cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1514249 - in /cxf/trunk/rt/rs/security/oauth-parent/oauth2/src: main/java/org/apache/cxf/rs/security/oauth2/common/ main/java/org/apache/cxf/rs/security/oauth2/grants/ main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ main/jav...
Date Thu, 15 Aug 2013 13:03:14 GMT
Author: sergeyb
Date: Thu Aug 15 13:03:14 2013
New Revision: 1514249

URL: http://svn.apache.org/r1514249
Log:
[CXF-5209] Making audience parameter visible to data providers

Added:
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrant.java
  (with props)
Modified:
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenRegistration.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrant.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenRegistration.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenRegistration.java?rev=1514249&r1=1514248&r2=1514249&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenRegistration.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessTokenRegistration.java
Thu Aug 15 13:03:14 2013
@@ -30,6 +30,7 @@ public class AccessTokenRegistration {
     private List<String> approvedScope = new LinkedList<String>();
     private String grantType;
     private UserSubject subject;
+    private String audience;
     
     /**
      * Sets the {@link Client} instance
@@ -111,5 +112,13 @@ public class AccessTokenRegistration {
     public String getGrantType() {
         return grantType;
     }
+
+    public String getAudience() {
+        return audience;
+    }
+
+    public void setAudience(String audience) {
+        this.audience = audience;
+    }
     
 }

Added: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrant.java?rev=1514249&view=auto
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrant.java
(added)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrant.java
Thu Aug 15 13:03:14 2013
@@ -0,0 +1,71 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.rs.security.oauth2.grants;
+
+import javax.ws.rs.core.MultivaluedMap;
+
+import org.apache.cxf.jaxrs.impl.MetadataMap;
+import org.apache.cxf.rs.security.oauth2.common.AccessTokenGrant;
+import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
+
+
+/**
+ * Abstract access token grant
+ */
+public abstract class AbstractGrant implements AccessTokenGrant {
+    
+    private String grantType;
+    private String scope;
+    private String audience;
+    
+    protected AbstractGrant(String grantType) {
+        this(grantType, null);
+    }
+    
+    protected AbstractGrant(String grantType, String scope) {
+        this(grantType, scope, null);    
+    }
+    
+    protected AbstractGrant(String grantType, String scope, String audience) {
+        this.grantType = grantType;
+        this.scope = scope;
+        this.audience = audience;
+    }
+    
+    public String getType() {
+        return grantType;
+    }
+    
+    public void setAudience(String audience) {
+        this.audience = audience;
+    }
+    
+    public MultivaluedMap<String, String> toMap() {
+        MultivaluedMap<String, String> map = new MetadataMap<String, String>();
+        map.putSingle(OAuthConstants.GRANT_TYPE, OAuthConstants.CLIENT_CREDENTIALS_GRANT);
+        if (scope != null) {
+            map.putSingle(OAuthConstants.SCOPE, scope);
+        }
+        if (audience != null) {
+            map.putSingle(OAuthConstants.CLIENT_AUDIENCE, scope);
+        }
+        return map;
+    }
+}

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrant.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrant.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java?rev=1514249&r1=1514248&r2=1514249&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
Thu Aug 15 13:03:14 2013
@@ -24,6 +24,7 @@ import java.util.List;
 import java.util.logging.Logger;
 
 import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.MultivaluedMap;
 
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;
@@ -83,13 +84,6 @@ public abstract class AbstractGrantHandl
         }
     }
     
-    protected ServerAccessToken doCreateAccessToken(Client client,
-                                                    UserSubject subject,
-                                                    List<String> requestedScope) {
-        
-        return doCreateAccessToken(client, subject, getSingleGrantType(), requestedScope);
-    }
-    
     private String getSingleGrantType() {
         if (supportedGrants.size() > 1) {
             String errorMessage = "Request grant type must be specified";
@@ -101,8 +95,41 @@ public abstract class AbstractGrantHandl
     
     protected ServerAccessToken doCreateAccessToken(Client client,
                                                     UserSubject subject,
+                                                    MultivaluedMap<String, String>
params) {
+        
+        return doCreateAccessToken(client, 
+                                   subject, 
+                                   OAuthUtils.parseScope(params.getFirst(OAuthConstants.SCOPE)),

+                                   params.getFirst(OAuthConstants.CLIENT_AUDIENCE));
+    }
+    
+    protected ServerAccessToken doCreateAccessToken(Client client,
+                                                    UserSubject subject,
+                                                    List<String> requestedScope) {
+        
+        return doCreateAccessToken(client, subject, getSingleGrantType(), requestedScope,
null);
+    }
+    
+    protected ServerAccessToken doCreateAccessToken(Client client,
+                                                    UserSubject subject,
+                                                    List<String> requestedScope,
+                                                    String audience) {
+        
+        return doCreateAccessToken(client, subject, getSingleGrantType(), requestedScope,
audience);
+    }
+    
+    protected ServerAccessToken doCreateAccessToken(Client client,
+                                                    UserSubject subject,
                                                     String requestedGrant,
                                                     List<String> requestedScope) {
+        return doCreateAccessToken(client, subject, requestedGrant, requestedScope, null);
+    }
+    
+    protected ServerAccessToken doCreateAccessToken(Client client,
+                                                    UserSubject subject,
+                                                    String requestedGrant,
+                                                    List<String> requestedScope,
+                                                    String audience) {
         if (!OAuthUtils.validateScopes(requestedScope, client.getRegisteredScopes(), 
                                        partialMatchScopeValidation)) {
             throw new OAuthServiceException(new OAuthError(OAuthConstants.INVALID_SCOPE));
    
@@ -120,6 +147,7 @@ public abstract class AbstractGrantHandl
         reg.setGrantType(requestedGrant);
         reg.setSubject(subject);
         reg.setRequestedScope(requestedScope);        
+        reg.setAudience(audience);
         
         return dataProvider.createAccessToken(reg);
     }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrant.java?rev=1514249&r1=1514248&r2=1514249&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrant.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrant.java
Thu Aug 15 13:03:14 2013
@@ -18,33 +18,20 @@
  */
 package org.apache.cxf.rs.security.oauth2.grants.clientcred;
 
-import javax.ws.rs.core.MultivaluedMap;
-
-import org.apache.cxf.jaxrs.impl.MetadataMap;
-import org.apache.cxf.rs.security.oauth2.common.AccessTokenGrant;
+import org.apache.cxf.rs.security.oauth2.grants.AbstractGrant;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 
-public class ClientCredentialsGrant implements AccessTokenGrant {
-    private String scope;
+public class ClientCredentialsGrant extends AbstractGrant {
     
     public ClientCredentialsGrant() {
+        this(null);
     }
     
     public ClientCredentialsGrant(String scope) {
-        this.scope = scope;
+        this(scope, null);
     }
-    
-    public String getType() {
-        return OAuthConstants.CLIENT_CREDENTIALS_GRANT;
+     
+    public ClientCredentialsGrant(String scope, String audience) {
+        super(OAuthConstants.CLIENT_CREDENTIALS_GRANT, scope, audience);
     }
-
-    public MultivaluedMap<String, String> toMap() {
-        MultivaluedMap<String, String> map = new MetadataMap<String, String>();
-        map.putSingle(OAuthConstants.GRANT_TYPE, OAuthConstants.CLIENT_CREDENTIALS_GRANT);
-        if (scope != null) {
-            map.putSingle(OAuthConstants.SCOPE, scope);
-        }
-        return map;
-    }
-
 }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java?rev=1514249&r1=1514248&r2=1514249&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java
Thu Aug 15 13:03:14 2013
@@ -25,7 +25,6 @@ import org.apache.cxf.rs.security.oauth2
 import org.apache.cxf.rs.security.oauth2.grants.AbstractGrantHandler;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
-import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
 
 /**
  * The "client_credentials" grant handler
@@ -42,7 +41,7 @@ public class ClientCredentialsGrantHandl
         
         return doCreateAccessToken(client, 
                                    client.getSubject(), 
-                                   OAuthUtils.parseScope(params.getFirst(OAuthConstants.SCOPE)));
+                                   params);
     }
 
 

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java?rev=1514249&r1=1514248&r2=1514249&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
Thu Aug 15 13:03:14 2013
@@ -68,7 +68,10 @@ public class AuthorizationCodeGrantHandl
                 || !client.getRedirectUris().contains(expectedRedirectUri))) {
             throw new OAuthServiceException(OAuthConstants.INVALID_REQUEST);
         }
-        return doCreateAccessToken(client, grant.getSubject(), grant.getApprovedScopes());
+        return doCreateAccessToken(client, 
+                                   grant.getSubject(), 
+                                   grant.getApprovedScopes(),
+                                   params.getFirst(OAuthConstants.CLIENT_AUDIENCE));
     }
     
     

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java?rev=1514249&r1=1514248&r2=1514249&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java
Thu Aug 15 13:03:14 2013
@@ -20,37 +20,33 @@ package org.apache.cxf.rs.security.oauth
 
 import javax.ws.rs.core.MultivaluedMap;
 
-import org.apache.cxf.jaxrs.impl.MetadataMap;
-import org.apache.cxf.rs.security.oauth2.common.AccessTokenGrant;
+import org.apache.cxf.rs.security.oauth2.grants.AbstractGrant;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 
-public class ResourceOwnerGrant implements AccessTokenGrant {
+public class ResourceOwnerGrant extends AbstractGrant {
     private String ownerName;
     private String ownerPassword;
-    private String scope;
     
     public ResourceOwnerGrant(String name, String password) {
         this(name, password, null);
     }
     
     public ResourceOwnerGrant(String name, String password, String scope) {
+        this(name, password, scope, null);
+    }
+    
+    public ResourceOwnerGrant(String name, String password, 
+                              String scope, String audience) {
+        super(OAuthConstants.RESOURCE_OWNER_GRANT, scope, audience);
         this.ownerName = name;
         this.ownerPassword = password;
-        this.scope = scope;
     }
     
-    public String getType() {
-        return OAuthConstants.RESOURCE_OWNER_GRANT;
-    }
-
     public MultivaluedMap<String, String> toMap() {
-        MultivaluedMap<String, String> map = new MetadataMap<String, String>();
-        map.putSingle(OAuthConstants.GRANT_TYPE, OAuthConstants.RESOURCE_OWNER_GRANT);
+        MultivaluedMap<String, String> map = super.toMap();
         map.putSingle(OAuthConstants.RESOURCE_OWNER_NAME, ownerName);
         map.putSingle(OAuthConstants.RESOURCE_OWNER_PASSWORD, ownerPassword);
-        if (scope != null) {
-            map.putSingle(OAuthConstants.SCOPE, scope);
-        }
+        
         return map;
     }
 

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java?rev=1514249&r1=1514248&r2=1514249&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
Thu Aug 15 13:03:14 2013
@@ -26,7 +26,6 @@ import org.apache.cxf.rs.security.oauth2
 import org.apache.cxf.rs.security.oauth2.grants.AbstractGrantHandler;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
-import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
 
 /**
  * The "resource owner" grant handler
@@ -55,8 +54,8 @@ public class ResourceOwnerGrantHandler e
         }
         
         return doCreateAccessToken(client, 
-                                   subject, 
-                                   OAuthUtils.parseScope(params.getFirst(OAuthConstants.SCOPE)));
+                                   subject,
+                                   params);
     }
 
     public void setLoginHandler(ResourceOwnerLoginHandler loginHandler) {

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java?rev=1514249&r1=1514248&r2=1514249&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/TokenGrantHandlerTest.java
Thu Aug 15 13:03:14 2013
@@ -92,7 +92,7 @@ public class TokenGrantHandlerTest exten
         @Override
         public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String,
String> params)
             throws OAuthServiceException {
-            return super.doCreateAccessToken(client, client.getSubject(), null);
+            return super.doCreateAccessToken(client, client.getSubject(), params);
         } 
         
     }



Mime
View raw message