cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1294248 - in /cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth: client/ common/ grants/code/ provider/ services/ utils/
Date Mon, 27 Feb 2012 17:50:22 GMT
Author: sergeyb
Date: Mon Feb 27 17:50:21 2012
New Revision: 1294248

URL: http://svn.apache.org/viewvc?rev=1294248&view=rev
Log:
[CXF-4112] Various updates to make the initial code flow starting to work, a lot of refactoring
to follow

Added:
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthJSONProvider.java
  (with props)
Modified:
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/client/OAuthClientUtils.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessToken.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenType.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/ClientAccessToken.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthAuthorizationData.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthError.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeGrantHandler.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthServiceException.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AbstractOAuthService.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenService.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationCodeGrantService.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthConstants.java

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/client/OAuthClientUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/client/OAuthClientUtils.java?rev=1294248&r1=1294247&r2=1294248&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/client/OAuthClientUtils.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/client/OAuthClientUtils.java
Mon Feb 27 17:50:21 2012
@@ -18,8 +18,13 @@
  */
 package org.apache.cxf.rs.security.oauth.client;
 
+import java.io.IOException;
+import java.io.InputStream;
 import java.net.URI;
+import java.util.Collections;
+import java.util.Map;
 
+import javax.ws.rs.core.Response;
 import javax.ws.rs.core.UriBuilder;
 
 import org.apache.cxf.common.util.Base64Utility;
@@ -29,7 +34,10 @@ import org.apache.cxf.jaxrs.ext.form.For
 import org.apache.cxf.rs.security.oauth.common.AccessTokenGrant;
 import org.apache.cxf.rs.security.oauth.common.AccessTokenType;
 import org.apache.cxf.rs.security.oauth.common.ClientAccessToken;
+import org.apache.cxf.rs.security.oauth.common.OAuthError;
+import org.apache.cxf.rs.security.oauth.provider.OAuthJSONProvider;
 import org.apache.cxf.rs.security.oauth.provider.OAuthServiceException;
+import org.apache.cxf.rs.security.oauth.utils.OAuthConstants;
 
 /**
  * The utility class for simplifying making OAuth request and access token
@@ -56,10 +64,10 @@ public final class OAuthClientUtils {
                                                    clientId,
                                                    scope);
         if (redirectUri != null) {
-            ub.queryParam("redirect_uri", redirectUri);
+            ub.queryParam(OAuthConstants.REDIRECT_URI, redirectUri);
         }
         if (state != null) {
-            ub.queryParam("state", state);
+            ub.queryParam(OAuthConstants.STATE, state);
         }
         return ub.build();
     }
@@ -69,11 +77,12 @@ public final class OAuthClientUtils {
                                                  String scope) {
         UriBuilder ub = UriBuilder.fromUri(authorizationServiceURI);
         if (clientId != null) {
-            ub.queryParam("client_id", clientId);
+            ub.queryParam(OAuthConstants.CLIENT_ID, clientId);
         }
         if (scope != null) {
-            ub.queryParam("scope", scope);
+            ub.queryParam(OAuthConstants.SCOPE, scope);
         }
+        ub.queryParam(OAuthConstants.RESPONSE_TYPE, OAuthConstants.CODE_RESPONSE_TYPE);
         return ub;                                   
     }
     
@@ -84,25 +93,65 @@ public final class OAuthClientUtils {
         return getAccessToken(accessTokenService, consumer, grant, true);
     }
     
+    public static ClientAccessToken getAccessToken(String accessTokenServiceUri,
+                                                   Consumer consumer,
+                                                   AccessTokenGrant grant,
+                                                   boolean setAuthorizationHeader) 
+        throws OAuthServiceException {
+        OAuthJSONProvider provider = new OAuthJSONProvider();
+        WebClient accessTokenService = 
+            WebClient.create(accessTokenServiceUri, Collections.singletonList(provider));
+        accessTokenService.accept("application/json");
+        return getAccessToken(accessTokenService, consumer, grant, true);
+    }
+    
     public static ClientAccessToken getAccessToken(WebClient accessTokenService,
                                                    Consumer consumer,
                                                    AccessTokenGrant grant,
                                                    boolean setAuthorizationHeader) 
         throws OAuthServiceException {
         
-        StringBuilder sb = new StringBuilder();
-        sb.append("Basic ");
+        Form form = new Form(grant.toMap());
+        
+        if (setAuthorizationHeader) {
+            StringBuilder sb = new StringBuilder();
+            sb.append("Basic ");
+            try {
+                String data = consumer.getKey() + ":" + consumer.getSecret();
+                sb.append(Base64Utility.encode(data.getBytes("UTF-8")));
+            } catch (Exception ex) {
+                throw new ClientWebApplicationException(ex);
+            }
+            accessTokenService.header("Authorization", sb.toString());
+        } else {
+            form.set(OAuthConstants.CLIENT_ID, consumer.getKey());
+            form.set(OAuthConstants.CLIENT_SECRET, consumer.getSecret());
+        }
+        Response response = accessTokenService.form(form);
+        Map<String, String> map = null;
         try {
-            String data = consumer.getKey() + ":" + consumer.getSecret();
-            sb.append(Base64Utility.encode(data.getBytes("UTF-8")));
-        } catch (Exception ex) {
+            map = new OAuthJSONProvider().readJSONResponse((InputStream)response.getEntity());
+        } catch (IOException ex) {
             throw new ClientWebApplicationException(ex);
         }
-        accessTokenService.header("Authorization", sb.toString());
-        
-        Form form = new Form(grant.toMap());
-        accessTokenService.accept("application/json");
-        return accessTokenService.post(form, ClientAccessToken.class);
+        if (200 == response.getStatus()) {
+            if (map.containsKey(OAuthConstants.ACCESS_TOKEN)
+                && map.containsKey(OAuthConstants.ACCESS_TOKEN_TYPE)) {
+                String type = map.get(OAuthConstants.ACCESS_TOKEN_TYPE);
+                
+                ClientAccessToken token = new ClientAccessToken(
+                                              AccessTokenType.fromString(type),
+                                              map.get(OAuthConstants.ACCESS_TOKEN));
+                return token;
+            } else {
+                throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
+            }
+        } else if (400 == response.getStatus() && map.containsValue(OAuthConstants.ERROR_KEY))
{
+            OAuthError error = new OAuthError(map.get(OAuthConstants.ERROR_KEY),
+                                              map.get(OAuthConstants.ERROR_DESCRIPTION_KEY));
+            throw new OAuthServiceException(error);
+        } 
+        throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
     }
     
     /**

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessToken.java?rev=1294248&r1=1294247&r2=1294248&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessToken.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessToken.java
Mon Feb 27 17:50:21 2012
@@ -20,16 +20,12 @@ package org.apache.cxf.rs.security.oauth
 
 import java.util.Map;
 
-import javax.xml.bind.annotation.XmlElement;
-
 /**
  * Base Token representation
  */
 public abstract class AccessToken {
 
-    @XmlElement(name = "access_token")
     private String tokenKey;
-    @XmlElement(name = "token_type")
     private AccessTokenType tokenType;
     private Map<String, String> parameters;
     

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenType.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenType.java?rev=1294248&r1=1294247&r2=1294248&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenType.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/AccessTokenType.java
Mon Feb 27 17:50:21 2012
@@ -28,6 +28,14 @@ public enum AccessTokenType {
         this.type = type;
     }
 
+    public static AccessTokenType fromString(String str) {
+        if ("bearer".equals(str)) {
+            return BEARER;
+        } else {
+            throw new IllegalArgumentException(str);
+        }
+    }
+    
     public String getTokenType() {
         return type;
     }
@@ -35,4 +43,5 @@ public enum AccessTokenType {
     public String toString() {
         return type;
     }
+    
 }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/ClientAccessToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/ClientAccessToken.java?rev=1294248&r1=1294247&r2=1294248&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/ClientAccessToken.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/ClientAccessToken.java
Mon Feb 27 17:50:21 2012
@@ -18,39 +18,38 @@
  */
 package org.apache.cxf.rs.security.oauth.common;
 
-import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlRootElement;
 
 
 /**
  * Base Token representation
  */
-@XmlRootElement
 public class ClientAccessToken extends AccessToken {
 
-    @XmlElement(name = "scope")
-    private String approvedScope;
-    @XmlElement(name = "refresh_token")
-    private String refreshToken;
-       
+    private String scope;
+    private String rToken;
+    
+    public ClientAccessToken(String type, String tokenKey) {
+        this(AccessTokenType.valueOf(type), tokenKey);
+    }
+    
     public ClientAccessToken(AccessTokenType type, String tokenKey) {
         super(type, tokenKey);
     }
 
     public void setApprovedScope(String approvedScope) {
-        this.approvedScope = approvedScope;
+        this.scope = approvedScope;
     }
 
     public String getApprovedScope() {
-        return approvedScope;
+        return scope;
     }
 
     public void setRefreshToken(String refreshToken) {
-        this.refreshToken = refreshToken;
+        this.rToken = refreshToken;
     }
 
     public String getRefreshToken() {
-        return refreshToken;
+        return rToken;
     }
 
 }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthAuthorizationData.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthAuthorizationData.java?rev=1294248&r1=1294247&r2=1294248&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthAuthorizationData.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthAuthorizationData.java
Mon Feb 27 17:50:21 2012
@@ -38,6 +38,7 @@ public class OAuthAuthorizationData impl
     private String state;
     private String proposedScope;
     private String authenticityToken;
+    private String replyTo;
     
     private String applicationName;
     private String applicationWebUri;
@@ -128,4 +129,12 @@ public class OAuthAuthorizationData impl
         return proposedScope;
     }
 
+    public void setReplyTo(String replyTo) {
+        this.replyTo = replyTo;
+    }
+
+    public String getReplyTo() {
+        return replyTo;
+    }
+
 }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthError.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthError.java?rev=1294248&r1=1294247&r2=1294248&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthError.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/common/OAuthError.java
Mon Feb 27 17:50:21 2012
@@ -18,21 +18,12 @@
  */
 package org.apache.cxf.rs.security.oauth.common;
 
-import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlRootElement;
 
-@XmlRootElement
 public class OAuthError {
     
-    public static final String INVALID_REQUEST = "invalid_request";
-    
-    @XmlElement(name = "error")
     private String error;
-    @XmlElement(name = "error_description")
     private String errorDescription;
-    @XmlElement(name = "error_uri")
     private String errorUri;
-    @XmlElement(name = "state")
     private String state;
     
     public OAuthError() {

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeGrantHandler.java?rev=1294248&r1=1294247&r2=1294248&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeGrantHandler.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/grants/code/AuthorizationCodeGrantHandler.java
Mon Feb 27 17:50:21 2012
@@ -31,14 +31,12 @@ import org.apache.cxf.rs.security.oauth.
 import org.apache.cxf.rs.security.oauth.provider.OAuthServiceException;
 import org.apache.cxf.rs.security.oauth.tokens.bearer.BearerAccessToken;
 import org.apache.cxf.rs.security.oauth.utils.MD5SequenceGenerator;
+import org.apache.cxf.rs.security.oauth.utils.OAuthConstants;
 import org.apache.cxf.rs.security.oauth.utils.OAuthUtils;
 
 
 
 public class AuthorizationCodeGrantHandler implements AccessTokenGrantHandler {
-    private static final String GRANT_TYPE = "grant_type";
-    private static final String AUTHORIZATION_CODE_GRANT = "authorization_code";
-    private static final String REDIRECT_URI = "redirect_uri";
     
     private static final long DEFAULT_TOKEN_LIFETIME = 3600L;
     
@@ -46,24 +44,25 @@ public class AuthorizationCodeGrantHandl
     private long tokenLifetime = DEFAULT_TOKEN_LIFETIME;
     
     public List<String> getSupportedGrantTypes() {
-        return Collections.singletonList(AUTHORIZATION_CODE_GRANT);
+        return Collections.singletonList(OAuthConstants.AUTHORIZATION_CODE_GRANT);
     }
     public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String>
params) 
         throws OAuthServiceException {
         
-        ServerAuthorizationCodeGrant grant = codeProvider.removeCodeGrant(params.getFirst(GRANT_TYPE));
+        ServerAuthorizationCodeGrant grant = 
+            codeProvider.removeCodeGrant(params.getFirst(OAuthConstants.AUTHORIZATION_CODE_VALUE));
         if (grant == null) {
             return null;
         }
         if (OAuthUtils.isExpired(grant.getIssuedAt(), grant.getLifetime())) {
-            throw new OAuthServiceException("invalid_grant");
+            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
         }
         
         String expectedRedirectUri = grant.getRedirectUri();
         if (expectedRedirectUri != null) {
-            String providedRedirectUri = params.getFirst(REDIRECT_URI);
+            String providedRedirectUri = params.getFirst(OAuthConstants.REDIRECT_URI);
             if (providedRedirectUri == null || !providedRedirectUri.equals(expectedRedirectUri))
{
-                throw new OAuthServiceException("invalid_request");
+                throw new OAuthServiceException(OAuthConstants.INVALID_REQUEST);
             }
         }
         BearerAccessToken token = new BearerAccessToken(client, 
@@ -83,7 +82,7 @@ public class AuthorizationCodeGrantHandl
             byte[] bytes = UUID.randomUUID().toString().getBytes("UTF-8");
             return new MD5SequenceGenerator().generate(bytes);
         } catch (Exception ex) {
-            throw new OAuthServiceException("server_error", ex);
+            throw new OAuthServiceException(OAuthConstants.SERVER_ERROR, ex);
         }
     }
     public void setTokenLifetime(long tokenLifetime) {

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthJSONProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthJSONProvider.java?rev=1294248&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthJSONProvider.java
(added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthJSONProvider.java
Mon Feb 27 17:50:21 2012
@@ -0,0 +1,145 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.provider;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.lang.annotation.Annotation;
+import java.lang.reflect.Type;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.ws.rs.Consumes;
+import javax.ws.rs.Produces;
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.MultivaluedMap;
+import javax.ws.rs.ext.MessageBodyReader;
+import javax.ws.rs.ext.MessageBodyWriter;
+import javax.ws.rs.ext.Provider;
+
+import org.apache.cxf.helpers.IOUtils;
+import org.apache.cxf.jaxrs.client.ClientWebApplicationException;
+import org.apache.cxf.rs.security.oauth.common.ClientAccessToken;
+import org.apache.cxf.rs.security.oauth.common.OAuthError;
+import org.apache.cxf.rs.security.oauth.utils.OAuthConstants;
+
+@Provider
+@Produces("application/json")
+@Consumes("application/json")
+public class OAuthJSONProvider implements MessageBodyWriter<Object>,
+    MessageBodyReader<Map<String, String>> {
+
+    public long getSize(Object obj, Class<?> clt, Type t, Annotation[] anns, MediaType
mt) {
+        return -1;
+    }
+
+    public boolean isWriteable(Class<?> cls, Type t, Annotation[] anns, MediaType mt)
{
+        return cls == ClientAccessToken.class || cls == OAuthError.class;
+    }
+    
+    public void writeTo(Object obj, Class<?> cls, Type t, Annotation[] anns, MediaType
mt,
+                        MultivaluedMap<String, Object> headers, OutputStream os) throws
IOException,
+        WebApplicationException {
+        if (obj instanceof ClientAccessToken) {
+            writeAccessToken((ClientAccessToken)obj, os);
+        } else {
+            writeOAuthError((OAuthError)obj, os);
+        }
+    }
+
+    private void writeOAuthError(OAuthError obj, OutputStream os) throws IOException {
+        StringBuilder sb = new StringBuilder();
+        sb.append("{");
+        appendJsonPair(sb, OAuthConstants.ERROR_KEY, obj.getError());
+        if (obj.getErrorDescription() != null) {
+            sb.append(",");
+            appendJsonPair(sb, OAuthConstants.ERROR_DESCRIPTION_KEY, obj.getErrorDescription());
+        }
+        // etc
+        sb.append("}");
+        String result = sb.toString();
+        os.write(result.getBytes("UTF-8"));
+        os.flush();
+    }
+
+    private void writeAccessToken(ClientAccessToken obj, OutputStream os) throws IOException
{
+        StringBuilder sb = new StringBuilder();
+        sb.append("{");
+        appendJsonPair(sb, OAuthConstants.ACCESS_TOKEN, obj.getTokenKey());
+        sb.append(",");
+        appendJsonPair(sb, OAuthConstants.ACCESS_TOKEN_TYPE, obj.getTokenType().toString());
+        // etc
+        sb.append("}");
+        String result = sb.toString();
+        os.write(result.getBytes("UTF-8"));
+        os.flush();
+    }
+
+    private void appendJsonPair(StringBuilder sb, String key, String value) {
+        sb.append("\"").append(key).append("\"");
+        sb.append(":");
+        sb.append("\"").append(value).append("\"");
+    }
+    
+    public boolean isReadable(Class<?> cls, Type t, Annotation[] anns, MediaType mt)
{
+        return Map.class.isAssignableFrom(cls);
+    }
+
+    public Map<String, String> readFrom(Class<Map<String, String>> cls,
Type t, Annotation[] anns, 
+                                        MediaType mt, MultivaluedMap<String, String>
headers, InputStream is) 
+        throws IOException, WebApplicationException {
+        return readJSONResponse(is);
+    }
+
+    public Map<String, String> readJSONResponse(InputStream is) throws IOException
 {
+        String str = IOUtils.readStringFromStream(is).trim();
+        if (str.isEmpty()) {
+            return Collections.emptyMap();
+        }
+        if (!str.startsWith("{") || !str.endsWith("}")) {
+            throw new ClientWebApplicationException("JSON Sequence is broken");
+        }
+        Map<String, String> map = new HashMap<String, String>();
+        
+        str = str.substring(1, str.length() - 1).trim();
+        String[] jsonPairs = str.split(",");
+        for (int i = 0; i < jsonPairs.length; i++) {
+            String pair = jsonPairs[i].trim();
+            if (pair.length() == 0) {
+                continue;
+            }
+            String[] entry = pair.split(":");
+            String key = entry[0].trim();
+            if (key.startsWith("\"") && key.endsWith("\"")) {
+                key = key.substring(1, key.length() - 1);
+            }
+            String value = entry[1].trim();
+            if (value.startsWith("\"") && value.endsWith("\"")) {
+                value = value.substring(1, value.length() - 1);
+            }
+            map.put(key, value);
+        }
+        
+        return map;
+    }
+
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthJSONProvider.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthJSONProvider.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthServiceException.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthServiceException.java?rev=1294248&r1=1294247&r2=1294248&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthServiceException.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/provider/OAuthServiceException.java
Mon Feb 27 17:50:21 2012
@@ -19,13 +19,16 @@
 
 package org.apache.cxf.rs.security.oauth.provider;
 
+import org.apache.cxf.rs.security.oauth.common.OAuthError;
+
 
 /**
  * Encapsulates OAuth-related problems
  */
 public class OAuthServiceException extends RuntimeException {
-
+    
     private static final long serialVersionUID = 343738539234766320L;
+    private OAuthError error;
     
     public OAuthServiceException(String message) {
         super(message);
@@ -35,6 +38,17 @@ public class OAuthServiceException exten
         super(message, cause);
     }
     
+    public OAuthServiceException(OAuthError error) {
+        this.error = error;
+    }
     
+    public OAuthServiceException(OAuthError error, Throwable cause) {
+        super(cause);
+        this.error = error;
+    }
+
+    public OAuthError getError() {
+        return error;
+    }
     
 }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AbstractOAuthService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AbstractOAuthService.java?rev=1294248&r1=1294247&r2=1294248&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AbstractOAuthService.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AbstractOAuthService.java
Mon Feb 27 17:50:21 2012
@@ -29,13 +29,12 @@ import org.apache.cxf.rs.security.oauth.
 import org.apache.cxf.rs.security.oauth.common.OAuthError;
 import org.apache.cxf.rs.security.oauth.provider.OAuthDataProvider;
 import org.apache.cxf.rs.security.oauth.provider.OAuthServiceException;
+import org.apache.cxf.rs.security.oauth.utils.OAuthConstants;
 
 /**
  * Abstract utility class which OAuth services extend
  */
 public abstract class AbstractOAuthService {
-    protected static final String CLIENT_ID = "client_id";
-    
     private MessageContext mc;
     private OAuthDataProvider dataProvider;
     
@@ -61,7 +60,7 @@ public abstract class AbstractOAuthServi
     }
     
     protected Client getClient(MultivaluedMap<String, String> params) {
-        return getClient(params.getFirst(CLIENT_ID));
+        return getClient(params.getFirst(OAuthConstants.CLIENT_ID));
     }
     protected Client getClient(String clientId) {
         Client client = null;
@@ -81,7 +80,8 @@ public abstract class AbstractOAuthServi
     }
     
     protected void reportInvalidRequestError(String errorDescription) {
-        OAuthError error = new OAuthError(OAuthError.INVALID_REQUEST, errorDescription);
+        OAuthError error = 
+            new OAuthError(OAuthConstants.INVALID_REQUEST, errorDescription);
         throw new WebApplicationException(
                   Response.status(400).type(MediaType.APPLICATION_JSON).entity(error).build());
     }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenService.java?rev=1294248&r1=1294247&r2=1294248&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenService.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenService.java
Mon Feb 27 17:50:21 2012
@@ -20,6 +20,7 @@
 package org.apache.cxf.rs.security.oauth.services;
 
 import java.security.Principal;
+import java.util.Collections;
 import java.util.List;
 
 import javax.ws.rs.Consumes;
@@ -35,20 +36,17 @@ import org.apache.cxf.rs.security.oauth.
 import org.apache.cxf.rs.security.oauth.common.ClientAccessToken;
 import org.apache.cxf.rs.security.oauth.common.OAuthError;
 import org.apache.cxf.rs.security.oauth.common.ServerAccessToken;
+import org.apache.cxf.rs.security.oauth.grants.code.AuthorizationCodeDataProvider;
 import org.apache.cxf.rs.security.oauth.grants.code.AuthorizationCodeGrantHandler;
 import org.apache.cxf.rs.security.oauth.provider.AccessTokenGrantHandler;
 import org.apache.cxf.rs.security.oauth.provider.OAuthServiceException;
 import org.apache.cxf.rs.security.oauth.utils.AuthorizationUtils;
+import org.apache.cxf.rs.security.oauth.utils.OAuthConstants;
 
 
 @Path("/token")
 public class AccessTokenService extends AbstractOAuthService {
-    private static final String CLIENT_SECRET = "client_secret";
-    private static final String GRANT_TYPE = "grant_type";
-    private static final String INVALID_GRANT = "invalid_grant";
-    private static final String UNSUPPORTED_GRANT_TYPE = "unsupported_grant_type";
-    
-    private List<AccessTokenGrantHandler> grantHandlers;
+    private List<AccessTokenGrantHandler> grantHandlers = Collections.emptyList();
     
     public void setGrantHandlers(List<AccessTokenGrantHandler> handlers) {
         grantHandlers = handlers;
@@ -62,7 +60,7 @@ public class AccessTokenService extends 
         
         AccessTokenGrantHandler handler = findGrantHandler(params);
         if (handler == null) {
-            return createErrorResponse(params, UNSUPPORTED_GRANT_TYPE);
+            return createErrorResponse(params, OAuthConstants.UNSUPPORTED_GRANT_TYPE);
         }
         
         ServerAccessToken serverToken = null;
@@ -72,7 +70,7 @@ public class AccessTokenService extends 
             // the error response is to be returned next
         }
         if (serverToken == null) {
-            return createErrorResponse(params, INVALID_GRANT);
+            return createErrorResponse(params, OAuthConstants.INVALID_GRANT);
         }
         getDataProvider().persistAccessToken(serverToken);
         
@@ -86,10 +84,10 @@ public class AccessTokenService extends 
         Client client = null;
         SecurityContext sc = getMessageContext().getSecurityContext();
         
-        if (params.containsKey(CLIENT_ID)) {
+        if (params.containsKey(OAuthConstants.CLIENT_ID)) {
             // both client_id and client_secret are expected in the form payload
-            client = getAndValidateClient(params.getFirst(CLIENT_ID),
-                                          params.getFirst(CLIENT_SECRET));
+            client = getAndValidateClient(params.getFirst(OAuthConstants.CLIENT_ID),
+                                          params.getFirst(OAuthConstants.CLIENT_SECRET));
         } else if (sc.getUserPrincipal() != null) {
             // client has already authenticated
             Principal p = sc.getUserPrincipal();
@@ -103,7 +101,7 @@ public class AccessTokenService extends 
                 // in which case the mapping between the scheme and the client_id
                 // should've been done, in which case the client_id is expected
                 // on the current message
-                Object clientIdProp = getMessageContext().get(CLIENT_ID);
+                Object clientIdProp = getMessageContext().get(OAuthConstants.CLIENT_ID);
                 if (clientIdProp != null) {
                     client = getClient(clientIdProp.toString());
                 }
@@ -133,7 +131,7 @@ public class AccessTokenService extends 
     }
     
     protected AccessTokenGrantHandler findGrantHandler(MultivaluedMap<String, String>
params) {
-        String grantType = params.getFirst(GRANT_TYPE);        
+        String grantType = params.getFirst(OAuthConstants.GRANT_TYPE);        
         if (grantType != null) {
             for (AccessTokenGrantHandler handler : grantHandlers) {
                 if (handler.getSupportedGrantTypes().contains(grantType)) {
@@ -143,6 +141,8 @@ public class AccessTokenService extends 
             if (grantHandlers.size() == 0) {
                 AuthorizationCodeGrantHandler handler = new AuthorizationCodeGrantHandler();
                 if (handler.getSupportedGrantTypes().contains(grantType)) {
+                    handler.setCodeProvider(
+                            (AuthorizationCodeDataProvider)super.getDataProvider());
                     return handler;
                 }
             }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationCodeGrantService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationCodeGrantService.java?rev=1294248&r1=1294247&r2=1294248&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationCodeGrantService.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationCodeGrantService.java
Mon Feb 27 17:50:21 2012
@@ -48,6 +48,7 @@ import org.apache.cxf.rs.security.oauth.
 import org.apache.cxf.rs.security.oauth.grants.code.AuthorizationCodeRegistration;
 import org.apache.cxf.rs.security.oauth.grants.code.ServerAuthorizationCodeGrant;
 import org.apache.cxf.rs.security.oauth.provider.OAuthServiceException;
+import org.apache.cxf.rs.security.oauth.utils.OAuthConstants;
 import org.apache.cxf.security.LoginSecurityContext;
 
 
@@ -61,22 +62,8 @@ import org.apache.cxf.security.LoginSecu
 @Path("/authorize")
 public class AuthorizationCodeGrantService extends AbstractOAuthService {
 
-    private static final String SUPPORTED_RESPONSE_TYPE = "code";
-    private static final String REDIRECT_URI = "redirect_uri";
-    private static final String SCOPE = "scope";
-    private static final String STATE = "state";
-    
-    private static final String UNSUPPORTED_RESPONSE_TYPE = "unsupported_response_type";
-    private static final String UNAUTHORIZED_CLIENT = "unauthorized_client";
-    private static final String INVALID_SCOPE = "invalid_scope";
-    private static final String ACCESS_DENIED = "access_denied";
-    
     private static final long DEFAULT_CODE_GRANT_LIFETIME = 3600L;
     
-    private static final String SESSION_AUTHENTICITY_TOKEN = "session_authenticity_token";
-    private static final String AUTHORIZATION_DECISION_KEY = "oauthDecision";
-    private static final String AUTHORIZATION_DECISION_ALLOW = "allow";
-       
     private long grantLifetime = DEFAULT_CODE_GRANT_LIFETIME;
     
     @GET
@@ -102,21 +89,22 @@ public class AuthorizationCodeGrantServi
     
     protected Response startAuthorization(MultivaluedMap<String, String> params) {
         Client client = getClient(params); 
-        String redirectUri = validateRedirectUri(client, params.getFirst(REDIRECT_URI));

+        String redirectUri = validateRedirectUri(client, params.getFirst(OAuthConstants.REDIRECT_URI));

         if (!client.isConfidential()) {
-            return createErrorResponse(params, redirectUri, UNAUTHORIZED_CLIENT);
+            return createErrorResponse(params, redirectUri, OAuthConstants.UNAUTHORIZED_CLIENT);
         }
-        if (params.getFirst(SUPPORTED_RESPONSE_TYPE) == null) {
-            return createErrorResponse(params, redirectUri, UNSUPPORTED_RESPONSE_TYPE);
+        String responseType = params.getFirst(OAuthConstants.RESPONSE_TYPE);
+        if (responseType == null || !responseType.equals(OAuthConstants.CODE_RESPONSE_TYPE))
{
+            return createErrorResponse(params, redirectUri, OAuthConstants.UNSUPPORTED_RESPONSE_TYPE);
         }
         
         List<OAuthPermission> permissions = null;
         try {
-            List<String> list = parseScope(params.getFirst(SCOPE));
+            List<String> list = parseScope(params.getFirst(OAuthConstants.SCOPE));
             permissions = ((AuthorizationCodeDataProvider)getDataProvider())
                 .convertScopeToPermissions(list);
         } catch (OAuthServiceException ex) {
-            return createErrorResponse(params, redirectUri, INVALID_SCOPE);
+            return createErrorResponse(params, redirectUri, OAuthConstants.INVALID_SCOPE);
         }
         OAuthAuthorizationData data = 
             createAuthorizationData(client, params, permissions);
@@ -147,32 +135,36 @@ public class AuthorizationCodeGrantServi
         secData.setProposedScope(sb.toString());
         
         secData.setClientId(client.getClientId());
-        secData.setRedirectUri(params.getFirst(REDIRECT_URI));
-        secData.setState(params.getFirst(STATE));
+        secData.setRedirectUri(params.getFirst(OAuthConstants.REDIRECT_URI));
+        secData.setState(params.getFirst(OAuthConstants.STATE));
         
         secData.setApplicationName(client.getApplicationName()); 
         secData.setApplicationWebUri(client.getApplicationWebUri());
         secData.setApplicationDescription(client.getApplicationDescription());
         secData.setApplicationLogoUri(client.getApplicationLogoUri());
         
+        String replyTo = getMessageContext().getUriInfo()
+            .getAbsolutePathBuilder().path("decision").build().toString();
+        secData.setReplyTo(replyTo);
+        
         return secData;
     }
     
     protected Response completeAuthorization(MultivaluedMap<String, String> params)
{
         
-        if (!compareRequestAndSessionTokens(params.getFirst(SESSION_AUTHENTICITY_TOKEN)))
{
+        if (!compareRequestAndSessionTokens(params.getFirst(OAuthConstants.SESSION_AUTHENTICITY_TOKEN)))
{
             throw new WebApplicationException(400);     
         }
         
         Client client = getClient(params);
-        String originalRedirectUri = params.getFirst(REDIRECT_URI);
+        String originalRedirectUri = params.getFirst(OAuthConstants.REDIRECT_URI);
         String actualRedirectUri = validateRedirectUri(client, originalRedirectUri);
         
-        String decision = params.getFirst(AUTHORIZATION_DECISION_KEY);
-        boolean allow = AUTHORIZATION_DECISION_ALLOW.equals(decision);
+        String decision = params.getFirst(OAuthConstants.AUTHORIZATION_DECISION_KEY);
+        boolean allow = OAuthConstants.AUTHORIZATION_DECISION_ALLOW.equals(decision);
 
         if (!allow) {
-            return createErrorResponse(params, actualRedirectUri, ACCESS_DENIED);
+            return createErrorResponse(params, actualRedirectUri, OAuthConstants.ACCESS_DENIED);
         }
         
         AuthorizationCodeRegistration codeReg = new AuthorizationCodeRegistration(); 
@@ -182,18 +174,18 @@ public class AuthorizationCodeGrantServi
         codeReg.setLifetime(grantLifetime);
         codeReg.setIssuedAt(System.currentTimeMillis() / 1000);
         
-        List<String> requestedScope = parseScope(params.getFirst(SCOPE));
+        List<String> requestedScope = parseScope(params.getFirst(OAuthConstants.SCOPE));
         codeReg.setRequestedScope(requestedScope);
 
         List<String> approvedScope = new LinkedList<String>(); 
         for (String rScope : requestedScope) {
             String param = params.getFirst(rScope + "_status");
-            if (param != null && AUTHORIZATION_DECISION_ALLOW.equals(param)) {
+            if (param != null && OAuthConstants.AUTHORIZATION_DECISION_ALLOW.equals(param))
{
                 approvedScope.add(rScope);
             }
         }
         if (!requestedScope.containsAll(approvedScope)) {
-            return createErrorResponse(params, actualRedirectUri, INVALID_SCOPE);
+            return createErrorResponse(params, actualRedirectUri, OAuthConstants.INVALID_SCOPE);
         }
         // the decision was allow but the approved scopes end up being empty
         // in this case we default to the requestedScope
@@ -218,10 +210,10 @@ public class AuthorizationCodeGrantServi
         try {
             grant = ((AuthorizationCodeDataProvider)getDataProvider()).createCodeGrant(codeReg);
         } catch (OAuthServiceException ex) {
-            return createErrorResponse(params, actualRedirectUri, ACCESS_DENIED);
+            return createErrorResponse(params, actualRedirectUri, OAuthConstants.ACCESS_DENIED);
         }
         
-        UriBuilder ub = getRedirectUriBuilder(params.getFirst(STATE), actualRedirectUri);
+        UriBuilder ub = getRedirectUriBuilder(params.getFirst(OAuthConstants.STATE), actualRedirectUri);
         ub.queryParam("code", grant.getCode());
         return Response.seeOther(ub.build()).build();    
     }
@@ -229,7 +221,7 @@ public class AuthorizationCodeGrantServi
     protected Response createErrorResponse(MultivaluedMap<String, String> params,
                                            String redirectUri,
                                            String error) {
-        UriBuilder ub = getRedirectUriBuilder(params.getFirst(STATE), redirectUri);
+        UriBuilder ub = getRedirectUriBuilder(params.getFirst(OAuthConstants.STATE), redirectUri);
         ub.queryParam("error", error);
         return Response.seeOther(ub.build()).build();
     }
@@ -250,7 +242,7 @@ public class AuthorizationCodeGrantServi
     private UriBuilder getRedirectUriBuilder(String state, String redirectUri) {
         UriBuilder ub = UriBuilder.fromUri(redirectUri);
         if (state != null) { 
-            ub.queryParam(STATE, state);
+            ub.queryParam(OAuthConstants.STATE, state);
         }
         return ub;
     }
@@ -261,7 +253,7 @@ public class AuthorizationCodeGrantServi
         if (redirectUri != null) {
             String webUri = client.getApplicationWebUri();
             if (uris.size() > 0 && !uris.contains(redirectUri)
-                || webUri != null && !webUri.startsWith(redirectUri)) {
+                || webUri != null && !redirectUri.startsWith(webUri)) {
                 redirectUri = null;
             } 
         } else if (uris.size() == 1) {
@@ -277,18 +269,18 @@ public class AuthorizationCodeGrantServi
         HttpSession session = getMessageContext().getHttpServletRequest().getSession();
         String value = UUID.randomUUID().toString();
         secData.setAuthenticityToken(value);
-        session.setAttribute(SESSION_AUTHENTICITY_TOKEN, value);
+        session.setAttribute(OAuthConstants.SESSION_AUTHENTICITY_TOKEN, value);
     }
     
     private boolean compareRequestAndSessionTokens(String requestToken) {
         HttpSession session = getMessageContext().getHttpServletRequest().getSession();
-        String sessionToken = (String)session.getAttribute(SESSION_AUTHENTICITY_TOKEN);
+        String sessionToken = (String)session.getAttribute(OAuthConstants.SESSION_AUTHENTICITY_TOKEN);
         
         if (StringUtils.isEmpty(sessionToken)) {
             return false;
         }
         
-        session.removeAttribute(SESSION_AUTHENTICITY_TOKEN);
+        session.removeAttribute(OAuthConstants.SESSION_AUTHENTICITY_TOKEN);
         return requestToken.equals(sessionToken);
     }
 }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthConstants.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthConstants.java?rev=1294248&r1=1294247&r2=1294248&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthConstants.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthConstants.java
Mon Feb 27 17:50:21 2012
@@ -23,6 +23,41 @@ package org.apache.cxf.rs.security.oauth
  * Miscellaneous constants 
  */
 public final class OAuthConstants {
+    // Common OAuth2 constants
+    public static final String CLIENT_ID = "client_id";
+    public static final String CLIENT_SECRET = "client_secret";
+    public static final String REDIRECT_URI = "redirect_uri";
+    public static final String SCOPE = "scope";
+    public static final String STATE = "state";
+    public static final String ACCESS_TOKEN = "access_token";
+    public static final String ACCESS_TOKEN_TYPE = "token_type";
+    public static final String GRANT_TYPE = "grant_type";
+    public static final String RESPONSE_TYPE = "response_type";
+    public static final String TOKEN_RESPONSE_TYPE = "token";
+    
+    // Authorization Code Grant
+    public static final String AUTHORIZATION_CODE_GRANT = "authorization_code";
+    public static final String AUTHORIZATION_CODE_VALUE = "code";
+    public static final String CODE_RESPONSE_TYPE = "code";
+    public static final String SESSION_AUTHENTICITY_TOKEN = "session_authenticity_token";
+    public static final String AUTHORIZATION_DECISION_KEY = "oauthDecision";
+    public static final String AUTHORIZATION_DECISION_ALLOW = "allow";
+    public static final String AUTHORIZATION_DECISION_DENY = "deny";
+    
+    // Error constants
+    public static final String ERROR_KEY = "error";
+    public static final String ERROR_DESCRIPTION_KEY = "error_description";
+    
+    public static final String SERVER_ERROR = "server_error";
+    public static final String INVALID_REQUEST = "invalid_request";
+    public static final String INVALID_GRANT = "invalid_grant";
+    public static final String UNSUPPORTED_GRANT_TYPE = "unsupported_grant_type";
+    public static final String UNSUPPORTED_RESPONSE_TYPE = "unsupported_response_type";
+    public static final String UNAUTHORIZED_CLIENT = "unauthorized_client";
+    public static final String INVALID_SCOPE = "invalid_scope";
+    public static final String ACCESS_DENIED = "access_denied";
+    
     private OAuthConstants() {
     }
+    
 }



Mime
View raw message