cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1552655 - in /cxf/trunk/rt/rs/security/oauth-parent: oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/ oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ oauth2/src/main/java/org/apache/cxf/rs/security/oa...
Date Fri, 20 Dec 2013 13:26:12 GMT
Author: sergeyb
Date: Fri Dec 20 13:26:12 2013
New Revision: 1552655

URL: http://svn.apache.org/r1552655
Log:
Updating OAuth2 Code Grant handler to support the last code verifier dratt

Modified:
    cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrant.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/SamlBearerClientCredentialsGrant.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrant.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/mac/MacAccessToken.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrant.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrant.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/Saml2BearerGrant.java
Fri Dec 20 13:26:12 2013
@@ -23,6 +23,8 @@ import javax.ws.rs.core.MultivaluedMap;
 import org.apache.cxf.rs.security.oauth2.saml.Constants;
 
 public class Saml2BearerGrant extends AbstractSaml2BearerGrant {
+    private static final long serialVersionUID = -7296527609343431294L;
+
     public Saml2BearerGrant(String assertion) {
         this(assertion, false);
     }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/SamlBearerClientCredentialsGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/SamlBearerClientCredentialsGrant.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/SamlBearerClientCredentialsGrant.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2-saml/src/main/java/org/apache/cxf/rs/security/oauth2/grants/saml/SamlBearerClientCredentialsGrant.java
Fri Dec 20 13:26:12 2013
@@ -25,6 +25,8 @@ import org.apache.cxf.rs.security.oauth2
 
 public class SamlBearerClientCredentialsGrant extends AbstractSaml2BearerGrant {
     
+    private static final long serialVersionUID = 4801583498206813025L;
+
     public SamlBearerClientCredentialsGrant(String assertion, boolean encoded, String scope)
{
         super(OAuthConstants.CLIENT_CREDENTIALS_GRANT, assertion, encoded, scope);
     }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
Fri Dec 20 13:26:12 2013
@@ -32,6 +32,7 @@ import javax.xml.bind.annotation.XmlRoot
  */
 @XmlRootElement
 public class OAuthPermission extends Permission {
+    private static final long serialVersionUID = -6486616235830491290L;
     private List<String> httpVerbs = new LinkedList<String>();
     private List<String> uris = new LinkedList<String>();
     

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
Fri Dec 20 13:26:12 2013
@@ -21,6 +21,8 @@ package org.apache.cxf.rs.security.oauth
 import java.util.LinkedList;
 import java.util.List;
 
+import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
+
 /**
  * Server Access Token representation
  */
@@ -36,8 +38,15 @@ public abstract class ServerAccessToken 
     protected ServerAccessToken(Client client, 
                                         String tokenType,
                                         String tokenKey,
-                                        long expiresIn, 
-                                        long issuedAt) {
+                                        long expiresIn) {
+        this(client, tokenType, tokenKey, expiresIn, OAuthUtils.getIssuedAt());
+    }
+    
+    protected ServerAccessToken(Client client, 
+                                String tokenType,
+                                String tokenKey,
+                                long expiresIn, 
+                                long issuedAt) {
         super(tokenType, tokenKey, expiresIn, issuedAt);
         this.client = client;
     }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrant.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrant.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrant.java
Fri Dec 20 13:26:12 2013
@@ -23,6 +23,8 @@ import org.apache.cxf.rs.security.oauth2
 
 public class ClientCredentialsGrant extends AbstractGrant {
     
+    private static final long serialVersionUID = 5586488165697954347L;
+
     public ClientCredentialsGrant() {
         this(null);
     }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
Fri Dec 20 13:26:12 2013
@@ -74,10 +74,10 @@ public class AuthorizationCodeGrantHandl
             throw new OAuthServiceException(OAuthConstants.INVALID_REQUEST);
         }
         
-        String tempClientSecretHash = grant.getTempClientSecretHash();
-        if (tempClientSecretHash != null) {
-            String tempClientSecret = params.getFirst(OAuthConstants.TEMP_CLIENT_SECRET);
-            if (!compareTcshWithTch(tempClientSecretHash, tempClientSecret)) {
+        String clientCodeVerifier = grant.getClientCodeVerifier();
+        if (clientCodeVerifier != null) {
+            String clientCodeChallenge = params.getFirst(OAuthConstants.AUTHORIZATION_CODE_VERIFIER);
+            if (!compareCodeVerifierWithChallenge(clientCodeVerifier, clientCodeChallenge))
{
                 throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
             }
         }
@@ -88,12 +88,12 @@ public class AuthorizationCodeGrantHandl
                                    grant.getAudience());
     }
     
-    private boolean compareTcshWithTch(String tempClientSecretHash, String tempClientSecret)
{
-        if (tempClientSecret == null) {
+    private boolean compareCodeVerifierWithChallenge(String clientCodeVerifier, String clientCodeChallenge)
{
+        if (clientCodeChallenge == null) {
             return false;
         }
         MessageDigestGenerator mdg = new MessageDigestGenerator();
-        byte[] digest = mdg.createDigest(tempClientSecret, "SHA-256");
+        byte[] digest = mdg.createDigest(clientCodeVerifier, "SHA-256");
         int length = digest.length > 128 / 8 ? 128 / 8 : digest.length;
         
         StringWriter stringWriter = new StringWriter();
@@ -103,7 +103,7 @@ public class AuthorizationCodeGrantHandl
             throw new OAuthServiceException("server_error", e);
         }
         String expectedHash = stringWriter.toString();
-        return tempClientSecretHash.equals(expectedHash);
+        return clientCodeChallenge.equals(expectedHash);
         
     }
 }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java
Fri Dec 20 13:26:12 2013
@@ -35,7 +35,7 @@ public class AuthorizationCodeRegistrati
     private String redirectUri;
     private UserSubject subject;
     private String audience;
-    private String tempClientSecretHash;
+    private String clientCodeVerifier;
     
     /**
      * Sets the {@link Client} reference
@@ -120,10 +120,10 @@ public class AuthorizationCodeRegistrati
     public void setAudience(String audience) {
         this.audience = audience;
     }
-    public String getTempClientSecretHash() {
-        return tempClientSecretHash;
+    public String getClientCodeVerifier() {
+        return clientCodeVerifier;
     }
-    public void setTempClientSecretHash(String tempClientSecretHash) {
-        this.tempClientSecretHash = tempClientSecretHash;
+    public void setClientCodeVerifier(String clientCodeVerifier) {
+        this.clientCodeVerifier = clientCodeVerifier;
     }
 }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
Fri Dec 20 13:26:12 2013
@@ -18,7 +18,6 @@
  */
 package org.apache.cxf.rs.security.oauth2.grants.code;
 
-import java.io.Serializable;
 import java.util.Collections;
 import java.util.List;
 
@@ -30,7 +29,7 @@ import org.apache.cxf.rs.security.oauth2
 /**
  * The Authorization Code Grant representation visible to the server
  */
-public class ServerAuthorizationCodeGrant extends AuthorizationCodeGrant implements Serializable
{
+public class ServerAuthorizationCodeGrant extends AuthorizationCodeGrant {
     private static final long serialVersionUID = -5004608901535459036L;
     
     private long issuedAt;
@@ -39,12 +38,12 @@ public class ServerAuthorizationCodeGran
     private List<String> approvedScopes = Collections.emptyList();
     private UserSubject subject;
     private String audience;
-    private String tempClientSecretHash;
+    private String clientCodeVerifier;
     
     public ServerAuthorizationCodeGrant(Client client, 
                                         long lifetime) {
         this(client, OAuthUtils.generateRandomTokenKey(), lifetime,
-             System.currentTimeMillis() / 1000);
+             OAuthUtils.getIssuedAt());
     }
     
     public ServerAuthorizationCodeGrant(Client client, 
@@ -125,11 +124,11 @@ public class ServerAuthorizationCodeGran
         this.audience = audience;
     }
 
-    public String getTempClientSecretHash() {
-        return tempClientSecretHash;
+    public String getClientCodeVerifier() {
+        return clientCodeVerifier;
     }
 
-    public void setTempClientSecretHash(String tempClientSecretHash) {
-        this.tempClientSecretHash = tempClientSecretHash;
+    public void setClientCodeVerifier(String clientCodeVerifier) {
+        this.clientCodeVerifier = clientCodeVerifier;
     }
 }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrant.java
Fri Dec 20 13:26:12 2013
@@ -24,6 +24,7 @@ import org.apache.cxf.rs.security.oauth2
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 
 public class ResourceOwnerGrant extends AbstractGrant {
+    private static final long serialVersionUID = -1673025972824906386L;
     private String ownerName;
     private String ownerPassword;
     

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
Fri Dec 20 13:26:12 2013
@@ -72,7 +72,7 @@ public class AuthorizationCodeGrantServi
         codeReg.setApprovedScope(approvedScope);
         codeReg.setSubject(userSubject);
         codeReg.setAudience(params.getFirst(OAuthConstants.CLIENT_AUDIENCE));
-        codeReg.setTempClientSecretHash(params.getFirst(OAuthConstants.TEMP_CLIENT_SECRET_HASH));
+        codeReg.setClientCodeVerifier(params.getFirst(OAuthConstants.AUTHORIZATION_CODE_VERIFIER));
         
         ServerAuthorizationCodeGrant grant = null;
         try {

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
Fri Dec 20 13:26:12 2013
@@ -35,7 +35,7 @@ public class BearerAccessToken extends S
               OAuthConstants.BEARER_TOKEN_TYPE, 
               OAuthUtils.generateRandomTokenKey(), 
               lifetime, 
-              System.currentTimeMillis() / 1000);
+              OAuthUtils.getIssuedAt());
     }
     public BearerAccessToken(Client client, 
                              String tokenKey,

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/mac/MacAccessToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/mac/MacAccessToken.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/mac/MacAccessToken.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/mac/MacAccessToken.java
Fri Dec 20 13:26:12 2013
@@ -46,7 +46,7 @@ public class MacAccessToken extends Serv
              macAlgo,
              OAuthUtils.generateRandomTokenKey(), 
              lifetime, 
-             System.currentTimeMillis() / 1000);
+             OAuthUtils.getIssuedAt());
     }
     public MacAccessToken(Client client,
                           HmacAlgorithm algo,

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/refresh/RefreshToken.java
Fri Dec 20 13:26:12 2013
@@ -40,7 +40,7 @@ public class RefreshToken extends Server
               OAuthConstants.REFRESH_TOKEN_TYPE, 
               OAuthUtils.generateRandomTokenKey(), 
               lifetime, 
-              System.currentTimeMillis() / 1000);
+              OAuthUtils.getIssuedAt());
     }
     
     public RefreshToken(Client client, 

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
Fri Dec 20 13:26:12 2013
@@ -26,8 +26,6 @@ public final class OAuthConstants {
     // Common OAuth2 constants
     public static final String CLIENT_ID = "client_id";
     public static final String CLIENT_SECRET = "client_secret";
-    public static final String TEMP_CLIENT_SECRET = "tcs";
-    public static final String TEMP_CLIENT_SECRET_HASH = "tcsh";
     public static final String CLIENT_AUDIENCE = "audience";
     
     public static final String REDIRECT_URI = "redirect_uri";
@@ -53,6 +51,11 @@ public final class OAuthConstants {
     // Well-known token types
     public static final String BEARER_TOKEN_TYPE = "bearer";
     public static final String MAC_TOKEN_TYPE = "mac";
+    
+    // http://datatracker.ietf.org/doc/draft-sakimura-oauth-tcse
+    public static final String AUTHORIZATION_CODE_VERIFIER = "code_verifier";
+    public static final String AUTHORIZATION_CODE_CHALLENGE = "code_challenge";
+    
     // CXF-specific
     public static final String REFRESH_TOKEN_TYPE = "refresh";
         

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java?rev=1552655&r1=1552654&r2=1552655&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
Fri Dec 20 13:26:12 2013
@@ -105,6 +105,10 @@ public final class OAuthUtils {
         return generateRandomTokenKey(null);
     }
     
+    public static long getIssuedAt() {
+        return System.currentTimeMillis() / 1000;
+    }
+    
     public static String generateRandomTokenKey(String digestAlgo) throws OAuthServiceException
{
         try {
             byte[] bytes = UUID.randomUUID().toString().getBytes("UTF-8");



Mime
View raw message