cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Making OidcHybridService extend OidcImplicitService as it requires fewer overrides and a bit more flexible
Date Fri, 04 Mar 2016 17:04:33 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 96cd11b04 -> e3cf81814


Making OidcHybridService extend OidcImplicitService as it requires fewer overrides and a bit
more flexible


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e3cf8181
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e3cf8181
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e3cf8181

Branch: refs/heads/3.1.x-fixes
Commit: e3cf81814730be1b2a1b35a7a5d62ac4da061ab8
Parents: 96cd11b
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Fri Mar 4 17:02:02 2016 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Fri Mar 4 17:04:15 2016 +0000

----------------------------------------------------------------------
 .../services/AbstractImplicitGrantService.java  |  2 +-
 .../oauth2/services/ImplicitGrantService.java   |  6 +-
 .../rs/security/oidc/idp/OidcHybridService.java | 59 +++++++++++++-------
 .../security/oidc/idp/OidcImplicitService.java  |  8 ++-
 4 files changed, 51 insertions(+), 24 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/e3cf8181/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java
index db5bc73..99db2eb 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java
@@ -67,7 +67,7 @@ public abstract class AbstractImplicitGrantService extends RedirectionBasedGrant
         return Response.seeOther(URI.create(sb.toString())).build();
         
     }
-    public StringBuilder prepareGrant(OAuthRedirectionState state,
+    protected StringBuilder prepareGrant(OAuthRedirectionState state,
                                    Client client,
                                    List<String> requestedScope,
                                    List<String> approvedScope,

http://git-wip-us.apache.org/repos/asf/cxf/blob/e3cf8181/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
index e0fec11..7f0aa8e 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
@@ -45,9 +45,13 @@ public class ImplicitGrantService extends AbstractImplicitGrantService
{
     public ImplicitGrantService() {
         super(OAuthConstants.TOKEN_RESPONSE_TYPE, OAuthConstants.IMPLICIT_GRANT);
     }
-    public ImplicitGrantService(Set<String> responseTypes) {
+    protected ImplicitGrantService(Set<String> responseTypes) {
         super(responseTypes, OAuthConstants.IMPLICIT_GRANT);
     }
+    protected ImplicitGrantService(Set<String> supportedResponseTypes,
+                                   String supportedGrantType) {
+        super(supportedResponseTypes, supportedGrantType);
+    }
     @Override
     protected OAuthAuthorizationData createAuthorizationData(Client client, 
                                                              MultivaluedMap<String, String>
params,

http://git-wip-us.apache.org/repos/asf/cxf/blob/e3cf8181/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcHybridService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcHybridService.java
b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcHybridService.java
index 1f53de1..4c59601 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcHybridService.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcHybridService.java
@@ -23,16 +23,18 @@ import java.util.HashMap;
 import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
+
+import javax.ws.rs.Path;
 
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rs.security.oauth2.common.OAuthRedirectionState;
 import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
 import org.apache.cxf.rs.security.oauth2.common.UserSubject;
-import org.apache.cxf.rs.security.oauth2.services.AbstractImplicitGrantService;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 
-
-public class OidcHybridService extends AbstractImplicitGrantService {
+@Path("authorize-hybrid")
+public class OidcHybridService extends OidcImplicitService {
     public static final String CODE_AT_RESPONSE_TYPE = "code token";
     public static final String CODE_ID_TOKEN_RESPONSE_TYPE = "code id_token";
     public static final String CODE_ID_TOKEN_AT_RESPONSE_TYPE = "code id_token token";
@@ -40,22 +42,39 @@ public class OidcHybridService extends AbstractImplicitGrantService {
     static {
         IMPLICIT_RESPONSE_TYPES = new HashMap<String, String>();
         IMPLICIT_RESPONSE_TYPES.put(CODE_AT_RESPONSE_TYPE, OAuthConstants.TOKEN_RESPONSE_TYPE);
-        IMPLICIT_RESPONSE_TYPES.put(CODE_ID_TOKEN_RESPONSE_TYPE, OidcImplicitService.ID_TOKEN_RESPONSE_TYPE);
-        IMPLICIT_RESPONSE_TYPES.put(CODE_ID_TOKEN_AT_RESPONSE_TYPE, OidcImplicitService.ID_TOKEN_AT_RESPONSE_TYPE);
+        IMPLICIT_RESPONSE_TYPES.put(CODE_ID_TOKEN_RESPONSE_TYPE, ID_TOKEN_RESPONSE_TYPE);
+        IMPLICIT_RESPONSE_TYPES.put(CODE_ID_TOKEN_AT_RESPONSE_TYPE, ID_TOKEN_AT_RESPONSE_TYPE);
+        IMPLICIT_RESPONSE_TYPES.put(ID_TOKEN_RESPONSE_TYPE, ID_TOKEN_RESPONSE_TYPE);
+        IMPLICIT_RESPONSE_TYPES.put(ID_TOKEN_AT_RESPONSE_TYPE, ID_TOKEN_AT_RESPONSE_TYPE);
     }
     private OidcAuthorizationCodeService codeService;
-    private OidcImplicitService implicitService;
     
     public OidcHybridService() {
-        super(new HashSet<String>(Arrays.asList(CODE_AT_RESPONSE_TYPE,
-                                                CODE_ID_TOKEN_RESPONSE_TYPE,
-                                                CODE_ID_TOKEN_AT_RESPONSE_TYPE)), 
-                                  "Hybrid");
+        this(false);
+    }
+    public OidcHybridService(boolean hybridOnly) {
+        super(getResponseTypes(hybridOnly), "Hybrid");
+    }
+    
+    private static Set<String> getResponseTypes(boolean hybridOnly) {
+        List<String> types = 
+            Arrays.asList(CODE_AT_RESPONSE_TYPE, CODE_ID_TOKEN_RESPONSE_TYPE, CODE_ID_TOKEN_AT_RESPONSE_TYPE);
+        if (!hybridOnly) {
+            types.add(ID_TOKEN_RESPONSE_TYPE);
+            types.add(ID_TOKEN_AT_RESPONSE_TYPE);
+        }
+        return new HashSet<String>(types);
     }
     
+    @Override
+    protected boolean canAccessTokenBeReturned(String responseType) {
+        return ID_TOKEN_AT_RESPONSE_TYPE.equals(responseType)
+            || CODE_AT_RESPONSE_TYPE.equals(responseType)
+            || CODE_ID_TOKEN_AT_RESPONSE_TYPE.equals(responseType);
+    }
     
     @Override
-    public StringBuilder prepareGrant(OAuthRedirectionState state,
+    protected StringBuilder prepareGrant(OAuthRedirectionState state,
                                    Client client,
                                    List<String> requestedScope,
                                    List<String> approvedScope,
@@ -63,15 +82,18 @@ public class OidcHybridService extends AbstractImplicitGrantService {
                                    ServerAccessToken preAuthorizedToken) {
         String actualResponseType = state.getResponseType();
         
-        state.setResponseType(OAuthConstants.CODE_RESPONSE_TYPE);
-        String code = codeService.getGrantCode(state, client, requestedScope,
-                                               approvedScope, userSubject, preAuthorizedToken);
         state.setResponseType(IMPLICIT_RESPONSE_TYPES.get(actualResponseType)); 
-        StringBuilder sb = implicitService.prepareGrant(state, client, requestedScope, 
+        StringBuilder sb = super.prepareGrant(state, client, requestedScope, 
                                                           approvedScope, userSubject, preAuthorizedToken);
    
-        sb.append("&");
-        sb.append(OAuthConstants.AUTHORIZATION_CODE_VALUE).append("=").append(code);
+        if (actualResponseType.startsWith(OAuthConstants.AUTHORIZATION_CODE_VALUE)) {
+            state.setResponseType(OAuthConstants.CODE_RESPONSE_TYPE);
+            String code = codeService.getGrantCode(state, client, requestedScope,
+                                                   approvedScope, userSubject, preAuthorizedToken);
+            
+            sb.append("&");
+            sb.append(OAuthConstants.AUTHORIZATION_CODE_VALUE).append("=").append(code);
+        }
         return sb;
     }
 
@@ -81,7 +103,4 @@ public class OidcHybridService extends AbstractImplicitGrantService {
     }
 
 
-    public void setImplicitService(OidcImplicitService implicitService) {
-        this.implicitService = implicitService;
-    }
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/e3cf8181/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcImplicitService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcImplicitService.java
b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcImplicitService.java
index 4d41da0..87d721b 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcImplicitService.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcImplicitService.java
@@ -21,6 +21,7 @@ package org.apache.cxf.rs.security.oidc.idp;
 import java.util.Arrays;
 import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
 
 import javax.ws.rs.core.MultivaluedMap;
 import javax.ws.rs.core.Response;
@@ -52,7 +53,10 @@ public class OidcImplicitService extends ImplicitGrantService {
         super(new HashSet<String>(Arrays.asList(ID_TOKEN_RESPONSE_TYPE,
                                                 ID_TOKEN_AT_RESPONSE_TYPE)));
     }
-    
+    protected OidcImplicitService(Set<String> supportedResponseTypes,
+                                  String supportedGrantType) {
+        super(supportedResponseTypes, supportedGrantType);
+    }
     @Override
     protected boolean canAccessTokenBeReturned(String responseType) {
         return ID_TOKEN_AT_RESPONSE_TYPE.equals(responseType);
@@ -85,7 +89,7 @@ public class OidcImplicitService extends ImplicitGrantService {
     }
     
     @Override
-    public StringBuilder prepareGrant(OAuthRedirectionState state,
+    protected StringBuilder prepareGrant(OAuthRedirectionState state,
                                    Client client,
                                    List<String> requestedScope,
                                    List<String> approvedScope,


Mime
View raw message