cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Prototyping an oauth2 code auth supplier
Date Wed, 08 Apr 2015 16:17:18 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 0ab9416fd -> 50eea2dc5


Prototyping an oauth2 code auth supplier


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/50eea2dc
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/50eea2dc
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/50eea2dc

Branch: refs/heads/master
Commit: 50eea2dc58e9c7952c10ca72758cd8de77d6f330
Parents: 0ab9416
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Wed Apr 8 17:17:01 2015 +0100
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Wed Apr 8 17:17:01 2015 +0100

----------------------------------------------------------------------
 .../oauth2/client/AbstractAuthSupplier.java      |  8 +++++++-
 .../oauth2/client/BearerAuthSupplier.java        | 19 +++++++++++--------
 2 files changed, 18 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/50eea2dc/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java
index 5932f28..aecc472 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java
@@ -22,7 +22,7 @@ package org.apache.cxf.rs.security.oauth2.client;
 import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
 
 public abstract class AbstractAuthSupplier {
-    protected ClientAccessToken clientAccessToken = new ClientAccessToken();
+    private ClientAccessToken clientAccessToken = new ClientAccessToken();
     protected AbstractAuthSupplier(String type) {
         clientAccessToken = new ClientAccessToken();
         clientAccessToken.setTokenType(type);
@@ -33,5 +33,11 @@ public abstract class AbstractAuthSupplier {
     protected String createAuthorizationHeader() {
         return clientAccessToken.getTokenType() + " " + clientAccessToken.getTokenKey();
     }
+    protected ClientAccessToken getClientAccessToken() {
+        return clientAccessToken;
+    }
+    protected void setClientAccessToken(ClientAccessToken clientAccessToken) {
+        this.clientAccessToken = clientAccessToken;
+    }
 
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/50eea2dc/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/BearerAuthSupplier.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/BearerAuthSupplier.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/BearerAuthSupplier.java
index 557a825..f7f6f1e 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/BearerAuthSupplier.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/BearerAuthSupplier.java
@@ -25,6 +25,7 @@ import java.util.Collections;
 import org.apache.cxf.configuration.security.AuthorizationPolicy;
 import org.apache.cxf.jaxrs.client.WebClient;
 import org.apache.cxf.message.Message;
+import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
@@ -46,7 +47,7 @@ public class BearerAuthSupplier extends AbstractAuthSupplier implements
HttpAuth
                                    URI currentURI,
                                    Message message,
                                    String fullHeader) {
-        if (clientAccessToken.getTokenKey() == null) {
+        if (getClientAccessToken().getTokenKey() == null) {
             return null;
         }
         
@@ -67,9 +68,10 @@ public class BearerAuthSupplier extends AbstractAuthSupplier implements
HttpAuth
         }
     }
     private void refreshAccessTokenIfExpired(AuthorizationPolicy authPolicy) {
-        if (clientAccessToken.getExpiresIn() != -1 
-            && OAuthUtils.isExpired(clientAccessToken.getIssuedAt(), 
-                                    clientAccessToken.getExpiresIn())) {
+        ClientAccessToken at = getClientAccessToken();
+        if (at.getExpiresIn() != -1 
+            && OAuthUtils.isExpired(at.getIssuedAt(), 
+                                    at.getExpiresIn())) {
             refreshAccessToken(authPolicy);
         }
         
@@ -77,7 +79,8 @@ public class BearerAuthSupplier extends AbstractAuthSupplier implements
HttpAuth
 
 
     private boolean refreshAccessToken(AuthorizationPolicy authPolicy) {
-        if (clientAccessToken.getRefreshToken() == null) {
+        ClientAccessToken at = getClientAccessToken();
+        if (at.getRefreshToken() == null) {
             return false;
         }
         // Client id and secret are needed to refresh the tokens
@@ -100,16 +103,16 @@ public class BearerAuthSupplier extends AbstractAuthSupplier implements
HttpAuth
         // not be done on every request the current approach is quite reasonable 
         
         WebClient accessTokenService = createAccessTokenServiceClient();
-        clientAccessToken = OAuthClientUtils.refreshAccessToken(accessTokenService, theConsumer,
clientAccessToken);
+        setClientAccessToken(OAuthClientUtils.refreshAccessToken(accessTokenService, theConsumer,
at));
         return true;
     }
 
-    private WebClient createAccessTokenServiceClient() {
+    WebClient createAccessTokenServiceClient() {
         return WebClient.create(accessTokenServiceUri, Collections.singletonList(new OAuthJSONProvider()));
     }
 
     public void setRefreshToken(String refreshToken) {
-        clientAccessToken.setRefreshToken(refreshToken);
+        getClientAccessToken().setRefreshToken(refreshToken);
     }
 
     public void setAccessTokenServiceUri(String uri) {


Mime
View raw message