cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1507296 - in /cxf/branches/2.6.x-fixes: ./ rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/ rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/
Date Fri, 26 Jul 2013 12:44:20 GMT
Author: sergeyb
Date: Fri Jul 26 12:44:20 2013
New Revision: 1507296

URL: http://svn.apache.org/r1507296
Log:
Merged revisions 1507293 via svnmerge from 
https://svn.apache.org/repos/asf/cxf/branches/2.7.x-fixes

................
  r1507293 | sergeyb | 2013-07-26 13:39:53 +0100 (Fri, 26 Jul 2013) | 13 lines
  
  Merged revisions 1507286-1507287 via svnmerge from 
  https://svn.apache.org/repos/asf/cxf/trunk
  
  ........
    r1507286 | sergeyb | 2013-07-26 13:31:12 +0100 (Fri, 26 Jul 2013) | 1 line
    
    [CXF-5161] Fixing AbstractGrantHandler typo and updating it to correctly work in a case
where a concrete implementation wants to support more than one grant type
  ........
    r1507287 | sergeyb | 2013-07-26 13:33:15 +0100 (Fri, 26 Jul 2013) | 1 line
    
    Reverting a change to JAXRSXmlSecTest
  ........
................

Added:
    cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/
      - copied from r1507293, cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/
    cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java
      - copied, changed from r1507293, cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java
Modified:
    cxf/branches/2.6.x-fixes/   (props changed)
    cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java

Propchange: cxf/branches/2.6.x-fixes/
------------------------------------------------------------------------------
  Merged /cxf/branches/2.7.x-fixes:r1507293
  Merged /cxf/trunk:r1507286-1507287

Propchange: cxf/branches/2.6.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.

Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java?rev=1507296&r1=1507295&r2=1507296&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
Fri Jul 26 12:44:20 2013
@@ -21,7 +21,11 @@ package org.apache.cxf.rs.security.oauth
 
 import java.util.Collections;
 import java.util.List;
+import java.util.logging.Logger;
 
+import javax.ws.rs.WebApplicationException;
+
+import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rs.security.oauth2.common.OAuthError;
@@ -38,13 +42,21 @@ import org.apache.cxf.rs.security.oauth2
  * Abstract access token grant handler
  */
 public abstract class AbstractGrantHandler implements AccessTokenGrantHandler {
+    private static final Logger LOG = LogUtils.getL7dLogger(AbstractGrantHandler.class);
     
-    private String supportedGrant;
+    private List<String> supportedGrants;
     private OAuthDataProvider dataProvider;
     private boolean partialMatchScopeValidation;
     private boolean canSupportPublicClients;
     protected AbstractGrantHandler(String grant) {
-        supportedGrant = grant;
+        supportedGrants = Collections.singletonList(grant);
+    }
+    
+    protected AbstractGrantHandler(List<String> grants) {
+        if (grants.isEmpty()) {
+            throw new IllegalArgumentException("The list of grant types can not be empty");
+        }
+        supportedGrants = grants;
     }
     
     public void setDataProvider(OAuthDataProvider dataProvider) {
@@ -55,13 +67,17 @@ public abstract class AbstractGrantHandl
     }
     
     public List<String> getSupportedGrantTypes() {
-        return Collections.singletonList(supportedGrant);
+        return Collections.unmodifiableList(supportedGrants);
     }
     
     protected void checkIfGrantSupported(Client client) {
+        checkIfGrantSupported(client, getSingleGrantType());
+    }
+    
+    protected void checkIfGrantSupported(Client client, String requestedGrant) {
         if (!OAuthUtils.isGrantSupportedForClient(client, 
                                                   canSupportPublicClients,
-                                                  OAuthConstants.AUTHORIZATION_CODE_GRANT))
{
+                                                  requestedGrant)) {
             throw new OAuthServiceException(OAuthConstants.UNAUTHORIZED_CLIENT);    
         }
     }
@@ -69,13 +85,30 @@ public abstract class AbstractGrantHandl
     protected ServerAccessToken doCreateAccessToken(Client client,
                                                     UserSubject subject,
                                                     List<String> requestedScope) {
+        
+        return doCreateAccessToken(client, subject, getSingleGrantType(), requestedScope);
+    }
+    
+    private String getSingleGrantType() {
+        if (supportedGrants.size() > 1) {
+            String errorMessage = "Request grant type must be specified";
+            LOG.warning(errorMessage);
+            throw new WebApplicationException(500);
+        }
+        return supportedGrants.get(0);
+    }
+    
+    protected ServerAccessToken doCreateAccessToken(Client client,
+                                                    UserSubject subject,
+                                                    String requestedGrant,
+                                                    List<String> requestedScope) {
         if (!OAuthUtils.validateScopes(requestedScope, client.getRegisteredScopes(), 
                                        partialMatchScopeValidation)) {
             throw new OAuthServiceException(new OAuthError(OAuthConstants.INVALID_SCOPE));
    
         }
         // Check if a pre-authorized  token available
         ServerAccessToken token = dataProvider.getPreauthorizedToken(
-                                     client, requestedScope, subject, supportedGrant);
+                                     client, requestedScope, subject, requestedGrant);
         if (token != null) {
             return token;
         }
@@ -83,7 +116,7 @@ public abstract class AbstractGrantHandl
         // Delegate to the data provider to create the one
         AccessTokenRegistration reg = new AccessTokenRegistration();
         reg.setClient(client);
-        reg.setGrantType(supportedGrant);
+        reg.setGrantType(requestedGrant);
         reg.setSubject(subject);
         reg.setRequestedScope(requestedScope);        
         

Copied: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java
(from r1507293, cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java)
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java?p2=cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java&p1=cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java&r1=1507293&r2=1507296&rev=1507296&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java
Fri Jul 26 12:44:20 2013
@@ -107,7 +107,6 @@ public class TokenGrantHandlerTest exten
             super(grants);
         }
         
-        @Override
         public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String,
String> params)
             throws OAuthServiceException {
             super.checkIfGrantSupported(client);
@@ -122,7 +121,6 @@ public class TokenGrantHandlerTest exten
             super(grants);
         }
         
-        @Override
         public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String,
String> params)
             throws OAuthServiceException {
             super.checkIfGrantSupported(client, params.getFirst(OAuthConstants.GRANT_TYPE));



Mime
View raw message