cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Propagating a nonce value from a code grant to an access token reg
Date Mon, 30 Nov 2015 12:15:03 GMT
Repository: cxf
Updated Branches:
  refs/heads/master dc9f8c238 -> c7e75e55f


Propagating a nonce value from a code grant to an access token reg


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c7e75e55
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c7e75e55
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c7e75e55

Branch: refs/heads/master
Commit: c7e75e55f01d81add3194b5a1676d12ef3669cb5
Parents: dc9f8c2
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Mon Nov 30 12:14:39 2015 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Mon Nov 30 12:14:39 2015 +0000

----------------------------------------------------------------------
 .../security/oauth2/grants/AbstractGrantHandler.java | 15 ++++++++-------
 .../oauth2/grants/code/AbstractCodeDataProvider.java |  1 +
 .../grants/code/AuthorizationCodeGrantHandler.java   |  3 ++-
 .../grants/code/ServerAuthorizationCodeGrant.java    |  9 +++++++++
 4 files changed, 20 insertions(+), 8 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/c7e75e55/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
index b855af0..2300b11 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
@@ -108,8 +108,7 @@ public abstract class AbstractGrantHandler implements AccessTokenGrantHandler
{
                                                     UserSubject subject,
                                                     List<String> requestedScope) {
         
-        return doCreateAccessToken(client, subject, getSingleGrantType(), requestedScope,

-                                   null, null, null);
+        return doCreateAccessToken(client, subject, getSingleGrantType(), requestedScope);
     }
     
     protected ServerAccessToken doCreateAccessToken(Client client,
@@ -119,23 +118,25 @@ public abstract class AbstractGrantHandler implements AccessTokenGrantHandler
{
                                                     String audience) {
         
         return doCreateAccessToken(client, subject, getSingleGrantType(), requestedScope,

-                                   approvedScope, audience, null);
+                                   approvedScope, audience, null, null);
     }
     
     protected ServerAccessToken doCreateAccessToken(Client client,
                                                     UserSubject subject,
                                                     String requestedGrant,
                                                     List<String> requestedScope) {
-        return doCreateAccessToken(client, subject, requestedGrant, requestedScope, null,
null, null);
+        return doCreateAccessToken(client, subject, requestedGrant, requestedScope, null,
null, null, null);
     }
-    
+    //CHECKSTYLE:OFF
     protected ServerAccessToken doCreateAccessToken(Client client,
                                                     UserSubject subject,
                                                     String requestedGrant,
                                                     List<String> requestedScope,
                                                     List<String> approvedScope,
                                                     String audience,
-                                                    String codeVerifier) {
+                                                    String codeVerifier,
+                                                    String nonce) {
+    //CHECKSTYLE:ON    
         if (!OAuthUtils.validateScopes(requestedScope, client.getRegisteredScopes(), 
                                        partialMatchScopeValidation)) {
             throw new OAuthServiceException(new OAuthError(OAuthConstants.INVALID_SCOPE));
    
@@ -163,7 +164,7 @@ public abstract class AbstractGrantHandler implements AccessTokenGrantHandler
{
         reg.setApprovedScope(approvedScope);
         reg.setAudience(audience);
         reg.setClientCodeVerifier(codeVerifier);
-        
+        reg.setNonce(nonce);
         return dataProvider.createAccessToken(reg);
     }
     

http://git-wip-us.apache.org/repos/asf/cxf/blob/c7e75e55/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AbstractCodeDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AbstractCodeDataProvider.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AbstractCodeDataProvider.java
index 6bed976..1b63bb3 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AbstractCodeDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AbstractCodeDataProvider.java
@@ -55,6 +55,7 @@ public abstract class AbstractCodeDataProvider extends AbstractOAuthDataProvider
         grant.setApprovedScopes(reg.getApprovedScope());
         grant.setAudience(reg.getAudience());
         grant.setClientCodeChallenge(reg.getClientCodeChallenge());
+        grant.setNonce(reg.getNonce());
         return grant;
     }
     

http://git-wip-us.apache.org/repos/asf/cxf/blob/c7e75e55/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
index 9a6888a..f2cf499 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/AuthorizationCodeGrantHandler.java
@@ -84,7 +84,8 @@ public class AuthorizationCodeGrantHandler extends AbstractGrantHandler
{
                                    grant.getRequestedScopes(),
                                    grant.getApprovedScopes(),
                                    grant.getAudience(),
-                                   clientCodeVerifier);
+                                   clientCodeVerifier,
+                                   grant.getNonce());
     }
     
     private boolean compareCodeVerifierWithChallenge(Client c, String clientCodeVerifier,


http://git-wip-us.apache.org/repos/asf/cxf/blob/c7e75e55/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
index a1aba9f..f09327a 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/code/ServerAuthorizationCodeGrant.java
@@ -39,6 +39,7 @@ public class ServerAuthorizationCodeGrant extends AuthorizationCodeGrant
{
     private List<String> requestedScopes = Collections.emptyList();
     private UserSubject subject;
     private String audience;
+    private String nonce;
     private String clientCodeChallenge;
     
     public ServerAuthorizationCodeGrant() {
@@ -165,4 +166,12 @@ public class ServerAuthorizationCodeGrant extends AuthorizationCodeGrant
{
     public void setRequestedScopes(List<String> requestedScopes) {
         this.requestedScopes = requestedScopes;
     }
+
+    public String getNonce() {
+        return nonce;
+    }
+
+    public void setNonce(String nonce) {
+        this.nonce = nonce;
+    }
 }


Mime
View raw message