cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject [1/4] cxf git commit: [CXF-6561] ResourceOwnerGrantHandler: handle null result from loginHandler
Date Thu, 27 Aug 2015 16:28:27 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 86a8325cc -> 8c5e1fb7c


[CXF-6561] ResourceOwnerGrantHandler: handle null result from loginHandler

Document that ResourceOwnerLoginHandler should return null in the event that the user credentials
are not valid.

There is no need to catch a RuntimeException, or any Exception, as only RuntimeExceptions
(or Errors) can be thrown by the createSubject method as it has no declared exceptions.


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e407bc91
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e407bc91
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e407bc91

Branch: refs/heads/master
Commit: e407bc91bb0e48bf6feb6c4b12b3c7ced87a9732
Parents: 4005dfa
Author: Karl von Randow <karl@cactuslab.com>
Authored: Thu Aug 27 11:45:06 2015 +1200
Committer: Karl von Randow <karl@cactuslab.com>
Committed: Thu Aug 27 11:45:06 2015 +1200

----------------------------------------------------------------------
 .../oauth2/grants/owner/ResourceOwnerGrantHandler.java   | 11 ++++-------
 .../oauth2/grants/owner/ResourceOwnerLoginHandler.java   |  8 ++++++++
 2 files changed, 12 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/e407bc91/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
index 8b2e160..875823b 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
@@ -48,13 +48,10 @@ public class ResourceOwnerGrantHandler extends AbstractGrantHandler {
                  new OAuthError(OAuthConstants.INVALID_REQUEST));
         }
         
-        UserSubject subject = null;
-        try {
-            subject = loginHandler.createSubject(ownerName, ownerPassword);
-        } catch (RuntimeException ex) { 
-            throw ex;
-        } catch (Exception ex) { 
-            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT, ex);
+        UserSubject subject = loginHandler.createSubject(ownerName, ownerPassword);
+        
+        if (subject == null) {
+            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
         }
         
         return doCreateAccessToken(client, 

http://git-wip-us.apache.org/repos/asf/cxf/blob/e407bc91/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerLoginHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerLoginHandler.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerLoginHandler.java
index 8eebfe2..8d63d69 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerLoginHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerLoginHandler.java
@@ -21,5 +21,13 @@ package org.apache.cxf.rs.security.oauth2.grants.owner;
 import org.apache.cxf.rs.security.oauth2.common.UserSubject;
 
 public interface ResourceOwnerLoginHandler {
+    
+    /**
+     * Create a {@link UserSubject} for the name and password parameters, or return null
if the name and password
+     * are invalid.
+     * @param name
+     * @param password
+     * @return A {@link UserSubject} representing the user, or null.
+     */
     UserSubject createSubject(String name, String password);
 }


Mime
View raw message