cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: making it easy to use Bearer client tokens as header parameters
Date Tue, 12 May 2015 11:15:17 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 8ee1ce727 -> ad75192db


making it easy to use Bearer client tokens as header parameters


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/ad75192d
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/ad75192d
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/ad75192d

Branch: refs/heads/master
Commit: ad75192db72294e6d117e020aea890a50c166f79
Parents: 8ee1ce7
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Tue May 12 12:14:55 2015 +0100
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Tue May 12 12:14:55 2015 +0100

----------------------------------------------------------------------
 .../oauth2/client/ClientCodeRequestFilter.java  | 34 +++++++++++---------
 .../oauth2/common/ClientAccessToken.java        | 10 ++++++
 .../oidc/rp/OidcClientCodeRequestFilter.java    |  6 ++--
 3 files changed, 33 insertions(+), 17 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/ad75192d/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
index aa58ba2..478566c 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
@@ -59,6 +59,7 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter {
     private ClientCodeStateManager clientStateManager;
     private ClientTokenContextManager clientTokenContextManager;
     private WebClient accessTokenService;
+    private boolean decodeRequestParameters;
     
     @Override
     public void filter(ContainerRequestContext rc) throws IOException {
@@ -101,23 +102,21 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter
{
     protected void processCodeResponse(ContainerRequestContext rc, SecurityContext sc, UriInfo
ui) {
         MultivaluedMap<String, String> params = toRequestState(rc, ui);
         String codeParam = params.getFirst(OAuthConstants.AUTHORIZATION_CODE_VALUE);
+        ClientAccessToken at = null;
         if (codeParam != null) {
             AccessTokenGrant grant = new AuthorizationCodeGrant(codeParam, getAbsoluteRedirectUri(ui));
-            ClientAccessToken at = OAuthClientUtils.getAccessToken(accessTokenService, 
-                                                                   consumer, 
-                                                                   grant);
-            ClientTokenContext request = createTokenContext(at);
-            MultivaluedMap<String, String> state = null;
-            if (clientStateManager != null) {
-                state = clientStateManager.fromRedirectState(mc, params);
-            }
-            ((ClientTokenContextImpl)request).setToken(at);
+            at = OAuthClientUtils.getAccessToken(accessTokenService, consumer, grant);
+        }
+        ClientTokenContext request = createTokenContext(at);
+        ((ClientTokenContextImpl)request).setToken(at);
+        if (clientStateManager != null) {
+            MultivaluedMap<String, String> state = clientStateManager.fromRedirectState(mc,
params);
             ((ClientTokenContextImpl)request).setState(state);
-            if (clientTokenContextManager != null) {
-                clientTokenContextManager.setClientTokenContext(mc, request);
-            }
-            setClientCodeRequest(request);
         }
+        if (at != null && clientTokenContextManager != null) {
+            clientTokenContextManager.setClientTokenContext(mc, request);
+        }
+        setClientCodeRequest(request);
     }
     
     protected ClientTokenContext createTokenContext(ClientAccessToken at) {
@@ -138,10 +137,11 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter
{
 
     private MultivaluedMap<String, String> toRequestState(ContainerRequestContext rc,
UriInfo ui) {
         MultivaluedMap<String, String> requestState = new MetadataMap<String, String>();
-        requestState.putAll(ui.getQueryParameters(false));
+        requestState.putAll(ui.getQueryParameters(decodeRequestParameters));
         if (MediaType.APPLICATION_FORM_URLENCODED_TYPE.isCompatible(rc.getMediaType())) {
             String body = FormUtils.readBody(rc.getEntityStream(), "UTF-8");
-            FormUtils.populateMapFromString(requestState, JAXRSUtils.getCurrentMessage(),
body, "UTF-8", false);
+            FormUtils.populateMapFromString(requestState, JAXRSUtils.getCurrentMessage(),
body, 
+                                            "UTF-8", decodeRequestParameters);
         }
         return requestState;
     }
@@ -190,4 +190,8 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter
{
         return consumer;
     }
 
+    public void setDecodeRequestParameters(boolean decodeRequestParameters) {
+        this.decodeRequestParameters = decodeRequestParameters;
+    }
+
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/ad75192d/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ClientAccessToken.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ClientAccessToken.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ClientAccessToken.java
index e59075d..2b6b642 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ClientAccessToken.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ClientAccessToken.java
@@ -18,6 +18,8 @@
  */
 package org.apache.cxf.rs.security.oauth2.common;
 
+import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
+
 
 
 /**
@@ -57,4 +59,12 @@ public class ClientAccessToken extends AccessToken {
         return scope;
     }
 
+    @Override
+    public String toString() {
+        if (OAuthConstants.BEARER_AUTHORIZATION_SCHEME.equalsIgnoreCase(super.getTokenType()))
{
+            return OAuthConstants.BEARER_AUTHORIZATION_SCHEME + " " + super.getTokenKey();
+        } else {
+            return super.toString();
+        }
+    }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/ad75192d/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
index f40f921..aba4d3c 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcClientCodeRequestFilter.java
@@ -28,8 +28,10 @@ public class OidcClientCodeRequestFilter extends ClientCodeRequestFilter
{
     @Override
     protected ClientTokenContext createTokenContext(ClientAccessToken at) {
         OidcClientTokenContextImpl ctx = new OidcClientTokenContextImpl();
-        ctx.setIdToken(userInfoClient.getIdToken(at, getConsumer().getKey()));
-        ctx.setUserInfo(userInfoClient.getUserInfo(at, ctx.getIdToken()));
+        if (at != null) {
+            ctx.setIdToken(userInfoClient.getIdToken(at, getConsumer().getKey()));
+            ctx.setUserInfo(userInfoClient.getUserInfo(at, ctx.getIdToken()));
+        }
         return ctx;
     }
     public void setUserInfoClient(UserInfoClient userInfoClient) {


Mime
View raw message