Return-Path: 
 <commits-return-39496-apmail-cxf-commits-archive=cxf.apache.org@cxf.apache.org>
X-Original-To: apmail-cxf-commits-archive@www.apache.org
Delivered-To: apmail-cxf-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 12D6118B72
	for <apmail-cxf-commits-archive@www.apache.org>;
 Fri,  4 Dec 2015 17:11:20 +0000 (UTC)
Received: (qmail 21222 invoked by uid 500); 4 Dec 2015 17:11:13 -0000
Delivered-To: apmail-cxf-commits-archive@cxf.apache.org
Received: (qmail 21025 invoked by uid 500); 4 Dec 2015 17:11:13 -0000
Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@cxf.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@cxf.apache.org>
List-Post: <mailto:commits@cxf.apache.org>
List-Id: <commits.cxf.apache.org>
Reply-To: dev@cxf.apache.org
Delivered-To: mailing list commits@cxf.apache.org
Received: (qmail 20917 invoked by uid 99); 4 Dec 2015 17:11:13 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org)
 (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 04 Dec 2015 17:11:13 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at
 git1-us-west.apache.org, from userid 33)
	id 2B236E0441; Fri,  4 Dec 2015 17:11:13 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: coheigea@apache.org
To: commits@cxf.apache.org
Date: Fri, 04 Dec 2015 17:11:14 -0000
Message-Id: <56884bd003ab46dfb176579c237a9681@git.apache.org>
In-Reply-To: <b775bb810fdf4ce8991931649d1d6cb7@git.apache.org>
References: <b775bb810fdf4ce8991931649d1d6cb7@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: [2/5] cxf git commit: Add equals/hashCode methods for OAuthPermission
 so that the containsAll call in
 AbstractOAuthDataProvider.doRefreshAccessToken works

Add equals/hashCode methods for OAuthPermission so that the containsAll call in AbstractOAuthDataProvider.doRefreshAccessToken works

Conflicts:
	rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b7d33366
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b7d33366
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b7d33366

Branch: refs/heads/3.1.x-fixes
Commit: b7d33366f3311dc33c7da389f98fced6fd470c93
Parents: 4efd6b4
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Fri Dec 4 16:34:03 2015 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Fri Dec 4 17:04:10 2015 +0000

----------------------------------------------------------------------
 .../security/oauth2/common/OAuthPermission.java | 124 +++++++++++++++++++
 .../services/AbstractImplicitGrantService.java  |   2 +-
 2 files changed, 125 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/b7d33366/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
index 0aaf300..f23e2ad 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthPermission.java
@@ -77,4 +77,128 @@ public class OAuthPermission extends Permission {
         return uris;
     }
     
+<<<<<<< HEAD
+=======
+    /**
+     * Gets the permission description
+     * @return the description
+     */
+    public String getDescription() {
+        return description;
+    }
+
+    /**
+     * Sets the permission description
+     * @param description
+     */
+    public void setDescription(String description) {
+        this.description = description;
+    }
+
+    /**
+     * Get the permission value such as "read_calendar"
+     * @return the value
+     */
+    public String getPermission() {
+        return permission;
+    }
+
+    /**
+     * Sets the permission value such as "read_calendar"
+     * @param permission the permission value
+     */
+    public void setPermission(String permission) {
+        this.permission = permission;
+    }
+
+    /**
+     * Indicates if this permission has been allocated by default or not.
+     * Authorization View handlers may use this property to optimize the way the user selects the
+     * scopes.
+     * For example, assume that read', 'add' and 'update' scopes are supported and the 
+     * 'read' scope is always allocated. This can be presented at the UI level as follows:
+     * the read-only check-box control will represent a 'read' scope and a user will be able to
+     * optionally select 'add' and/or 'update' scopes, in addition to the default 'read' one. 
+     * @param isDefault true if the permission has been allocated by default
+     */
+    public void setDefault(boolean value) {
+        this.isDefault = value;
+    }
+
+    public boolean isDefault() {
+        return isDefault;
+    }
+
+    public boolean isInvisibleToClient() {
+        return invisibleToClient;
+    }
+
+    /**
+     * Set the visibility status; by default all the scopes approved by a user can 
+     * be optionally reported to the client in access token responses. Some scopes may need
+     * to stay 'invisible' to client.
+     * @param invisibleToClient
+     */
+    public void setInvisibleToClient(boolean invisibleToClient) {
+        this.invisibleToClient = invisibleToClient;
+    }
+    
+    @Override
+    public boolean equals(Object object) {
+        if (!(object instanceof OAuthPermission)) {
+            return false;
+        }
+        
+        OAuthPermission that = (OAuthPermission)object;
+        if (this.httpVerbs != null && that.httpVerbs == null
+            || this.httpVerbs == null && that.httpVerbs != null
+            || this.httpVerbs != null && !this.httpVerbs.equals(that.httpVerbs)) {
+            return false;
+        }
+        if (this.uris != null && that.uris == null
+            || this.uris == null && that.uris != null
+            || this.uris != null && !this.uris.equals(that.uris)) {
+            return false;
+        }
+        if (this.permission != null && that.permission == null
+            || this.permission == null && that.permission != null
+            || this.permission != null && !this.permission.equals(that.permission)) {
+            return false;
+        }
+        if (this.description != null && that.description == null
+            || this.description == null && that.description != null
+            || this.description != null && !this.description.equals(that.description)) {
+            return false;
+        }
+        if (this.invisibleToClient != that.invisibleToClient) {
+            return false;
+        }
+        if (this.isDefault != that.isDefault) {
+            return false;
+        }
+        
+        return true;
+    }
+    
+    @Override
+    public int hashCode() {
+        int hashCode = 17;
+        if (httpVerbs != null) {
+            hashCode = 31 * hashCode + httpVerbs.hashCode();
+        }
+        if (uris != null) {
+            hashCode = 31 * hashCode + uris.hashCode();
+        }
+        if (permission != null) {
+            hashCode = 31 * hashCode + permission.hashCode();
+        }
+        if (description != null) {
+            hashCode = 31 * hashCode + description.hashCode();
+        }
+        hashCode = 31 * hashCode + Boolean.hashCode(invisibleToClient);
+        hashCode = 31 * hashCode + Boolean.hashCode(isDefault);
+        
+        return hashCode;
+    }
+>>>>>>> 8583a24... Add equals/hashCode methods for OAuthPermission so that the containsAll call in AbstractOAuthDataProvider.doRefreshAccessToken works
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/b7d33366/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java
index 139c05b..cee77da 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java
@@ -71,7 +71,7 @@ public abstract class AbstractImplicitGrantService extends RedirectionBasedGrant
                 reg.setGrantType(super.getSupportedGrantType());
                 reg.setSubject(userSubject);
                 reg.setRequestedScope(requestedScope);        
-                if (approvedScope != null && approvedScope.isEmpty()) {
+                if (approvedScope == null || approvedScope.isEmpty()) {
                     // no down-scoping done by a user, all of the requested scopes have been authorized
                     reg.setApprovedScope(requestedScope);
                 } else {