cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Minor updates to the OAuth2 code
Date Fri, 20 Mar 2015 14:02:43 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes c8e1badee -> e55a3484d


Minor updates to the OAuth2 code


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e55a3484
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e55a3484
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e55a3484

Branch: refs/heads/3.0.x-fixes
Commit: e55a3484dde4c336a16c44062148b578e5d9920c
Parents: c8e1bad
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Fri Mar 20 14:00:51 2015 +0000
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Fri Mar 20 14:02:22 2015 +0000

----------------------------------------------------------------------
 .../cxf/rs/security/oauth2/grants/AbstractGrantHandler.java  | 2 +-
 .../grants/clientcred/ClientCredentialsGrantHandler.java     | 8 +++++---
 .../rs/security/oauth2/services/ImplicitGrantService.java    | 3 +++
 .../rs/security/oauth2/tokens/bearer/BearerAccessToken.java  | 3 +++
 .../cxf/rs/security/oauth2/tokens/hawk/HawkAccessToken.java  | 4 +++-
 5 files changed, 15 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/e55a3484/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
index f86e2da..dd17dd1 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
@@ -43,7 +43,7 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
  * Abstract access token grant handler
  */
 public abstract class AbstractGrantHandler implements AccessTokenGrantHandler {
-    private static final Logger LOG = LogUtils.getL7dLogger(AbstractGrantHandler.class);
+    protected static final Logger LOG = LogUtils.getL7dLogger(AbstractGrantHandler.class);
     
     private List<String> supportedGrants;
     private OAuthDataProvider dataProvider;

http://git-wip-us.apache.org/repos/asf/cxf/blob/e55a3484/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java
index 0ac6347..800a5fb 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/clientcred/ClientCredentialsGrantHandler.java
@@ -39,9 +39,11 @@ public class ClientCredentialsGrantHandler extends AbstractGrantHandler
{
     public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String>
params)
         throws OAuthServiceException {
         
-        return doCreateAccessToken(client, 
-                                   client.getSubject(), 
-                                   params);
+        ServerAccessToken at = doCreateAccessToken(client, client.getSubject(), params);
+        if (at.getRefreshToken() != null) {
+            LOG.warning("Client credentials grant tokens SHOULD not have refresh tokens");
+        }
+        return at;
     }
 
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/e55a3484/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
index aa1e44b..f6e42f5 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
@@ -79,6 +79,9 @@ public class ImplicitGrantService extends RedirectionBasedGrantService {
         } else {
             token = preAuthorizedToken;
         }
+        if (token.getRefreshToken() != null) {
+            LOG.warning("Implicit grant tokens MUST not have refresh tokens, refresh token
will not be reported");
+        }
         ClientAccessToken clientToken = OAuthUtils.toClientAccessToken(token, isWriteOptionalParameters());
         processClientAccessToken(clientToken, token);
    

http://git-wip-us.apache.org/repos/asf/cxf/blob/e55a3484/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
index f4b666f..c0ecd61 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
@@ -43,6 +43,9 @@ public class BearerAccessToken extends ServerAccessToken {
                              long issuedAt) {
         super(client, OAuthConstants.BEARER_TOKEN_TYPE, tokenKey, lifetime, issuedAt);
     }
+    public BearerAccessToken(ServerAccessToken token) {
+        this(token, OAuthUtils.generateRandomTokenKey());
+    }
     public BearerAccessToken(ServerAccessToken token, String newKey) {
         super(validateTokenType(token, OAuthConstants.BEARER_TOKEN_TYPE), newKey);
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/e55a3484/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessToken.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessToken.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessToken.java
index ce3ca25..c711092 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessToken.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAccessToken.java
@@ -70,7 +70,9 @@ public class HawkAccessToken extends ServerAccessToken {
         super(checkClient(client), OAuthConstants.HAWK_TOKEN_TYPE, tokenKey, lifetime, issuedAt);
         this.setExtraParameters(algo, macKey);
     }
-    
+    public HawkAccessToken(ServerAccessToken token) {
+        this(token, OAuthUtils.generateRandomTokenKey());
+    }
     public HawkAccessToken(ServerAccessToken token, String newKey) {
         super(validateTokenType(token, OAuthConstants.HAWK_TOKEN_TYPE), newKey);
     }


Mime
View raw message