cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel Kulp (Confluence)" <conflue...@apache.org>
Subject [CONF] Apache CXF Documentation > JAX-RS OAuth2
Date Thu, 19 Dec 2013 16:08:07 GMT
<html>
    <head>
        <meta name="viewport" content="width=device-width" />
        <base href="https://cwiki.apache.org/confluence" />
        <style type="text/css">
    body, #email-content, #email-content-inner { font-family: Arial,FreeSans,Helvetica,sans-serif; }
    body, p, blockquote, pre, code, td, th, li, dt, dd { font-size: 13px; }
    small { font-size: 11px; }

    body { width:100% !important; -webkit-font-smoothing: antialiased; }

    body,
    #email-wrapper { background-color: #f0f0f0; }
    #email-wrapper-inner { padding: 20px; text-align: center; }
    #email-content-inner { background-color: #fff; border: 1px solid #bbb; color: $menuTxtColour; padding:20px; text-align:left; }
    #email-wrapper-inner > table { width: 100%; }
    #email-wrapper-inner.thin > table { margin: 0 auto; width: 50%; }
    #email-footer { padding: 0 16px 32px 16px; margin: 0; }

    .email-indent { margin: 8px 0 16px 0; }
    .email-comment { margin: 0 0 0 56px; }
    .email-comment.removed { background-color: #ffe7e7; border: 1px solid #df9898; padding: 0 8px;}

    #email-title-avatar { text-align: left; vertical-align: top; width: 48px; padding-right: 8px; }
    #email-title-flavor { margin: 0; padding: 0 0 4px 0; }
    #email-title-heading { font-size: 16px; line-height: 20px; min-height: 20px; margin: 0; padding: 0; }
    #email-title .icon { border: 0; padding: 0 5px 0 0; text-align: left; vertical-align: middle; }

    #email-actions { border-top: 1px solid #bbb; color: #505050; margin: 8px 0 0 0; padding: 0; }
    #email-actions td { padding-top: 8px; }
    #email-actions .left { max-width: 45%; text-align: left; }
    #email-actions .right { text-align: right; }
    .email-reply-divider { border-top: 1px solid #bbb; color: #505050; margin: 32px 0 8px 0; padding: 8px 0; }
    .email-section-title { border-bottom: 1px solid #bbb; margin: 8px 0; padding: 8px 0 0 0; }

    .email-metadata { color: #505050; }

    a { color: #326ca6; text-decoration: none; }
    a:hover { color: #336ca6; text-decoration: underline; }
    a:active {color: #326ca6; }

    a.email-footer-link { color: #505050; font-size: 11px; }

    .email-item-list { list-style: none; margin: 4px 0; padding-left: 0; }
    .email-item-list li { list-style: none; margin: 0; padding: 4px 0; }
    .email-list-divider { color: #505050; padding: 0 0.35em; }
    .email-operation-icon { padding-right: 5px; }

    .avatar { -ms-interpolation-mode: bicubic; border-radius: 3px;}
    .avatar-link { margin: 2px; }

    .tableview th { border-bottom: 1px solid #69C; font-weight: bold; text-align: left; }
    .tableview td { border-bottom: 1px solid #bbbbbb; text-align: left; padding: 4px 16px 4px 0; }

    .aui-message {  margin: 1em 0; padding: 8px; }
    .aui-message.info { background-color: #e0f0ff; border: 1px solid #9eb6d4; }
    .aui-message.success { background-color: #ddfade; border: 1px solid #93c49f; }
    .aui-message.error,
    .aui-message.removed { background-color: #ffe7e7; border: 1px solid #df9898; color: #000; }

    .call-to-action-table { margin: 10px 1px 1px 1px;}
    .call-to-cancel-container, .call-to-action-container { padding: 5px 20px; }
    .call-to-cancel-container { border: 1px solid #aaa; background-color: #eee; border-radius: 3px; }
    .call-to-cancel-container a.call-to-cancel-button { background-color: #eee; font-size: 14px; line-height: 1; padding: 0; margin: 0; color: #666; font-family: sans-serif;}
    .call-to-action-container { border: 1px solid #486582;  background-color: #3068A2; border-radius: 3px; padding: 4px 10px; }
    .call-to-action-container a.call-to-action-button { background-color: #3068A2; font-size: 14px; line-height: 1; padding: 0; margin: 0; color: #fff; font-weight: bold; font-family: sans-serif; }

    /** The span around the inline task checkbox image */
    .diff-inline-task-overlay {
        display: inline-block;
        text-align: center;
        height: 1.5em;
        padding: 5px 0px 1px 5px;
        margin-right: 5px;
        /** Unfortunately, the negative margin-left is stripped out in gmail */
        margin-left: -5px;
    }

            @media handheld, only screen and (max-device-width: 480px) {
        div, a, p, td, th, li, dt, dd { -webkit-text-size-adjust: auto; }
        small, small a { -webkit-text-size-adjust: 90%; }

        td[id=email-wrapper-inner] { padding: 2px !important; }
        td[id=email-content-inner] { padding: 8px !important; }
        td[id="email-wrapper-inner"][class="thin"] > table { text-align: left !important; width: 100% !important; }
        td[id=email-footer] { padding: 8px 12px !important; }
        div[class=email-indent] { margin: 8px 0px !important; }
        div[class=email-comment] { margin: 0 !important; }

        p[id=email-title-flavor] a { display: block; } /* puts the username and the action on separate lines */
        p[id=email-permalink] { padding: 4px 0 0 0 !important; }

        table[id=email-actions] td { padding-top: 0 !important; }
        table[id=email-actions] td.right { text-align: right !important; }
        table[id=email-actions] .email-list-item { display: block; margin: 1em 0 !important; word-wrap: normal !important; }
        span[class=email-list-divider] { display: none; }
    }



        </style>
    </head>
    <body style="font-family: Arial, FreeSans, Helvetica, sans-serif; font-size: 13px; width: 100%; -webkit-font-smoothing: antialiased; background-color: #f0f0f0">
        <table id="email-wrapper" width="100%" cellspacing="0" cellpadding="0" border="0" style="background-color: #f0f0f0">
            <tbody>
                <tr valign="middle">
                    <td id="email-wrapper-inner" style="font-size: 13px; padding: 20px; text-align: center">
                        <table id="email-content" cellspacing="0" cellpadding="0" border="0" style="font-family: Arial, FreeSans, Helvetica, sans-serif; width: 100%">
                            <tbody>
                                <tr valign="top">
                                    <td id="email-content-inner" align="left" style="font-family: Arial, FreeSans, Helvetica, sans-serif; font-size: 13px; background-color: #fff; border: 1px solid #bbb; padding: 20px; text-align: left">
                                        <table id="email-title" cellpadding="0" cellspacing="0" border="0" width="100%">
                                            <tbody>
                                                <tr>
                                                    <td id="email-title-avatar" rowspan="2" style="font-size: 13px; text-align: left; vertical-align: top; width: 48px; padding-right: 8px"> <img class="avatar" src="cid:avatar_acf9e33a752338c5b13b322c0539cacd" border="0" height="48" width="48" style="-ms-interpolation-mode: bicubic; border-radius: 3px" /> </td>
                                                    <td valign="top" style="font-size: 13px">
                                                        <div id="email-title-flavor" class="email-metadata" style="margin: 0; padding: 0 0 4px 0; color: #505050">
                                                            <a href="    https://cwiki.apache.org/confluence/display/~dkulp " style="color:#326ca6;text-decoration:none;; color: #326ca6; text-decoration: none">Daniel Kulp</a> edited the page:
                                                        </div> </td>
                                                </tr>
                                                <tr>
                                                    <td valign="top" style="font-size: 13px"> <h2 id="email-title-heading" style="font-size: 16px; line-height: 20px; min-height: 20px; margin: 0; padding: 0"> <a href="https://cwiki.apache.org/confluence/display/CXF20DOC/JAX-RS+OAuth2" style="color: #326ca6; text-decoration: none"> <img class="icon" src="cid:page-icon" alt="" style="border: 0; padding: 0 5px 0 0; text-align: left; vertical-align: middle" /> <strong style="font-size:16px;line-height:20px;vertical-align:top;">JAX-RS OAuth2</strong> </a> </h2> </td>
                                                </tr>
                                            </tbody>
                                        </table>
                                        <div class="email-indent" style="margin: 8px 0 16px 0">
                                            <div class="email-diff">
                                                <div id="page-diffs" class="wiki-content">
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <h1 id="JAX-RSOAuth2-JAX-RS:OAuth2" class="diff-block-target diff-block-context"> <span class="diff-html-changed" id="changed-diff-0" style="background-color: #d6f0ff;">JAX-RS: </span> </h1>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <h1 id="JAX-RSOAuth2-JAX-RS:OAuth2" class="diff-block-target diff-block-context"> <span class="diff-html-changed" style="background-color: #d6f0ff;"> </span><span class="diff-html-changed" id="changed-diff-1" style="background-color: #d6f0ff;">OAuth2</span> </h1>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <h1 id="JAX-RSOAuth2-JAX-RS:OAuth2" class="diff-block-target diff-block-context"></h1>
                                                    <p class="diff-block-context" style="font-size: 13px"> </p>
                                                    <table class="diff-macro bodyless" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;margin: 5px 0; padding: 0; width: auto;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/images/icons/macrobrowser/dropdown/toc.png" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Table of Contents</th>
                                                            </tr>
                                                        </thead>
                                                    </table>
                                                    <p style="font-size: 13px"></p>
                                                    <h1 id="JAX-RSOAuth2-Introduction" class="diff-block-context">Introduction</h1>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <h1 id="JAX-RSOAuth2-Mavendependencies" class="diff-block-context">Maven dependencies</h1>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-3" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>&lt;dependency&gt;
  &lt;groupId&gt;org.apache.cxf&lt;/groupId&gt;
  &lt;artifactId&gt;cxf-rt-rs-security-oauth2&lt;/artifactId&gt;
  &lt;version&gt;2.7.5&lt;/version&gt;
&lt;/dependency&gt;
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">A third-party client redirects the current user to AuthorizationCodeGrantService, for example, here is how a redirection may happen:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-4" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>Response-Code: 303
Headers: {Location=[http://localhost:8080/services/social/authorize?client_id=123456789&amp;scope=updateCalendar-7&amp;response_type=code&amp;redirect_uri=http%3A//localhost%3A8080/services/reservations/reserve/complete&amp;state=1], Date=[Thu, 12 Apr 2012 12:26:21 GMT], Content-Length=[0]}

</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-block-context" style="font-size: 13px">The client application asks the current user (the browser) to go to a new address provided by the Location header and the follow-up request to AuthorizationCodeGrantService will look like this:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-5" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>Address: http://localhost:8080/services/social/authorize?client_id=123456789&amp;scope=updateCalendar-7&amp;response_type=code&amp;redirect_uri=http%3A//localhost%3A8080/services/reservations/reserve/complete&amp;state=1
Http-Method: GET
Headers: {
Accept=[text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8],
Authorization=[Basic YmFycnlAc29jaWFsLmNvbToxMjM0],
Cookie=[JSESSIONID=suj2wyl54c4g],
Referer=[http://localhost:8080/services/forms/reservation.jsp]
...
}
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">AuthorizationCodeGrantService will report a warning is no secure HTTPS transport is used:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-6" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>12-Apr-2012 13:26:21 org.apache.cxf.rs.security.oauth2.services.AbstractOAuthService checkTransportSecurity
WARNING: Unsecure HTTP, Transport Layer Security is recommended
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">Assuming RequestDispatcherProvider is used, the following example log shows the initial response from AuthorizationCodeGrantService:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-7" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>12-Apr-2012 13:26:21 org.apache.cxf.jaxrs.provider.RequestDispatcherProvider logRedirection
INFO: Setting an instance of &quot;org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData&quot; as HttpServletRequest attribute &quot;data&quot; and redirecting the response to &quot;/forms/oauthAuthorize.jsp&quot;.
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">Next the user makes a decision and selects a button allowing or denying the client accessing the resources. The form data are submitted to AuthorizationCodeGrantService:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-8" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>Address: http://localhost:8080/services/social/authorize/decision
Encoding: ISO-8859-1
Http-Method: POST
Content-Type: application/x-www-form-urlencoded
Headers: {
Authorization=[Basic YmFycnlAc29jaWFsLmNvbToxMjM0],
Content-Type=[application/x-www-form-urlencoded],
...
}
--------------------------------------
12-Apr-2012 15:36:29 org.apache.cxf.jaxrs.utils.FormUtils logRequestParametersIfNeeded
INFO: updateCalendar-7_status=allow&amp;readCalendar_status=allow&amp;scope=updateCalendar-7+readCalendar&amp;redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fservices%2Freservations%2Freserve%2Fcomplete&amp;session_authenticity_token=4f0005d9-565f-4309-8ffb-c13c72139ebe&amp;oauthDecision=allow&amp;state=1&amp;client_id=123456789
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">Next it will ask OAuthDataProvider to generate an authorization code grant and return it alongside with the state if any by redirecting the current user back to the redirect URI:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-9" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>Response-Code: 303
Headers: {
 Location=[http://localhost:8080/services/reservations/reserve/complete?state=1&amp;code=5c993144b910bccd5977131f7d2629ab],
 Date=[Thu, 12 Apr 2012 14:36:29 GMT],
 Content-Length=[0]}
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-block-context" style="font-size: 13px">which leads to a browser redirecting the user:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">java</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-10" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>Address: http://localhost:8080/services/reservations/reserve/complete?state=1&amp;code=5c993144b910bccd5977131f7d2629ab
Http-Method: GET
Headers: {
Accept=[text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8],
Authorization=[Basic YmFycnlAcmVzdGF1cmFudC5jb206NTY3OA==],
Cookie=[JSESSIONID=1c289vha0cxfe],
}
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">Having OOB responses supported is useful when a public client (typically a device which can not keep the client secrets and where no redirect URI is supported) needs to get a code grant. What will happen is that a device owner will send a request to Authorization Service which may look like this:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/images/icons/macrobrowser/dropdown/noformat.png" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>No Format</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-11" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>GET
http://localhost:8080/services/social/authorize?client_id=mobileClient&amp;response_type=code
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">The role of AccessTokenService is to exchange a token grant for a new access token which will be used by the client to access the end user's resources. <br /> Here is an example request log:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-12" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>Address: http://localhost:8080/services/oauth/token
Http-Method: POST

Headers: {
Accept=[application/json],
Authorization=[Basic MTIzNDU2Nzg5Ojk4NzY1NDMyMQ==],
Content-Type=[application/x-www-form-urlencoded]
}
Payload:

grant_type=authorization_code&amp;code=5c993144b910bccd5977131f7d2629ab&amp;redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fservices%2Freservations%2Freserve%2Fcomplete
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">Now that the token has been created, it is mapped by the service to a <a href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ClientAccessToken.java" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">client representation</a> and is returned back as a JSON payload:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-13" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>Response-Code: 200
Content-Type: application/json
Headers: {
 Cache-Control=[no-store],
 Pragma=[no-cache],
 Date=[Thu, 12 Apr 2012 14:36:29 GMT]
}

Payload:

{&quot;access_token&quot;:&quot;5b5c8e677413277c4bb8b740d522b378&quot;, &quot;token_type&quot;:&quot;bearer&quot;}

</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-block-context" style="font-size: 13px">The client will use this access token to access the current user's resources in order to complete the original user's request, for example, the request to access a user's calendar may look like this:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-14" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>Address: http://localhost:8080/services/thirdPartyAccess/calendar
Http-Method: GET
Headers:
{
  Authorization=[Bearer 5b5c8e677413277c4bb8b740d522b378],
  Accept=[application/xml]
}
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">The following code fragment shows how a <a href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">BearerAccessToken</a> utility class can be used to create Bearer tokens:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">java</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-15" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;
import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
import org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken;

public class CustomOAuthDataProvider implements AuthorizationCodeDataProvider {

    public ServerAccessToken createAccessToken(AccessTokenRegistration reg)
		throws OAuthServiceException {

		ServerAccessToken token = new BearerAccessToken(reg.getClient(), 3600L);
		
		List&lt;String&gt; scope = reg.getApprovedScope().isEmpty() ? reg.getRequestedScope()
				                                        : reg.getApprovedScope();
		token.setScopes(convertScopeToPermissions(reg.getClient(), scope));
		token.setSubject(reg.getSubject());
		token.setGrantType(reg.getGrantType());
		
                // persist as needed and then return

		return token;
   }
   // other methods are not shown
}
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">The following code fragment shows how a <a href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/mac/MacAccessToken.java" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">MacAccessToken</a> utility class can be used to create MAC tokens:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">java</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-16" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;
import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
import org.apache.cxf.rs.security.oauth2.tokens.mac.HmacAlgorithm;
import org.apache.cxf.rs.security.oauth2.tokens.mac.MacAccessToken;

public class CustomOAuthDataProvider implements AuthorizationCodeDataProvider {

    public ServerAccessToken createAccessToken(AccessTokenRegistration reg)
		throws OAuthServiceException {

                // generate
		ServerAccessToken token = new MacAccessToken(reg.getClient(),
                                                             HmacAlgorithm.HmacSHA1,
                                                             3600L);
		
		// set other token fields as shown in the Bearer section
		
                // persist as needed and then return

		return token;
   }
   // other methods are not shown
}
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-block-context" style="font-size: 13px">One can expect the following response:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-17" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>Response-Code: 200
Content-Type: application/json
Headers: {
 Cache-Control=[no-store],
 Pragma=[no-cache],
 Date=[Thu, 12 Apr 2012 14:36:29 GMT]
}

Payload:

{&quot;access_token&quot;:&quot;5b5c8e677413277c4bb8b740d522b378&quot;, &quot;token_type&quot;:&quot;mac&quot;, &quot;mac_key&quot;=&quot;1234568&quot;, &quot;mac_algorithm&quot;=&quot;hmac-sha-1&quot;}
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">The client can use CXF OAuthClientUtils to create Authorization MAC headers. All is needed is to provide references to ClientAccessToken representing the MAC token issued by AccessTokenService and <a href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/HttpRequestProperties.java" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">HttpRequestProperties</a> capturing the information about the current request URI:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">java</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-18" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>String requestURI = &quot;http://localhost:8080/calendar&quot;;
WebClient wc = WebClient.create(requestURI);

// represents client registration
OAuthClientUtils.Consumer consumer = getConsumer();
// the token issued by AccessTokenService
ClientAccessToken token = getToken();

HttpRequestProperties httpProps = new HttpRequestProperties(wc, &quot;GET&quot;);
String authHeader = OAuthClientUtils.createAuthorizationHeader(consumer, token, httpProps);
wc.header(&quot;Authorization&quot;, authHeader);

Calendar calendar = wc.get(Calendar.class);
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-block-context" style="font-size: 13px">This code will result in something like:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-19" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>GET /calendar HTTP/1.1
Host: localhost
Accept: application/xml
Authorization: MAC id=&quot;5b5c8e677413277c4bb8b740d522b378&quot;,
                   nonce=&quot;di3hvdf8&quot;,
                   mac=&quot;W7bdMZbv9UWOTadASIQHagZyirA=&quot;
                   ts=&quot;12345678&quot;
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">Note that OAuthDataProvider supports retrieving <a href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/Client.java" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">Client</a> instances but it has no methods for creating or removing Clients. The reason for it is that the process of registering third-party clients is very specific to a particular OAuth2 application, so CXF does not offer a registration support service and hence OAuthDataProvider has no Client create/update methods. You will likely need to do something like this:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">java</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-20" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>public class CustomOAuthProvider implements OAuthDataProvider {
   public Client registerClient(String applicationName, String applicationURI, ...) {}
   public void removeClient(String cliendId) {}
   // etc
   // OAuthDataProvider methods
}
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">With CXF offering OAuth service implementations and a custom OAuthDataProvider provider in place, it is time to deploy the OAuth2 server. <br /> Most likely, you'd want to deploy AccessTokenService as an independent JAX-RS endpoint, for example:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-21" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>&lt;!-- implements OAuthDataProvider --&gt;
&lt;bean id=&quot;oauthProvider&quot; class=&quot;oauth.manager.OAuthManager&quot;/&gt;

&lt;bean id=&quot;accessTokenService&quot; class=&quot;org.apache.cxf.rs.security.oauth2.services.AccessTokenService&quot;&gt;
  &lt;property name=&quot;dataProvider&quot; ref=&quot;oauthProvider&quot;/&gt;
&lt;/bean&gt;

&lt;jaxrs:server id=&quot;oauthServer&quot; address=&quot;/oauth&quot;&gt;
   &lt;jaxrs:serviceBeans&gt;
      &lt;ref bean=&quot;accessTokenService&quot;/&gt;
  &lt;/jaxrs:serviceBeans&gt;
&lt;/jaxrs:server&gt;
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">If the remote token validation is supported then have AccessTokenValidationService added too:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-22" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>&lt;!-- implements OAuthDataProvider --&gt;
&lt;bean id=&quot;oauthProvider&quot; class=&quot;oauth.manager.OAuthManager&quot;/&gt;

&lt;bean id=&quot;accessTokenService&quot; class=&quot;org.apache.cxf.rs.security.oauth2.services.AccessTokenService&quot;&gt;
  &lt;property name=&quot;dataProvider&quot; ref=&quot;oauthProvider&quot;/&gt;
&lt;/bean&gt;
&lt;bean id=&quot;accessTokenValidateService&quot; class=&quot;org.apache.cxf.rs.security.oauth2.services.AccessTokenValidateService&quot;&gt;
  &lt;property name=&quot;dataProvider&quot; ref=&quot;oauthProvider&quot;/&gt;
&lt;/bean&gt;


&lt;jaxrs:server id=&quot;oauthServer&quot; address=&quot;/oauth&quot;&gt;
   &lt;jaxrs:serviceBeans&gt;
      &lt;ref bean=&quot;accessTokenService&quot;/&gt;
      &lt;ref bean=&quot;accessTokenValidateService&quot;/&gt;
  &lt;/jaxrs:serviceBeans&gt;
&lt;/jaxrs:server&gt;
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">AuthorizationCodeGrantService is easier to put where the application endpoints are. It can be put alongside AccessTokenService, but ideally an SSO based authentication solution will be also be deployed, for the end user to avoid signing in separately several times (see more in it below). Here is an example of AuthorizationCodeGrantService being collocated with the application endpoint:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-23" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>&lt;bean id=&quot;authorizationService&quot; class=&quot;org.apache.cxf.rs.security.oauth2.services.AuthorizationCodeGrantService&quot;&gt;
  &lt;property name=&quot;dataProvider&quot; ref=&quot;oauthProvider&quot;/&gt;
&lt;/bean&gt;

&lt;bean id=&quot;myApp&quot; class=&quot;org.myapp.MyApp&quot;/&gt;

&lt;jaxrs:server id=&quot;appServer&quot; address=&quot;/myapp&quot;&gt;
   &lt;jaxrs:serviceBeans&gt;
      &lt;ref bean=&quot;myApp&quot;/&gt;
      &lt;ref bean=&quot;authorizationService&quot;/&gt;
  &lt;/jaxrs:serviceBeans&gt;
&lt;/jaxrs:server&gt;
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">When checking a request like this:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-24" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>Address: http://localhost:8080/services/thirdPartyAccess/calendar
Http-Method: GET
Headers:
{
  Authorization=[Bearer 5b5c8e677413277c4bb8b740d522b378],
  Accept=[application/xml]
}
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">Here is one example of how OAuthRequestFilter can be configured:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-25" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>&lt;bean id=&quot;oauthProvider&quot; class=&quot;oauth.manager.OAuthManager&quot;/&gt;
&lt;bean id=&quot;oauthFiler&quot; class=&quot;org.apache.cxf.rs.security.oauth2.filters.OAuthRequestFilter&quot;&gt;
  &lt;property name=&quot;dataProvider&quot; ref=&quot;oauthProvider&quot;/&gt;
&lt;/bean&gt;

&lt;bean id=&quot;myApp&quot; class=&quot;org.myapp.MyApp&quot;/&gt;

&lt;jaxrs:server id=&quot;fromThirdPartyToMyApp&quot; address=&quot;/thirdparty-to-myapp&quot;&gt;
   &lt;jaxrs:serviceBeans&gt;
      &lt;ref bean=&quot;myApp&quot;/&gt;
  &lt;/jaxrs:serviceBeans&gt;
  &lt;jaxrs:providers&gt;
      &lt;ref bean=&quot;oauthFilter&quot;/&gt;
  &lt;/jaxrs:providers&gt;

&lt;/jaxrs:server&gt;
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">When one has Authorization and AccessToken service not collocated with the application endpoints, the following may work better:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-26" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">  </span>&lt;bean id=&quot;tvServiceClientFactory&quot; class=&quot;org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean&quot;&gt;
         &lt;property name=&quot;address&quot; value=&quot;http://localhost:${http.port}/services/oauth/validate&quot;/&gt;
         &lt;property name=&quot;headers&quot;&gt;
            &lt;map&gt;
               &lt;entry key=&quot;Accept&quot; value=&quot;application/xml&quot;/&gt;
            &lt;/map&gt;
         &lt;/property&gt;
     &lt;/bean&gt;

     &lt;bean id=&quot;tvServiceClient&quot; factory-bean=&quot;tvServiceClientFactory&quot; factory-method=&quot;createWebClient&quot;/&gt;

     &lt;bean id=&quot;tokenValidator&quot; class=&quot;org.apache.cxf.rs.security.oauth2.filters.AccessTokenValidatorClient&quot;&gt;
         &lt;property name=&quot;tokenValidatorClient&quot; ref=&quot;tvServiceClient&quot;/&gt;
     &lt;/bean&gt;

     &lt;bean id=&quot;oauthFiler&quot; class=&quot;org.apache.cxf.rs.security.oauth2.filters.OAuthRequestFilter&quot;&gt;
         &lt;property name=&quot;tokenValidator&quot; ref=&quot;tokenValidator&quot;/&gt;
     &lt;/bean&gt;

&lt;bean id=&quot;myApp&quot; class=&quot;org.myapp.MyApp&quot;/&gt;

&lt;jaxrs:server id=&quot;fromThirdPartyToMyApp&quot; address=&quot;/thirdparty-to-myapp&quot;&gt;
   &lt;jaxrs:serviceBeans&gt;
      &lt;ref bean=&quot;myApp&quot;/&gt;
  &lt;/jaxrs:serviceBeans&gt;
  &lt;jaxrs:providers&gt;
      &lt;ref bean=&quot;oauthFilter&quot;/&gt;
  &lt;/jaxrs:providers&gt;
&lt;/jaxrs:server&gt;
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">For example, the following custom code can be used by the third-party application:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">java</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-27" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>public class OAuthClientManager {
	
	private WebClient accessTokenService;
        private String authorizationServiceURI;
        private Consumer consumer;

        // inject properties, register the client application...

	public URI getAuthorizationServiceURI(ReservationRequest request,
			                              URI redirectUri,
			                              /* state */String reservationRequestKey) {
	    String scope = OAuthConstants.UPDATE_CALENDAR_SCOPE + request.getHour();
	    return OAuthClientUtils.getAuthorizationURI(authorizationServiceURI,
	    		                                consumer.getKey(),
	    		                                redirectUri.toString(),
	    		                                reservationRequestKey,
	    		                                scope);
	}
	public ClientAccessToken getAccessToken(AuthorizationCodeGrant codeGrant) {
	    try {
	        return OAuthClientUtils.getAccessToken(accessTokenService, consumer, codeGrant);
	    } catch (OAuthServiceException ex) {
	        return null;
	    }
	}
	
	public String createAuthorizationHeader(ClientAccessToken token) {
		return OAuthClientUtils.createAuthorizationHeader(consumer, token);
	}
}
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">For example, consider a case where a client who already owns an authorized access token and accessing the end user resource gets HTTP 401 error back and the client also owns a refresh token. Here is one possible way to handle it:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">java</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-28" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">

</span>import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.core.HttpHeaders;

import org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils;
import org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.Consumer;
import org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeGrant;
import org.apache.cxf.rs.security.oauth2.grants.refresh.RefreshTokenGrant;
import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;



// the pseudo-code for getting the access token
Consumer consumer = ...
AuthorizationCodeGrant codeGrant = ...

ClientAccessToken accessToken = OAuthClientUtils.getAccessToken(codeGrant, consumer);

WebClient endUserResourceClient = WebClient.create(endUserServerAddress);

endUserResourceClient.header(HttpHeaders.AUTHORIZATION,
                             OAuthClientUtils.createAuthorizationHeader(accessToken));
try {
   return endUserResourceClient.get();
} catch (NotAuthorizedException ex) {
    String refreshToken = accessToken.getRefreshToken();
    if (refreshToken != null) {
        // retry once

        // refresh the token
        accessToken = OAuthClientUtils.getAccessToken(new RefreshTokenGrant(refreshToken), consumer);

        // reset Authorization header
        endUserResourceClient.replaceHeader(HttpHeaders.AUTHORIZATION,
                             OAuthClientUtils.createAuthorizationHeader(accessToken));

        // try to access the end user resource again
        return endUserResourceClient.get();

    } else {
        throw ex;
    }

}



</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">This <a href="http://tools.ietf.org/html/draft-ietf-oauth-v2-30#section-5.2" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">section</a> lists all the error properties that can be returned to the client application. CXF OAuth2 services will always report a required 'error' property but will omit the optional error properties by default (for example, in case of access token grant handlers throwing <a href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthServiceException.java" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">OAuthServiceException</a> initialized with <a href="http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthError.java" class="external-link" rel="nofollow" style="color: #326ca6; text-decoration: none">OAuthError</a> which may have the optional properties set).<br /> When reporting the optional error properties is actually needed then setting a 'writeCustomErrors' property to 'true' will help:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">xml</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-29" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>&lt;bean id=&quot;oauthProvider&quot; class=&quot;oauth2.manager.OAuthManager&quot;/&gt;

&lt;bean id=&quot;accessTokenService&quot; class=&quot;org.apache.cxf.rs.security.oauth2.services.AccessTokenService&quot;&gt;
    &lt;property name=&quot;dataProvider&quot; ref=&quot;oauthProvider&quot;/&gt;
    &lt;property name=&quot;writeCustomErrors&quot; value=&quot;true&quot;/&gt;
&lt;/bean&gt;
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                    <p class="diff-block-context" style="font-size: 13px">The first problem which needs to be addressed is how to distinguish end users from third-party clients and get both parties authenticated as required.<br /> Perhaps the simplest option is to extend a CXF OAuth2 filter (JAX-RS or servlet one), check Authorization header, if it is OAuth2 then delegate to the superclass, alternatively - proceed with authenticating the end users:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">java</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-30" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>public class SecurityFilter extends org.apache.cxf.rs.security.oauth2.filters.OAuthRequestFilter {
   @Context
   private HttpHeaders headers;

   public Response handleRequest(ClassResourceInfo cri, Message message) {
       String header = headers.getRequestHeaders().getFirst(&quot;Authorization&quot;);
       if (header.startsWith(&quot;Bearer &quot;)) {
           return super.handleRequest(cri, message);
       } else {
           // authenticate the end user
       }
   }

}
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-block-context" style="font-size: 13px">The next issue is how to enforce that the end users can only access the resources they've been authorized to access.<br /> For example, consider the following JAX-RS resource class:</p>
                                                    <table class="diff-macro diff-block-target" style="background-color: #f0f0f0;border: 1px solid #dddddd;margin: 10px 1px;padding: 0 2px 2px;width: 100%;">
                                                        <thead>
                                                            <tr>
                                                                <th class="diff-macro-title" style="background-color: transparent; text-align: left; font-weight: normal;padding: 5px;; font-size: 13px"><span class="icon macro-placeholder-icon" style="background-color: ;line-height: 20px;"><img src="https://cwiki.apache.org/confluence/s/en_GB-1988229788/4109/76e0dbb30bc8580e459c201f3535d84f9283a9ac.1/_/plugins/servlet/confluence/placeholder/macro-icon?name=code" style="padding-right: 5px; vertical-align: text-bottom;" /> </span>Code Block</th>
                                                            </tr>
                                                        </thead>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-properties" style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;padding: 0; border: 1px solid #dddddd;; font-size: 13px">
                                                                    <table>
                                                                        <tbody>
                                                                            <tr>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px"></td>
                                                                                <td style="background-color: #fafafa; padding: 0 0 0 5px; font-size: 12px; text-align: left;; font-size: 13px">java</td>
                                                                            </tr>
                                                                        </tbody>
                                                                    </table> </td>
                                                            </tr>
                                                        </tbody>
                                                        <tbody>
                                                            <tr>
                                                                <td class="diff-macro-body" style="background-color: #fff;border: 1px solid #dddddd;padding: 10px;; font-size: 13px"> <pre style="font-size: 13px">
<span class="diff-html-removed" id="removed-diff-31" style="font-size: 100%; background-color: #ffe7e7; text-decoration: line-through;">
</span>@Path(&quot;calendar&quot;)
public class CalendarResource {

   @GET
   @Path(&quot;{id}&quot;)
   public Calendar getPublicCalendar(@PathParam(&quot;id&quot;) long id) {
       // return the calendar for a user identified by 'id'
   }

   @GET
   @Path(&quot;{id}/private&quot;)
   public Calendar getPrivateCalendar(@PathParam(&quot;id&quot;) long id) {
       // return the calendar for a user identified by 'id'
   }

   @PUT
   @Path(&quot;{id}&quot;)
   public void updateCalendar(@PathParam(&quot;id&quot;) long id, Calendar c) {
       // update the calendar for a user identified by 'id'
   }
}
</pre> </td>
                                                            </tr>
                                                        </tbody>
                                                    </table>
                                                    <p class="diff-context-placeholder" style="font-size: 13px">...</p>
                                                </div>
                                            </div>
                                        </div>
                                        <table id="email-actions" class="email-metadata" cellspacing="0" cellpadding="0" border="0" width="100%" style="border-top: 1px solid #bbb; color: #505050; margin: 8px 0 0 0; padding: 0; color: #505050">
                                            <tbody>
                                                <tr>
                                                    <td class="left" valign="top" style="font-size: 13px; padding-top: 8px; max-width: 45%; text-align: left"> <span class="email-list-item"><a href="https://cwiki.apache.org/confluence/display/CXF20DOC/JAX-RS+OAuth2" style="color: #326ca6; text-decoration: none">View Online</a> </span> <span class="email-list-divider" style="color: #505050; padding: 0 0.350em">&middot;</span> <span class="email-list-item"><a href="https://cwiki.apache.org/confluence/plugins/likes/like.action?contentId=27843869" style="color: #326ca6; text-decoration: none">Like</a> </span> <span class="email-list-divider" style="color: #505050; padding: 0 0.350em">&middot;</span> <span class="email-list-item"><a href="https://cwiki.apache.org/confluence/pages/diffpagesbyversion.action?pageId=27843869&amp;revisedVersion=32&amp;originalVersion=31" style="color: #326ca6; text-decoration: none">View Changes</a> </span> </td>
                                                    <td class="right" width="50%" valign="top" style="font-size: 13px; padding-top: 8px; text-align: right"> <span class="email-list-item"><a href="https://cwiki.apache.org/confluence/users/removespacenotification.action?spaceKey=CXF20DOC" style="color: #326ca6; text-decoration: none">Stop watching space</a> </span> <span class="email-list-divider" style="color: #505050; padding: 0 0.350em">&middot;</span> <span class="email-list-item"><a href="https://cwiki.apache.org/confluence/users/editmyemailsettings.action" style="color: #326ca6; text-decoration: none">Manage Notifications</a> </span> </td>
                                                </tr>
                                            </tbody>
                                        </table> </td>
                                </tr>
                            </tbody>
                        </table> </td>
                </tr>
                <tr>
                    <td id="email-footer" align="center" style="font-size: 13px; padding: 0 16px 32px 16px; margin: 0"> <small style="font-size: 11px"> This message was sent by <a class="email-footer-link" style="color:#505050;font-size:11px;text-decoration:none;; color: #326ca6; text-decoration: none; color: #505050; font-size: 11px" href="http://www.atlassian.com/software/confluence">Atlassian Confluence</a> 5.0.3, <a class="email-footer-link" style="color:#505050;font-size:11px;text-decoration:none;; color: #326ca6; text-decoration: none; color: #505050; font-size: 11px" href="http://www.atlassian.com/software/confluence/overview/team-collaboration-software?utm_source=email-footer">Team Collaboration Software</a> </small> </td>
                </tr>
            </tbody>
        </table>
    </body>
</html>
Mime
View raw message