cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [9/9] cxf git commit: Fixing merge
Date Wed, 20 Jan 2016 16:21:28 GMT
Fixing merge


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e61467c8
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e61467c8
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e61467c8

Branch: refs/heads/3.0.x-fixes
Commit: e61467c87bff87046ddf9ce52f04623b790db3ca
Parents: 52e85d0
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Wed Jan 20 16:21:04 2016 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Wed Jan 20 16:21:04 2016 +0000

----------------------------------------------------------------------
 .../security/oauth2/OAuthDataProviderImpl.java  | 121 -------
 .../security/oauth2/SamlCallbackHandler2.java   | 156 ---------
 .../security/oauth2/common/OAuth2TestUtils.java |  52 ---
 .../oauth2/common/OAuthDataProviderImpl.java    |   9 +-
 .../oauth2/filters/OAuthDataProviderImpl.java   |  97 ------
 .../grants/AuthorizationGrantNegativeTest.java  | 349 -------------------
 .../oauth2/grants/AuthorizationGrantTest.java   | 101 +-----
 .../security/oauth2/grants/JAXRSOAuth2Test.java | 189 +---------
 .../oauth2/grants/grants-negative-server.xml    |   2 +-
 .../jaxrs/security/oauth2/grants/server.xml     |   4 +-
 10 files changed, 12 insertions(+), 1068 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/e61467c8/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java
deleted file mode 100644
index b1472e5..0000000
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/OAuthDataProviderImpl.java
+++ /dev/null
@@ -1,121 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.systest.jaxrs.security.oauth2;
-
-import java.io.InputStream;
-import java.security.cert.Certificate;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import org.apache.cxf.common.util.Base64Utility;
-import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;
-import org.apache.cxf.rs.security.oauth2.common.Client;
-import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
-import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
-import org.apache.cxf.rs.security.oauth2.common.UserSubject;
-import org.apache.cxf.rs.security.oauth2.provider.OAuthDataProvider;
-import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
-import org.apache.cxf.rs.security.oauth2.saml.Constants;
-import org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken;
-import org.apache.cxf.rt.security.crypto.CryptoUtils;
-
-
-public class OAuthDataProviderImpl implements OAuthDataProvider {
-
-    private Map<String, Client> clients = new HashMap<String, Client>();
-    
-    public OAuthDataProviderImpl() throws Exception {
-        Client client = new Client("alice", "alice", true);
-        client.getAllowedGrantTypes().add(Constants.SAML2_BEARER_GRANT);
-        client.getAllowedGrantTypes().add("urn:ietf:params:oauth:grant-type:jwt-bearer");
-        client.getAllowedGrantTypes().add("custom_grant");
-        clients.put(client.getClientId(), client);
-
-        
-        Certificate cert = loadCert();
-        String encodedCert = Base64Utility.encode(cert.getEncoded());
-        
-        Client client2 = new Client("CN=whateverhost.com,OU=Morpit,O=ApacheTest,L=Syracuse,C=US", 
-                                    null,
-                                    true,
-                                    null,
-                                    null);
-        client2.getAllowedGrantTypes().add("custom_grant");
-        client2.setApplicationCertificates(Collections.singletonList(encodedCert));
-        clients.put(client2.getClientId(), client2);
-    }
-
-    private Certificate loadCert() throws Exception {
-        InputStream is = this.getClass().getResourceAsStream("/org/apache/cxf/systest/http/resources/Truststore.jks");
-        return CryptoUtils.loadCertificate(is, new char[]{'p', 'a', 's', 's', 'w', 'o', 'r', 'd'}, "morpit", null);
-    }
-
-    @Override
-    public Client getClient(String clientId) throws OAuthServiceException {
-        return clients.get(clientId);
-    }
-
-    @Override
-    public ServerAccessToken createAccessToken(AccessTokenRegistration accessToken)
-        throws OAuthServiceException {
-        return new BearerAccessToken(accessToken.getClient(), 3600);
-    }
-
-    @Override
-    public ServerAccessToken getAccessToken(String accessToken) throws OAuthServiceException {
-        // TODO Auto-generated method stub
-        return null;
-    }
-
-    @Override
-    public ServerAccessToken getPreauthorizedToken(Client client, List<String> requestedScopes,
-                                                   UserSubject subject, String grantType)
-        throws OAuthServiceException {
-        // TODO Auto-generated method stub
-        return null;
-    }
-
-    @Override
-    public ServerAccessToken refreshAccessToken(Client client, String refreshToken,
-                                                List<String> requestedScopes) throws OAuthServiceException {
-        // TODO Auto-generated method stub
-        return null;
-    }
-
-    @Override
-    public void removeAccessToken(ServerAccessToken accessToken) throws OAuthServiceException {
-        // TODO Auto-generated method stub
-        
-    }
-
-    @Override
-    public List<OAuthPermission> convertScopeToPermissions(Client client, List<String> requestedScope) {
-        // TODO Auto-generated method stub
-        return null;
-    }
-
-    @Override
-    public void revokeToken(Client client, String token, String tokenTypeHint) throws OAuthServiceException {
-        // TODO Auto-generated method stub
-        
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/e61467c8/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java
deleted file mode 100644
index 06f3043..0000000
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/SamlCallbackHandler2.java
+++ /dev/null
@@ -1,156 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.cxf.systest.jaxrs.security.oauth2;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.UnsupportedCallbackException;
-
-import org.apache.cxf.helpers.CastUtils;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.phase.PhaseInterceptorChain;
-import org.apache.cxf.rt.security.claims.SAMLClaim;
-import org.apache.wss4j.common.crypto.Crypto;
-import org.apache.wss4j.common.crypto.CryptoFactory;
-import org.apache.wss4j.common.ext.WSSecurityException;
-import org.apache.wss4j.common.saml.SAMLCallback;
-import org.apache.wss4j.common.saml.bean.ActionBean;
-import org.apache.wss4j.common.saml.bean.AttributeBean;
-import org.apache.wss4j.common.saml.bean.AttributeStatementBean;
-import org.apache.wss4j.common.saml.bean.AudienceRestrictionBean;
-import org.apache.wss4j.common.saml.bean.AuthDecisionStatementBean;
-import org.apache.wss4j.common.saml.bean.AuthDecisionStatementBean.Decision;
-import org.apache.wss4j.common.saml.bean.AuthenticationStatementBean;
-import org.apache.wss4j.common.saml.bean.ConditionsBean;
-import org.apache.wss4j.common.saml.bean.SubjectBean;
-import org.apache.wss4j.common.saml.builder.SAML2Constants;
-import org.joda.time.DateTime;
-
-/**
- * A CallbackHandler instance that is used by the STS to mock up a SAML Attribute Assertion.
- */
-public class SamlCallbackHandler2 implements CallbackHandler {
-    public static final String PORT = BookServerOAuth2.PORT;
-    private String confirmationMethod = SAML2Constants.CONF_BEARER;
-    
-    public SamlCallbackHandler2() {
-    }
-    
-    public void setConfirmationMethod(String confirmationMethod) {
-        this.confirmationMethod = confirmationMethod;
-    }
-    
-    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
-        Message m = PhaseInterceptorChain.getCurrentMessage();
-        
-        for (int i = 0; i < callbacks.length; i++) {
-            if (callbacks[i] instanceof SAMLCallback) {
-                SAMLCallback callback = (SAMLCallback) callbacks[i];
-                callback.setIssuer("alice");
-                
-                String subjectName = m != null ? (String)m.getContextualProperty("saml.subject.name") : null;
-                if (subjectName == null) {
-                    subjectName = "alice";
-                }
-                String subjectQualifier = "www.mock-sts.com";
-                SubjectBean subjectBean = 
-                    new SubjectBean(
-                        subjectName, subjectQualifier, confirmationMethod
-                    );
-                callback.setSubject(subjectBean);
-                
-                ConditionsBean conditions = new ConditionsBean();
-                AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
-                String audienceURI = "https://localhost:" + PORT + "/oauth2-auth/token";
-                audienceRestriction.setAudienceURIs(Collections.singletonList(audienceURI));
-                conditions.setAudienceRestrictions(Collections.singletonList(audienceRestriction));
-                
-                callback.setConditions(conditions);
-                
-                AuthDecisionStatementBean authDecBean = new AuthDecisionStatementBean();
-                authDecBean.setDecision(Decision.INDETERMINATE);
-                authDecBean.setResource("https://sp.example.com/SAML2");
-                ActionBean actionBean = new ActionBean();
-                actionBean.setContents("Read");
-                authDecBean.setActions(Collections.singletonList(actionBean));
-                callback.setAuthDecisionStatementData(Collections.singletonList(authDecBean));
-                
-                AuthenticationStatementBean authBean = new AuthenticationStatementBean();
-                authBean.setSubject(subjectBean);
-                authBean.setAuthenticationInstant(new DateTime());
-                authBean.setSessionIndex("123456");
-                // AuthnContextClassRef is not set
-                authBean.setAuthenticationMethod(
-                        "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport");
-                callback.setAuthenticationStatementData(
-                    Collections.singletonList(authBean));
-                
-                AttributeStatementBean attrBean = new AttributeStatementBean();
-                attrBean.setSubject(subjectBean);
-                
-                List<String> roles = m != null 
-                    ? CastUtils.<String>cast((List<?>)m.getContextualProperty("saml.roles")) : null;
-                if (roles == null) {
-                    roles = Collections.singletonList("user");
-                }
-                List<AttributeBean> claims = new ArrayList<AttributeBean>();
-                AttributeBean roleClaim = new AttributeBean();
-                roleClaim.setSimpleName("subject-role");
-                roleClaim.setQualifiedName(SAMLClaim.SAML_ROLE_ATTRIBUTENAME_DEFAULT);
-                roleClaim.setNameFormat(SAML2Constants.ATTRNAME_FORMAT_UNSPECIFIED);
-                roleClaim.setAttributeValues(new ArrayList<Object>(roles));
-                claims.add(roleClaim);
-                
-                List<String> authMethods = 
-                    m != null ? CastUtils.<String>cast((List<?>)m.getContextualProperty("saml.auth")) : null;
-                if (authMethods == null) {
-                    authMethods = Collections.singletonList("password");
-                }
-                
-                AttributeBean authClaim = new AttributeBean();
-                authClaim.setSimpleName("http://claims/authentication");
-                authClaim.setQualifiedName("http://claims/authentication");
-                authClaim.setNameFormat("http://claims/authentication-format");
-                authClaim.setAttributeValues(new ArrayList<Object>(authMethods));
-                claims.add(authClaim);
-                
-                attrBean.setSamlAttributes(claims);
-                callback.setAttributeStatementData(Collections.singletonList(attrBean));
-                
-                try {
-                    Crypto crypto = 
-                        CryptoFactory.getInstance("org/apache/cxf/systest/jaxrs/security/alice.properties");
-                    callback.setIssuerCrypto(crypto);
-                    callback.setIssuerKeyName("alice");
-                    callback.setIssuerKeyPassword("password");
-                    callback.setSignAssertion(true);
-                } catch (WSSecurityException e) {
-                    throw new IOException(e);
-                }
-            }
-        }
-    }
-    
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/e61467c8/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
index 8982ee0..bef919e 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
@@ -19,23 +19,14 @@
 package org.apache.cxf.systest.jaxrs.security.oauth2.common;
 
 import java.util.ArrayList;
-import java.util.Calendar;
 import java.util.Collections;
-import java.util.Date;
 import java.util.List;
-import java.util.Properties;
 
 import javax.ws.rs.core.Form;
 import javax.ws.rs.core.Response;
 
 import org.apache.cxf.jaxrs.client.WebClient;
 import org.apache.cxf.jaxrs.provider.json.JSONProvider;
-import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
-import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
-import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer;
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
-import org.apache.cxf.rs.security.jose.jws.JwsUtils;
-import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
 import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
 import org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider;
@@ -146,49 +137,6 @@ public final class OAuth2TestUtils {
         return samlAssertion.assertionToString();
     }
     
-    public static String createToken(String issuer, String subject, String audience, 
-                               boolean expiry, boolean sign) {
-        // Create the JWT Token
-        JwtClaims claims = new JwtClaims();
-        claims.setSubject(subject);
-        if (issuer != null) {
-            claims.setIssuer(issuer);
-        }
-        claims.setIssuedAt(new Date().getTime() / 1000L);
-        if (expiry) {
-            Calendar cal = Calendar.getInstance();
-            cal.add(Calendar.SECOND, 60);
-            claims.setExpiryTime(cal.getTimeInMillis() / 1000L);
-        }
-        if (audience != null) {
-            claims.setAudiences(Collections.singletonList(audience));
-        }
-        
-        if (sign) {
-            // Sign the JWT Token
-            Properties signingProperties = new Properties();
-            signingProperties.put("rs.security.keystore.type", "jks");
-            signingProperties.put("rs.security.keystore.password", "password");
-            signingProperties.put("rs.security.keystore.alias", "alice");
-            signingProperties.put("rs.security.keystore.file", 
-                                  "org/apache/cxf/systest/jaxrs/security/certs/alice.jks");
-            signingProperties.put("rs.security.key.password", "password");
-            signingProperties.put("rs.security.signature.algorithm", "RS256");
-            
-            JwsHeaders jwsHeaders = new JwsHeaders(signingProperties);
-            JwsJwtCompactProducer jws = new JwsJwtCompactProducer(jwsHeaders, claims);
-            
-            JwsSignatureProvider sigProvider = 
-                JwsUtils.loadSignatureProvider(signingProperties, jwsHeaders);
-            
-            return jws.signWith(sigProvider);
-        }
-        
-        JwsHeaders jwsHeaders = new JwsHeaders(SignatureAlgorithm.NONE);
-        JwsJwtCompactProducer jws = new JwsJwtCompactProducer(jwsHeaders, claims);
-        return jws.getSignedEncodedJws();
-    }
-    
     public static String getSubstring(String parentString, String substringName) {
         String foundString = 
             parentString.substring(parentString.indexOf(substringName + "=") + (substringName + "=").length());

http://git-wip-us.apache.org/repos/asf/cxf/blob/e61467c8/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuthDataProviderImpl.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuthDataProviderImpl.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuthDataProviderImpl.java
index 0214da9..67bcde6 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuthDataProviderImpl.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuthDataProviderImpl.java
@@ -99,8 +99,9 @@ public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider {
         for (String requestedScope : requestedScopes) {
             if ("read_book".equals(requestedScope)) {
                 OAuthPermission permission = new OAuthPermission();
+                permission.setPermission("read_book");
                 permission.setHttpVerbs(Collections.singletonList("GET"));
-                List<String> uris = new ArrayList<>();
+                List<String> uris = new ArrayList<String>();
                 String partnerAddress = "/secured/bookstore/books/*";
                 uris.add(partnerAddress);
                 permission.setUris(uris);
@@ -108,8 +109,9 @@ public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider {
                 permissions.add(permission);
             } else if ("create_book".equals(requestedScope)) {
                 OAuthPermission permission = new OAuthPermission();
+                permission.setPermission("create_book");
                 permission.setHttpVerbs(Collections.singletonList("POST"));
-                List<String> uris = new ArrayList<>();
+                List<String> uris = new ArrayList<String>();
                 String partnerAddress = "/secured/bookstore/books/*";
                 uris.add(partnerAddress);
                 permission.setUris(uris);
@@ -117,8 +119,9 @@ public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider {
                 permissions.add(permission);
             } else if ("create_image".equals(requestedScope)) {
                 OAuthPermission permission = new OAuthPermission();
+                permission.setPermission("create_image");
                 permission.setHttpVerbs(Collections.singletonList("POST"));
-                List<String> uris = new ArrayList<>();
+                List<String> uris = new ArrayList<String>();
                 String partnerAddress = "/secured/bookstore/image/*";
                 uris.add(partnerAddress);
                 permission.setUris(uris);

http://git-wip-us.apache.org/repos/asf/cxf/blob/e61467c8/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuthDataProviderImpl.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuthDataProviderImpl.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuthDataProviderImpl.java
deleted file mode 100644
index 9953821..0000000
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuthDataProviderImpl.java
+++ /dev/null
@@ -1,97 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.systest.jaxrs.security.oauth2.filters;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import org.apache.cxf.rs.security.oauth2.common.Client;
-import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
-import org.apache.cxf.rs.security.oauth2.grants.code.DefaultEHCacheCodeDataProvider;
-import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
-
-/**
- * Extend the DefaultEHCacheCodeDataProvider to allow refreshing of tokens
- */
-public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider {
-    
-    public OAuthDataProviderImpl() {
-        Client client = new Client("consumer-id", "this-is-a-secret", true);
-        client.setRedirectUris(Collections.singletonList("http://www.blah.apache.org"));
-        
-        client.getAllowedGrantTypes().add("authorization_code");
-        client.getAllowedGrantTypes().add("refresh_token");
-        client.getAllowedGrantTypes().add("implicit");
-        
-        client.getRegisteredScopes().add("read_book");
-        client.getRegisteredScopes().add("create_book");
-        client.getRegisteredScopes().add("create_image");
-        
-        this.setClient(client);
-    }
-    
-    @Override
-    protected boolean isRefreshTokenSupported(List<String> theScopes) {
-        return true;
-    }
-    
-    @Override
-    public List<OAuthPermission> convertScopeToPermissions(Client client, List<String> requestedScopes) {
-        if (requestedScopes.isEmpty()) {
-            return Collections.emptyList();
-        }
-        
-        List<OAuthPermission> permissions = new ArrayList<OAuthPermission>();
-        for (String requestedScope : requestedScopes) {
-            if ("read_book".equals(requestedScope)) {
-                OAuthPermission permission = new OAuthPermission();
-                permission.setHttpVerbs(Collections.singletonList("GET"));
-                List<String> uris = new ArrayList<String>();
-                String partnerAddress = "/secured/bookstore/books/*";
-                uris.add(partnerAddress);
-                permission.setUris(uris);
-                
-                permissions.add(permission);
-            } else if ("create_book".equals(requestedScope)) {
-                OAuthPermission permission = new OAuthPermission();
-                permission.setHttpVerbs(Collections.singletonList("POST"));
-                List<String> uris = new ArrayList<String>();
-                String partnerAddress = "/secured/bookstore/books/*";
-                uris.add(partnerAddress);
-                permission.setUris(uris);
-                
-                permissions.add(permission);
-            } else if ("create_image".equals(requestedScope)) {
-                OAuthPermission permission = new OAuthPermission();
-                permission.setHttpVerbs(Collections.singletonList("POST"));
-                List<String> uris = new ArrayList<>();
-                String partnerAddress = "/secured/bookstore/image/*";
-                uris.add(partnerAddress);
-                permission.setUris(uris);
-                
-                permissions.add(permission);
-            } else {
-                throw new OAuthServiceException("invalid_scope");
-            }
-        }
-        
-        return permissions;
-    }
-}

http://git-wip-us.apache.org/repos/asf/cxf/blob/e61467c8/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantNegativeTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantNegativeTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantNegativeTest.java
index e397d10..1274a3f 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantNegativeTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantNegativeTest.java
@@ -20,16 +20,6 @@
 package org.apache.cxf.systest.jaxrs.security.oauth2.grants;
 
 import java.net.URL;
-<<<<<<< HEAD
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-=======
-import java.util.Calendar;
-import java.util.Collections;
-import java.util.Date;
-import java.util.Properties;
->>>>>>> 49b2b81... Reshuffle of the tests to share some common code
 
 import javax.ws.rs.client.ResponseProcessingException;
 import javax.ws.rs.core.Form;
@@ -37,15 +27,6 @@ import javax.ws.rs.core.Response;
 
 import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.jaxrs.client.WebClient;
-<<<<<<< HEAD
-import org.apache.cxf.jaxrs.provider.json.JSONProvider;
-=======
-import org.apache.cxf.rs.security.jose.jws.JwsHeaders;
-import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer;
-import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
-import org.apache.cxf.rs.security.jose.jws.JwsUtils;
-import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
->>>>>>> 49b2b81... Reshuffle of the tests to share some common code
 import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
 import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils;
 import org.apache.cxf.systest.jaxrs.security.oauth2.common.SamlCallbackHandler;
@@ -656,335 +637,5 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB
             // expected
         }
     }
-    /*
-    @org.junit.Test
-    public void testJWTAuthorizationGrant() throws Exception {
-        URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
-        
-        String address = "https://localhost:" + PORT + "/services/";
-        WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(), 
-                                            "alice", "security", busFile.toString());
-        
-        // Create the JWT Token
-<<<<<<< HEAD
-        String token = createToken("DoubleItSTSIssuer", "consumer-id", 
-=======
-        String token = OAuth2TestUtils.createToken("DoubleItSTSIssuer", "consumer-id", 
-                                   "https://localhost:" + PORT + "/services/token", true, false);
-        
-        // Get Access Token
-        client.type("application/x-www-form-urlencoded").accept("application/json");
-        client.path("token");
-        
-        Form form = new Form();
-        form.param("grant_type", "urn:ietf:params:oauth:grant-type:jwt-bearer");
-        form.param("assertion", token);
-        form.param("client_id", "consumer-id");
-        Response response = client.post(form);
-        
-        try {
-            response.readEntity(ClientAccessToken.class);
-            fail("Failure expected on an unsigned token");
-        } catch (Exception ex) {
-            // expected
-        }
-    }
-    
-    @org.junit.Test
-    public void testJWTNoIssuer() throws Exception {
-        URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
-        
-        String address = "https://localhost:" + PORT + "/services/";
-        WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(), 
-                                            "alice", "security", busFile.toString());
-        
-        // Create the JWT Token
-        String token = OAuth2TestUtils.createToken(null, "consumer-id", 
->>>>>>> 49b2b81... Reshuffle of the tests to share some common code
-                                   "https://localhost:" + PORT + "/services/token", true, true);
-
-        // Get Access Token
-        client.type("application/x-www-form-urlencoded").accept("application/json");
-        client.path("token");
-        
-        Form form = new Form();
-        form.param("grant_type", "urn:ietf:params:oauth:grant-type:jwt-bearer");
-        form.param("assertion", token);
-        form.param("client_id", "consumer-id");
-        Response response = client.post(form);
-        
-<<<<<<< HEAD
-        ClientAccessToken accessToken = response.readEntity(ClientAccessToken.class);
-        assertNotNull(accessToken.getTokenKey());
-        assertNotNull(accessToken.getRefreshToken());
-=======
-        try {
-            response.readEntity(ClientAccessToken.class);
-            fail("Failure expected on no issuer");
-        } catch (Exception ex) {
-            // expected
-        }
-    }
-    
-    @org.junit.Test
-    public void testJWTNoExpiry() throws Exception {
-        URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
-        
-        String address = "https://localhost:" + PORT + "/services/";
-        WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(), 
-                                            "alice", "security", busFile.toString());
-        
-        // Create the JWT Token
-        String token = OAuth2TestUtils.createToken("DoubleItSTSIssuer", "consumer-id", 
-                                   "https://localhost:" + PORT + "/services/token", false, true);
-
-        // Get Access Token
-        client.type("application/x-www-form-urlencoded").accept("application/json");
-        client.path("token");
-        
-        Form form = new Form();
-        form.param("grant_type", "urn:ietf:params:oauth:grant-type:jwt-bearer");
-        form.param("assertion", token);
-        form.param("client_id", "consumer-id");
-        Response response = client.post(form);
-        
-        try {
-            response.readEntity(ClientAccessToken.class);
-            fail("Failure expected on no expiry");
-        } catch (Exception ex) {
-            // expected
-        }
-    }
-    
-    @org.junit.Test
-    public void testJWTBadAudienceRestriction() throws Exception {
-        URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
-        
-        String address = "https://localhost:" + PORT + "/services/";
-        WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(), 
-                                            "alice", "security", busFile.toString());
-        
-        // Create the JWT Token
-        String token = OAuth2TestUtils.createToken("DoubleItSTSIssuer", "consumer-id", 
-                                   "https://localhost:" + PORT + "/services/badtoken", true, true);
-
-        // Get Access Token
-        client.type("application/x-www-form-urlencoded").accept("application/json");
-        client.path("token");
-        
-        Form form = new Form();
-        form.param("grant_type", "urn:ietf:params:oauth:grant-type:jwt-bearer");
-        form.param("assertion", token);
-        form.param("client_id", "consumer-id");
-        Response response = client.post(form);
-        
-        try {
-            response.readEntity(ClientAccessToken.class);
-            fail("Failure expected on a bad audience restriction");
-        } catch (Exception ex) {
-            // expected
-        }
-    }
-    
-    @org.junit.Test
-    public void testJWTUnauthenticatedSignature() throws Exception {
-        URL busFile = AuthorizationGrantNegativeTest.class.getResource("client.xml");
-        
-        String address = "https://localhost:" + PORT + "/services/";
-        WebClient client = WebClient.create(address, OAuth2TestUtils.setupProviders(), 
-                                            "alice", "security", busFile.toString());
-        
-        // Create the JWT Token
-        // Create the JWT Token
-        JwtClaims claims = new JwtClaims();
-        claims.setSubject("consumer-id");
-        claims.setIssuer("DoubleItSTSIssuer");
-        claims.setIssuedAt(new Date().getTime() / 1000L);
-        Calendar cal = Calendar.getInstance();
-        cal.add(Calendar.SECOND, 60);
-        claims.setExpiryTime(cal.getTimeInMillis() / 1000L);
-        String audience = "https://localhost:" + PORT + "/services/token";
-        claims.setAudiences(Collections.singletonList(audience));
-        
-        // Sign the JWT Token
-        Properties signingProperties = new Properties();
-        signingProperties.put("rs.security.keystore.type", "jks");
-        signingProperties.put("rs.security.keystore.password", "security");
-        signingProperties.put("rs.security.keystore.alias", "smallkey");
-        signingProperties.put("rs.security.keystore.file", 
-            "org/apache/cxf/systest/jaxrs/security/certs/smallkeysize.jks");
-        signingProperties.put("rs.security.key.password", "security");
-        signingProperties.put("rs.security.signature.algorithm", "RS256");
-
-        JwsHeaders jwsHeaders = new JwsHeaders(signingProperties);
-        JwsJwtCompactProducer jws = new JwsJwtCompactProducer(jwsHeaders, claims);
-
-        JwsSignatureProvider sigProvider = 
-            JwsUtils.loadSignatureProvider(signingProperties, jwsHeaders);
-
-        String token = jws.signWith(sigProvider);
-        
-        // Get Access Token
-        client.type("application/x-www-form-urlencoded").accept("application/json");
-        client.path("token");
-        
-        Form form = new Form();
-        form.param("grant_type", "urn:ietf:params:oauth:grant-type:jwt-bearer");
-        form.param("assertion", token);
-        form.param("client_id", "consumer-id");
-        Response response = client.post(form);
-        
-        try {
-            response.readEntity(ClientAccessToken.class);
-            fail("Failure expected on an unauthenticated token");
-        } catch (Exception ex) {
-            // expected
-        }
->>>>>>> 49b2b81... Reshuffle of the tests to share some common code
-    }
-    */
-    
-<<<<<<< HEAD
-    private List<Object> setupProviders() {
-        List<Object> providers = new ArrayList<Object>();
-        JSONProvider<OAuthAuthorizationData> jsonP = new JSONProvider<OAuthAuthorizationData>();
-        jsonP.setNamespaceMap(Collections.singletonMap("http://org.apache.cxf.rs.security.oauth",
-                                                       "ns2"));
-        providers.add(jsonP);
-        OAuthJSONProvider oauthProvider = new OAuthJSONProvider();
-        providers.add(oauthProvider);
-        
-        return providers;
-    }
-
-    private String createToken(String audRestr, boolean saml2, boolean sign) throws WSSecurityException {
-        SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(sign);
-        samlCallbackHandler.setAudience(audRestr);
-        if (!saml2) {
-            samlCallbackHandler.setSaml2(false);
-            samlCallbackHandler.setConfirmationMethod(SAML1Constants.CONF_BEARER);
-        }
-        
-        SAMLCallback samlCallback = new SAMLCallback();
-        SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);
-
-        SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-        if (samlCallback.isSignAssertion()) {
-            samlAssertion.signAssertion(
-                samlCallback.getIssuerKeyName(),
-                samlCallback.getIssuerKeyPassword(),
-                samlCallback.getIssuerCrypto(),
-                samlCallback.isSendKeyValue(),
-                samlCallback.getCanonicalizationAlgorithm(),
-                samlCallback.getSignatureAlgorithm()
-            );
-        }
-        
-        return samlAssertion.assertionToString();
-    }
-    /*
-    private String createToken(String issuer, String subject, String audience, 
-                               boolean expiry, boolean sign) {
-        // Create the JWT Token
-        JwtClaims claims = new JwtClaims();
-        claims.setSubject(subject);
-        if (issuer != null) {
-            claims.setIssuer(issuer);
-        }
-        claims.setIssuedAt(new Date().getTime() / 1000L);
-        if (expiry) {
-            Calendar cal = Calendar.getInstance();
-            cal.add(Calendar.SECOND, 60);
-            claims.setExpiryTime(cal.getTimeInMillis() / 1000L);
-        }
-        if (audience != null) {
-            claims.setAudiences(Collections.singletonList(audience));
-        }
-        
-        if (sign) {
-            // Sign the JWT Token
-            Properties signingProperties = new Properties();
-            signingProperties.put("rs.security.keystore.type", "jks");
-            signingProperties.put("rs.security.keystore.password", "password");
-            signingProperties.put("rs.security.keystore.alias", "alice");
-            signingProperties.put("rs.security.keystore.file", 
-                                  "org/apache/cxf/systest/jaxrs/security/certs/alice.jks");
-            signingProperties.put("rs.security.key.password", "password");
-            signingProperties.put("rs.security.signature.algorithm", "RS256");
-            
-            JwsHeaders jwsHeaders = new JwsHeaders(signingProperties);
-            JwsJwtCompactProducer jws = new JwsJwtCompactProducer(jwsHeaders, claims);
-            
-            JwsSignatureProvider sigProvider = 
-                JwsUtils.loadSignatureProvider(signingProperties, jwsHeaders);
-            
-            return jws.signWith(sigProvider);
-        }
-        
-        JwsHeaders jwsHeaders = new JwsHeaders(SignatureAlgorithm.NONE);
-        JwsJwtCompactProducer jws = new JwsJwtCompactProducer(jwsHeaders, claims);
-        return jws.getSignedEncodedJws();
-    }
-    */
-    
-    private String getAuthorizationCode(WebClient client) {
-        return getAuthorizationCode(client, null);
-    }
-
-    private String getAuthorizationCode(WebClient client, String scope) {
-        // Make initial authorization request
-        client.type("application/json").accept("application/json");
-        client.query("client_id", "consumer-id");
-        client.query("redirect_uri", "http://www.blah.apache.org");
-        client.query("response_type", "code");
-        if (scope != null) {
-            client.query("scope", scope);
-        }
-        client.path("authorize/");
-        Response response = client.get();
 
-        OAuthAuthorizationData authzData = response.readEntity(OAuthAuthorizationData.class);
-
-        // Now call "decision" to get the authorization code grant
-        client.path("decision");
-        client.type("application/x-www-form-urlencoded");
-
-        Form form = new Form();
-        form.param("session_authenticity_token", authzData.getAuthenticityToken());
-        form.param("client_id", authzData.getClientId());
-        form.param("redirect_uri", authzData.getRedirectUri());
-        if (authzData.getProposedScope() != null) {
-            form.param("scope", authzData.getProposedScope());
-        }
-        form.param("oauthDecision", "allow");
-
-        response = client.post(form);
-        String location = response.getHeaderString("Location"); 
-        return getSubstring(location, "code");
-    }
-
-    private ClientAccessToken getAccessTokenWithAuthorizationCode(WebClient client, String code) {
-        client.type("application/x-www-form-urlencoded").accept("application/json");
-        client.path("token");
-
-        Form form = new Form();
-        form.param("grant_type", "authorization_code");
-        form.param("code", code);
-        form.param("client_id", "consumer-id");
-        Response response = client.post(form);
-
-        return response.readEntity(ClientAccessToken.class);
-    }
-    
-    private String getSubstring(String parentString, String substringName) {
-        String foundString = 
-            parentString.substring(parentString.indexOf(substringName + "=") + (substringName + "=").length());
-        int ampersandIndex = foundString.indexOf('&');
-        if (ampersandIndex < 1) {
-            ampersandIndex = foundString.length();
-        }
-        return foundString.substring(0, ampersandIndex);
-    }
-=======
->>>>>>> 49b2b81... Reshuffle of the tests to share some common code
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/e61467c8/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantTest.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantTest.java
index fda1294..fdc8937 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantTest.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantTest.java
@@ -20,22 +20,12 @@
 package org.apache.cxf.systest.jaxrs.security.oauth2.grants;
 
 import java.net.URL;
-<<<<<<< HEAD
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-=======
->>>>>>> 49b2b81... Reshuffle of the tests to share some common code
 
 import javax.ws.rs.core.Form;
 import javax.ws.rs.core.Response;
 
 import org.apache.cxf.common.util.Base64UrlUtility;
 import org.apache.cxf.jaxrs.client.WebClient;
-<<<<<<< HEAD
-import org.apache.cxf.jaxrs.provider.json.JSONProvider;
-=======
->>>>>>> 49b2b81... Reshuffle of the tests to share some common code
 import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
 import org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData;
 import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils;
@@ -225,12 +215,7 @@ public class AuthorizationGrantTest extends AbstractBusClientServerTestBase {
         response = client.post(form);
 
         String location = response.getHeaderString("Location"); 
-<<<<<<< HEAD
-        String accessToken = location.substring(location.indexOf("access_token=") + "access_token=".length());
-        accessToken = accessToken.substring(0, accessToken.indexOf('&'));
-=======
         String accessToken = OAuth2TestUtils.getSubstring(location, "access_token");
->>>>>>> 49b2b81... Reshuffle of the tests to share some common code
         assertNotNull(accessToken);
     }
 
@@ -306,89 +291,7 @@ public class AuthorizationGrantTest extends AbstractBusClientServerTestBase {
         assertNotNull(accessToken.getRefreshToken());
     }
 
-<<<<<<< HEAD
-    private String getAuthorizationCode(WebClient client) {
-        return getAuthorizationCode(client, null);
-    }
-
-    private String getAuthorizationCode(WebClient client, String scope) {
-        // Make initial authorization request
-        client.type("application/json").accept("application/json");
-        client.query("client_id", "consumer-id");
-        client.query("redirect_uri", "http://www.blah.apache.org");
-        client.query("response_type", "code");
-        if (scope != null) {
-            client.query("scope", scope);
-        }
-        client.path("authorize/");
-        Response response = client.get();
-
-        OAuthAuthorizationData authzData = response.readEntity(OAuthAuthorizationData.class);
-
-        // Now call "decision" to get the authorization code grant
-        client.path("decision");
-        client.type("application/x-www-form-urlencoded");
-
-        Form form = new Form();
-        form.param("session_authenticity_token", authzData.getAuthenticityToken());
-        form.param("client_id", authzData.getClientId());
-        form.param("redirect_uri", authzData.getRedirectUri());
-        if (authzData.getProposedScope() != null) {
-            form.param("scope", authzData.getProposedScope());
-        }
-        form.param("oauthDecision", "allow");
-
-        response = client.post(form);
-        String location = response.getHeaderString("Location"); 
-        return location.substring(location.indexOf("code=") + "code=".length());
-    }
-
-    private ClientAccessToken getAccessTokenWithAuthorizationCode(WebClient client, String code) {
-        client.type("application/x-www-form-urlencoded").accept("application/json");
-        client.path("token");
-
-        Form form = new Form();
-        form.param("grant_type", "authorization_code");
-        form.param("code", code);
-        form.param("client_id", "consumer-id");
-        Response response = client.post(form);
-
-        return response.readEntity(ClientAccessToken.class);
-    }
-    
-    private List<Object> setupProviders() {
-        List<Object> providers = new ArrayList<Object>();
-        JSONProvider<OAuthAuthorizationData> jsonP = new JSONProvider<OAuthAuthorizationData>();
-        jsonP.setNamespaceMap(Collections.singletonMap("http://org.apache.cxf.rs.security.oauth",
-                                                       "ns2"));
-        providers.add(jsonP);
-        OAuthJSONProvider oauthProvider = new OAuthJSONProvider();
-        providers.add(oauthProvider);
-        
-        return providers;
-    }
-
-    private String createToken(String audRestr) throws WSSecurityException {
-        SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(true);
-        samlCallbackHandler.setAudience(audRestr);
-        
-        SAMLCallback samlCallback = new SAMLCallback();
-        SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);
-
-        SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-        if (samlCallback.isSignAssertion()) {
-            samlAssertion.signAssertion(
-                samlCallback.getIssuerKeyName(),
-                samlCallback.getIssuerKeyPassword(),
-                samlCallback.getIssuerCrypto(),
-                samlCallback.isSendKeyValue(),
-                samlCallback.getCanonicalizationAlgorithm(),
-                samlCallback.getSignatureAlgorithm()
-            );
-        }
-        
-        return samlAssertion.assertionToString();
-=======
+    /*
     @org.junit.Test
     public void testJWTAuthorizationGrant() throws Exception {
         URL busFile = AuthorizationGrantTest.class.getResource("client.xml");
@@ -414,7 +317,7 @@ public class AuthorizationGrantTest extends AbstractBusClientServerTestBase {
         ClientAccessToken accessToken = response.readEntity(ClientAccessToken.class);
         assertNotNull(accessToken.getTokenKey());
         assertNotNull(accessToken.getRefreshToken());
->>>>>>> 49b2b81... Reshuffle of the tests to share some common code
     }
+    */
     
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/e61467c8/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/JAXRSOAuth2Test.java
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/JAXRSOAuth2Test.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/JAXRSOAuth2Test.java
index 3264120..5827b97 100644
--- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/JAXRSOAuth2Test.java
+++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/JAXRSOAuth2Test.java
@@ -73,20 +73,11 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
         Crypto crypto = new CryptoLoader().loadCrypto(CRYPTO_RESOURCE_PROPERTIES);
         SelfSignInfo signInfo = new SelfSignInfo(crypto, "alice", "password"); 
         
-<<<<<<< HEAD:systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java
-        String assertion =  SAMLUtils.createAssertion(new SamlCallbackHandler(false),
-                                                      signInfo).assertionToString();
-=======
         SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(false);
         String audienceURI = "https://localhost:" + PORT + "/oauth2/token";
         samlCallbackHandler.setAudience(audienceURI);
-        SamlAssertionWrapper assertionWrapper = SAMLUtils.createAssertion(samlCallbackHandler,
-                                                                          signInfo);
-        Document doc = DOMUtils.newDocument();
-        Element assertionElement = assertionWrapper.toDOM(doc);
-        String assertion = DOM2Writer.nodeToString(assertionElement);
+        String assertion = SAMLUtils.createAssertion(samlCallbackHandler, signInfo).assertionToString();
         
->>>>>>> 49b2b81... Reshuffle of the tests to share some common code:systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/JAXRSOAuth2Test.java
         Saml2BearerGrant grant = new Saml2BearerGrant(assertion);
         ClientAccessToken at = OAuthClientUtils.getAccessToken(wc, 
                                         new OAuthClientUtils.Consumer("alice", "alice"), 
@@ -141,44 +132,6 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
         assertNotNull(at.getTokenKey());
     }
     
-<<<<<<< HEAD:systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java
-=======
-    @Test
-    public void testJWTBearerGrant() throws Exception {
-        String address = "https://localhost:" + PORT + "/oauth2/token";
-        WebClient wc = createWebClient(address);
-        
-        // Create the JWT Token
-        String token = OAuth2TestUtils.createToken("resourceOwner", "alice", address, true, true);
-        
-        JwtBearerGrant grant = new JwtBearerGrant(token);
-        ClientAccessToken at = OAuthClientUtils.getAccessToken(wc, 
-                                        new Consumer("alice", "alice"), 
-                                        grant,
-                                        false);
-        assertNotNull(at.getTokenKey());
-    }
-    
-    @Test
-    public void testJWTBearerAuthenticationDirect() throws Exception {
-        String address = "https://localhost:" + PORT + "/oauth2-auth-jwt/token";
-        WebClient wc = createWebClient(address);
-        
-        // Create the JWT Token
-        String token = OAuth2TestUtils.createToken("resourceOwner", "alice", address, true, true);
-        
-        Map<String, String> extraParams = new HashMap<String, String>();
-        extraParams.put(Constants.CLIENT_AUTH_ASSERTION_TYPE,
-                        "urn:ietf:params:oauth:client-assertion-type:jwt-bearer");
-        extraParams.put(Constants.CLIENT_AUTH_ASSERTION_PARAM, token);
-        
-        ClientAccessToken at = OAuthClientUtils.getAccessToken(wc, 
-                                                               new CustomGrant(),
-                                                               extraParams);
-        assertNotNull(at.getTokenKey());
-    }
-   
->>>>>>> 49b2b81... Reshuffle of the tests to share some common code:systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/JAXRSOAuth2Test.java
     //
     // Some negative tests for authentication
     //
@@ -333,117 +286,6 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
         }
     }
     
-<<<<<<< HEAD:systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java
-=======
-    @Test
-    public void testJWTBadSubjectName() throws Exception {
-        String address = "https://localhost:" + PORT + "/oauth2-auth-jwt/token";
-        WebClient wc = createWebClient(address);
-        
-        // Create the JWT Token
-        String token = OAuth2TestUtils.createToken("resourceOwner", "bob", address, true, true);
-        
-        Map<String, String> extraParams = new HashMap<String, String>();
-        extraParams.put(Constants.CLIENT_AUTH_ASSERTION_TYPE,
-                        "urn:ietf:params:oauth:client-assertion-type:jwt-bearer");
-        extraParams.put(Constants.CLIENT_AUTH_ASSERTION_PARAM, token);
-        
-        try {
-            OAuthClientUtils.getAccessToken(wc, new CustomGrant(), extraParams);
-            fail("Failure expected on a bad subject name");
-        } catch (OAuthServiceException ex) {
-            // expected
-        }
-    }
-    
-    @Test
-    public void testJWTUnsigned() throws Exception {
-        String address = "https://localhost:" + PORT + "/oauth2-auth-jwt/token";
-        WebClient wc = createWebClient(address);
-        
-        // Create the JWT Token
-        String token = OAuth2TestUtils.createToken("resourceOwner", "alice", address,
-                                                   true, false);
-        
-        Map<String, String> extraParams = new HashMap<String, String>();
-        extraParams.put(Constants.CLIENT_AUTH_ASSERTION_TYPE,
-                        "urn:ietf:params:oauth:client-assertion-type:jwt-bearer");
-        extraParams.put(Constants.CLIENT_AUTH_ASSERTION_PARAM, token);
-        
-        try {
-            OAuthClientUtils.getAccessToken(wc, new CustomGrant(), extraParams);
-            fail("Failure expected on an unsigned token");
-        } catch (Exception ex) {
-            // expected
-        }
-    }
-    
-    @Test
-    public void testJWTNoIssuer() throws Exception {
-        String address = "https://localhost:" + PORT + "/oauth2-auth-jwt/token";
-        WebClient wc = createWebClient(address);
-        
-        // Create the JWT Token
-        String token = OAuth2TestUtils.createToken(null, "alice", address, true, true);
-        
-        Map<String, String> extraParams = new HashMap<String, String>();
-        extraParams.put(Constants.CLIENT_AUTH_ASSERTION_TYPE,
-                        "urn:ietf:params:oauth:client-assertion-type:jwt-bearer");
-        extraParams.put(Constants.CLIENT_AUTH_ASSERTION_PARAM, token);
-        
-        try {
-            OAuthClientUtils.getAccessToken(wc, new CustomGrant(), extraParams);
-            fail("Failure expected on no issuer");
-        } catch (Exception ex) {
-            // expected
-        }
-    }
-    
-    @Test
-    public void testJWTNoExpiry() throws Exception {
-        String address = "https://localhost:" + PORT + "/oauth2-auth-jwt/token";
-        WebClient wc = createWebClient(address);
-        
-        // Create the JWT Token
-        String token = OAuth2TestUtils.createToken("resourceOwner", "alice", 
-                                                   address, false, true);
-        
-        Map<String, String> extraParams = new HashMap<String, String>();
-        extraParams.put(Constants.CLIENT_AUTH_ASSERTION_TYPE,
-                        "urn:ietf:params:oauth:client-assertion-type:jwt-bearer");
-        extraParams.put(Constants.CLIENT_AUTH_ASSERTION_PARAM, token);
-        
-        try {
-            OAuthClientUtils.getAccessToken(wc, new CustomGrant(), extraParams);
-            fail("Failure expected on no expiry");
-        } catch (Exception ex) {
-            // expected
-        }
-    }
-    
-    @Test
-    public void testJWTBadAudienceRestriction() throws Exception {
-        String address = "https://localhost:" + PORT + "/oauth2-auth-jwt/token";
-        WebClient wc = createWebClient(address);
-        
-        // Create the JWT Token
-        String token = OAuth2TestUtils.createToken("resourceOwner", "alice", 
-                                                   address + "/badtoken", true, true);
-        
-        Map<String, String> extraParams = new HashMap<String, String>();
-        extraParams.put(Constants.CLIENT_AUTH_ASSERTION_TYPE,
-                        "urn:ietf:params:oauth:client-assertion-type:jwt-bearer");
-        extraParams.put(Constants.CLIENT_AUTH_ASSERTION_PARAM, token);
-        
-        try {
-            OAuthClientUtils.getAccessToken(wc, new CustomGrant(), extraParams);
-            fail("Failure expected on a bad audience restriction");
-        } catch (Exception ex) {
-            // expected
-        }
-    }
-    
->>>>>>> 49b2b81... Reshuffle of the tests to share some common code:systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/JAXRSOAuth2Test.java
     private WebClient createWebClient(String address) {
         JAXRSClientFactoryBean bean = new JAXRSClientFactoryBean();
         bean.setAddress(address);
@@ -488,35 +330,6 @@ public class JAXRSOAuth2Test extends AbstractBusClientServerTestBase {
         return wc;
     }
     
-<<<<<<< HEAD:systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/JAXRSOAuth2Test.java
-    private String createToken(String audRestr, boolean saml2, boolean sign) throws WSSecurityException {
-        SamlCallbackHandler samlCallbackHandler = new SamlCallbackHandler(sign);
-        samlCallbackHandler.setAudience(audRestr);
-        if (!saml2) {
-            samlCallbackHandler.setSaml2(false);
-            samlCallbackHandler.setConfirmationMethod(SAML1Constants.CONF_BEARER);
-        }
-        
-        SAMLCallback samlCallback = new SAMLCallback();
-        SAMLUtil.doSAMLCallback(samlCallbackHandler, samlCallback);
-
-        SamlAssertionWrapper samlAssertion = new SamlAssertionWrapper(samlCallback);
-        if (samlCallback.isSignAssertion()) {
-            samlAssertion.signAssertion(
-                samlCallback.getIssuerKeyName(),
-                samlCallback.getIssuerKeyPassword(),
-                samlCallback.getIssuerCrypto(),
-                samlCallback.isSendKeyValue(),
-                samlCallback.getCanonicalizationAlgorithm(),
-                samlCallback.getSignatureAlgorithm()
-            );
-        }
-        
-        return samlAssertion.assertionToString();
-    }
-    
-=======
->>>>>>> 49b2b81... Reshuffle of the tests to share some common code:systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/JAXRSOAuth2Test.java
     private static class CustomGrant implements AccessTokenGrant {
 
         private static final long serialVersionUID = -4007538779198315873L;

http://git-wip-us.apache.org/repos/asf/cxf/blob/e61467c8/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/grants-negative-server.xml
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/grants-negative-server.xml b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/grants-negative-server.xml
index 75aa22f..4fffc8a 100644
--- a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/grants-negative-server.xml
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/grants-negative-server.xml
@@ -127,7 +127,7 @@ under the License.
            <ref bean="basicAuthFilter"/>
        </jaxrs:providers>
        <jaxrs:properties>
-           <entry key="security.signature.properties" 
+           <entry key="ws-security.signature.properties" 
                   value="org/apache/cxf/systest/jaxrs/security/bob.properties"/>
            <entry key="rs.security.keystore.type" value="jks" />
            <entry key="rs.security.keystore.alias" value="alice"/>

http://git-wip-us.apache.org/repos/asf/cxf/blob/e61467c8/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/server.xml
----------------------------------------------------------------------
diff --git a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/server.xml b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/server.xml
index 2b3d821..21e09b1 100644
--- a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/server.xml
+++ b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/grants/server.xml
@@ -88,7 +88,7 @@ under the License.
             <ref bean="serviceBean"/>
         </jaxrs:serviceBeans>
         <jaxrs:properties>
-            <entry key="security.signature.properties" value="org/apache/cxf/systest/jaxrs/security/alice.properties"/>
+            <entry key="ws-security.signature.properties" value="org/apache/cxf/systest/jaxrs/security/alice.properties"/>
             <entry key="rs.security.keystore.type" value="jks" />
             <entry key="rs.security.keystore.alias" value="alice"/>
             <entry key="rs.security.keystore.password" value="password"/>
@@ -105,7 +105,7 @@ under the License.
             <ref bean="samlAuthHandler"/>
         </jaxrs:providers>
         <jaxrs:properties>
-            <entry key="security.signature.properties" value="org/apache/cxf/systest/jaxrs/security/alice.properties"/>
+            <entry key="ws-security.signature.properties" value="org/apache/cxf/systest/jaxrs/security/alice.properties"/>
         </jaxrs:properties>
     </jaxrs:server>
     <jaxrs:server address="https://localhost:${testutil.ports.jaxrs-oauth2}/oauth2-auth-jwt">


Mime
View raw message