cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1308504 - in /cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2: common/ filters/ grants/ grants/clientcred/ grants/code/
Date Mon, 02 Apr 2012 19:43:15 GMT
Author: sergeyb
Date: Mon Apr  2 19:43:14 2012
New Revision: 1308504

URL: http://svn.apache.org/viewvc?rev=1308504&view=rev
Log:
More Java docs updates to the oauth2 module

Modified:
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenGrant.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthError.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/Permission.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/UserSubject.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeDataProvider.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrant.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenGrant.java?rev=1308504&r1=1308503&r2=1308504&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenGrant.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenGrant.java
Mon Apr  2 19:43:14 2012
@@ -26,7 +26,7 @@ import javax.ws.rs.core.MultivaluedMap;
 public interface AccessTokenGrant {
     /**
      * Returns the token grant type, example, "authorization_code"
-     * @return
+     * @return the grant type
      */
     String getType(); 
     

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthError.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthError.java?rev=1308504&r1=1308503&r2=1308504&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthError.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthError.java
Mon Apr  2 19:43:14 2012
@@ -18,7 +18,9 @@
  */
 package org.apache.cxf.rs.security.oauth2.common;
 
-
+/**
+ * Captures OAuth2 error properties
+ */
 public class OAuthError {
     
     private String error;
@@ -39,27 +41,70 @@ public class OAuthError {
         this.errorDescription = descr;
     }
     
+    /**
+     * Sets the error such as "invalid_grant", etc
+     * @param error the error
+     */
     public void setError(String error) {
         this.error = error;
     }
+    
+    /**
+     * Gets the error 
+     * @return error
+     */
     public String getError() {
         return error;
     }
+    
+    /**
+     * Sets the error description
+     * @param errorDescription error description
+     */
     public void setErrorDescription(String errorDescription) {
         this.errorDescription = errorDescription;
     }
+    
+    /**
+     * Gets the error description
+     * @return error description
+     */
     public String getErrorDescription() {
         return errorDescription;
     }
+    
+    /**
+     * Sets the optional link to the page 
+     * describing the error in detail
+     * @param errorUri error page URI
+     */
     public void setErrorUri(String errorUri) {
         this.errorUri = errorUri;
     }
+    
+    /**
+     * Gets the optional link to the page 
+     * describing the error in detail
+     * @param errorUri error page URI
+     */
     public String getErrorUri() {
         return errorUri;
     }
+    
+    /**
+     * Sets the client state token which needs to be returned
+     * to the client alongside the error information 
+     * if it was provided during the client request
+     * @param state the client state token
+     */
     public void setState(String state) {
         this.state = state;
     }
+    
+    /**
+     * Gets the client state token
+     * @return the state
+     */
     public String getState() {
         return state;
     }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java?rev=1308504&r1=1308503&r2=1308504&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
Mon Apr  2 19:43:14 2012
@@ -23,6 +23,10 @@ import java.util.List;
 
 /**
  * Provides the complete information about a given opaque permission.
+ * For example, a scope parameter such as "read_calendar" will be
+ * translated into the instance of this class in order to provide
+ * the human readable description and optionally restrict it to
+ * a limited set of HTTP verbs and request URIs
  */
 public class OAuthPermission extends Permission {
     private List<String> httpVerbs = Collections.emptyList();
@@ -32,18 +36,35 @@ public class OAuthPermission extends Per
         super(permission, description);
     }
     
+    /**
+     * Sets the optional list of HTTP verbs, example,
+     * "GET" and "POST", etc
+     * @param httpVerbs the list of HTTP verbs
+     */
     public void setHttpVerbs(List<String> httpVerbs) {
         this.httpVerbs = httpVerbs;
     }
 
+    /**
+     * Gets the optional list of HTTP verbs
+     * @return the list of HTTP verbs
+     */
     public List<String> getHttpVerbs() {
         return httpVerbs;
     }
 
+    /**
+     * Sets the optional list of relative request URIs
+     * @param uri the list of URIs
+     */
     public void setUris(List<String> uri) {
         this.uris = uri;
     }
 
+    /**
+     * Gets the optional list of relative request URIs
+     * @return the list of URIs
+     */
     public List<String> getUris() {
         return uris;
     }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/Permission.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/Permission.java?rev=1308504&r1=1308503&r2=1308504&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/Permission.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/Permission.java
Mon Apr  2 19:43:14 2012
@@ -19,8 +19,7 @@
 package org.apache.cxf.rs.security.oauth2.common;
 
 /**
- * Base permission description which is visible to 
- * authorization handlers
+ * Base permission description
  * @see OAuthAuthorizationData
  */
 public class Permission {
@@ -36,28 +35,46 @@ public class Permission {
         this.description = description;
         this.permission = permission;
     }
-    
+   
+    /**
+     * Gets the permission description
+     * @return the description
+     */
     public String getDescription() {
         return description;
     }
 
+    /**
+     * Sets the permission description
+     * @param description
+     */
     public void setDescription(String description) {
         this.description = description;
     }
 
+    /**
+     * Get the permission value such as "read_calendar"
+     * @return the value
+     */
     public String getPermission() {
         return permission;
     }
 
+    /**
+     * Sets the permission value such as "read_calendar"
+     * @param permission the permission value
+     */
     public void setPermission(String permission) {
         this.permission = permission;
     }
 
     /**
-     * Indicates that this permission has been allocated by default.
+     * Indicates if this permission has been allocated by default or not.
      * Authorization View handlers may use this property in order to restrict
-     * the list of scopes which may be refused to non-default scopes only
-     * @param isDefault
+     * the list of scopes which may be refused to non-default scopes only.
+     * For example, the read-only check-box controls can be used to represent
+     * the default scopes 
+     * @param isDefault true if the permission has been allocated by default
      */
     public void setDefault(boolean value) {
         this.isDefault = value;

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java?rev=1308504&r1=1308503&r2=1308504&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
Mon Apr  2 19:43:14 2012
@@ -22,7 +22,7 @@ import java.util.Collections;
 import java.util.List;
 
 /**
- * Base Token representation
+ * Server Access Token representation
  */
 public abstract class ServerAccessToken extends AccessToken {
     private String grantType;
@@ -103,10 +103,18 @@ public abstract class ServerAccessToken 
         return subject;
     }
 
+    /**
+     * Sets the grant type which was used to obtain the access token
+     * @param grantType the grant type
+     */
     public void setGrantType(String grantType) {
         this.grantType = grantType;
     }
 
+    /**
+     * Returns the grant type which was used to obtain the access token
+     * @return the grant type
+     */
     public String getGrantType() {
         return grantType;
     }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/UserSubject.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/UserSubject.java?rev=1308504&r1=1308503&r2=1308504&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/UserSubject.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/UserSubject.java
Mon Apr  2 19:43:14 2012
@@ -22,7 +22,7 @@ import java.util.Collections;
 import java.util.List;
 
 /**
- * Represents a user alias or login name which AuthorizationService
+ * Represents a login name which AuthorizationService
  * may capture after the end user approved a given third party request
  */
 public class UserSubject {
@@ -39,10 +39,19 @@ public class UserSubject {
         this.roles = roles;
     }
     
+    /**
+     * Returns the user login name
+     * @return the login name
+     */
     public String getLogin() {
         return login;
     }
 
+    /**
+     * Returns the optional list of user roles which may have 
+     * been captured during the authentication process 
+     * @return the list of roles
+     */
     public List<String> getRoles() {
         return Collections.unmodifiableList(roles);
     }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java?rev=1308504&r1=1308503&r2=1308504&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java
Mon Apr  2 19:43:14 2012
@@ -51,7 +51,7 @@ import org.apache.cxf.rs.security.oauth2
 import org.apache.cxf.security.SecurityContext;
 
 /**
- * JAX-RS OAuth filter which can be used to protect end user endpoints
+ * JAX-RS OAuth2 filter which can be used to protect the end-user endpoints
  */
 @Provider
 public class OAuthRequestFilter implements RequestHandler {
@@ -74,8 +74,11 @@ public class OAuthRequestFilter implemen
     }
     
     public Response handleRequest(Message m, ClassResourceInfo resourceClass) {
+        // Get the access token
         ServerAccessToken accessToken = getAccessToken(); 
         
+        // Find the scopes which match the current request
+        
         List<OAuthPermission> permissions = accessToken.getScopes();
         List<OAuthPermission> matchingPermissions = new ArrayList<OAuthPermission>();
         
@@ -94,8 +97,11 @@ public class OAuthRequestFilter implemen
             throw new WebApplicationException(403);
         }
       
+        // Create the security context and make it available on the message
         SecurityContext sc = createSecurityContext(req, accessToken);
         m.put(SecurityContext.class, sc);
+        
+        // Also set the OAuthContext
         m.setContent(OAuthContext.class, new OAuthContext(accessToken.getSubject(),
                                                           matchingPermissions,
                                                           accessToken.getGrantType()));
@@ -155,25 +161,34 @@ public class OAuthRequestFilter implemen
         return null;        
     }
     
+    /**
+     * Get the access token
+     */
     protected ServerAccessToken getAccessToken() {
         ServerAccessToken accessToken = null;
         if (dataProvider == null && tokenHandlers.isEmpty()) {
             throw new WebApplicationException(500);
         }
         
+        // Get the scheme and its data, Bearer only is supported by default
+        // WWW-Authenticate with the list of supported schemes will be sent back 
+        // if the scheme is not accepted
         String[] authParts = AuthorizationUtils.getAuthorizationParts(mc, supportedSchemes);
         String authScheme = authParts[0];
         String authSchemeData = authParts[1];
         
+        // Get the registered handler capable of processing the token
         AccessTokenValidator handler = findTokenHandler(authScheme);
         if (handler != null) {
             try {
+                // Convert the HTTP Authorization scheme data into a token
                 accessToken = handler.getAccessToken(authSchemeData);
             } catch (OAuthServiceException ex) {
                 AuthorizationUtils.throwAuthorizationFailure(
                     Collections.singleton(authScheme));
             }
         }
+        // Default processing if no registered providers available
         if (accessToken == null && authScheme.equals(DEFAULT_AUTH_SCHEME)) {
             try {
                 accessToken = dataProvider.getAccessToken(authSchemeData);
@@ -185,6 +200,7 @@ public class OAuthRequestFilter implemen
         if (accessToken == null) {
             AuthorizationUtils.throwAuthorizationFailure(supportedSchemes);
         }
+        // Check if token is still valid
         if (OAuthUtils.isExpired(accessToken.getIssuedAt(), accessToken.getLifetime())) {
             dataProvider.removeAccessToken(accessToken);
             AuthorizationUtils.throwAuthorizationFailure(supportedSchemes);

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java?rev=1308504&r1=1308503&r2=1308504&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
Mon Apr  2 19:43:14 2012
@@ -33,7 +33,9 @@ import org.apache.cxf.rs.security.oauth2
 import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
 
 
-
+/**
+ * Abstract access token grant handler
+ */
 public abstract class AbstractGrantHandler implements AccessTokenGrantHandler {
     
     private String supportedGrant;
@@ -64,12 +66,14 @@ public abstract class AbstractGrantHandl
     protected ServerAccessToken doCreateAccessToken(Client client,
                                                     UserSubject subject,
                                                     List<String> requestedScope) {
+        // Check if a pre-authorized  token available
         ServerAccessToken token = dataProvider.getPreauthorizedToken(
                                      client, subject, supportedGrant);
         if (token != null) {
             return token;
         }
         
+        // Delegate to the data provider to create the one
         AccessTokenRegistration reg = new AccessTokenRegistration();
         reg.setClient(client);
         reg.setGrantType(supportedGrant);

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java?rev=1308504&r1=1308503&r2=1308504&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java
Mon Apr  2 19:43:14 2012
@@ -27,6 +27,9 @@ import org.apache.cxf.rs.security.oauth2
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
 
+/**
+ * The "client_credentials" grant handler
+ */
 public class ClientCredentialsGrantHandler extends AbstractGrantHandler {
    
     
@@ -38,9 +41,8 @@ public class ClientCredentialsGrantHandl
         throws OAuthServiceException {
         checkIfGrantSupported(client);
         
-        // the OAuth filter will use Client.getLoginName() to initialize 
-        // the Principal when setting up the security context
-        // TODO: consider setting the UserSubject representing the authenticated Client instead
+        // the OAuth filter will use Client.getUserSubject() 
+        // to initialize the request security context
         return doCreateAccessToken(client, 
                                    null, 
                                    OAuthUtils.parseScope(params.getFirst(OAuthConstants.SCOPE)));

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeDataProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeDataProvider.java?rev=1308504&r1=1308503&r2=1308504&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeDataProvider.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeDataProvider.java
Mon Apr  2 19:43:14 2012
@@ -23,18 +23,19 @@ import org.apache.cxf.rs.security.oauth2
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
 
 /**
- * OAuth provider responsible for persisting the information about 
- * OAuth consumers, request and access tokens.
+ * AuthorizationCodeDataProvider is the {@link OAuthDataProvider} which
+ * can additionally persist the authorization code grant information 
  */
 public interface AuthorizationCodeDataProvider extends OAuthDataProvider {
 
     /**
      * Creates a temporarily code grant which will capture the
-     * information about the {@link Client} attempting to access or
-     * modify the resource owner's resource 
-     * @param reg AuthorizationCodeRegistration
+     * information about the {@link Client} requesting the access to
+     * the resource owner's resources 
+     * @param reg information about the client code grant request
      * @return new code grant
      * @see AuthorizationCodeRegistration
+     * @see ServerAuthorizationCodeGrant
      * @throws OAuthServiceException
      */
     ServerAuthorizationCodeGrant createCodeGrant(AuthorizationCodeRegistration reg) 
@@ -43,8 +44,9 @@ public interface AuthorizationCodeDataPr
     /**
      * Returns the previously registered {@link ServerAuthorizationCodeGrant}
      * @param code the code grant
-     * @return AuthorizationCodeGrant
-     * @throws OAuthServiceException
+     * @return the grant
+     * @throws OAuthServiceException if no grant with this code is available
+     * @see ServerAuthorizationCodeGrant
      */
     ServerAuthorizationCodeGrant removeCodeGrant(String code) throws OAuthServiceException;
 }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrant.java?rev=1308504&r1=1308503&r2=1308504&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrant.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrant.java
Mon Apr  2 19:43:14 2012
@@ -29,7 +29,8 @@ import org.apache.cxf.rs.security.oauth2
 
 
 /**
- * Authorization Code Token representation
+ * Base Authorization Code Grant representation, captures the code 
+ * and the redirect URI this code has been returned to, visible to the client
  */
 public class AuthorizationCodeGrant implements AccessTokenGrant {
     private String code;
@@ -44,22 +45,41 @@ public class AuthorizationCodeGrant impl
         redirectUri = uri.toString();
     }
 
+    /**
+     * Sets the redirect URI, if set then the client is expected to 
+     * include the same URI during the access token request
+     * @param redirectUri redirect URI
+     */
     public void setRedirectUri(String redirectUri) {
         this.redirectUri = redirectUri;
     }
 
+    /**
+     * Gets the redirect URI
+     * @return the redirect URI
+     */
     public String getRedirectUri() {
         return redirectUri;
     }
 
+    /**
+     * Gets the authorization code
+     * @return the code
+     */
     public String getCode() {
         return code;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     public String getType() {
         return OAuthConstants.AUTHORIZATION_CODE_GRANT;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     public MultivaluedMap<String, String> toMap() {
         MultivaluedMap<String, String> map = new MetadataMap<String, String>();
         map.putSingle("grant_type", OAuthConstants.AUTHORIZATION_CODE_GRANT);

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java?rev=1308504&r1=1308503&r2=1308504&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
Mon Apr  2 19:43:14 2012
@@ -29,7 +29,9 @@ import org.apache.cxf.rs.security.oauth2
 import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
 
 
-
+/**
+ * Authorization Code Grant Handler
+ */
 public class AuthorizationCodeGrantHandler extends AbstractGrantHandler {
     
     public AuthorizationCodeGrantHandler() {
@@ -38,20 +40,24 @@ public class AuthorizationCodeGrantHandl
     
     public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String>
params) 
         throws OAuthServiceException {
+        // Only confidential clients can use it
         checkIfGrantSupported(client);
         
+        // Get the grant representation from the provider 
         String codeValue = params.getFirst(OAuthConstants.AUTHORIZATION_CODE_VALUE);
         ServerAuthorizationCodeGrant grant = 
             ((AuthorizationCodeDataProvider)getDataProvider()).removeCodeGrant(codeValue);
         if (grant == null) {
             return null;
         }
+        // check it has not expired, the client ids are the same
         if (OAuthUtils.isExpired(grant.getIssuedAt(), grant.getLifetime())) {
             throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
         }
         if (!grant.getClient().getClientId().equals(client.getClientId())) {
             throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
         }
+        // redirect URIs must match too
         String expectedRedirectUri = grant.getRedirectUri();
         if (expectedRedirectUri != null) {
             String providedRedirectUri = params.getFirst(OAuthConstants.REDIRECT_URI);

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java?rev=1308504&r1=1308503&r2=1308504&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
Mon Apr  2 19:43:14 2012
@@ -35,34 +35,80 @@ public class AuthorizationCodeRegistrati
     private String redirectUri;
     private UserSubject subject;
     
+    /**
+     * Sets the {@link Client} reference
+     * @param client the client
+     */
     public void setClient(Client client) {
         this.client = client;
     }
+    /**
+     * Gets {@link Client} reference
+     * @return the client
+     */
     public Client getClient() {
         return client;
     }
-    
+    /**
+     * Sets the redirect URI
+     * @param redirectUri the redirect URI
+     */
     public void setRedirectUri(String redirectUri) {
         this.redirectUri = redirectUri;
     }
+    /**
+     * Gets the redirect URI
+     * @return the redirect URI
+     */
     public String getRedirectUri() {
         return redirectUri;
     }
+    
+    /**
+     * Sets the scopes request by the client
+     * @param requestedScope the requested scopes
+     */
     public void setRequestedScope(List<String> requestedScope) {
         this.requestedScope = requestedScope;
     }
+    
+    /**
+     * Gets the scopes request by the client
+     * @return the requested scopes
+     */
     public List<String> getRequestedScope() {
         return requestedScope;
     }
+    
+    /**
+     * Sets the scopes explicitly approved by the end user.
+     * If this list is empty then the end user had no way to down-scope. 
+     * @param approvedScope the approved scopes
+     */
     public void setApprovedScope(List<String> approvedScope) {
         this.approvedScope = approvedScope;
     }
+    
+    /**
+     * Gets the scopes explicitly approved by the end user
+     * @return the approved scopes
+     */
     public List<String> getApprovedScope() {
         return approvedScope;
     }
+    
+    /**
+     * Sets the user subject representing the end user
+     * @param subject the subject
+     */
     public void setSubject(UserSubject subject) {
         this.subject = subject;
     }
+    
+    /**
+     * Gets the user subject representing the end user
+     * @return the subject
+     */
     public UserSubject getSubject() {
         return subject;
     }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java?rev=1308504&r1=1308503&r2=1308504&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
Mon Apr  2 19:43:14 2012
@@ -27,7 +27,7 @@ import org.apache.cxf.rs.security.oauth2
 
 
 /**
- * Authorization Code Token representation
+ * The Authorization Code Grant representation visible to the server
  */
 public class ServerAuthorizationCodeGrant extends AuthorizationCodeGrant {
     private long issuedAt;
@@ -52,35 +52,62 @@ public class ServerAuthorizationCodeGran
         this.issuedAt = issuedAt;
     }
 
-    
+    /**
+     * Returns the time (in seconds) this grant was issued at
+     * @return the seconds
+     */
     public long getIssuedAt() {
         return issuedAt;
     }
 
+    /**
+     * Returns the number of seconds this grant can be valid after it was issued
+     * @return the seconds this grant will be valid for
+     */
     public long getLifetime() {
         return lifetime;
     }
 
+    /**
+     * Returns the reference to {@link Client}
+     * @return the client
+     */
     public Client getClient() {
         return client;
     }
 
-
+    /**
+     * Sets the scopes explicitly approved by the end user.
+     * If this list is empty then the end user had no way to down-scope. 
+     * @param approvedScope the approved scopes
+     */
+    
     public void setApprovedScopes(List<String> scopes) {
         this.approvedScopes = scopes;
     }
 
-
+    /**
+     * Gets the scopes explicitly approved by the end user
+     * @return the approved scopes
+     */
+    
     public List<String> getApprovedScopes() {
         return approvedScopes;
     }
 
 
+    /**
+     * Sets the user subject representing the end user
+     * @param subject the subject
+     */
     public void setSubject(UserSubject subject) {
         this.subject = subject;
     }
-
-
+    
+    /**
+     * Gets the user subject representing the end user
+     * @return the subject
+     */
     public UserSubject getSubject() {
         return subject;
     }



Mime
View raw message