cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Some cleanup around saving refresh tokens
Date Wed, 06 Apr 2016 15:28:01 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 075b4f205 -> f4bc11621


Some cleanup around saving refresh tokens


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f4bc1162
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f4bc1162
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f4bc1162

Branch: refs/heads/master
Commit: f4bc1162145e0aa5d87bc0c3e04fb74a70df080e
Parents: 075b4f2
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Wed Apr 6 16:27:45 2016 +0100
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Wed Apr 6 16:27:45 2016 +0100

----------------------------------------------------------------------
 .../oauth2/provider/AbstractOAuthDataProvider.java | 17 +++++++++--------
 .../provider/DefaultEHCacheOAuthDataProvider.java  |  2 +-
 .../DefaultEncryptingOAuthDataProvider.java        | 10 +++++-----
 .../oauth2/provider/JPAOAuthDataProvider.java      |  2 +-
 4 files changed, 16 insertions(+), 15 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/f4bc1162/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
index c971985..1a312f6 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
@@ -131,7 +131,7 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider,
Cl
             if (rt.getAccessTokens().isEmpty()) {
                 revokeRefreshToken(rt.getTokenKey());
             } else {
-                saveRefreshToken(null, rt);
+                saveRefreshToken(rt);
             }
         }
         
@@ -215,14 +215,14 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider,
Cl
     }
      
     protected RefreshToken updateRefreshToken(RefreshToken rt, ServerAccessToken at) {
-        linkRefreshAccessTokens(rt, at);
-        saveRefreshToken(at, rt);
+        linkAccessTokenToRefreshToken(rt, at);
+        saveRefreshToken(rt);
+        linkRefreshTokenToAccessToken(rt, at);
         return rt;
     }
     protected RefreshToken createNewRefreshToken(ServerAccessToken at) {
         RefreshToken rt = doCreateNewRefreshToken(at);
-        saveRefreshToken(at, rt);
-        return rt;
+        return updateRefreshToken(rt, at);
     }
     protected RefreshToken doCreateNewRefreshToken(ServerAccessToken at) {
         RefreshToken rt = new RefreshToken(at.getClient(), refreshTokenLifetime);
@@ -239,12 +239,13 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider,
Cl
         }
         rt.setSubject(at.getSubject());
         rt.setClientCodeVerifier(at.getClientCodeVerifier());
-        linkRefreshAccessTokens(rt, at);
         return rt;
     }
     
-    private void linkRefreshAccessTokens(RefreshToken rt, ServerAccessToken at) {
+    protected void linkAccessTokenToRefreshToken(RefreshToken rt, ServerAccessToken at) {
         rt.getAccessTokens().add(at.getTokenKey());
+    }
+    protected void linkRefreshTokenToAccessToken(RefreshToken rt, ServerAccessToken at) {
         at.setRefreshToken(rt.getTokenKey());
     }
 
@@ -351,7 +352,7 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider,
Cl
     
     
     protected abstract void saveAccessToken(ServerAccessToken serverToken);
-    protected abstract void saveRefreshToken(ServerAccessToken at, RefreshToken refreshToken);
+    protected abstract void saveRefreshToken(RefreshToken refreshToken);
     protected abstract void doRevokeAccessToken(ServerAccessToken accessToken);
     protected abstract void doRevokeRefreshToken(RefreshToken  refreshToken);
     protected abstract RefreshToken getRefreshToken(String refreshTokenKey);

http://git-wip-us.apache.org/repos/asf/cxf/blob/f4bc1162/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEHCacheOAuthDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEHCacheOAuthDataProvider.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEHCacheOAuthDataProvider.java
index c6e65f3..7d376ed 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEHCacheOAuthDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEHCacheOAuthDataProvider.java
@@ -143,7 +143,7 @@ public class DefaultEHCacheOAuthDataProvider extends AbstractOAuthDataProvider
{
         putCacheValue(accessTokenCache, serverToken.getTokenKey(), serverToken, serverToken.getExpiresIn());
     }
     
-    protected void saveRefreshToken(ServerAccessToken at, RefreshToken refreshToken) {
+    protected void saveRefreshToken(RefreshToken refreshToken) {
         putCacheValue(refreshTokenCache, refreshToken.getTokenKey(), refreshToken, refreshToken.getExpiresIn());
     }
     

http://git-wip-us.apache.org/repos/asf/cxf/blob/f4bc1162/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEncryptingOAuthDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEncryptingOAuthDataProvider.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEncryptingOAuthDataProvider.java
index e436aec..02d66d8 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEncryptingOAuthDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEncryptingOAuthDataProvider.java
@@ -39,7 +39,7 @@ import org.apache.cxf.rt.security.crypto.KeyProperties;
 public class DefaultEncryptingOAuthDataProvider extends AbstractOAuthDataProvider {
     protected SecretKey key;
     private Set<String> tokens = Collections.synchronizedSet(new HashSet<String>());
-    private ConcurrentHashMap<String, String> refreshTokens = new ConcurrentHashMap<String,
String>();
+    private Set<String> refreshTokens = Collections.synchronizedSet(new HashSet<String>());
     private ConcurrentHashMap<String, String> clientsMap = new ConcurrentHashMap<String,
String>();
     public DefaultEncryptingOAuthDataProvider(String algo, int keySize) {
         this(new KeyProperties(algo, keySize));
@@ -90,7 +90,7 @@ public class DefaultEncryptingOAuthDataProvider extends AbstractOAuthDataProvide
     @Override
     public List<RefreshToken> getRefreshTokens(Client c, UserSubject sub) {
         List<RefreshToken> list = new ArrayList<RefreshToken>(refreshTokens.size());
-        for (String tokenKey : tokens) {
+        for (String tokenKey : refreshTokens) {
             RefreshToken token = getRefreshToken(tokenKey);
             if (isTokenMatched(token, c, sub)) {
                 list.add(token);
@@ -118,9 +118,10 @@ public class DefaultEncryptingOAuthDataProvider extends AbstractOAuthDataProvide
     }
     
     @Override
-    protected void saveRefreshToken(ServerAccessToken at, RefreshToken refreshToken) {
+    protected void saveRefreshToken(RefreshToken refreshToken) {
         String encryptedRefreshToken = ModelEncryptionSupport.encryptRefreshToken(refreshToken,
key);
-        at.setRefreshToken(encryptedRefreshToken);
+        refreshToken.setTokenKey(encryptedRefreshToken);
+        refreshTokens.add(encryptedRefreshToken);
     }
 
     @Override
@@ -131,7 +132,6 @@ public class DefaultEncryptingOAuthDataProvider extends AbstractOAuthDataProvide
     private void encryptAccessToken(ServerAccessToken token) {
         String encryptedToken = ModelEncryptionSupport.encryptAccessToken(token, key);
         tokens.add(encryptedToken);
-        refreshTokens.put(token.getRefreshToken(), encryptedToken);
         token.setTokenKey(encryptedToken);
     }
     @Override

http://git-wip-us.apache.org/repos/asf/cxf/blob/f4bc1162/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
index bc9db23..409fe25 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java
@@ -103,7 +103,7 @@ public class JPAOAuthDataProvider extends AbstractOAuthDataProvider {
         persistEntity(serverToken);
     }
     
-    protected void saveRefreshToken(ServerAccessToken at, RefreshToken refreshToken) {
+    protected void saveRefreshToken(RefreshToken refreshToken) {
         persistEntity(refreshToken);
     }
     protected void persistEntityWithPossibleRollback(Object entity) {


Mime
View raw message