cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Passing a user preference about hiding already authorized scopes in a form
Date Thu, 28 Jan 2016 16:16:06 GMT
Repository: cxf
Updated Branches:
  refs/heads/master fadc6492c -> 86ad39342


Passing a user preference about hiding already authorized scopes in a form


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/86ad3934
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/86ad3934
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/86ad3934

Branch: refs/heads/master
Commit: 86ad393426e77313c34c45b447aad848c6f92be7
Parents: fadc649
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Thu Jan 28 16:14:41 2016 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Thu Jan 28 16:14:41 2016 +0000

----------------------------------------------------------------------
 .../rs/security/oauth2/common/OAuthAuthorizationData.java |  9 +++++++++
 .../oauth2/services/RedirectionBasedGrantService.java     | 10 +++++++++-
 2 files changed, 18 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/86ad3934/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthAuthorizationData.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthAuthorizationData.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthAuthorizationData.java
index d234f31..04618d6 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthAuthorizationData.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthAuthorizationData.java
@@ -50,6 +50,7 @@ public class OAuthAuthorizationData extends OAuthRedirectionState implements
Ser
     
     private List<OAuthPermission> permissions;
     private List<OAuthPermission> alreadyAuthorizedPermissions;
+    private boolean hidePreauthorizedScopesInForm;
     
     public OAuthAuthorizationData() {
     }
@@ -219,4 +220,12 @@ public class OAuthAuthorizationData extends OAuthRedirectionState implements
Ser
         this.implicitFlow = implicitFlow;
     }
 
+    public boolean isHidePreauthorizedScopesInForm() {
+        return hidePreauthorizedScopesInForm;
+    }
+
+    public void setHidePreauthorizedScopesInForm(boolean hidePreauthorizedScopesInForm) {
+        this.hidePreauthorizedScopesInForm = hidePreauthorizedScopesInForm;
+    }
+
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/86ad3934/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
index 133ce30..597f7ea 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
@@ -65,6 +65,7 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService
     private ResourceOwnerNameProvider resourceOwnerNameProvider;
     private int maxDefaultSessionInterval;
     private boolean matchRedirectUriWithApplicationUri;
+    private boolean hidePreauthorizedScopesInForm;
     
     protected RedirectionBasedGrantService(String supportedResponseType,
                                            String supportedGrantType) {
@@ -177,6 +178,9 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService
             alreadyAuthorizedPerms = preAuthorizedToken.getScopes();
             preAuthorizationComplete = 
                 OAuthUtils.convertPermissionsToScopeList(alreadyAuthorizedPerms).containsAll(requestedScope);
+            if (!preAuthorizationComplete) {
+                preAuthorizedToken = null;
+            }
         }
         final boolean authorizationCanBeSkipped = preAuthorizationComplete 
             || canAuthorizationBeSkipped(client, userSubject, requestedScope, requestedPermissions);
@@ -190,7 +194,7 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService
         
         if (authorizationCanBeSkipped) {
             List<OAuthPermission> approvedScopes = 
-                preAuthorizedToken != null ? preAuthorizedToken.getScopes() : requestedPermissions;

+                preAuthorizationComplete ? preAuthorizedToken.getScopes() : requestedPermissions;

             return createGrant(data,
                                client, 
                                requestedScope,
@@ -239,6 +243,7 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService
         if (!authorizationCanBeSkipped) {
             secData.setPermissions(requestedPerms);
             secData.setAlreadyAuthorizedPermissions(alreadyAuthorizedPerms);
+            secData.setHidePreauthorizedScopesInForm(hidePreauthorizedScopesInForm);
             secData.setApplicationName(client.getApplicationName()); 
             secData.setApplicationWebUri(client.getApplicationWebUri());
             secData.setApplicationDescription(client.getApplicationDescription());
@@ -503,4 +508,7 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService
     public void setMatchRedirectUriWithApplicationUri(boolean matchRedirectUriWithApplicationUri)
{
         this.matchRedirectUriWithApplicationUri = matchRedirectUriWithApplicationUri;
     }
+    public void setHidePreauthorizedScopesInForm(boolean hidePreauthorizedScopesInForm) {
+        this.hidePreauthorizedScopesInForm = hidePreauthorizedScopesInForm;
+    }
 }


Mime
View raw message