cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1525707 - in /cxf/branches/2.7.x-fixes: ./ rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/ rt/rs/securi...
Date Mon, 23 Sep 2013 21:20:08 GMT
Author: sergeyb
Date: Mon Sep 23 21:20:08 2013
New Revision: 1525707

URL: http://svn.apache.org/r1525707
Log:
Merged revisions 1525704 via svnmerge from 
https://svn.apache.org/repos/asf/cxf/trunk

........
  r1525704 | sergeyb | 2013-09-23 22:17:16 +0100 (Mon, 23 Sep 2013) | 1 line
  
  [CXF-5296] Correctly parsing custom params with semicolon, dealing with missing token_type
parameters
........

Modified:
    cxf/branches/2.7.x-fixes/   (props changed)
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProviderTest.java

Propchange: cxf/branches/2.7.x-fixes/
------------------------------------------------------------------------------
  Merged /cxf/trunk:r1525704

Propchange: cxf/branches/2.7.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.

Modified: cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java?rev=1525707&r1=1525706&r2=1525707&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java
Mon Sep 23 21:20:08 2013
@@ -205,6 +205,32 @@ public final class OAuthClientUtils {
                                                    Map<String, String> extraParams,
                                                    boolean setAuthorizationHeader) 
         throws OAuthServiceException {
+        return getAccessToken(accessTokenService, consumer, grant, extraParams, 
+                              null, setAuthorizationHeader);
+    }
+        
+    /**
+     * Obtains the access token from OAuth AccessToken Service 
+     * using the initialized web client 
+     * @param accessTokenService the AccessToken client
+     * @param consumer {@link Consumer} representing the registered client.
+     * @param grant {@link AccessTokenGrant} grant
+     * @param extraParams extra parameters
+     * @param defaultTokenType default expected token type - some early
+     *        well-known OAuth2 services do not return a required token_type parameter
+     * @param setAuthorizationHeader if set to true then HTTP Basic scheme
+     *           will be used to pass client id and secret, otherwise they will
+     *           be passed in the form payload  
+     * @return {@link ClientAccessToken} access token
+     * @throws OAuthServiceException
+     */
+    public static ClientAccessToken getAccessToken(WebClient accessTokenService,
+                                                   Consumer consumer,
+                                                   AccessTokenGrant grant,
+                                                   Map<String, String> extraParams,
+                                                   String defaultTokenType,
+                                                   boolean setAuthorizationHeader) 
+        throws OAuthServiceException {    
         
         Form form = new Form(grant.toMap());
         if (extraParams != null) {
@@ -241,7 +267,7 @@ public final class OAuthClientUtils {
             throw new ClientException(ex);
         }
         if (200 == response.getStatus()) {
-            ClientAccessToken token = fromMapToClientToken(map);
+            ClientAccessToken token = fromMapToClientToken(map, defaultTokenType);
             if (token == null) {
                 throw new OAuthServiceException(OAuthConstants.SERVER_ERROR);
             } else {
@@ -257,33 +283,44 @@ public final class OAuthClientUtils {
     }
     
     public static ClientAccessToken fromMapToClientToken(Map<String, String> map) {
-        if (map.containsKey(OAuthConstants.ACCESS_TOKEN)
-            && map.containsKey(OAuthConstants.ACCESS_TOKEN_TYPE)) {
-            ClientAccessToken token = new ClientAccessToken(
-                                          map.remove(OAuthConstants.ACCESS_TOKEN_TYPE),
-                                          map.remove(OAuthConstants.ACCESS_TOKEN));
+        return fromMapToClientToken(map, null);
+    }
+    
+    public static ClientAccessToken fromMapToClientToken(Map<String, String> map,
+                                                         String defaultTokenType) {
+        if (map.containsKey(OAuthConstants.ACCESS_TOKEN)) {
             
-            String refreshToken = map.remove(OAuthConstants.REFRESH_TOKEN);
-            if (refreshToken != null) {
-                token.setRefreshToken(refreshToken);
-            }
-            String expiresInStr = map.remove(OAuthConstants.ACCESS_TOKEN_EXPIRES_IN);
-            if (expiresInStr != null) {
-                token.setExpiresIn(Long.valueOf(expiresInStr));
-            }
-            String issuedAtStr = map.remove(OAuthConstants.ACCESS_TOKEN_ISSUED_AT);
-            token.setIssuedAt(issuedAtStr != null ? Long.valueOf(issuedAtStr)
-                                                  : System.currentTimeMillis() / 1000);
-            String scope = map.remove(OAuthConstants.SCOPE);
-            if (scope != null) {
-                token.setApprovedScope(scope);
+            String tokenType = map.remove(OAuthConstants.ACCESS_TOKEN_TYPE);
+            if (tokenType == null) {
+                tokenType = defaultTokenType;
+            }
+            if (tokenType != null) {
+                ClientAccessToken token = new ClientAccessToken(
+                                              tokenType,
+                                              map.remove(OAuthConstants.ACCESS_TOKEN));
+                
+                String refreshToken = map.remove(OAuthConstants.REFRESH_TOKEN);
+                if (refreshToken != null) {
+                    token.setRefreshToken(refreshToken);
+                }
+                String expiresInStr = map.remove(OAuthConstants.ACCESS_TOKEN_EXPIRES_IN);
+                if (expiresInStr != null) {
+                    token.setExpiresIn(Long.valueOf(expiresInStr));
+                }
+                String issuedAtStr = map.remove(OAuthConstants.ACCESS_TOKEN_ISSUED_AT);
+                token.setIssuedAt(issuedAtStr != null ? Long.valueOf(issuedAtStr)
+                                                      : System.currentTimeMillis() / 1000);
+                String scope = map.remove(OAuthConstants.SCOPE);
+                if (scope != null) {
+                    token.setApprovedScope(scope);
+                }
+                
+                token.setParameters(map);
+                return token;
             }
-            
-            token.setParameters(map);
-            return token;
-        } else {
-            return null;
-        }
+        } 
+        
+        return null;
     }
     
     /**

Modified: cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java?rev=1525707&r1=1525706&r2=1525707&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java
Mon Sep 23 21:20:08 2013
@@ -169,12 +169,12 @@ public class OAuthJSONProvider implement
             if (pair.length() == 0) {
                 continue;
             }
-            String[] entry = pair.split(":");
-            String key = entry[0].trim();
+            int index = pair.indexOf(":");
+            String key = pair.substring(0, index).trim();
             if (key.startsWith("\"") && key.endsWith("\"")) {
                 key = key.substring(1, key.length() - 1);
             }
-            String value = entry[1].trim();
+            String value = pair.substring(index + 1);
             if (value.startsWith("\"") && value.endsWith("\"")) {
                 value = value.substring(1, value.length() - 1);
             }

Modified: cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProviderTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProviderTest.java?rev=1525707&r1=1525706&r2=1525707&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProviderTest.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProviderTest.java
Mon Sep 23 21:20:08 2013
@@ -42,7 +42,7 @@ public class OAuthJSONProviderTest exten
         token.setExpiresIn(12345);
         token.setRefreshToken("5678");
         token.setApprovedScope("read");
-        token.setParameters(Collections.singletonMap("my_parameter", "abc"));
+        token.setParameters(Collections.singletonMap("my_parameter", "http://abc"));
         
         OAuthJSONProvider provider = new OAuthJSONProvider();
         ByteArrayOutputStream bos = new ByteArrayOutputStream(); 
@@ -65,10 +65,10 @@ public class OAuthJSONProviderTest exten
             + "\"refresh_token\":\"5678\","
             + "\"expires_in\":12345,"
             + "\"scope\":\"read\","
-            + "\"my_parameter\":\"abc\""
+            + "\"my_parameter\":\"http://abc\""
             + "}";
         doReadClientAccessToken(response, OAuthConstants.BEARER_TOKEN_TYPE,
-                                Collections.singletonMap("my_parameter", "abc"));
+                                Collections.singletonMap("my_parameter", "http://abc"));
     }
     
     @SuppressWarnings({
@@ -94,7 +94,7 @@ public class OAuthJSONProviderTest exten
         if (expectedParams != null) {
             assertEquals(expectedParams, extraParams);
         }
-        assertEquals("abc", extraParams.get("my_parameter"));
+        assertEquals("http://abc", extraParams.get("my_parameter"));
         
         return token;
         
@@ -109,7 +109,7 @@ public class OAuthJSONProviderTest exten
         Map<String, String> params = new LinkedHashMap<String, String>();
         params.put(OAuthConstants.MAC_TOKEN_KEY, "test_mac_secret");
         params.put(OAuthConstants.MAC_TOKEN_ALGORITHM, OAuthConstants.MAC_TOKEN_ALGO_HMAC_SHA_1);
-        params.put("my_parameter", "abc");
+        params.put("my_parameter", "http://abc");
         
         token.setParameters(params);
         
@@ -128,7 +128,7 @@ public class OAuthJSONProviderTest exten
         String response = "{" + "\"access_token\":\"1234\"," + "\"token_type\":\"mac\","
             + "\"refresh_token\":\"5678\"," + "\"expires_in\":12345," + "\"scope\":\"read\","
             + "\"mac_key\":\"adijq39jdlaska9asud\"," + "\"mac_algorithm\":\"hmac-sha-256\","
-            + "\"my_parameter\":\"abc\"" + "}";
+            + "\"my_parameter\":\"http://abc\"" + "}";
         ClientAccessToken macToken = doReadClientAccessToken(response, "mac", null);
         assertEquals("adijq39jdlaska9asud", 
                      macToken.getParameters().get(OAuthConstants.MAC_TOKEN_KEY));



Mime
View raw message