Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 9725C9955 for ; Tue, 9 Dec 2014 11:21:38 +0000 (UTC) Received: (qmail 83642 invoked by uid 500); 9 Dec 2014 11:21:38 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 83581 invoked by uid 500); 9 Dec 2014 11:21:38 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 83570 invoked by uid 99); 9 Dec 2014 11:21:38 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 09 Dec 2014 11:21:38 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id 2770DA202BD; Tue, 9 Dec 2014 11:21:38 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: sergeyb@apache.org To: commits@cxf.apache.org Message-Id: <86388ef1bf574994bc7558fddd011021@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: cxf git commit: [CXF-6142] Updating AcceptTokenValidator interface Date: Tue, 9 Dec 2014 11:21:38 +0000 (UTC) Repository: cxf Updated Branches: refs/heads/master 1f123776f -> 982bff937 [CXF-6142] Updating AcceptTokenValidator interface Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/982bff93 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/982bff93 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/982bff93 Branch: refs/heads/master Commit: 982bff93746e7c7234c474a612094f263eaf3794 Parents: 1f12377 Author: Sergey Beryozkin Authored: Tue Dec 9 11:21:21 2014 +0000 Committer: Sergey Beryozkin Committed: Tue Dec 9 11:21:21 2014 +0000 ---------------------------------------------------------------------- .../oauth2/filters/AccessTokenValidatorClient.java | 16 +++++++++++----- .../security/oauth2/filters/OAuthRequestFilter.java | 2 +- .../oauth2/provider/AccessTokenValidator.java | 5 ++++- .../services/AbstractAccessTokenValidator.java | 7 +++++-- .../services/AccessTokenValidatorService.java | 2 +- .../hawk/AbstractHawkAccessTokenValidator.java | 15 ++++++++++----- .../tokens/hawk/HawkAccessTokenValidator.java | 8 ++++++-- .../tokens/hawk/HawkAccessTokenValidatorClient.java | 11 +++++++---- .../tokens/hawk/HawkAccessTokenValidatorTest.java | 3 ++- 9 files changed, 47 insertions(+), 22 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/982bff93/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenValidatorClient.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenValidatorClient.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenValidatorClient.java index 7f76407..984995b 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenValidatorClient.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenValidatorClient.java @@ -21,10 +21,11 @@ package org.apache.cxf.rs.security.oauth2.filters; import java.util.Collections; import java.util.List; -import javax.ws.rs.core.Form; +import javax.ws.rs.core.MultivaluedMap; import org.apache.cxf.jaxrs.client.WebClient; import org.apache.cxf.jaxrs.ext.MessageContext; +import org.apache.cxf.jaxrs.impl.MetadataMap; import org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation; import org.apache.cxf.rs.security.oauth2.provider.AccessTokenValidator; import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException; @@ -40,12 +41,17 @@ public class AccessTokenValidatorClient implements AccessTokenValidator { public AccessTokenValidation validateAccessToken(MessageContext mc, String authScheme, - String authSchemeData) + String authSchemeData, + MultivaluedMap extraProps) throws OAuthServiceException { WebClient client = WebClient.fromClient(tokenValidatorClient, true); - Form form = new Form().param(OAuthConstants.AUTHORIZATION_SCHEME_TYPE, authScheme) - .param(OAuthConstants.AUTHORIZATION_SCHEME_DATA, authSchemeData); - return client.post(form, AccessTokenValidation.class); + MultivaluedMap props = new MetadataMap(); + props.putSingle(OAuthConstants.AUTHORIZATION_SCHEME_TYPE, authScheme); + props.putSingle(OAuthConstants.AUTHORIZATION_SCHEME_DATA, authSchemeData); + if (extraProps != null) { + props.putAll(extraProps); + } + return client.post(props, AccessTokenValidation.class); } public void setTokenValidatorClient(WebClient tokenValidatorClient) { http://git-wip-us.apache.org/repos/asf/cxf/blob/982bff93/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java index e8c052c..a41292a 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java @@ -85,7 +85,7 @@ public class OAuthRequestFilter extends AbstractAccessTokenValidator String authSchemeData = authParts[1]; // Get the access token - AccessTokenValidation accessTokenV = getAccessTokenValidation(authScheme, authSchemeData); + AccessTokenValidation accessTokenV = getAccessTokenValidation(authScheme, authSchemeData, null); // Find the scopes which match the current request http://git-wip-us.apache.org/repos/asf/cxf/blob/982bff93/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AccessTokenValidator.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AccessTokenValidator.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AccessTokenValidator.java index 0826361..96151d8 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AccessTokenValidator.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AccessTokenValidator.java @@ -21,6 +21,8 @@ package org.apache.cxf.rs.security.oauth2.provider; import java.util.List; +import javax.ws.rs.core.MultivaluedMap; + import org.apache.cxf.jaxrs.ext.MessageContext; import org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation; @@ -28,6 +30,7 @@ public interface AccessTokenValidator { List getSupportedAuthorizationSchemes(); AccessTokenValidation validateAccessToken(MessageContext mc, String authScheme, - String authSchemeData) + String authSchemeData, + MultivaluedMap extraProps) throws OAuthServiceException; } http://git-wip-us.apache.org/repos/asf/cxf/blob/982bff93/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java index 16146f9..4594e35 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractAccessTokenValidator.java @@ -25,6 +25,7 @@ import java.util.List; import java.util.Set; import javax.ws.rs.core.Context; +import javax.ws.rs.core.MultivaluedMap; import org.apache.cxf.jaxrs.ext.MessageContext; import org.apache.cxf.jaxrs.ext.MessageContextImpl; @@ -90,7 +91,8 @@ public abstract class AbstractAccessTokenValidator { /** * Get the access token */ - protected AccessTokenValidation getAccessTokenValidation(String authScheme, String authSchemeData) { + protected AccessTokenValidation getAccessTokenValidation(String authScheme, String authSchemeData, + MultivaluedMap extraProps) { AccessTokenValidation accessTokenV = null; if (dataProvider == null && tokenHandlers.isEmpty()) { throw ExceptionUtils.toInternalServerErrorException(null, null); @@ -101,7 +103,8 @@ public abstract class AbstractAccessTokenValidator { if (handler != null) { try { // Convert the HTTP Authorization scheme data into a token - accessTokenV = handler.validateAccessToken(getMessageContext(), authScheme, authSchemeData); + accessTokenV = handler.validateAccessToken(getMessageContext(), authScheme, authSchemeData, + extraProps); } catch (OAuthServiceException ex) { AuthorizationUtils.throwAuthorizationFailure( Collections.singleton(authScheme), realm); http://git-wip-us.apache.org/repos/asf/cxf/blob/982bff93/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenValidatorService.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenValidatorService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenValidatorService.java index 6f80679..6cb4a4b 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenValidatorService.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenValidatorService.java @@ -41,6 +41,6 @@ public class AccessTokenValidatorService extends AbstractAccessTokenValidator { } String authScheme = params.getFirst(OAuthConstants.AUTHORIZATION_SCHEME_TYPE); String authSchemeData = params.getFirst(OAuthConstants.AUTHORIZATION_SCHEME_DATA); - return super.getAccessTokenValidation(authScheme, authSchemeData); + return super.getAccessTokenValidation(authScheme, authSchemeData, params); } } http://git-wip-us.apache.org/repos/asf/cxf/blob/982bff93/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/AbstractHawkAccessTokenValidator.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/AbstractHawkAccessTokenValidator.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/AbstractHawkAccessTokenValidator.java index dbecb50..82f655e 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/AbstractHawkAccessTokenValidator.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/AbstractHawkAccessTokenValidator.java @@ -24,6 +24,8 @@ import java.util.HashMap; import java.util.List; import java.util.Map; +import javax.ws.rs.core.MultivaluedMap; + import org.apache.cxf.common.util.Base64Exception; import org.apache.cxf.common.util.Base64Utility; import org.apache.cxf.common.util.crypto.HmacUtils; @@ -42,11 +44,12 @@ public abstract class AbstractHawkAccessTokenValidator implements AccessTokenVal } public AccessTokenValidation validateAccessToken(MessageContext mc, - String authScheme, - String authSchemeData) throws OAuthServiceException { + String authScheme, String authSchemeData, MultivaluedMap extraProps) + throws OAuthServiceException { Map schemeParams = getSchemeParameters(authSchemeData); - AccessTokenValidation atv = getAccessTokenValidation(mc, schemeParams, authSchemeData); + AccessTokenValidation atv = + getAccessTokenValidation(mc, authScheme, authSchemeData, extraProps, schemeParams); String macKey = atv.getExtraProps().get(OAuthConstants.HAWK_TOKEN_KEY); String macAlgo = atv.getExtraProps().get(OAuthConstants.HAWK_TOKEN_ALGORITHM); @@ -74,8 +77,10 @@ public abstract class AbstractHawkAccessTokenValidator implements AccessTokenVal } protected abstract AccessTokenValidation getAccessTokenValidation(MessageContext mc, - Map schemeParams, - String authSchemeData); + String authScheme, + String authSchemeData, + MultivaluedMap extraProps, + Map schemeParams); private static Map getSchemeParameters(String authData) { String[] attributePairs = authData.split(","); http://git-wip-us.apache.org/repos/asf/cxf/blob/982bff93/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidator.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidator.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidator.java index 9955ffe..977c531 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidator.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidator.java @@ -20,6 +20,8 @@ package org.apache.cxf.rs.security.oauth2.tokens.hawk; import java.util.Map; +import javax.ws.rs.core.MultivaluedMap; + import org.apache.cxf.jaxrs.ext.MessageContext; import org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation; import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken; @@ -32,8 +34,10 @@ public class HawkAccessTokenValidator extends AbstractHawkAccessTokenValidator { private boolean remoteSignatureValidation; protected AccessTokenValidation getAccessTokenValidation(MessageContext mc, - Map schemeParams, - String authSchemeData) { + String authScheme, + String authSchemeData, + MultivaluedMap extraProps, + Map schemeParams) { String macKey = schemeParams.get(OAuthConstants.HAWK_TOKEN_ID); ServerAccessToken accessToken = dataProvider.getAccessToken(macKey); if (!(accessToken instanceof HawkAccessToken)) { http://git-wip-us.apache.org/repos/asf/cxf/blob/982bff93/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidatorClient.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidatorClient.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidatorClient.java index 8e615fb..4ab3a0f 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidatorClient.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidatorClient.java @@ -21,6 +21,8 @@ package org.apache.cxf.rs.security.oauth2.tokens.hawk; import java.util.List; import java.util.Map; +import javax.ws.rs.core.MultivaluedMap; + import org.apache.cxf.jaxrs.ext.MessageContext; import org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation; import org.apache.cxf.rs.security.oauth2.provider.AccessTokenValidator; @@ -30,10 +32,11 @@ public class HawkAccessTokenValidatorClient extends AbstractHawkAccessTokenValid private AccessTokenValidator validator; protected AccessTokenValidation getAccessTokenValidation(MessageContext mc, - Map schemeParams, - String authSchemeData) { - return validator.validateAccessToken(mc, OAuthConstants.HAWK_AUTHORIZATION_SCHEME, - authSchemeData); + String authScheme, + String authSchemeData, + MultivaluedMap extraProps, + Map schemeParams) { + return validator.validateAccessToken(mc, authScheme, authSchemeData, extraProps); } public void setValidator(AccessTokenValidator validator) { http://git-wip-us.apache.org/repos/asf/cxf/blob/982bff93/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidatorTest.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidatorTest.java b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidatorTest.java index 65de61d..ebb213a 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidatorTest.java +++ b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessTokenValidatorTest.java @@ -63,7 +63,8 @@ public class HawkAccessTokenValidatorTest extends Assert { AccessTokenValidation tokenValidation = validator .validateAccessToken(messageContext, OAuthConstants.HAWK_AUTHORIZATION_SCHEME, - authData.split(" ")[1]); + authData.split(" ")[1], + null); assertNotNull(tokenValidation); EasyMock.verify(dataProvider, messageContext, httpRequest); }