cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject [1/2] cxf git commit: Experimenting with saving the access tokens
Date Tue, 05 Apr 2016 15:51:35 GMT
Repository: cxf
Updated Branches:
  refs/heads/master b2e5fb658 -> e9fa213b9


Experimenting with saving the access tokens


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b66bb192
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b66bb192
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b66bb192

Branch: refs/heads/master
Commit: b66bb192efca493f376f09c99f06666d8630bf1c
Parents: 0b9cb3d
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Tue Apr 5 16:50:56 2016 +0100
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Tue Apr 5 16:50:56 2016 +0100

----------------------------------------------------------------------
 .../rs/security/oauth2/common/AccessToken.java  |  9 +++++++
 .../oauth2/common/ServerAccessToken.java        | 13 +++++++++-
 .../oauth2/provider/JPAOAuthDataProvider.java   | 27 ++++++++++++++++++--
 .../oauth2/tokens/bearer/BearerAccessToken.java |  3 +++
 .../grants/code/JPACodeDataProviderTest.java    | 26 +++++++++++++++++++
 .../src/test/resources/META-INF/persistence.xml |  4 +++
 6 files changed, 79 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/b66bb192/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessToken.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessToken.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessToken.java
index dd0415f..ade93b4 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessToken.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/AccessToken.java
@@ -22,9 +22,15 @@ import java.io.Serializable;
 import java.util.LinkedHashMap;
 import java.util.Map;
 
+import javax.persistence.ElementCollection;
+import javax.persistence.Id;
+import javax.persistence.MapKeyColumn;
+import javax.persistence.MappedSuperclass;
+
 /**
  * Base Access Token representation
  */
+@MappedSuperclass
 public abstract class AccessToken implements Serializable {
 
     private static final long serialVersionUID = -5750544301887053480L;
@@ -80,6 +86,7 @@ public abstract class AccessToken implements Serializable {
      * Returns the token key
      * @return the key
      */
+    @Id
     public String getTokenKey() {
         return tokenKey;
     }
@@ -110,6 +117,8 @@ public abstract class AccessToken implements Serializable {
      * Gets token parameters 
      * @return
      */
+    @ElementCollection
+    @MapKeyColumn(name = "propName")
     public Map<String, String> getParameters() {
         return parameters;
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/b66bb192/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
index 1f13877..ac2ae7b 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java
@@ -23,6 +23,11 @@ import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
 
+import javax.persistence.ElementCollection;
+import javax.persistence.MapKeyColumn;
+import javax.persistence.MappedSuperclass;
+import javax.persistence.OneToOne;
+
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
@@ -30,6 +35,7 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
 /**
  * Server Access Token representation
  */
+@MappedSuperclass
 public abstract class ServerAccessToken extends AccessToken {
     private static final long serialVersionUID = 638776204861456064L;
     
@@ -86,6 +92,7 @@ public abstract class ServerAccessToken extends AccessToken {
      * Returns the Client associated with this token
      * @return the client
      */
+    @OneToOne
     public Client getClient() {
         return client;
     }
@@ -98,6 +105,7 @@ public abstract class ServerAccessToken extends AccessToken {
      * Returns a list of opaque permissions/scopes
      * @return the scopes
      */
+    @ElementCollection
     public List<OAuthPermission> getScopes() {
         return scopes;
     }
@@ -126,6 +134,7 @@ public abstract class ServerAccessToken extends AccessToken {
      * when authorizing a given client request
      * @return UserSubject
      */
+    @OneToOne
     public UserSubject getSubject() {
         return subject;
     }
@@ -162,7 +171,7 @@ public abstract class ServerAccessToken extends AccessToken {
         return responseType;
     }
     
-
+    @ElementCollection
     public List<String> getAudiences() {
         return audiences;
     }
@@ -194,6 +203,8 @@ public abstract class ServerAccessToken extends AccessToken {
         this.nonce = nonce;
     }
 
+    @ElementCollection
+    @MapKeyColumn(name = "extraPropName")
     public Map<String, String> getExtraProperties() {
         return extraProperties;
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/b66bb192/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
index f3bb53d..4045f91 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
@@ -29,10 +29,13 @@ import javax.persistence.TypedQuery;
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
 import org.apache.cxf.rs.security.oauth2.common.UserSubject;
+import org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken;
 import org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken;
 
 public class JPAOAuthDataProvider extends AbstractOAuthDataProvider {
     private static final String CLIENT_TABLE_NAME = Client.class.getSimpleName();
+    private static final String BEARER_TOKEN_TABLE_NAME = BearerAccessToken.class.getSimpleName();
+    private static final String REFRESH_TOKEN_TABLE_NAME = BearerAccessToken.class.getSimpleName();
     private EntityManager entityManager;
     
     public JPAOAuthDataProvider() {
@@ -74,17 +77,27 @@ public class JPAOAuthDataProvider extends AbstractOAuthDataProvider {
     
     @Override
     public ServerAccessToken getAccessToken(String accessToken) throws OAuthServiceException
{
-        return null;
+        try {
+            return getTokenQuery(accessToken).getSingleResult();
+        } catch (NoResultException ex) {
+            return null;
+        }
     }
     @Override
     protected void doRevokeAccessToken(ServerAccessToken at) {
+        removeEntity(at);
     }
     @Override
     protected RefreshToken getRefreshToken(String refreshTokenKey) { 
-        return null;
+        try {
+            return getRefreshTokenQuery(refreshTokenKey).getSingleResult();
+        } catch (NoResultException ex) {
+            return null;
+        }
     }
     @Override
     protected void doRevokeRefreshToken(RefreshToken rt) { 
+        removeEntity(rt);
     }
     
     protected void saveAccessToken(ServerAccessToken serverToken) {
@@ -111,6 +124,16 @@ public class JPAOAuthDataProvider extends AbstractOAuthDataProvider {
         return entityManager.createQuery(
             "SELECT c FROM " + CLIENT_TABLE_NAME + " c WHERE c.clientId = '" + clientId +
"'", Client.class);
     }
+    protected TypedQuery<ServerAccessToken> getTokenQuery(String tokenKey) {
+        return entityManager.createQuery(
+            "SELECT t FROM " + BEARER_TOKEN_TABLE_NAME + " t WHERE t.tokenKey = '" + tokenKey
+ "'", 
+            ServerAccessToken.class);
+    }
+    protected TypedQuery<RefreshToken> getRefreshTokenQuery(String tokenKey) {
+        return entityManager.createQuery(
+            "SELECT t FROM " + REFRESH_TOKEN_TABLE_NAME + " t WHERE t.tokenKey = '" + tokenKey
+ "'", 
+            RefreshToken.class);
+    }
     protected TypedQuery<Client> getClientsQuery(UserSubject resourceOwnerSubject)
{
         if (resourceOwnerSubject == null) {
             return entityManager.createQuery("SELECT c FROM " + CLIENT_TABLE_NAME + " c",
Client.class);

http://git-wip-us.apache.org/repos/asf/cxf/blob/b66bb192/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
index c0ecd61..1128c32 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/tokens/bearer/BearerAccessToken.java
@@ -18,6 +18,8 @@
  */
 package org.apache.cxf.rs.security.oauth2.tokens.bearer;
 
+import javax.persistence.Entity;
+
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
@@ -26,6 +28,7 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
 /**
  * Simple Bearer Access Token implementations
  */
+@Entity
 public class BearerAccessToken extends ServerAccessToken {
     private static final long serialVersionUID = -3614732043728799245L;
     

http://git-wip-us.apache.org/repos/asf/cxf/blob/b66bb192/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java
b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java
index 120d261..9cf80e5 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/grants/code/JPACodeDataProviderTest.java
@@ -27,8 +27,12 @@ import javax.persistence.EntityManager;
 import javax.persistence.EntityManagerFactory;
 import javax.persistence.Persistence;
 
+import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;
 import org.apache.cxf.rs.security.oauth2.common.Client;
+import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
+import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
 import org.apache.cxf.rs.security.oauth2.common.UserSubject;
+import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 
 import org.junit.After;
 import org.junit.Assert;
@@ -53,6 +57,7 @@ public class JPACodeDataProviderTest extends Assert {
             EntityManager em = emFactory.createEntityManager();
             provider = new JPACodeDataProvider();
             provider.setEntityManager(em);
+            provider.setSupportedScopes(Collections.singletonMap("a", "A Scope"));
         } catch (Exception ex) {
             ex.printStackTrace();
             fail("Exception during JPA EntityManager creation.");
@@ -96,6 +101,27 @@ public class JPACodeDataProviderTest extends Assert {
         
     }
     
+    @Test
+    public void testAddGetDeleteAccessToken() {
+        Client c = addClient("101", "bob");
+        
+        AccessTokenRegistration atr = new AccessTokenRegistration();
+        atr.setClient(c);
+        atr.setApprovedScope(Collections.singletonList("a"));
+        atr.setSubject(c.getResourceOwnerSubject());
+        
+        ServerAccessToken at = provider.createAccessToken(atr);
+        ServerAccessToken at2 = provider.getAccessToken(at.getTokenKey());
+        assertEquals(at.getTokenKey(), at2.getTokenKey());
+        List<OAuthPermission> scopes = at2.getScopes();
+        assertNotNull(scopes);
+        assertEquals(1, scopes.size());
+        OAuthPermission perm = scopes.get(0);
+        assertEquals("a", perm.getPermission());
+        provider.revokeToken(c, at.getTokenKey(), OAuthConstants.ACCESS_TOKEN);
+        assertNull(provider.getAccessToken(at.getTokenKey()));
+    }
+    
     private Client addClient(String clientId, String userLogin) {
         Client c = new Client();
         c.setRedirectUris(Collections.singletonList("http://client/redirect"));

http://git-wip-us.apache.org/repos/asf/cxf/blob/b66bb192/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
b/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
index 78744d5..eb413f0 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
+++ b/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml
@@ -6,6 +6,8 @@
      <provider>org.hibernate.ejb.HibernatePersistence</provider>
      <class>org.apache.cxf.rs.security.oauth2.common.Client</class>
      <class>org.apache.cxf.rs.security.oauth2.common.UserSubject</class>
+     <class>org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken</class>
+     <class>org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken</class>
      <exclude-unlisted-classes>true</exclude-unlisted-classes>
      <properties>
         <property name="hibernate.connection.url" value="jdbc:hsqldb:mem:oauth-jpa"/>
@@ -21,6 +23,8 @@
      <provider>org.apache.openjpa.persistence.PersistenceProviderImpl</provider>
      <class>org.apache.cxf.rs.security.oauth2.common.Client</class>
      <class>org.apache.cxf.rs.security.oauth2.common.UserSubject</class>
+     <class>org.apache.cxf.rs.security.oauth2.tokens.bearer.BearerAccessToken</class>
+     <class>org.apache.cxf.rs.security.oauth2.tokens.refresh.RefreshToken</class>
      <exclude-unlisted-classes>true</exclude-unlisted-classes>
      <properties>
         <property name="openjpa.ConnectionURL" value="jdbc:hsqldb:mem:oauth-jpa"/>


Mime
View raw message