Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 4F5A918B71 for ; Mon, 2 Nov 2015 16:02:22 +0000 (UTC) Received: (qmail 88950 invoked by uid 500); 2 Nov 2015 16:02:22 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 88891 invoked by uid 500); 2 Nov 2015 16:02:22 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 88877 invoked by uid 99); 2 Nov 2015 16:02:22 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 02 Nov 2015 16:02:22 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 02AAEE0514; Mon, 2 Nov 2015 16:02:21 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: sergeyb@apache.org To: commits@cxf.apache.org Message-Id: <2ade417f217b4705a0df583aba892b77@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: cxf git commit: Some updates around checking the scheme in Oauth2 filter Date: Mon, 2 Nov 2015 16:02:21 +0000 (UTC) Repository: cxf Updated Branches: refs/heads/3.0.x-fixes 934012437 -> ea9f508c3 Some updates around checking the scheme in Oauth2 filter Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/ea9f508c Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/ea9f508c Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/ea9f508c Branch: refs/heads/3.0.x-fixes Commit: ea9f508c344df826593c960c086c82d218e90756 Parents: 9340124 Author: Sergey Beryozkin Authored: Mon Nov 2 16:00:47 2015 +0000 Committer: Sergey Beryozkin Committed: Mon Nov 2 16:02:04 2015 +0000 ---------------------------------------------------------------------- .../oauth2/filters/AccessTokenValidatorClient.java | 13 +++++++++++-- .../rs/security/oauth2/utils/AuthorizationUtils.java | 4 +++- 2 files changed, 14 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/ea9f508c/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenValidatorClient.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenValidatorClient.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenValidatorClient.java index 984995b..71bb021 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenValidatorClient.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenValidatorClient.java @@ -19,6 +19,7 @@ package org.apache.cxf.rs.security.oauth2.filters; import java.util.Collections; +import java.util.LinkedList; import java.util.List; import javax.ws.rs.core.MultivaluedMap; @@ -34,9 +35,11 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants; public class AccessTokenValidatorClient implements AccessTokenValidator { private WebClient tokenValidatorClient; - + private List supportedSchemes = new LinkedList(); public List getSupportedAuthorizationSchemes() { - return Collections.singletonList(OAuthConstants.ALL_AUTH_SCHEMES); + return supportedSchemes.isEmpty() + ? Collections.singletonList(OAuthConstants.ALL_AUTH_SCHEMES) + : Collections.unmodifiableList(supportedSchemes); } public AccessTokenValidation validateAccessToken(MessageContext mc, @@ -57,5 +60,11 @@ public class AccessTokenValidatorClient implements AccessTokenValidator { public void setTokenValidatorClient(WebClient tokenValidatorClient) { this.tokenValidatorClient = tokenValidatorClient; } + public void setSupportedSchemes(List schemes) { + this.supportedSchemes.addAll(schemes); + } + public void setSupportedScheme(String scheme) { + this.supportedSchemes.add(scheme); + } } http://git-wip-us.apache.org/repos/asf/cxf/blob/ea9f508c/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java index 09df5ef..51446a2 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java @@ -76,7 +76,9 @@ public final class AuthorizationUtils { if (headers != null && headers.size() == 1) { String[] parts = headers.get(0).split(" "); if (parts.length > 0 - && (challenges == null || challenges.isEmpty() || challenges.contains(parts[0]))) { + && (challenges == null || challenges.isEmpty() + || challenges.contains(parts[0]) + || challenges.size() == 1 && challenges.contains("*"))) { return parts; } }