cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1565632 - in /cxf/branches/2.7.x-fixes: ./ rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/ rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/
Date Fri, 07 Feb 2014 12:35:30 GMT
Author: sergeyb
Date: Fri Feb  7 12:35:30 2014
New Revision: 1565632

URL: http://svn.apache.org/r1565632
Log:
Merged revisions 1565629 via svnmerge from 
https://svn.apache.org/repos/asf/cxf/trunk

........
  r1565629 | sergeyb | 2014-02-07 12:24:37 +0000 (Fri, 07 Feb 2014) | 1 line
  
  Making it possible to register OAuthRequestFilter as the interceptor and also use it on
non-JAX-RS paths
........

Added:
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestInterceptor.java
      - copied unchanged from r1565629, cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestInterceptor.java
Modified:
    cxf/branches/2.7.x-fixes/   (props changed)
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java

Propchange: cxf/branches/2.7.x-fixes/
------------------------------------------------------------------------------
  Merged /cxf/trunk:r1565629

Propchange: cxf/branches/2.7.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.

Modified: cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java?rev=1565632&r1=1565631&r2=1565632&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java
Fri Feb  7 12:35:30 2014
@@ -54,9 +54,13 @@ public class OAuthRequestFilter extends 
     private boolean audienceIsEndpointAddress;
     
     public Response handleRequest(Message m, ClassResourceInfo resourceClass) {
-        
+        validateRequest(m);
+        return null;
+    }    
+    
+    protected void validateRequest(Message m) {
         if (isCorsRequest(m)) {
-            return null;
+            return;
         }
         
         // Get the access token
@@ -97,8 +101,6 @@ public class OAuthRequestFilter extends 
         oauthContext.setTokenAudience(accessTokenV.getAudience());
         
         m.setContent(OAuthContext.class, oauthContext);
-        
-        return null;
     }
 
     protected boolean checkHttpVerb(HttpServletRequest req, List<String> verbs) {

Modified: cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java?rev=1565632&r1=1565631&r2=1565632&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java
Fri Feb  7 12:35:30 2014
@@ -28,6 +28,8 @@ import javax.ws.rs.InternalServerErrorEx
 import javax.ws.rs.core.Context;
 
 import org.apache.cxf.jaxrs.ext.MessageContext;
+import org.apache.cxf.jaxrs.ext.MessageContextImpl;
+import org.apache.cxf.phase.PhaseInterceptorChain;
 import org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation;
 import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
 import org.apache.cxf.rs.security.oauth2.provider.AccessTokenValidator;
@@ -73,7 +75,7 @@ public abstract class AbstractAccessToke
     }
     
     public MessageContext getMessageContext() {
-        return mc;
+        return mc != null ? mc : new MessageContextImpl(PhaseInterceptorChain.getCurrentMessage());
     }
 
     protected AccessTokenValidator findTokenValidator(String authScheme) {
@@ -99,7 +101,7 @@ public abstract class AbstractAccessToke
         // Get the scheme and its data, Bearer only is supported by default
         // WWW-Authenticate with the list of supported schemes will be sent back 
         // if the scheme is not accepted
-        String[] authParts = AuthorizationUtils.getAuthorizationParts(mc, supportedSchemes);
+        String[] authParts = getAuthorizationParts();
         String authScheme = authParts[0];
         String authSchemeData = authParts[1];
         
@@ -108,7 +110,7 @@ public abstract class AbstractAccessToke
         if (handler != null) {
             try {
                 // Convert the HTTP Authorization scheme data into a token
-                accessTokenV = handler.validateAccessToken(mc, authScheme, authSchemeData);
+                accessTokenV = handler.validateAccessToken(getMessageContext(), authScheme,
authSchemeData);
             } catch (OAuthServiceException ex) {
                 AuthorizationUtils.throwAuthorizationFailure(
                     Collections.singleton(authScheme), realm);
@@ -163,5 +165,8 @@ public abstract class AbstractAccessToke
         this.audiences = audiences;
     }
     
+    protected String[] getAuthorizationParts() {
+        return AuthorizationUtils.getAuthorizationParts(getMessageContext(), supportedSchemes);
+    }
     
 }



Mime
View raw message