cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [1/5] cxf git commit: Add equals/hashCode methods for OAuthPermission so that the containsAll call in AbstractOAuthDataProvider.doRefreshAccessToken works
Date Fri, 04 Dec 2015 17:12:37 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 90789cc21 -> 92b2da359


Add equals/hashCode methods for OAuthPermission so that the containsAll call in AbstractOAuthDataProvider.doRefreshAccessToken
works

Conflicts:
	rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java

Conflicts:
	rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/dae28f01
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/dae28f01
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/dae28f01

Branch: refs/heads/3.0.x-fixes
Commit: dae28f01e97a63e4915efad30036cce20ffda54f
Parents: 90789cc
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Fri Dec 4 16:34:03 2015 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Fri Dec 4 17:11:35 2015 +0000

----------------------------------------------------------------------
 .../security/oauth2/common/OAuthPermission.java | 124 +++++++++++++++++++
 .../services/AbstractImplicitGrantService.java  |  19 +++
 2 files changed, 143 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/dae28f01/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
index 0aaf300..f23e2ad 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
@@ -77,4 +77,128 @@ public class OAuthPermission extends Permission {
         return uris;
     }
     
+<<<<<<< HEAD
+=======
+    /**
+     * Gets the permission description
+     * @return the description
+     */
+    public String getDescription() {
+        return description;
+    }
+
+    /**
+     * Sets the permission description
+     * @param description
+     */
+    public void setDescription(String description) {
+        this.description = description;
+    }
+
+    /**
+     * Get the permission value such as "read_calendar"
+     * @return the value
+     */
+    public String getPermission() {
+        return permission;
+    }
+
+    /**
+     * Sets the permission value such as "read_calendar"
+     * @param permission the permission value
+     */
+    public void setPermission(String permission) {
+        this.permission = permission;
+    }
+
+    /**
+     * Indicates if this permission has been allocated by default or not.
+     * Authorization View handlers may use this property to optimize the way the user selects
the
+     * scopes.
+     * For example, assume that read', 'add' and 'update' scopes are supported and the 
+     * 'read' scope is always allocated. This can be presented at the UI level as follows:
+     * the read-only check-box control will represent a 'read' scope and a user will be able
to
+     * optionally select 'add' and/or 'update' scopes, in addition to the default 'read'
one. 
+     * @param isDefault true if the permission has been allocated by default
+     */
+    public void setDefault(boolean value) {
+        this.isDefault = value;
+    }
+
+    public boolean isDefault() {
+        return isDefault;
+    }
+
+    public boolean isInvisibleToClient() {
+        return invisibleToClient;
+    }
+
+    /**
+     * Set the visibility status; by default all the scopes approved by a user can 
+     * be optionally reported to the client in access token responses. Some scopes may need
+     * to stay 'invisible' to client.
+     * @param invisibleToClient
+     */
+    public void setInvisibleToClient(boolean invisibleToClient) {
+        this.invisibleToClient = invisibleToClient;
+    }
+    
+    @Override
+    public boolean equals(Object object) {
+        if (!(object instanceof OAuthPermission)) {
+            return false;
+        }
+        
+        OAuthPermission that = (OAuthPermission)object;
+        if (this.httpVerbs != null && that.httpVerbs == null
+            || this.httpVerbs == null && that.httpVerbs != null
+            || this.httpVerbs != null && !this.httpVerbs.equals(that.httpVerbs))
{
+            return false;
+        }
+        if (this.uris != null && that.uris == null
+            || this.uris == null && that.uris != null
+            || this.uris != null && !this.uris.equals(that.uris)) {
+            return false;
+        }
+        if (this.permission != null && that.permission == null
+            || this.permission == null && that.permission != null
+            || this.permission != null && !this.permission.equals(that.permission))
{
+            return false;
+        }
+        if (this.description != null && that.description == null
+            || this.description == null && that.description != null
+            || this.description != null && !this.description.equals(that.description))
{
+            return false;
+        }
+        if (this.invisibleToClient != that.invisibleToClient) {
+            return false;
+        }
+        if (this.isDefault != that.isDefault) {
+            return false;
+        }
+        
+        return true;
+    }
+    
+    @Override
+    public int hashCode() {
+        int hashCode = 17;
+        if (httpVerbs != null) {
+            hashCode = 31 * hashCode + httpVerbs.hashCode();
+        }
+        if (uris != null) {
+            hashCode = 31 * hashCode + uris.hashCode();
+        }
+        if (permission != null) {
+            hashCode = 31 * hashCode + permission.hashCode();
+        }
+        if (description != null) {
+            hashCode = 31 * hashCode + description.hashCode();
+        }
+        hashCode = 31 * hashCode + Boolean.hashCode(invisibleToClient);
+        hashCode = 31 * hashCode + Boolean.hashCode(isDefault);
+        
+        return hashCode;
+    }
+>>>>>>> 8583a24... Add equals/hashCode methods for OAuthPermission so
that the containsAll call in AbstractOAuthDataProvider.doRefreshAccessToken works
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/dae28f01/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java
index ad09e75..636768f 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java
@@ -59,6 +59,7 @@ public abstract class AbstractImplicitGrantService extends RedirectionBasedGrant
                                    ServerAccessToken preAuthorizedToken) {
         ServerAccessToken token = null;
         if (preAuthorizedToken == null) {
+<<<<<<< HEAD
             AccessTokenRegistration reg = new AccessTokenRegistration();
             reg.setClient(client);
             reg.setGrantType(OAuthConstants.IMPLICIT_GRANT);
@@ -69,6 +70,24 @@ public abstract class AbstractImplicitGrantService extends RedirectionBasedGrant
                 reg.setApprovedScope(requestedScope);
             } else {
                 reg.setApprovedScope(approvedScope);
+=======
+            tokenCanBeReturned = canAccessTokenBeReturned(requestedScope, approvedScope);
+            if (tokenCanBeReturned) {
+                AccessTokenRegistration reg = new AccessTokenRegistration();
+                reg.setClient(client);
+                reg.setGrantType(super.getSupportedGrantType());
+                reg.setSubject(userSubject);
+                reg.setRequestedScope(requestedScope);        
+                if (approvedScope == null || approvedScope.isEmpty()) {
+                    // no down-scoping done by a user, all of the requested scopes have been
authorized
+                    reg.setApprovedScope(requestedScope);
+                } else {
+                    reg.setApprovedScope(approvedScope);
+                }
+                reg.setAudience(state.getAudience());
+                reg.setNonce(state.getNonce());
+                token = getDataProvider().createAccessToken(reg);
+>>>>>>> b7d3336... Add equals/hashCode methods for OAuthPermission so
that the containsAll call in AbstractOAuthDataProvider.doRefreshAccessToken works
             }
             reg.setAudience(params.getFirst(OAuthConstants.CLIENT_AUDIENCE));
             token = getDataProvider().createAccessToken(reg);


Mime
View raw message