Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 81F38D676 for ; Tue, 25 Jun 2013 14:55:08 +0000 (UTC) Received: (qmail 52908 invoked by uid 500); 25 Jun 2013 14:55:08 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 52788 invoked by uid 500); 25 Jun 2013 14:55:07 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 52781 invoked by uid 99); 25 Jun 2013 14:55:07 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 25 Jun 2013 14:55:07 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 25 Jun 2013 14:55:05 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 79AC623888D2; Tue, 25 Jun 2013 14:54:46 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1496504 - in /cxf/branches/2.7.x-fixes: ./ rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ rt/rs/securi... Date: Tue, 25 Jun 2013 14:54:46 -0000 To: commits@cxf.apache.org From: sergeyb@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20130625145446.79AC623888D2@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: sergeyb Date: Tue Jun 25 14:54:45 2013 New Revision: 1496504 URL: http://svn.apache.org/r1496504 Log: Merged revisions 1495553 via svnmerge from https://svn.apache.org/repos/asf/cxf/trunk ........ r1495553 | sergeyb | 2013-06-21 20:26:11 +0100 (Fri, 21 Jun 2013) | 1 line Support for a realm parameter in OAuth2 filter ........ Modified: cxf/branches/2.7.x-fixes/ (props changed) cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java Propchange: cxf/branches/2.7.x-fixes/ ------------------------------------------------------------------------------ Merged /cxf/trunk:r1495553 Propchange: cxf/branches/2.7.x-fixes/ ------------------------------------------------------------------------------ Binary property 'svnmerge-integrated' - no diff available. Modified: cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java?rev=1496504&r1=1496503&r2=1496504&view=diff ============================================================================== --- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java (original) +++ cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java Tue Jun 25 14:54:45 2013 @@ -225,7 +225,9 @@ public final class OAuthClientUtils { accessTokenService.header("Authorization", sb.toString()); } else { form.set(OAuthConstants.CLIENT_ID, consumer.getKey()); - form.set(OAuthConstants.CLIENT_SECRET, consumer.getSecret()); + if (consumer.getSecret() != null) { + form.set(OAuthConstants.CLIENT_SECRET, consumer.getSecret()); + } } } else { // in this case the AccessToken service is expected to find a mapping between Modified: cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java?rev=1496504&r1=1496503&r2=1496504&view=diff ============================================================================== --- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java (original) +++ cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java Tue Jun 25 14:54:45 2013 @@ -46,6 +46,7 @@ public abstract class AbstractAccessToke private List tokenHandlers = Collections.emptyList(); private Set supportedSchemes = new HashSet(); private OAuthDataProvider dataProvider; + private String realm; public void setTokenValidator(AccessTokenValidator validator) { setTokenValidators(Collections.singletonList(validator)); @@ -106,7 +107,7 @@ public abstract class AbstractAccessToke accessTokenV = handler.validateAccessToken(mc, authScheme, authSchemeData); } catch (OAuthServiceException ex) { AuthorizationUtils.throwAuthorizationFailure( - Collections.singleton(authScheme)); + Collections.singleton(authScheme), realm); } } // Default processing if no registered providers available @@ -119,22 +120,26 @@ public abstract class AbstractAccessToke } if (localAccessToken == null) { AuthorizationUtils.throwAuthorizationFailure( - Collections.singleton(authScheme)); + Collections.singleton(authScheme), realm); } accessTokenV = new AccessTokenValidation(localAccessToken); } if (accessTokenV == null) { - AuthorizationUtils.throwAuthorizationFailure(supportedSchemes); + AuthorizationUtils.throwAuthorizationFailure(supportedSchemes, realm); } // Check if token is still valid if (OAuthUtils.isExpired(accessTokenV.getTokenIssuedAt(), accessTokenV.getTokenLifetime())) { if (localAccessToken != null) { dataProvider.removeAccessToken(localAccessToken); } - AuthorizationUtils.throwAuthorizationFailure(supportedSchemes); + AuthorizationUtils.throwAuthorizationFailure(supportedSchemes, realm); } return accessTokenV; } + + public void setRealm(String realm) { + this.realm = realm; + } } Modified: cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java?rev=1496504&r1=1496503&r2=1496504&view=diff ============================================================================== --- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java (original) +++ cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java Tue Jun 25 14:54:45 2013 @@ -70,6 +70,10 @@ public final class AuthorizationUtils { } public static void throwAuthorizationFailure(Set challenges) { + throwAuthorizationFailure(challenges, null); + } + + public static void throwAuthorizationFailure(Set challenges, String realm) { ResponseBuilder rb = Response.status(401); StringBuilder sb = new StringBuilder(); @@ -83,6 +87,9 @@ public final class AuthorizationUtils { sb.append(challenge); } if (sb.length() > 0) { + if (realm != null) { + sb.append(" realm=\"" + realm + "\""); + } rb.header(HttpHeaders.WWW_AUTHENTICATE, sb.toString()); } Response r = rb.build();