cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Passing UserSubject to OAuth2 response filters
Date Fri, 07 Nov 2014 17:19:40 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 1176da8d2 -> f87cf4318


Passing UserSubject to OAuth2 response filters


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f87cf431
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f87cf431
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f87cf431

Branch: refs/heads/3.0.x-fixes
Commit: f87cf431822b8fea158ee56efe1edd03803b455a
Parents: 1176da8
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Fri Nov 7 17:17:50 2014 +0000
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Fri Nov 7 17:19:22 2014 +0000

----------------------------------------------------------------------
 .../security/oauth2/provider/AccessTokenResponseFilter.java   | 3 ++-
 .../oauth2/provider/AuthorizationCodeResponseFilter.java      | 3 ++-
 .../cxf/rs/security/oauth2/services/AccessTokenService.java   | 7 ++++---
 .../oauth2/services/AuthorizationCodeGrantService.java        | 6 +++---
 .../cxf/rs/security/oauth2/services/ImplicitGrantService.java | 6 +++---
 5 files changed, 14 insertions(+), 11 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/f87cf431/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AccessTokenResponseFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AccessTokenResponseFilter.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AccessTokenResponseFilter.java
index 4c5d76d..02da169 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AccessTokenResponseFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AccessTokenResponseFilter.java
@@ -20,7 +20,8 @@ package org.apache.cxf.rs.security.oauth2.provider;
 
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
+import org.apache.cxf.rs.security.oauth2.common.UserSubject;
 
 public interface AccessTokenResponseFilter {
-    void process(Client client, ClientAccessToken ct);
+    void process(Client client, ClientAccessToken ct, UserSubject endUser);
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/f87cf431/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AuthorizationCodeResponseFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AuthorizationCodeResponseFilter.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AuthorizationCodeResponseFilter.java
index b657332..f363a46 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AuthorizationCodeResponseFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AuthorizationCodeResponseFilter.java
@@ -19,7 +19,8 @@
 package org.apache.cxf.rs.security.oauth2.provider;
 
 import org.apache.cxf.rs.security.oauth2.common.Client;
+import org.apache.cxf.rs.security.oauth2.common.UserSubject;
 
 public interface AuthorizationCodeResponseFilter {
-    String process(Client client, String code);
+    String process(Client client, String code, UserSubject endUser);
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/f87cf431/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
index ae51f3f..d63a141 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
@@ -36,6 +36,7 @@ import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
 import org.apache.cxf.rs.security.oauth2.common.OAuthError;
 import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
+import org.apache.cxf.rs.security.oauth2.common.UserSubject;
 import org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeDataProvider;
 import org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeGrantHandler;
 import org.apache.cxf.rs.security.oauth2.provider.AccessTokenGrantHandler;
@@ -120,16 +121,16 @@ public class AccessTokenService extends AbstractTokenService {
         
         // Extract the information to be of use for the client
         ClientAccessToken clientToken = OAuthUtils.toClientAccessToken(serverToken, isWriteOptionalParameters());
-        processClientAccessToken(client, clientToken);    
+        processClientAccessToken(client, clientToken, serverToken.getSubject());    
         // Return it to the client
         return Response.ok(clientToken)
                        .header(HttpHeaders.CACHE_CONTROL, "no-store")
                        .header("Pragma", "no-cache")
                         .build();
     }
-    protected void processClientAccessToken(Client client, ClientAccessToken clientToken)
{
+    protected void processClientAccessToken(Client client, ClientAccessToken clientToken,
UserSubject endUser) {
         for (AccessTokenResponseFilter filter : responseHandlers) {
-            filter.process(client, clientToken); 
+            filter.process(client, clientToken, endUser); 
         }
     }
     protected void checkAudience(MultivaluedMap<String, String> params) { 

http://git-wip-us.apache.org/repos/asf/cxf/blob/f87cf431/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
index 1d0c97e..d7092a5 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
@@ -82,7 +82,7 @@ public class AuthorizationCodeGrantService extends RedirectionBasedGrantService
         } catch (OAuthServiceException ex) {
             return createErrorResponse(params, redirectUri, OAuthConstants.ACCESS_DENIED);
         }
-        String grantCode = processCodeGrant(client, grant.getCode());
+        String grantCode = processCodeGrant(client, grant.getCode(), grant.getSubject());
         if (redirectUri == null) {
             OOBAuthorizationResponse oobResponse = new OOBAuthorizationResponse();
             oobResponse.setClientId(client.getClientId());
@@ -97,9 +97,9 @@ public class AuthorizationCodeGrantService extends RedirectionBasedGrantService
             return Response.seeOther(ub.build()).build();
         }
     }
-    protected String processCodeGrant(Client client, String code) {
+    protected String processCodeGrant(Client client, String code, UserSubject endUser) {
         if (codeResponseFilter != null) {
-            return codeResponseFilter.process(client, code);
+            return codeResponseFilter.process(client, code, endUser);
         }
         return code;
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/f87cf431/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
index 39ec3d1..df26c82 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
@@ -80,7 +80,7 @@ public class ImplicitGrantService extends RedirectionBasedGrantService {
             token = preAuthorizedToken;
         }
         ClientAccessToken clientToken = OAuthUtils.toClientAccessToken(token, isWriteOptionalParameters());
-        processClientAccessToken(client, clientToken);
+        processClientAccessToken(client, clientToken, token.getSubject());
    
         // return the token by appending it as a fragment parameter to the redirect URI
         
@@ -112,9 +112,9 @@ public class ImplicitGrantService extends RedirectionBasedGrantService
{
         
         return Response.seeOther(URI.create(sb.toString())).build();
     }
-    protected void processClientAccessToken(Client client, ClientAccessToken clientToken)
{
+    protected void processClientAccessToken(Client client, ClientAccessToken clientToken,
UserSubject endUser) {
         for (AccessTokenResponseFilter filter : responseHandlers) {
-            filter.process(client, clientToken); 
+            filter.process(client, clientToken, endUser); 
         }
     }
     protected Response createErrorResponse(MultivaluedMap<String, String> params,


Mime
View raw message