Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id D4A8810435 for ; Fri, 19 Dec 2014 22:32:51 +0000 (UTC) Received: (qmail 75677 invoked by uid 500); 19 Dec 2014 22:32:51 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 75615 invoked by uid 500); 19 Dec 2014 22:32:51 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 75606 invoked by uid 99); 19 Dec 2014 22:32:51 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 19 Dec 2014 22:32:51 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id 5CC7CA306BE; Fri, 19 Dec 2014 22:32:51 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: sergeyb@apache.org To: commits@cxf.apache.org Message-Id: X-Mailer: ASF-Git Admin Mailer Subject: cxf git commit: More OAuth2 SPOP related updates Date: Fri, 19 Dec 2014 22:32:51 +0000 (UTC) Repository: cxf Updated Branches: refs/heads/master a3be410fe -> 8fc7bfa3d More OAuth2 SPOP related updates Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/8fc7bfa3 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/8fc7bfa3 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/8fc7bfa3 Branch: refs/heads/master Commit: 8fc7bfa3d054e9aebcb43f51e083ff7cf3b47010 Parents: a3be410 Author: Sergey Beryozkin Authored: Fri Dec 19 22:32:31 2014 +0000 Committer: Sergey Beryozkin Committed: Fri Dec 19 22:32:31 2014 +0000 ---------------------------------------------------------------------- .../rs/security/oauth2/common/OAuthRedirectionState.java | 10 +++++----- .../code/AbstractAuthorizationCodeDataProvider.java | 2 +- .../oauth2/grants/code/AuthorizationCodeGrantHandler.java | 6 +++--- .../oauth2/grants/code/AuthorizationCodeRegistration.java | 10 +++++----- .../grants/code/DefaultEHCacheCodeDataProvider.java | 2 +- .../grants/code/DefaultEncryptingCodeDataProvider.java | 2 +- .../oauth2/grants/code/ServerAuthorizationCodeGrant.java | 10 +++++----- .../oauth2/provider/JoseSessionTokenProvider.java | 4 ++-- .../oauth2/services/AuthorizationCodeGrantService.java | 4 ++-- .../oauth2/utils/crypto/ModelEncryptionSupport.java | 4 ++-- 10 files changed, 27 insertions(+), 27 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/8fc7bfa3/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthRedirectionState.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthRedirectionState.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthRedirectionState.java index a386a80..0f05abd 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthRedirectionState.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthRedirectionState.java @@ -28,7 +28,7 @@ public class OAuthRedirectionState implements Serializable { private String state; private String proposedScope; private String audience; - private String clientCodeVerifier; + private String clientCodeChallenge; public OAuthRedirectionState() { } @@ -106,10 +106,10 @@ public class OAuthRedirectionState implements Serializable { this.audience = audience; } - public String getClientCodeVerifier() { - return clientCodeVerifier; + public String getClientCodeChallenge() { + return clientCodeChallenge; } - public void setClientCodeVerifier(String clientCodeVerifier) { - this.clientCodeVerifier = clientCodeVerifier; + public void setClientCodeChallenge(String clientCodeChallenge) { + this.clientCodeChallenge = clientCodeChallenge; } } http://git-wip-us.apache.org/repos/asf/cxf/blob/8fc7bfa3/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AbstractAuthorizationCodeDataProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AbstractAuthorizationCodeDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AbstractAuthorizationCodeDataProvider.java index 71f1002..27a2b20 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AbstractAuthorizationCodeDataProvider.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AbstractAuthorizationCodeDataProvider.java @@ -40,7 +40,7 @@ public abstract class AbstractAuthorizationCodeDataProvider new ServerAuthorizationCodeGrant(reg.getClient(), getCode(reg), getGrantLifetime(), getIssuedAt()); grant.setApprovedScopes(getApprovedScopes(reg)); grant.setAudience(reg.getAudience()); - grant.setClientCodeVerifier(reg.getClientCodeVerifier()); + grant.setClientCodeChallenge(reg.getClientCodeChallenge()); grant.setSubject(reg.getSubject()); grant.setRedirectUri(reg.getRedirectUri()); return grant; http://git-wip-us.apache.org/repos/asf/cxf/blob/8fc7bfa3/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java index dc9cddd..7e6972f 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java @@ -71,9 +71,9 @@ public class AuthorizationCodeGrantHandler extends AbstractGrantHandler { throw new OAuthServiceException(OAuthConstants.INVALID_REQUEST); } - String clientCodeVerifier = grant.getClientCodeVerifier(); - if (clientCodeVerifier != null) { - String clientCodeChallenge = params.getFirst(OAuthConstants.AUTHORIZATION_CODE_VERIFIER); + String clientCodeChallenge = grant.getClientCodeChallenge(); + if (clientCodeChallenge != null) { + String clientCodeVerifier = params.getFirst(OAuthConstants.AUTHORIZATION_CODE_VERIFIER); if (!compareCodeVerifierWithChallenge(clientCodeVerifier, clientCodeChallenge)) { throw new OAuthServiceException(OAuthConstants.INVALID_GRANT); } http://git-wip-us.apache.org/repos/asf/cxf/blob/8fc7bfa3/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java index 6b0475c..a7126b4 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeRegistration.java @@ -35,7 +35,7 @@ public class AuthorizationCodeRegistration { private String redirectUri; private UserSubject subject; private String audience; - private String clientCodeVerifier; + private String clientCodeChallenge; /** * Sets the {@link Client} reference @@ -120,10 +120,10 @@ public class AuthorizationCodeRegistration { public void setAudience(String audience) { this.audience = audience; } - public String getClientCodeVerifier() { - return clientCodeVerifier; + public String getClientCodeChallenge() { + return clientCodeChallenge; } - public void setClientCodeVerifier(String clientCodeVerifier) { - this.clientCodeVerifier = clientCodeVerifier; + public void setClientCodeChallenge(String clientCodeChallenge) { + this.clientCodeChallenge = clientCodeChallenge; } } http://git-wip-us.apache.org/repos/asf/cxf/blob/8fc7bfa3/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DefaultEHCacheCodeDataProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DefaultEHCacheCodeDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DefaultEHCacheCodeDataProvider.java index c4e261f..d148423 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DefaultEHCacheCodeDataProvider.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DefaultEHCacheCodeDataProvider.java @@ -78,7 +78,7 @@ public class DefaultEHCacheCodeDataProvider extends DefaultEHCacheOAuthDataProvi new ServerAuthorizationCodeGrant(reg.getClient(), getCode(reg), getGrantLifetime(), getIssuedAt()); grant.setApprovedScopes(getApprovedScopes(reg)); grant.setAudience(reg.getAudience()); - grant.setClientCodeVerifier(reg.getClientCodeVerifier()); + grant.setClientCodeChallenge(reg.getClientCodeChallenge()); grant.setSubject(reg.getSubject()); grant.setRedirectUri(reg.getRedirectUri()); return grant; http://git-wip-us.apache.org/repos/asf/cxf/blob/8fc7bfa3/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DefaultEncryptingCodeDataProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DefaultEncryptingCodeDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DefaultEncryptingCodeDataProvider.java index 6d50584..64e6276 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DefaultEncryptingCodeDataProvider.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DefaultEncryptingCodeDataProvider.java @@ -64,7 +64,7 @@ public class DefaultEncryptingCodeDataProvider extends DefaultEncryptingOAuthDat new ServerAuthorizationCodeGrant(reg.getClient(), getCode(reg), getGrantLifetime(), getIssuedAt()); grant.setApprovedScopes(getApprovedScopes(reg)); grant.setAudience(reg.getAudience()); - grant.setClientCodeVerifier(reg.getClientCodeVerifier()); + grant.setClientCodeChallenge(reg.getClientCodeChallenge()); grant.setSubject(reg.getSubject()); grant.setRedirectUri(reg.getRedirectUri()); return grant; http://git-wip-us.apache.org/repos/asf/cxf/blob/8fc7bfa3/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java index a434214..b2b3835 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java @@ -38,7 +38,7 @@ public class ServerAuthorizationCodeGrant extends AuthorizationCodeGrant { private List approvedScopes = Collections.emptyList(); private UserSubject subject; private String audience; - private String clientCodeVerifier; + private String clientCodeChallenge; public ServerAuthorizationCodeGrant() { @@ -149,11 +149,11 @@ public class ServerAuthorizationCodeGrant extends AuthorizationCodeGrant { this.audience = audience; } - public String getClientCodeVerifier() { - return clientCodeVerifier; + public String getClientCodeChallenge() { + return clientCodeChallenge; } - public void setClientCodeVerifier(String clientCodeVerifier) { - this.clientCodeVerifier = clientCodeVerifier; + public void setClientCodeChallenge(String clientCodeChallenge) { + this.clientCodeChallenge = clientCodeChallenge; } } http://git-wip-us.apache.org/repos/asf/cxf/blob/8fc7bfa3/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java index aad1dc4..91f9cf2 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java @@ -140,7 +140,7 @@ public class JoseSessionTokenProvider implements SessionAuthenticityTokenProvide OAuthRedirectionState state = new OAuthRedirectionState(); state.setClientId(parts[0]); state.setAudience(parts[1]); - state.setClientCodeVerifier(parts[2]); + state.setClientCodeChallenge(parts[2]); state.setState(parts[3]); state.setProposedScope(parts[4]); state.setRedirectUri(parts[5]); @@ -155,7 +155,7 @@ public class JoseSessionTokenProvider implements SessionAuthenticityTokenProvide state.append(ModelEncryptionSupport.tokenizeString(secData.getAudience())); state.append(ModelEncryptionSupport.SEP); // 2: client code verifier - state.append(ModelEncryptionSupport.tokenizeString(secData.getClientCodeVerifier())); + state.append(ModelEncryptionSupport.tokenizeString(secData.getClientCodeChallenge())); state.append(ModelEncryptionSupport.SEP); // 3: state state.append(ModelEncryptionSupport.tokenizeString(secData.getState())); http://git-wip-us.apache.org/repos/asf/cxf/blob/8fc7bfa3/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java index 6a149e5..185cb0f 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java @@ -78,7 +78,7 @@ public class AuthorizationCodeGrantService extends RedirectionBasedGrantService return state; } private static void setCodeQualifier(OAuthRedirectionState data, MultivaluedMap params) { - data.setClientCodeVerifier(params.getFirst(OAuthConstants.AUTHORIZATION_CODE_VERIFIER)); + data.setClientCodeChallenge(params.getFirst(OAuthConstants.AUTHORIZATION_CODE_CHALLENGE)); } protected Response startAuthorization(MultivaluedMap params, UserSubject userSubject, @@ -104,7 +104,7 @@ public class AuthorizationCodeGrantService extends RedirectionBasedGrantService codeReg.setApprovedScope(approvedScope); codeReg.setSubject(userSubject); codeReg.setAudience(state.getAudience()); - codeReg.setClientCodeVerifier(state.getClientCodeVerifier()); + codeReg.setClientCodeChallenge(state.getClientCodeChallenge()); ServerAuthorizationCodeGrant grant = null; try { http://git-wip-us.apache.org/repos/asf/cxf/blob/8fc7bfa3/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/ModelEncryptionSupport.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/ModelEncryptionSupport.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/ModelEncryptionSupport.java index 02afb04..8990255 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/ModelEncryptionSupport.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/crypto/ModelEncryptionSupport.java @@ -394,7 +394,7 @@ public final class ModelEncryptionSupport { Long.valueOf(parts[3])); grant.setRedirectUri(getStringPart(parts[4])); grant.setAudience(getStringPart(parts[5])); - grant.setClientCodeVerifier(getStringPart(parts[6])); + grant.setClientCodeChallenge(getStringPart(parts[6])); grant.setApprovedScopes(parseSimpleList(parts[7])); grant.setSubject(recreateUserSubject(parts[8])); return grant; @@ -420,7 +420,7 @@ public final class ModelEncryptionSupport { state.append(tokenizeString(grant.getAudience())); state.append(SEP); // 6: code verifier - state.append(tokenizeString(grant.getClientCodeVerifier())); + state.append(tokenizeString(grant.getClientCodeChallenge())); state.append(SEP); // 7: approved scopes state.append(grant.getApprovedScopes().toString());