cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: [CXF-6304] Making AccesstokenRegistration.getApprovedScopes useful in case of the code grant
Date Wed, 18 Mar 2015 16:07:07 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 9c7b2bc66 -> 26e8350e1


[CXF-6304] Making AccesstokenRegistration.getApprovedScopes useful in case of the code grant


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/26e8350e
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/26e8350e
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/26e8350e

Branch: refs/heads/master
Commit: 26e8350e122ed94155e58aa1f937cace205cfbc5
Parents: 9c7b2bc
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Wed Mar 18 16:06:49 2015 +0000
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Wed Mar 18 16:06:49 2015 +0000

----------------------------------------------------------------------
 .../oauth2/grants/AbstractGrantHandler.java         | 16 ++++++++++++----
 .../grants/code/AuthorizationCodeGrantHandler.java  |  1 +
 .../grants/code/ServerAuthorizationCodeGrant.java   |  9 +++++++++
 3 files changed, 22 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/26e8350e/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
index 58d0bda..f86e2da 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
@@ -100,6 +100,7 @@ public abstract class AbstractGrantHandler implements AccessTokenGrantHandler
{
         return doCreateAccessToken(client, 
                                    subject, 
                                    OAuthUtils.parseScope(params.getFirst(OAuthConstants.SCOPE)),

+                                   null,
                                    params.getFirst(OAuthConstants.CLIENT_AUDIENCE));
     }
     
@@ -107,28 +108,31 @@ public abstract class AbstractGrantHandler implements AccessTokenGrantHandler
{
                                                     UserSubject subject,
                                                     List<String> requestedScope) {
         
-        return doCreateAccessToken(client, subject, getSingleGrantType(), requestedScope,
null);
+        return doCreateAccessToken(client, subject, getSingleGrantType(), requestedScope,

+                                   null, null);
     }
     
     protected ServerAccessToken doCreateAccessToken(Client client,
                                                     UserSubject subject,
                                                     List<String> requestedScope,
+                                                    List<String> approvedScope,
                                                     String audience) {
         
-        return doCreateAccessToken(client, subject, getSingleGrantType(), requestedScope,
audience);
+        return doCreateAccessToken(client, subject, getSingleGrantType(), requestedScope,
approvedScope, audience);
     }
     
     protected ServerAccessToken doCreateAccessToken(Client client,
                                                     UserSubject subject,
                                                     String requestedGrant,
                                                     List<String> requestedScope) {
-        return doCreateAccessToken(client, subject, requestedGrant, requestedScope, null);
+        return doCreateAccessToken(client, subject, requestedGrant, requestedScope, null,
null);
     }
     
     protected ServerAccessToken doCreateAccessToken(Client client,
                                                     UserSubject subject,
                                                     String requestedGrant,
                                                     List<String> requestedScope,
+                                                    List<String> approvedScope,
                                                     String audience) {
         if (!OAuthUtils.validateScopes(requestedScope, client.getRegisteredScopes(), 
                                        partialMatchScopeValidation)) {
@@ -150,7 +154,11 @@ public abstract class AbstractGrantHandler implements AccessTokenGrantHandler
{
         reg.setClient(client);
         reg.setGrantType(requestedGrant);
         reg.setSubject(subject);
-        reg.setRequestedScope(requestedScope);        
+        reg.setRequestedScope(requestedScope);
+        if (approvedScope == null) {
+            approvedScope = Collections.emptyList();
+        }
+        reg.setApprovedScope(approvedScope);
         reg.setAudience(audience);
         
         return dataProvider.createAccessToken(reg);

http://git-wip-us.apache.org/repos/asf/cxf/blob/26e8350e/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
index 7e6972f..76fcbec 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
@@ -81,6 +81,7 @@ public class AuthorizationCodeGrantHandler extends AbstractGrantHandler
{
         
         return doCreateAccessToken(client, 
                                    grant.getSubject(), 
+                                   grant.getRequestedScopes(),
                                    grant.getApprovedScopes(),
                                    grant.getAudience());
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/26e8350e/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
index b2b3835..a1aba9f 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
@@ -36,6 +36,7 @@ public class ServerAuthorizationCodeGrant extends AuthorizationCodeGrant
{
     private long expiresIn;
     private Client client;
     private List<String> approvedScopes = Collections.emptyList();
+    private List<String> requestedScopes = Collections.emptyList();
     private UserSubject subject;
     private String audience;
     private String clientCodeChallenge;
@@ -156,4 +157,12 @@ public class ServerAuthorizationCodeGrant extends AuthorizationCodeGrant
{
     public void setClientCodeChallenge(String clientCodeChallenge) {
         this.clientCodeChallenge = clientCodeChallenge;
     }
+
+    public List<String> getRequestedScopes() {
+        return requestedScopes;
+    }
+
+    public void setRequestedScopes(List<String> requestedScopes) {
+        this.requestedScopes = requestedScopes;
+    }
 }


Mime
View raw message