cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Makaing sure the code filter can catch all code response errors
Date Fri, 13 Nov 2015 10:57:15 GMT
Repository: cxf
Updated Branches:
  refs/heads/master bf52c1759 -> 144ee70dc


Makaing sure the code filter can catch all code response errors


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/144ee70d
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/144ee70d
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/144ee70d

Branch: refs/heads/master
Commit: 144ee70dc163a1dbcfbfa891a3fed0b98b7edf21
Parents: bf52c17
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Fri Nov 13 10:56:58 2015 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Fri Nov 13 10:56:58 2015 +0000

----------------------------------------------------------------------
 .../cxf/rs/security/oauth2/client/AccessDeniedResponse.java  | 8 +++++++-
 .../rs/security/oauth2/client/ClientCodeRequestFilter.java   | 4 ++--
 .../oauth2/provider/AbstractOAuthJoseJwtProducer.java        | 5 +++--
 3 files changed, 12 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/144ee70d/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AccessDeniedResponse.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AccessDeniedResponse.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AccessDeniedResponse.java
index 9ec28ab..16a87bf 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AccessDeniedResponse.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AccessDeniedResponse.java
@@ -19,5 +19,11 @@
 package org.apache.cxf.rs.security.oauth2.client;
 
 public class AccessDeniedResponse {
-
+    private String error;
+    public AccessDeniedResponse(String error) {
+        this.error = error;
+    }
+    public String getError() {
+        return error;
+    }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/144ee70d/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
index 3e312a3..18285a6 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
@@ -115,10 +115,10 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter
{
         if (sc == null || sc.getUserPrincipal() == null) {
             if (codeParam == null 
                 && requestParams.containsKey(OAuthConstants.ERROR_KEY)
-                && OAuthConstants.ACCESS_DENIED.equals(requestParams.getFirst(OAuthConstants.ERROR_KEY))
                 && !faultAccessDeniedResponses) {
                 if (!applicationCanHandleAccessDenied) {
-                    rc.abortWith(Response.ok(new AccessDeniedResponse()).build());    
+                    String error = requestParams.getFirst(OAuthConstants.ERROR_KEY);
+                    rc.abortWith(Response.ok(new AccessDeniedResponse(error)).build()); 
  
                 }
             } else {
                 throw ExceptionUtils.toNotAuthorizedException(null, null);

http://git-wip-us.apache.org/repos/asf/cxf/blob/144ee70d/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthJoseJwtProducer.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthJoseJwtProducer.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthJoseJwtProducer.java
index b0a7414..fec38bc 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthJoseJwtProducer.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthJoseJwtProducer.java
@@ -22,6 +22,7 @@ import java.util.Properties;
 
 import javax.crypto.SecretKey;
 
+import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.rs.security.jose.jwa.AlgorithmUtils;
 import org.apache.cxf.rs.security.jose.jwa.ContentAlgorithm;
 import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
@@ -44,7 +45,7 @@ public abstract class AbstractOAuthJoseJwtProducer extends AbstractJoseJwtProduc
     }
     
     protected JwsSignatureProvider getInitializedSignatureProvider(String clientSecret) {
-        if (signWithClientSecret) {
+        if (signWithClientSecret && !StringUtils.isEmpty(clientSecret)) {
             Properties props = JwsUtils.loadSignatureOutProperties(false);
             SignatureAlgorithm sigAlgo = JwsUtils.getSignatureAlgorithm(props, SignatureAlgorithm.HS256);
             if (AlgorithmUtils.isHmacSign(sigAlgo)) {
@@ -54,7 +55,7 @@ public abstract class AbstractOAuthJoseJwtProducer extends AbstractJoseJwtProduc
         return null;
     }
     protected JweEncryptionProvider getInitializedEncryptionProvider(String clientSecret)
{
-        if (encryptWithClientSecret) {
+        if (encryptWithClientSecret && !StringUtils.isEmpty(clientSecret)) {
             SecretKey key = CryptoUtils.decodeSecretKey(clientSecret);
             Properties props = JweUtils.loadEncryptionOutProperties(false);
             ContentAlgorithm ctAlgo = JweUtils.getContentEncryptionAlgorithm(props, ContentAlgorithm.A128GCM);


Mime
View raw message