVALID_GRANT = "invalid_grant";
+    private static final String UNSUPPORTED_GRANT_TYPE = "unsupported_grant_type";
+    
+    private List<AccessTokenGrantHandler> grantHandlers;
+    
+    public void setGrantHandlers(List<AccessTokenGrantHandler> handlers) {
+        grantHandlers = handlers;
+    }
+    
+    @POST
+    @Consumes("application/x-www-form-urlencoded")
+    @Produces("application/json")
+    public Response handleTokenRequest(MultivaluedMap<String, String> params) {
+        Client client = authenticateClientIfNeeded(params);
+        
+        AccessTokenGrantHandler handler = findGrantHandler(params);
+        if (handler == null) {
+            return createErrorResponse(params, UNSUPPORTED_GRANT_TYPE);
+        }
+        
+        ServerAccessToken serverToken = null;
+        try {
+            serverToken = handler.createAccessToken(client, params);
+        } catch (OAuthServiceException ex) {
+            // the error response is to be returned next
+        }
+        if (serverToken == null) {
+            return createErrorResponse(params, INVALID_GRANT);
+        }
+        getDataProvider().persistAccessToken(serverToken);
+        
+        ClientAccessToken clientToken = new ClientAccessToken(serverToken.getTokenType(),
+                                                              serverToken.getTokenKey());
+        clientToken.setParameters(serverToken.getParameters());
+        return Response.ok(clientToken).build();
+    }
+    
+    private Client authenticateClientIfNeeded(MultivaluedMap<String, String> params) {
+        Client client = null;
+        SecurityContext sc = getMessageContext().getSecurityContext();
+        
+        if (params.containsKey(CLIENT_ID)) {
+            // both client_id and client_secret are expected in the form payload
+            client = getAndValidateClient(params.getFirst(CLIENT_ID),
+                                          params.getFirst(CLIENT_SECRET));
+        } else if (sc.getUserPrincipal() != null) {
+            // client has already authenticated
+            Principal p = sc.getUserPrincipal();
+            String scheme = sc.getAuthenticationScheme();
+            if ("Basic".equals(scheme)) {
+                // section 2.3.1
+                client = getClient(p.getName());
+            } else {
+                // section 2.3.2
+                // the client has authenticated itself using some other scheme
+                // in which case the mapping between the scheme and the client_id
+                // should've been done, in which case the client_id is expected
+                // on the current message
+                Object clientIdProp = getMessageContext().get(CLIENT_ID);
+                if (clientIdProp != null) {
+                    client = getClient(clientIdProp.toString());
+                }
+            }
+        } else {
+            String[] parts = 
+                AuthorizationUtils.getAuthorizationParts(getMessageContext());
+            if ("Basic".equals(parts[0])) {
+                String[] authInfo = AuthorizationUtils.getBasicAuthParts(parts[1]);
+                client = getAndValidateClient(authInfo[0], authInfo[1]);
+            }
+        }
+        
+        if (client == null) {
+            throw new WebApplicationException(401);
+        }
+        return client;
+    }
+    
+    private Client getAndValidateClient(String clientId, String clientSecret) {
+        Client client = getClient(clientId);
+        if (clientSecret == null || !client.getClientId().equals(clientId) 
+            || !client.getClientSecret().equals(clientSecret)) {
+            throw new WebApplicationException(401);
+        }
+        return client;
+    }
+    
+    protected AccessTokenGrantHandler findGrantHandler(MultivaluedMap<String, String> params) {
+        String grantType = params.getFirst(GRANT_TYPE);        
+        if (grantType != null) {
+            for (AccessTokenGrantHandler handler : grantHandlers) {
+                if (handler.getSupportedGrantTypes().contains(grantType)) {
+                    return handler;
+                }
+            }
+            if (grantHandlers.size() == 0) {
+                AuthorizationCodeGrantHandler handler = new AuthorizationCodeGrantHandler();
+                if (handler.getSupportedGrantTypes().contains(grantType)) {
+                    return handler;
+                }
+            }
+        }
+        
+        return null;
+    }
+    
+    protected Response createErrorResponse(MultivaluedMap<String, String> params,
+                                           String error) {
+        OAuthError oauthError = new OAuthError(error);
+        return Response.status(400).entity(oauthError).build();
+    }
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenService.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenService.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationCodeGrantService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationCodeGrantService.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationCodeGrantService.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationCodeGrantService.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,289 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.rs.security.oauth.services;
+
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Set;
+import java.util.UUID;
+
+import javax.servlet.http.HttpSession;
+import javax.ws.rs.Consumes;
+import javax.ws.rs.GET;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.MultivaluedMap;
+import javax.ws.rs.core.Response;
+import javax.ws.rs.core.SecurityContext;
+import javax.ws.rs.core.UriBuilder;
+
+import org.apache.cxf.common.util.StringUtils;
+import org.apache.cxf.rs.security.oauth.common.Client;
+import org.apache.cxf.rs.security.oauth.common.OAuthAuthorizationData;
+import org.apache.cxf.rs.security.oauth.common.OAuthPermission;
+import org.apache.cxf.rs.security.oauth.common.UserSubject;
+import org.apache.cxf.rs.security.oauth.grants.code.AuthorizationCodeDataProvider;
+import org.apache.cxf.rs.security.oauth.grants.code.AuthorizationCodeRegistration;
+import org.apache.cxf.rs.security.oauth.grants.code.ServerAuthorizationCodeGrant;
+import org.apache.cxf.rs.security.oauth.provider.OAuthServiceException;
+import org.apache.cxf.security.LoginSecurityContext;
+
+
+/**
+ * This resource handles the End User authorising
+ * or denying the Client to access its resources.
+ * If End User approves the access this resource will
+ * redirect End User back to the Client, supplying 
+ * a request token verifier (aka authorization code)
+ */
+@Path("/authorize")
+public class AuthorizationCodeGrantService extends AbstractOAuthService {
+
+    private static final String SUPPORTED_RESPONSE_TYPE = "code";
+    private static final String REDIRECT_URI = "redirect_uri";
+    private static final String SCOPE = "scope";
+    private static final String STATE = "state";
+    
+    private static final String UNSUPPORTED_RESPONSE_TYPE = "unsupported_response_type";
+    private static final String UNAUTHORIZED_CLIENT = "unauthorized_client";
+    private static final String INVALID_SCOPE = "invalid_scope";
+    private static final String ACCESS_DENIED = "access_denied";
+    
+    private static final long DEFAULT_CODE_GRANT_LIFETIME = 3600L;
+    
+    private static final String SESSION_AUTHENTICITY_TOKEN = "session_authenticity_token";
+    private static final String AUTHORIZATION_DECISION_KEY = "oauthDecision";
+    private static final String AUTHORIZATION_DECISION_ALLOW = "allow";
+       
+    private long grantLifetime = DEFAULT_CODE_GRANT_LIFETIME;
+    
+    @GET
+    @Produces({"application/xhtml+xml", "text/html", "application/xml", "application/json" })
+    public Response authorize() {
+        MultivaluedMap<String, String> params = getQueryParameters();
+        return startAuthorization(params);
+    }
+    
+    @GET
+    @Path("/decision")
+    public Response authorizeDecision() {
+        MultivaluedMap<String, String> params = getQueryParameters();
+        return completeAuthorization(params);
+    }
+    
+    @POST
+    @Path("/decision")
+    @Consumes("application/x-www-form-urlencoded")
+    public Response authorizeDecisionForm(MultivaluedMap<String, String> params) {
+        return completeAuthorization(params);
+    }
+    
+    protected Response startAuthorization(MultivaluedMap<String, String> params) {
+        Client client = getClient(params); 
+        String redirectUri = validateRedirectUri(client, params.getFirst(REDIRECT_URI)); 
+        if (!client.isConfidential()) {
+            return createErrorResponse(params, redirectUri, UNAUTHORIZED_CLIENT);
+        }
+        if (params.getFirst(SUPPORTED_RESPONSE_TYPE) == null) {
+            return createErrorResponse(params, redirectUri, UNSUPPORTED_RESPONSE_TYPE);
+        }
+        
+        List<OAuthPermission> permissions = null;
+        try {
+            List<String> list = parseScope(params.getFirst(SCOPE));
+            permissions = ((AuthorizationCodeDataProvider)getDataProvider())
+                .convertScopeToPermissions(list);
+        } catch (OAuthServiceException ex) {
+            return createErrorResponse(params, redirectUri, INVALID_SCOPE);
+        }
+        OAuthAuthorizationData data = 
+            createAuthorizationData(client, params, permissions);
+        return Response.ok(data).build();
+        
+    }
+    
+    public void setGrantLifetime(long lifetime) {
+        this.grantLifetime = lifetime;
+    }
+    
+    protected OAuthAuthorizationData createAuthorizationData(
+        Client client, MultivaluedMap<String, String> params, List<OAuthPermission> perms) {
+        
+        OAuthAuthorizationData secData = new OAuthAuthorizationData();
+        
+        addAuthenticityTokenToSession(secData);
+                
+        secData.setPermissions(perms);
+        
+        StringBuilder sb = new StringBuilder();
+        for (OAuthPermission perm : perms) {
+            if (sb.length() > 0) {
+                sb.append(" ");
+            }
+            sb.append(perm.getPermission());
+        }
+        secData.setProposedScope(sb.toString());
+        
+        secData.setClientId(client.getClientId());
+        secData.setRedirectUri(params.getFirst(REDIRECT_URI));
+        secData.setState(params.getFirst(STATE));
+        
+        secData.setApplicationName(client.getApplicationName()); 
+        secData.setApplicationWebUri(client.getApplicationWebUri());
+        secData.setApplicationDescription(client.getApplicationDescription());
+        secData.setApplicationLogoUri(client.getApplicationLogoUri());
+        
+        return secData;
+    }
+    
+    protected Response completeAuthorization(MultivaluedMap<String, String> params) {
+        
+        if (!compareRequestAndSessionTokens(params.getFirst(SESSION_AUTHENTICITY_TOKEN))) {
+            throw new WebApplicationException(400);     
+        }
+        
+        Client client = getClient(params);
+        String originalRedirectUri = params.getFirst(REDIRECT_URI);
+        String actualRedirectUri = validateRedirectUri(client, originalRedirectUri);
+        
+        String decision = params.getFirst(AUTHORIZATION_DECISION_KEY);
+        boolean allow = AUTHORIZATION_DECISION_ALLOW.equals(decision);
+
+        if (!allow) {
+            return createErrorResponse(params, actualRedirectUri, ACCESS_DENIED);
+        }
+        
+        AuthorizationCodeRegistration codeReg = new AuthorizationCodeRegistration(); 
+        
+        codeReg.setClient(client);
+        codeReg.setRedirectUri(originalRedirectUri);
+        codeReg.setLifetime(grantLifetime);
+        codeReg.setIssuedAt(System.currentTimeMillis() / 1000);
+        
+        List<String> requestedScope = parseScope(params.getFirst(SCOPE));
+        codeReg.setRequestedScope(requestedScope);
+
+        List<String> approvedScope = new LinkedList<String>(); 
+        for (String rScope : requestedScope) {
+            String param = params.getFirst(rScope + "_status");
+            if (param != null && AUTHORIZATION_DECISION_ALLOW.equals(param)) {
+                approvedScope.add(rScope);
+            }
+        }
+        if (!requestedScope.containsAll(approvedScope)) {
+            return createErrorResponse(params, actualRedirectUri, INVALID_SCOPE);
+        }
+        codeReg.setApprovedScope(approvedScope);
+        
+        SecurityContext sc = getMessageContext().getSecurityContext();
+        List<String> roleNames = Collections.emptyList();
+        if (sc instanceof LoginSecurityContext) {
+            roleNames = new ArrayList<String>();
+            Set<Principal> roles = ((LoginSecurityContext)sc).getUserRoles();
+            for (Principal p : roles) {
+                roleNames.add(p.getName());
+            }
+        }
+        codeReg.setSubject(new UserSubject(sc.getUserPrincipal() == null 
+            ? null : sc.getUserPrincipal().getName(), roleNames));
+        
+        ServerAuthorizationCodeGrant grant = null;
+        try {
+            grant = ((AuthorizationCodeDataProvider)getDataProvider()).createCodeGrant(codeReg);
+        } catch (OAuthServiceException ex) {
+            return createErrorResponse(params, actualRedirectUri, ACCESS_DENIED);
+        }
+        
+        UriBuilder ub = getRedirectUriBuilder(params.getFirst(STATE), actualRedirectUri);
+        ub.queryParam("code", grant.getCode());
+        return Response.seeOther(ub.build()).build();    
+    }
+    
+    protected Response createErrorResponse(MultivaluedMap<String, String> params,
+                                           String redirectUri,
+                                           String error) {
+        UriBuilder ub = getRedirectUriBuilder(params.getFirst(STATE), redirectUri);
+        ub.queryParam("error", error);
+        return Response.seeOther(ub.build()).build();
+    }
+    
+    private List<String> parseScope(String requestedScope) {
+        List<String> list = new LinkedList<String>();
+        if (requestedScope != null) {
+            String[] scopeValues = requestedScope.split(" ");
+            for (String scope : scopeValues) {
+                if (!StringUtils.isEmpty(scope)) {        
+                    list.add(scope);
+                }
+            }
+        }
+        return list;
+    }
+    
+    private UriBuilder getRedirectUriBuilder(String state, String redirectUri) {
+        UriBuilder ub = UriBuilder.fromUri(redirectUri);
+        if (state != null) { 
+            ub.queryParam(STATE, state);
+        }
+        return ub;
+    }
+    
+    protected String validateRedirectUri(Client client, String redirectUri) {
+        
+        List<String> uris = client.getRedirectUris();
+        if (redirectUri != null) {
+            String webUri = client.getApplicationWebUri();
+            if (uris.size() > 0 && !uris.contains(redirectUri)
+                || webUri != null && !webUri.startsWith(redirectUri)) {
+                redirectUri = null;
+            } 
+        } else if (uris.size() == 1) {
+            redirectUri = uris.get(0);
+        }
+        if (redirectUri == null) {
+            reportInvalidRequestError("Client Redirect Uri is invalid");
+        }
+        return redirectUri;
+    }
+    
+    private void addAuthenticityTokenToSession(OAuthAuthorizationData secData) {
+        HttpSession session = getMessageContext().getHttpServletRequest().getSession();
+        String value = UUID.randomUUID().toString();
+        secData.setAuthenticityToken(value);
+        session.setAttribute(SESSION_AUTHENTICITY_TOKEN, value);
+    }
+    
+    private boolean compareRequestAndSessionTokens(String requestToken) {
+        HttpSession session = getMessageContext().getHttpServletRequest().getSession();
+        String sessionToken = (String)session.getAttribute(SESSION_AUTHENTICITY_TOKEN);
+        
+        if (StringUtils.isEmpty(sessionToken)) {
+            return false;
+        }
+        
+        session.removeAttribute(SESSION_AUTHENTICITY_TOKEN);
+        return requestToken.equals(sessionToken);
+    }
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationCodeGrantService.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationCodeGrantService.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/tokens/bearer/BearerAccessToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/tokens/bearer/BearerAccessToken.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/tokens/bearer/BearerAccessToken.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/tokens/bearer/BearerAccessToken.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,32 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.tokens.bearer;
+
+import org.apache.cxf.rs.security.oauth.common.AccessTokenType;
+import org.apache.cxf.rs.security.oauth.common.Client;
+import org.apache.cxf.rs.security.oauth.common.ServerAccessToken;
+
+public class BearerAccessToken extends ServerAccessToken {
+    public BearerAccessToken(Client client, 
+                             String tokenKey,
+                             long lifetime, 
+                             long issuedAt) {
+        super(client, AccessTokenType.BEARER, tokenKey, lifetime, issuedAt);
+    }
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/tokens/bearer/BearerAccessToken.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/tokens/bearer/BearerAccessToken.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/AuthorizationUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/AuthorizationUtils.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/AuthorizationUtils.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/AuthorizationUtils.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,80 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.rs.security.oauth.utils;
+
+import java.util.Collections;
+import java.util.List;
+import java.util.Set;
+
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.Response;
+
+import org.apache.cxf.common.util.Base64Utility;
+import org.apache.cxf.jaxrs.ext.MessageContext;
+
+
+public final class AuthorizationUtils {
+    private AuthorizationUtils() {
+    }
+    
+    public static String[] getBasicAuthParts(String data) {
+        String authDecoded = null;
+        try {
+            authDecoded = new String(Base64Utility.decode(data));
+        } catch (Exception ex) {
+            throw new WebApplicationException(401);
+        }
+        String authInfo[] = authDecoded.split(":");
+        if (authInfo.length == 2) {
+            return authInfo;
+        }
+        throw new WebApplicationException(401);
+    }
+    
+    public static String[] getAuthorizationParts(MessageContext mc) {
+        return getAuthorizationParts(mc, Collections.singleton("Basic"));
+    }
+    
+    public static String[] getAuthorizationParts(MessageContext mc,
+                                                 Set<String> challenges) {
+        List<String> headers = mc.getHttpHeaders().getRequestHeader("Authorization");
+        if (headers.size() == 1) {
+            String[] parts = headers.get(0).split(" ");
+            if (parts.length == 2) {
+                return parts;       
+            }
+        }
+        throwAuthorizationFailure(challenges);
+        return null;
+    }
+    
+    public static void throwAuthorizationFailure(Set<String> challenges) {
+        StringBuilder sb = new StringBuilder();
+        for (String challenge : challenges) {
+            if (sb.length() > 0) {
+                sb.append(",");
+            }
+            sb.append(challenge);
+        }
+        Response r = Response.status(401).header("WWW-Authenticate", sb.toString()).build();
+        throw new WebApplicationException(r);
+    }
+
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/AuthorizationUtils.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/AuthorizationUtils.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/MD5SequenceGenerator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/MD5SequenceGenerator.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/MD5SequenceGenerator.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/MD5SequenceGenerator.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,52 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.utils;
+
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
+import org.apache.cxf.rs.security.oauth.provider.OAuthServiceException;
+
+/**
+ * The utility MD5 sequence generator which can be used for generating
+ * request or access token keys and secrets as well as request token
+ * verifiers
+ */
+public class MD5SequenceGenerator {
+    public String generate(byte[] input) throws OAuthServiceException {
+        if (input == null) {
+            throw new OAuthServiceException("You have to pass input to Token Generator");
+        }
+
+        try {
+            MessageDigest algorithm = MessageDigest.getInstance("MD5");
+            algorithm.reset();
+            algorithm.update(input);
+            byte[] messageDigest = algorithm.digest();
+            StringBuffer hexString = new StringBuffer();
+            for (int i = 0; i < messageDigest.length; i++) {
+                hexString.append(Integer.toHexString(0xFF & messageDigest[i]));
+            }
+
+            return hexString.toString();
+        } catch (NoSuchAlgorithmException e) {
+            throw new OAuthServiceException("server_error", e);
+        }
+    }
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/MD5SequenceGenerator.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/MD5SequenceGenerator.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthConstants.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthConstants.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthConstants.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthConstants.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,28 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.rs.security.oauth.utils;
+
+/**
+ * Miscellaneous constants 
+ */
+public final class OAuthConstants {
+    private OAuthConstants() {
+    }
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthConstants.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthConstants.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthUtils.java?rev=1292416&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthUtils.java (added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthUtils.java Wed Feb 22 17:44:04 2012
@@ -0,0 +1,53 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.utils;
+
+import javax.ws.rs.core.MultivaluedMap;
+
+import org.apache.cxf.common.util.StringUtils;
+import org.apache.cxf.jaxrs.impl.MetadataMap;
+import org.apache.cxf.jaxrs.model.URITemplate;
+
+/**
+ * Various utility methods 
+ */
+public final class OAuthUtils {
+
+    private OAuthUtils() {
+    }
+
+    public static boolean checkRequestURI(String servletPath, String uri) {
+        boolean wildcard = uri.endsWith("*");
+        String theURI = wildcard ? uri.substring(0, uri.length() - 1) : uri;
+        try {
+            URITemplate template = new URITemplate(theURI);
+            MultivaluedMap<String, String> map = new MetadataMap<String, String>();
+            if (template.match(servletPath, map)) {
+                String finalGroup = map.getFirst(URITemplate.FINAL_MATCH_GROUP);
+                if (wildcard || StringUtils.isEmpty(finalGroup) || "/".equals(finalGroup)) {
+                    return true;
+                }
+            }
+        } catch (Exception ex) {
+            // ignore
+        }
+        return false;
+    }
+    
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthUtils.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthUtils.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Modified: cxf/trunk/rt/rs/security/oauth-parent/pom.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/pom.xml?rev=1292416&r1=1292415&r2=1292416&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/pom.xml (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/pom.xml Wed Feb 22 17:44:04 2012
@@ -40,6 +40,7 @@
 
     <modules>
         <module>oauth</module>
+        <module>oauth2</module> 
     </modules>
 
 </project>



Mime
View raw message