cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Minor updates to OAuth2 data provider utility code
Date Thu, 14 May 2015 16:24:24 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 972a77e00 -> 5b99fc140


Minor updates to OAuth2 data provider utility code


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/5b99fc14
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/5b99fc14
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/5b99fc14

Branch: refs/heads/3.0.x-fixes
Commit: 5b99fc1403a4e96bffe3177fda3d8abb5ff143f1
Parents: 972a77e
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Thu May 14 17:22:46 2015 +0100
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Thu May 14 17:24:02 2015 +0100

----------------------------------------------------------------------
 .../grants/code/AbstractCodeDataProvider.java   | 56 ++++++++++++++++++++
 .../code/DefaultEHCacheCodeDataProvider.java    | 53 ++++--------------
 .../provider/AbstractCodeDataProvider.java      | 51 ------------------
 .../provider/AbstractOAuthDataProvider.java     |  3 +-
 .../security/oauth2/utils/OAuthConstants.java   |  4 ++
 5 files changed, 73 insertions(+), 94 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/5b99fc14/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AbstractCodeDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AbstractCodeDataProvider.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AbstractCodeDataProvider.java
new file mode 100644
index 0000000..7d3b1a0
--- /dev/null
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AbstractCodeDataProvider.java
@@ -0,0 +1,56 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth2.grants.code;
+
+import org.apache.cxf.rs.security.oauth2.provider.AbstractOAuthDataProvider;
+import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
+
+public abstract class AbstractCodeDataProvider extends AbstractOAuthDataProvider 
+    implements AuthorizationCodeDataProvider {
+    private long codeLifetime = 3600L;
+    
+    protected AbstractCodeDataProvider() {
+    }
+        
+    @Override
+    public ServerAuthorizationCodeGrant createCodeGrant(AuthorizationCodeRegistration reg)

+        throws OAuthServiceException {
+        ServerAuthorizationCodeGrant grant = initCodeGrant(reg, codeLifetime);
+        saveCodeGrant(grant);
+        return grant;
+    }
+    
+    public void setCodeLifetime(long codeLifetime) {
+        this.codeLifetime = codeLifetime;
+    }
+    
+    protected abstract void saveCodeGrant(ServerAuthorizationCodeGrant grant);
+    
+    public static ServerAuthorizationCodeGrant initCodeGrant(AuthorizationCodeRegistration
reg, long lifetime) {
+        ServerAuthorizationCodeGrant grant = new ServerAuthorizationCodeGrant(reg.getClient(),
lifetime);
+        grant.setRedirectUri(reg.getRedirectUri());
+        grant.setSubject(reg.getSubject());
+        grant.setRequestedScopes(reg.getRequestedScope());
+        grant.setApprovedScopes(reg.getApprovedScope());
+        grant.setAudience(reg.getAudience());
+        grant.setClientCodeChallenge(reg.getClientCodeChallenge());
+        return grant;
+    }
+    
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/5b99fc14/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DefaultEHCacheCodeDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DefaultEHCacheCodeDataProvider.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DefaultEHCacheCodeDataProvider.java
index d148423..ea9ace8 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DefaultEHCacheCodeDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/DefaultEHCacheCodeDataProvider.java
@@ -18,20 +18,17 @@
  */
 package org.apache.cxf.rs.security.oauth2.grants.code;
 
-import java.util.List;
-
 import net.sf.ehcache.Ehcache;
 
 import org.apache.cxf.Bus;
 import org.apache.cxf.rs.security.oauth2.provider.DefaultEHCacheOAuthDataProvider;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
-import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
 
 public class DefaultEHCacheCodeDataProvider extends DefaultEHCacheOAuthDataProvider 
     implements AuthorizationCodeDataProvider {
-    public static final String CODE_GRANT_CACHE_KEY = "cxf.oauth2.client.cache";
+    public static final String CODE_GRANT_CACHE_KEY = "cxf.oauth2.codegrant.cache";
     
-    private long grantLifetime;
+    private long codeLifetime = 3600L;
     private Ehcache codeGrantCache;
     
     protected DefaultEHCacheCodeDataProvider() {
@@ -39,8 +36,8 @@ public class DefaultEHCacheCodeDataProvider extends DefaultEHCacheOAuthDataProvi
     }
     
     protected DefaultEHCacheCodeDataProvider(String configFileURL, Bus bus) {
-        this(configFileURL, bus, CODE_GRANT_CACHE_KEY,
-             CLIENT_CACHE_KEY, ACCESS_TOKEN_CACHE_KEY, REFRESH_TOKEN_CACHE_KEY);
+        this(configFileURL, bus, CLIENT_CACHE_KEY, CODE_GRANT_CACHE_KEY,
+             ACCESS_TOKEN_CACHE_KEY, REFRESH_TOKEN_CACHE_KEY);
     }
     
     protected DefaultEHCacheCodeDataProvider(String configFileURL, 
@@ -56,8 +53,8 @@ public class DefaultEHCacheCodeDataProvider extends DefaultEHCacheOAuthDataProvi
     @Override
     public ServerAuthorizationCodeGrant createCodeGrant(AuthorizationCodeRegistration reg)
         throws OAuthServiceException {
-        ServerAuthorizationCodeGrant grant = doCreateCodeGrant(reg);
-        saveAuthorizationGrant(grant);
+        ServerAuthorizationCodeGrant grant = AbstractCodeDataProvider.initCodeGrant(reg,
codeLifetime);
+        saveCodeGrant(grant);
         return grant;
     }
 
@@ -71,40 +68,12 @@ public class DefaultEHCacheCodeDataProvider extends DefaultEHCacheOAuthDataProvi
         }
         return grant;
     }
-    
-    protected ServerAuthorizationCodeGrant doCreateCodeGrant(AuthorizationCodeRegistration
reg)
-        throws OAuthServiceException {
-        ServerAuthorizationCodeGrant grant = 
-            new ServerAuthorizationCodeGrant(reg.getClient(), getCode(reg), getGrantLifetime(),
getIssuedAt());
-        grant.setApprovedScopes(getApprovedScopes(reg));
-        grant.setAudience(reg.getAudience());
-        grant.setClientCodeChallenge(reg.getClientCodeChallenge());
-        grant.setSubject(reg.getSubject());
-        grant.setRedirectUri(reg.getRedirectUri());
-        return grant;
-    }
-
-    protected List<String> getApprovedScopes(AuthorizationCodeRegistration reg) {
-        return reg.getApprovedScope();
-    }
-    
-    protected String getCode(AuthorizationCodeRegistration reg) {
-        return OAuthUtils.generateRandomTokenKey();
-    }
-    
-    public long getGrantLifetime() {
-        return grantLifetime;
-    }
-
-    public void setGrantLifetime(long lifetime) {
-        this.grantLifetime = lifetime;
-    }
-
-    protected long getIssuedAt() {
-        return OAuthUtils.getIssuedAt();
+        
+    protected void saveCodeGrant(ServerAuthorizationCodeGrant grant) { 
+        putCacheValue(codeGrantCache, grant.getCode(), grant, grant.getExpiresIn());
     }
     
-    protected void saveAuthorizationGrant(ServerAuthorizationCodeGrant grant) { 
-        putCacheValue(codeGrantCache, grant.getCode(), grant, grant.getExpiresIn());
+    public void setCodeLifetime(long codeLifetime) {
+        this.codeLifetime = codeLifetime;
     }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/5b99fc14/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractCodeDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractCodeDataProvider.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractCodeDataProvider.java
deleted file mode 100644
index a569176..0000000
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractCodeDataProvider.java
+++ /dev/null
@@ -1,51 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.rs.security.oauth2.provider;
-
-import org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeDataProvider;
-import org.apache.cxf.rs.security.oauth2.grants.code.AuthorizationCodeRegistration;
-import org.apache.cxf.rs.security.oauth2.grants.code.ServerAuthorizationCodeGrant;
-
-public abstract class AbstractCodeDataProvider extends AbstractOAuthDataProvider 
-    implements AuthorizationCodeDataProvider {
-    private long codeLifetime = 3600L;
-    
-    protected AbstractCodeDataProvider() {
-    }
-        
-    @Override
-    public ServerAuthorizationCodeGrant createCodeGrant(AuthorizationCodeRegistration reg)

-        throws OAuthServiceException {
-        ServerAuthorizationCodeGrant grant = new ServerAuthorizationCodeGrant(reg.getClient(),
codeLifetime);
-        grant.setRedirectUri(reg.getRedirectUri());
-        grant.setSubject(reg.getSubject());
-        grant.setRequestedScopes(reg.getRequestedScope());
-        grant.setApprovedScopes(reg.getApprovedScope());
-        saveCodeGrant(grant);
-        return grant;
-    }
-    
-    public void setCodeLifetime(long codeLifetime) {
-        this.codeLifetime = codeLifetime;
-    }
-    
-    protected abstract void saveCodeGrant(ServerAuthorizationCodeGrant grant);
-    
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/5b99fc14/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
index 2013d29..20a4774 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
@@ -28,6 +28,7 @@ import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
 import org.apache.cxf.rs.security.oauth2.common.UserSubject;
 import org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken;
 import org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken;
+import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 
 public abstract class AbstractOAuthDataProvider implements OAuthDataProvider {
     private long accessTokenLifetime = 3600L;
@@ -107,7 +108,7 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider
{
     }
     
     protected boolean isRefreshTokenSupported(List<String> theScopes) {
-        return true;
+        return theScopes.contains(OAuthConstants.REFRESH_TOKEN_SCOPE);
     }
 
     protected ServerAccessToken createNewAccessToken(Client client) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/5b99fc14/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
index a25a579..dea3e11 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
@@ -126,6 +126,10 @@ public final class OAuthConstants {
     public static final String AUTHORIZATION_SCHEME_TYPE = "authScheme";
     public static final String AUTHORIZATION_SCHEME_DATA = "authSchemeData";
     
+    // Default refresh token scope value - checked by CXF utility code
+    public static final String REFRESH_TOKEN_SCOPE = "refreshToken";
+    
+    
     private OAuthConstants() {
     }
     


Mime
View raw message