Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 955D817A71 for ; Wed, 8 Apr 2015 16:24:58 +0000 (UTC) Received: (qmail 11643 invoked by uid 500); 8 Apr 2015 16:24:58 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 11567 invoked by uid 500); 8 Apr 2015 16:24:58 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 11557 invoked by uid 99); 8 Apr 2015 16:24:58 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 08 Apr 2015 16:24:58 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 5D123E1092; Wed, 8 Apr 2015 16:24:58 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: sergeyb@apache.org To: commits@cxf.apache.org Date: Wed, 08 Apr 2015 16:24:59 -0000 Message-Id: <7f50f84d5b8b499bb97d7f90b1150e48@git.apache.org> In-Reply-To: <2c03d47c811d473cb4e13219efc63133@git.apache.org> References: <2c03d47c811d473cb4e13219efc63133@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [2/3] cxf git commit: Prototyping an oauth2 code auth supplier Prototyping an oauth2 code auth supplier Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e2782f77 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e2782f77 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e2782f77 Branch: refs/heads/3.0.x-fixes Commit: e2782f7738f20af922cc7b11a582ed79ef17b1c6 Parents: 90bd0ea Author: Sergey Beryozkin Authored: Wed Apr 8 17:17:01 2015 +0100 Committer: Sergey Beryozkin Committed: Wed Apr 8 17:19:54 2015 +0100 ---------------------------------------------------------------------- .../oauth2/client/AbstractAuthSupplier.java | 8 +++++++- .../oauth2/client/BearerAuthSupplier.java | 19 +++++++++++-------- 2 files changed, 18 insertions(+), 9 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/e2782f77/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java index 5932f28..aecc472 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java @@ -22,7 +22,7 @@ package org.apache.cxf.rs.security.oauth2.client; import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken; public abstract class AbstractAuthSupplier { - protected ClientAccessToken clientAccessToken = new ClientAccessToken(); + private ClientAccessToken clientAccessToken = new ClientAccessToken(); protected AbstractAuthSupplier(String type) { clientAccessToken = new ClientAccessToken(); clientAccessToken.setTokenType(type); @@ -33,5 +33,11 @@ public abstract class AbstractAuthSupplier { protected String createAuthorizationHeader() { return clientAccessToken.getTokenType() + " " + clientAccessToken.getTokenKey(); } + protected ClientAccessToken getClientAccessToken() { + return clientAccessToken; + } + protected void setClientAccessToken(ClientAccessToken clientAccessToken) { + this.clientAccessToken = clientAccessToken; + } } http://git-wip-us.apache.org/repos/asf/cxf/blob/e2782f77/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/BearerAuthSupplier.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/BearerAuthSupplier.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/BearerAuthSupplier.java index 04c94ab..1ad0722 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/BearerAuthSupplier.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/BearerAuthSupplier.java @@ -25,6 +25,7 @@ import java.util.Collections; import org.apache.cxf.configuration.security.AuthorizationPolicy; import org.apache.cxf.jaxrs.client.WebClient; import org.apache.cxf.message.Message; +import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken; import org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider; import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants; import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils; @@ -46,7 +47,7 @@ public class BearerAuthSupplier extends AbstractAuthSupplier implements HttpAuth URI currentURI, Message message, String fullHeader) { - if (clientAccessToken.getTokenKey() == null) { + if (getClientAccessToken().getTokenKey() == null) { return null; } @@ -67,9 +68,10 @@ public class BearerAuthSupplier extends AbstractAuthSupplier implements HttpAuth } } private void refreshAccessTokenIfExpired(AuthorizationPolicy authPolicy) { - if (clientAccessToken.getExpiresIn() != -1 - && OAuthUtils.isExpired(clientAccessToken.getIssuedAt(), - clientAccessToken.getExpiresIn())) { + ClientAccessToken at = getClientAccessToken(); + if (at.getExpiresIn() != -1 + && OAuthUtils.isExpired(at.getIssuedAt(), + at.getExpiresIn())) { refreshAccessToken(authPolicy); } @@ -77,7 +79,8 @@ public class BearerAuthSupplier extends AbstractAuthSupplier implements HttpAuth private boolean refreshAccessToken(AuthorizationPolicy authPolicy) { - if (clientAccessToken.getRefreshToken() == null) { + ClientAccessToken at = getClientAccessToken(); + if (at.getRefreshToken() == null) { return false; } // Client id and secret are needed to refresh the tokens @@ -100,16 +103,16 @@ public class BearerAuthSupplier extends AbstractAuthSupplier implements HttpAuth // not be done on every request the current approach is quite reasonable WebClient accessTokenService = createAccessTokenServiceClient(); - clientAccessToken = OAuthClientUtils.refreshAccessToken(accessTokenService, theConsumer, clientAccessToken); + setClientAccessToken(OAuthClientUtils.refreshAccessToken(accessTokenService, theConsumer, at)); return true; } - private WebClient createAccessTokenServiceClient() { + WebClient createAccessTokenServiceClient() { return WebClient.create(accessTokenServiceUri, Collections.singletonList(new OAuthJSONProvider())); } public void setRefreshToken(String refreshToken) { - clientAccessToken.setRefreshToken(refreshToken); + getClientAccessToken().setRefreshToken(refreshToken); } public void setAccessTokenServiceUri(String uri) {