cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject [3/3] cxf git commit: [CXF-6561] ResourceOwnerGrantHandler: handle null result from loginHandler
Date Thu, 27 Aug 2015 16:39:15 GMT
[CXF-6561] ResourceOwnerGrantHandler: handle null result from loginHandler

Document that ResourceOwnerLoginHandler should return null in the event that the user credentials
are not valid.

There is no need to catch a RuntimeException, or any Exception, as only RuntimeExceptions
(or Errors) can be thrown by the createSubject method as it has no declared exceptions.


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/5d878329
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/5d878329
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/5d878329

Branch: refs/heads/3.0.x-fixes
Commit: 5d878329c22083618b0f2505e3b02aee170de032
Parents: dbfbbbb
Author: Karl von Randow <karl@cactuslab.com>
Authored: Thu Aug 27 11:45:06 2015 +1200
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Thu Aug 27 17:38:38 2015 +0100

----------------------------------------------------------------------
 .../oauth2/grants/owner/ResourceOwnerGrantHandler.java   | 11 ++++-------
 .../oauth2/grants/owner/ResourceOwnerLoginHandler.java   |  8 ++++++++
 2 files changed, 12 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/5d878329/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
index 8b2e160..875823b 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
@@ -48,13 +48,10 @@ public class ResourceOwnerGrantHandler extends AbstractGrantHandler {
                  new OAuthError(OAuthConstants.INVALID_REQUEST));
         }
         
-        UserSubject subject = null;
-        try {
-            subject = loginHandler.createSubject(ownerName, ownerPassword);
-        } catch (RuntimeException ex) { 
-            throw ex;
-        } catch (Exception ex) { 
-            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT, ex);
+        UserSubject subject = loginHandler.createSubject(ownerName, ownerPassword);
+        
+        if (subject == null) {
+            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
         }
         
         return doCreateAccessToken(client, 

http://git-wip-us.apache.org/repos/asf/cxf/blob/5d878329/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerLoginHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerLoginHandler.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerLoginHandler.java
index 8eebfe2..8d63d69 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerLoginHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerLoginHandler.java
@@ -21,5 +21,13 @@ package org.apache.cxf.rs.security.oauth2.grants.owner;
 import org.apache.cxf.rs.security.oauth2.common.UserSubject;
 
 public interface ResourceOwnerLoginHandler {
+    
+    /**
+     * Create a {@link UserSubject} for the name and password parameters, or return null
if the name and password
+     * are invalid.
+     * @param name
+     * @param password
+     * @return A {@link UserSubject} representing the user, or null.
+     */
     UserSubject createSubject(String name, String password);
 }


Mime
View raw message