cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1448721 - in /cxf/branches/2.7.x-fixes: ./ rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/ rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/ rt/rs/security/oauth-parent/ rt/rs/security/oauth-parent/oauth2-saml/ rt/...
Date Thu, 21 Feb 2013 16:48:32 GMT
Author: sergeyb
Date: Thu Feb 21 16:48:31 2013
New Revision: 1448721

URL: http://svn.apache.org/r1448721
Log:
Merged revisions 1448696 via svnmerge from 
https://svn.apache.org/repos/asf/cxf/trunk

........
  r1448696 | sergeyb | 2013-02-21 15:57:24 +0000 (Thu, 21 Feb 2013) | 1 line
  
  [CXF-4828] Support for OAuth2 SAML2 grants and authentication
........

Added:
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/pom.xml
      - copied unchanged from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/pom.xml
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthHandler.java
      - copied unchanged from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthHandler.java
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthOutInterceptor.java
      - copied unchanged from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/auth/saml/Saml2BearerAuthOutInterceptor.java
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrant.java
      - copied unchanged from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrant.java
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java
      - copied unchanged from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrantHandler.java
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/SamlUserSubject.java
      - copied unchanged from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/SamlUserSubject.java
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/Base64UrlUtility.java
      - copied unchanged from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/Base64UrlUtility.java
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/Constants.java
      - copied unchanged from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/Constants.java
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
      - copied unchanged from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/saml/SamlOAuthValidator.java
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/test/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/test/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/test/java/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/test/java/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/test/java/org/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/test/java/org/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/test/java/org/apache/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/test/java/org/apache/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/test/java/org/apache/cxf/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/test/java/org/apache/cxf/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/test/java/org/apache/cxf/rs/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/test/java/org/apache/cxf/rs/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/test/java/org/apache/cxf/rs/security/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/test/java/org/apache/cxf/rs/security/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/test/java/org/apache/cxf/rs/security/oauth2/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/test/java/org/apache/cxf/rs/security/oauth2/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/test/java/org/apache/cxf/rs/security/oauth2/grants/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/test/java/org/apache/cxf/rs/security/oauth2/grants/
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2-saml/src/test/java/org/apache/cxf/rs/security/oauth2/grants/saml/
      - copied from r1448696, cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/test/java/org/apache/cxf/rs/security/oauth2/grants/saml/
    cxf/branches/2.7.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/
      - copied from r1448696, cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/
    cxf/branches/2.7.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/BookServerOAuth2.java
      - copied unchanged from r1448696, cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/BookServerOAuth2.java
    cxf/branches/2.7.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/CustomGrantHandler.java
      - copied unchanged from r1448696, cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/CustomGrantHandler.java
    cxf/branches/2.7.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java
      - copied unchanged from r1448696, cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java
    cxf/branches/2.7.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java
      - copied unchanged from r1448696, cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java
    cxf/branches/2.7.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java
      - copied unchanged from r1448696, cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler.java
    cxf/branches/2.7.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java
      - copied unchanged from r1448696, cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java
    cxf/branches/2.7.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/client.xml
      - copied unchanged from r1448696, cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/client.xml
    cxf/branches/2.7.x-fixes/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/server.xml
      - copied unchanged from r1448696, cxf/trunk/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/server.xml
Modified:
    cxf/branches/2.7.x-fixes/   (props changed)
    cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/FormEncodingProvider.java
    cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/FormUtils.java
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/pom.xml
    cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/CryptoLoader.java
    cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlInHandler.java
    cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SAMLUtils.java
    cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlFormInHandler.java
    cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlFormOutInterceptor.java
    cxf/branches/2.7.x-fixes/systests/rs-security/pom.xml

Propchange: cxf/branches/2.7.x-fixes/
------------------------------------------------------------------------------
    svn:mergeinfo = /cxf/trunk:1448696

Propchange: cxf/branches/2.7.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.

Modified: cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/FormEncodingProvider.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/FormEncodingProvider.java?rev=1448721&r1=1448720&r2=1448721&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/FormEncodingProvider.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/provider/FormEncodingProvider.java
Thu Feb 21 16:48:31 2013
@@ -63,6 +63,14 @@ public class FormEncodingProvider<T> imp
 
     private boolean expectEncoded;
     
+    public FormEncodingProvider() {
+        
+    }
+    
+    public FormEncodingProvider(boolean expectEncoded) {
+        this.expectEncoded = expectEncoded;
+    }
+    
     public void setExpectedEncoded(boolean expect) {
         this.expectEncoded = expect;
     }

Modified: cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/FormUtils.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/FormUtils.java?rev=1448721&r1=1448720&r2=1448721&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/FormUtils.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/FormUtils.java
Thu Feb 21 16:48:31 2013
@@ -23,6 +23,7 @@ import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
+import java.lang.annotation.Annotation;
 import java.util.Arrays;
 import java.util.Enumeration;
 import java.util.Iterator;
@@ -34,15 +35,20 @@ import javax.servlet.http.HttpServletReq
 import javax.ws.rs.BadRequestException;
 import javax.ws.rs.InternalServerErrorException;
 import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.MultivaluedMap;
 
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.helpers.IOUtils;
 import org.apache.cxf.interceptor.LoggingInInterceptor;
+import org.apache.cxf.io.CachedOutputStream;
+import org.apache.cxf.jaxrs.ext.form.Form;
 import org.apache.cxf.jaxrs.ext.multipart.Attachment;
 import org.apache.cxf.jaxrs.ext.multipart.ContentDisposition;
 import org.apache.cxf.jaxrs.ext.multipart.MultipartBody;
+import org.apache.cxf.jaxrs.impl.MetadataMap;
+import org.apache.cxf.jaxrs.provider.FormEncodingProvider;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.phase.PhaseInterceptorChain;
 
@@ -57,6 +63,30 @@ public final class FormUtils {
         
     }
     
+    public static void restoreForm(FormEncodingProvider<Form> provider, 
+                                   Form form, 
+                                   Message message)
+        throws Exception {
+        CachedOutputStream os = new CachedOutputStream();
+        writeForm(provider, form, os);
+        message.setContent(InputStream.class, os.getInputStream());
+    }
+    
+    public static void writeForm(FormEncodingProvider<Form> provider, 
+                                 Form form, OutputStream os)
+        throws Exception {
+        provider.writeTo(form, Form.class, Form.class, new Annotation[]{}, 
+                         MediaType.APPLICATION_FORM_URLENCODED_TYPE, new MetadataMap<String,
Object>(), os);
+    }
+    
+    public static Form readForm(FormEncodingProvider<Form> provider, Message message)

+        throws Exception {
+        return provider.readFrom(Form.class, Form.class, 
+                              new Annotation[]{}, MediaType.APPLICATION_FORM_URLENCODED_TYPE,

+                              new MetadataMap<String, String>(), 
+                              message.getContent(InputStream.class));
+    }
+    
     public static void addPropertyToForm(MultivaluedMap<String, String> map, String
name, Object value) {
         if (!"".equals(name)) {
             map.add(name, value.toString());

Modified: cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java?rev=1448721&r1=1448720&r2=1448721&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java
Thu Feb 21 16:48:31 2013
@@ -151,11 +151,67 @@ public final class OAuthClientUtils {
     public static ClientAccessToken getAccessToken(WebClient accessTokenService,
                                                    Consumer consumer,
                                                    AccessTokenGrant grant,
+                                                   boolean setAuthorizationHeader) {
+        return getAccessToken(accessTokenService, consumer, grant, null, setAuthorizationHeader);
+    }
+    
+    /**
+     * Obtains the access token from OAuth AccessToken Service 
+     * using the initialized web client 
+     * @param accessTokenService the AccessToken client
+     * @param grant {@link AccessTokenGrant} grant
+     * @param extraParams extra parameters
+     * @return {@link ClientAccessToken} access token
+     * @throws OAuthServiceException
+     */
+    public static ClientAccessToken getAccessToken(WebClient accessTokenService,
+                                                   AccessTokenGrant grant) 
+        throws OAuthServiceException {
+        return getAccessToken(accessTokenService, null, grant, null, false);
+    }
+    
+    /**
+     * Obtains the access token from OAuth AccessToken Service 
+     * using the initialized web client 
+     * @param accessTokenService the AccessToken client
+     * @param grant {@link AccessTokenGrant} grant
+     * @param extraParams extra parameters
+     * @return {@link ClientAccessToken} access token
+     * @throws OAuthServiceException
+     */
+    public static ClientAccessToken getAccessToken(WebClient accessTokenService,
+                                                   AccessTokenGrant grant,
+                                                   Map<String, String> extraParams)

+        throws OAuthServiceException {
+        return getAccessToken(accessTokenService, null, grant, extraParams, false);
+    }
+    
+    /**
+     * Obtains the access token from OAuth AccessToken Service 
+     * using the initialized web client 
+     * @param accessTokenService the AccessToken client
+     * @param consumer {@link Consumer} representing the registered client.
+     * @param grant {@link AccessTokenGrant} grant
+     * @param extraParams extra parameters
+     * @param setAuthorizationHeader if set to true then HTTP Basic scheme
+     *           will be used to pass client id and secret, otherwise they will
+     *           be passed in the form payload  
+     * @return {@link ClientAccessToken} access token
+     * @throws OAuthServiceException
+     */
+    public static ClientAccessToken getAccessToken(WebClient accessTokenService,
+                                                   Consumer consumer,
+                                                   AccessTokenGrant grant,
+                                                   Map<String, String> extraParams,
                                                    boolean setAuthorizationHeader) 
         throws OAuthServiceException {
         
         Form form = new Form(grant.toMap());
-    
+        if (extraParams != null) {
+            for (Map.Entry<String, String> entry : extraParams.entrySet()) {
+                form.getData().add(entry.getKey(), entry.getValue());
+            }
+        }
         if (consumer != null) {
             if (setAuthorizationHeader) {
                 StringBuilder sb = new StringBuilder();
@@ -228,18 +284,6 @@ public final class OAuthClientUtils {
         }
     }
     
-    /**
-     * Creates OAuth Authorization header with Bearer scheme
-     * @param consumer represents the registered client
-     * @param accessToken the access token  
-     * @return the header value
-     */
-    @Deprecated
-    public static String createAuthorizationHeader(Consumer consumer,
-                                                   ClientAccessToken accessToken)
-        throws OAuthServiceException {
-        return createAuthorizationHeader(accessToken);
-    }
     
     /**
      * Creates OAuth Authorization header with Bearer scheme

Modified: cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java?rev=1448721&r1=1448720&r2=1448721&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java
Thu Feb 21 16:48:31 2013
@@ -27,10 +27,16 @@ import org.apache.cxf.rs.security.oauth2
 public class ResourceOwnerGrant implements AccessTokenGrant {
     private String ownerName;
     private String ownerPassword;
+    private String scope;
     
     public ResourceOwnerGrant(String name, String password) {
+        this(name, password, null);
+    }
+    
+    public ResourceOwnerGrant(String name, String password, String scope) {
         this.ownerName = name;
         this.ownerPassword = password;
+        this.scope = scope;
     }
     
     public String getType() {
@@ -42,6 +48,9 @@ public class ResourceOwnerGrant implemen
         map.putSingle(OAuthConstants.GRANT_TYPE, OAuthConstants.RESOURCE_OWNER_GRANT);
         map.putSingle(OAuthConstants.RESOURCE_OWNER_NAME, ownerName);
         map.putSingle(OAuthConstants.RESOURCE_OWNER_PASSWORD, ownerPassword);
+        if (scope != null) {
+            map.putSingle(OAuthConstants.SCOPE, scope);
+        }
         return map;
     }
 

Modified: cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/pom.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/pom.xml?rev=1448721&r1=1448720&r2=1448721&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/pom.xml (original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/pom.xml Thu Feb 21 16:48:31 2013
@@ -44,6 +44,7 @@
     <modules>
         <module>oauth</module>
         <module>oauth2</module> 
+        <module>oauth2-saml</module> 
     </modules>
 
 </project>

Modified: cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/CryptoLoader.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/CryptoLoader.java?rev=1448721&r1=1448720&r2=1448721&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/CryptoLoader.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/common/CryptoLoader.java
Thu Feb 21 16:48:31 2013
@@ -41,6 +41,15 @@ public class CryptoLoader {
     
     private static final String CRYPTO_CACHE = "rs-security-xml-crypto.cache";
     
+    public Crypto loadCrypto(String cryptoResource) throws IOException, WSSecurityException
{
+        URL url = ClassLoaderUtils.getResource(cryptoResource, this.getClass());
+        if (url != null) {
+            return loadCryptoFromURL(url);
+        } else {
+            return null;
+        }
+    }
+    
     public Crypto getCrypto(Message message,
                             String cryptoKey, 
                             String propKey) 
@@ -54,8 +63,8 @@ public class CryptoLoader {
         if (o == null) {
             return null;
         }
-        
-        crypto = getCryptoCache(message).get(o);
+        Map<Object, Crypto> cryptoCache = getCryptoCache(message); 
+        crypto = cryptoCache != null ? cryptoCache.get(o) : null;
         if (crypto != null) {
             return crypto;
         }
@@ -73,15 +82,13 @@ public class CryptoLoader {
                 url = manager.resolveResource((String)o, URL.class);
             }
             if (url != null) {
-                Properties props = new Properties();
-                InputStream in = url.openStream(); 
-                props.load(in);
-                in.close();
-                crypto = CryptoFactory.getInstance(props);
+                crypto = loadCryptoFromURL(url);
             } else {
                 crypto = CryptoFactory.getInstance((String)o);
             }
-            getCryptoCache(message).put(o, crypto);
+            if (cryptoCache != null) {
+                cryptoCache.put(o, crypto);
+            }
             return crypto;
         } finally {
             if (orig != null) {
@@ -90,16 +97,29 @@ public class CryptoLoader {
         }
     }
     
+    public static Crypto loadCryptoFromURL(URL url) throws IOException, WSSecurityException
{
+        Properties props = new Properties();
+        InputStream in = url.openStream(); 
+        props.load(in);
+        in.close();
+        return CryptoFactory.getInstance(props);
+    }
+    
     public final Map<Object, Crypto> getCryptoCache(Message message) {
-        EndpointInfo info = message.getExchange().get(Endpoint.class).getEndpointInfo();
-        synchronized (info) {
-            Map<Object, Crypto> o = 
-                CastUtils.cast((Map<?, ?>)info.getProperty(CRYPTO_CACHE));
-            if (o == null) {
-                o = new ConcurrentHashMap<Object, Crypto>();
-                info.setProperty(CRYPTO_CACHE, o);
+        Endpoint endpoint = message.getExchange().get(Endpoint.class);
+        if (endpoint != null) {
+            EndpointInfo info  = endpoint.getEndpointInfo();
+            synchronized (info) {
+                Map<Object, Crypto> o = 
+                    CastUtils.cast((Map<?, ?>)info.getProperty(CRYPTO_CACHE));
+                if (o == null) {
+                    o = new ConcurrentHashMap<Object, Crypto>();
+                    info.setProperty(CRYPTO_CACHE, o);
+                }
+                return o;
             }
-            return o;
+        } else {
+            return null;
         }
     }
 }

Modified: cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlInHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlInHandler.java?rev=1448721&r1=1448720&r2=1448721&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlInHandler.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/AbstractSamlInHandler.java
Thu Feb 21 16:48:31 2013
@@ -82,20 +82,38 @@ public abstract class AbstractSamlInHand
     
     protected void validateToken(Message message, InputStream tokenStream) {
         
-        Document doc = null;
+        Element token = readToken(message, tokenStream);
+        validateToken(message, token);
+        
+    }
+    
+    protected Element readToken(Message message, InputStream tokenStream) {
+        
         try {
-            doc = DOMUtils.readXml(new InputStreamReader(tokenStream, "UTF-8"));
+            Document doc = DOMUtils.readXml(new InputStreamReader(tokenStream, "UTF-8"));
+            return doc.getDocumentElement();
         } catch (Exception ex) {
             throwFault("Assertion can not be read as XML document", ex);
         }
-        validateToken(message, doc.getDocumentElement());
+        return null;
         
     }
 
     protected void validateToken(Message message, Element tokenElement) {
+        validateToken(message, toWrapper(tokenElement));
+    }
+    
+    protected AssertionWrapper toWrapper(Element tokenElement) {
+        try {
+            return new AssertionWrapper(tokenElement);
+        } catch (Exception ex) {
+            throwFault("Assertion can not be validated", ex);
+        }
+        return null;
+    }
+    
+    protected void validateToken(Message message, AssertionWrapper assertion) {
         try {
-            AssertionWrapper assertion = new AssertionWrapper(tokenElement);
-            
             RequestData data = new RequestData();
             if (assertion.isSigned()) {
                 WSSConfig cfg = WSSConfig.getNewInstance(); 
@@ -112,6 +130,8 @@ public abstract class AbstractSamlInHand
                     message.getContextualProperty(WSHandlerConstants.ENABLE_REVOCATION)));
                 assertion.verifySignature(data, null);
                 assertion.parseHOKSubject(data, null);
+            } else if (getTLSCertificates(message) == null) {
+                throwFault("Assertion must be signed", null);
             }
             if (samlValidator != null) {
                 Credential credential = new Credential();
@@ -158,7 +178,7 @@ public abstract class AbstractSamlInHand
         // to rt/rs/security
         LOG.warning(error);
         Response response = Response.status(401).entity(error).build();
-        throw ex != null ? new NotAuthorizedException(ex, response) : new NotAuthorizedException(response);
+        throw ex != null ? new NotAuthorizedException(response, ex) : new NotAuthorizedException(response);
     }
     
     /**

Modified: cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SAMLUtils.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SAMLUtils.java?rev=1448721&r1=1448720&r2=1448721&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SAMLUtils.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SAMLUtils.java
Thu Feb 21 16:48:31 2013
@@ -93,15 +93,27 @@ public final class SAMLUtils {
     
     public static AssertionWrapper createAssertion(Message message) throws Fault {
         CallbackHandler handler = SecurityUtils.getCallbackHandler(
-             message, SAMLUtils.class, SecurityConstants.SAML_CALLBACK_HANDLER);
+            message, SAMLUtils.class, SecurityConstants.SAML_CALLBACK_HANDLER);
+        boolean selfSignAssertion = 
+            MessageUtils.getContextualBoolean(
+                message, SecurityConstants.SELF_SIGN_SAML_ASSERTION, false
+            );
+        return createAssertion(message, handler, selfSignAssertion);
+    }
+    
+    public static AssertionWrapper createAssertion(Message message,
+                                                   CallbackHandler handler) {
+        return createAssertion(message, handler, true);
+    }
+    
+    public static AssertionWrapper createAssertion(Message message,
+                                                   CallbackHandler handler,
+                                                   boolean selfSignAssertion) throws Fault
{
+            
         SAMLParms samlParms = new SAMLParms();
         samlParms.setCallbackHandler(handler);
         try {
             AssertionWrapper assertion = new AssertionWrapper(samlParms);
-            boolean selfSignAssertion = 
-                MessageUtils.getContextualBoolean(
-                    message, SecurityConstants.SELF_SIGN_SAML_ASSERTION, false
-                );
             if (selfSignAssertion) {
                 //--- This code will be moved to a common utility class
                 Crypto crypto = new CryptoLoader().getCrypto(message, 
@@ -129,4 +141,50 @@ public final class SAMLUtils {
         }
         
     }
+    
+    public static AssertionWrapper createAssertion(CallbackHandler handler,
+                                                   SelfSignInfo info) throws Fault {
+            
+        SAMLParms samlParms = new SAMLParms();
+        samlParms.setCallbackHandler(handler);
+        try {
+            AssertionWrapper assertion = new AssertionWrapper(samlParms);
+            assertion.signAssertion(info.getUser(), 
+                                    info.getPassword(), 
+                                    info.getCrypto(), 
+                                    false);
+            return assertion;
+        } catch (Exception ex) {
+            StringWriter sw = new StringWriter();
+            ex.printStackTrace(new PrintWriter(sw));
+            LOG.warning(sw.toString());
+            throw new Fault(new RuntimeException(ex.getMessage() + ", stacktrace: " + sw.toString()));
+        }
+        
+    }
+    
+    public static class SelfSignInfo {
+        private Crypto crypto;
+        private String user;
+        private String password;
+        
+        public SelfSignInfo(Crypto crypto, String user, String password) {
+            this.crypto = crypto;
+            this.user = user;
+            this.password = password;
+        }
+        
+        public Crypto getCrypto() {
+            return crypto;
+        }
+        public String getUser() {
+            return user;
+        }
+        public String getPassword() {
+            return password;
+        }
+        public void setPassword(String password) {
+            this.password = password;
+        }
+    }
 }

Modified: cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlFormInHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlFormInHandler.java?rev=1448721&r1=1448720&r2=1448721&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlFormInHandler.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlFormInHandler.java
Thu Feb 21 16:48:31 2013
@@ -19,19 +19,15 @@
 
 package org.apache.cxf.rs.security.saml;
 
-import java.io.InputStream;
-import java.lang.annotation.Annotation;
 import java.net.URI;
 
-import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 
-import org.apache.cxf.io.CachedOutputStream;
 import org.apache.cxf.jaxrs.ext.form.Form;
-import org.apache.cxf.jaxrs.impl.MetadataMap;
 import org.apache.cxf.jaxrs.impl.UriInfoImpl;
 import org.apache.cxf.jaxrs.model.ClassResourceInfo;
 import org.apache.cxf.jaxrs.provider.FormEncodingProvider;
+import org.apache.cxf.jaxrs.utils.FormUtils;
 import org.apache.cxf.message.Message;
 
 public class SamlFormInHandler extends AbstractSamlBase64InHandler {
@@ -39,10 +35,9 @@ public class SamlFormInHandler extends A
     private static final String SAML_ELEMENT = "SAMLToken";
     private static final String SAML_RELAY_STATE = "RelayState";
    
-    private FormEncodingProvider<Form> provider = new FormEncodingProvider<Form>();
+    private FormEncodingProvider<Form> provider = new FormEncodingProvider<Form>(true);
     
     public SamlFormInHandler() {
-        provider.setExpectedEncoded(true);
     }
     
     public Response handleRequest(Message message, ClassResourceInfo resourceClass) {
@@ -63,14 +58,12 @@ public class SamlFormInHandler extends A
                 return Response.status(302).location(URI.create(samlRequestURI)).build();
             }
         }
-        // restore input stream
-        CachedOutputStream os = new CachedOutputStream(); 
         form.getData().remove(SAML_ELEMENT);
         form.getData().remove(SAML_RELAY_STATE);
+        
+        // restore input stream
         try {
-            provider.writeTo(form, Form.class, Form.class, new Annotation[]{}, 
-                MediaType.APPLICATION_FORM_URLENCODED_TYPE, new MetadataMap<String, Object>(),
os);
-            message.setContent(InputStream.class, os.getInputStream());
+            FormUtils.restoreForm(provider, form, message);
         } catch (Exception ex) {
             throwFault(ex.getMessage(), ex);
         }
@@ -79,10 +72,7 @@ public class SamlFormInHandler extends A
     
     private Form readFormData(Message message) {
         try {
-            return provider.readFrom(Form.class, Form.class, 
-                              new Annotation[]{}, MediaType.APPLICATION_FORM_URLENCODED_TYPE,

-                              new MetadataMap<String, String>(), 
-                              message.getContent(InputStream.class));
+            return FormUtils.readForm(provider, message);
         } catch (Exception ex) {
             throwFault("Error reading the form", ex);    
         }

Modified: cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlFormOutInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlFormOutInterceptor.java?rev=1448721&r1=1448720&r2=1448721&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlFormOutInterceptor.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/xml/src/main/java/org/apache/cxf/rs/security/saml/SamlFormOutInterceptor.java
Thu Feb 21 16:48:31 2013
@@ -57,7 +57,7 @@ public class SamlFormOutInterceptor exte
             
             String encodedToken = encodeToken(assertionWrapper.assertionToString());
                 
-            form.set(SAML_ELEMENT, encodedToken);
+            updateForm(form, encodedToken);
         } catch (Exception ex) {
             StringWriter sw = new StringWriter();
             ex.printStackTrace(new PrintWriter(sw));
@@ -67,8 +67,12 @@ public class SamlFormOutInterceptor exte
         
     }
         
+    protected void updateForm(Form form, String encodedToken) {
+        form.set(SAML_ELEMENT, encodedToken);
+    }
+    
     @SuppressWarnings("unchecked")
-    private Form getRequestForm(Message message) {
+    protected Form getRequestForm(Message message) {
         Object ct = message.get(Message.CONTENT_TYPE);
         if (ct == null || !MediaType.APPLICATION_FORM_URLENCODED.equalsIgnoreCase(ct.toString()))
{
             return null;

Modified: cxf/branches/2.7.x-fixes/systests/rs-security/pom.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/systests/rs-security/pom.xml?rev=1448721&r1=1448720&r2=1448721&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/systests/rs-security/pom.xml (original)
+++ cxf/branches/2.7.x-fixes/systests/rs-security/pom.xml Thu Feb 21 16:48:31 2013
@@ -83,6 +83,11 @@
         </dependency>
         <dependency>
             <groupId>org.apache.cxf</groupId>
+            <artifactId>cxf-rt-rs-security-oauth2-saml</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.cxf</groupId>
             <artifactId>cxf-rt-transports-http</artifactId>
             <version>${project.version}</version>
         </dependency>



Mime
View raw message