cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Injecting MessageContext into ResourceOwner handler too
Date Thu, 02 Mar 2017 17:39:12 GMT
Repository: cxf
Updated Branches:
  refs/heads/master afdf9361f -> 13d33c9ed


Injecting MessageContext into ResourceOwner handler too


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/13d33c9e
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/13d33c9e
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/13d33c9e

Branch: refs/heads/master
Commit: 13d33c9ed261e06e44706cffa1671d67d31096a7
Parents: afdf936
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Thu Mar 2 17:38:53 2017 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Thu Mar 2 17:38:53 2017 +0000

----------------------------------------------------------------------
 .../grants/owner/ResourceOwnerGrantHandler.java | 11 ++++++--
 .../provider/AbstractOAuthDataProvider.java     |  8 ++++++
 .../oauth2/services/AbstractOAuthService.java   | 28 ++++++++------------
 .../oauth2/services/AccessTokenService.java     | 11 +++++++-
 .../security/oauth2/utils/OAuthConstants.java   |  1 +
 .../rs/security/oauth2/utils/OAuthUtils.java    | 18 +++++++++++++
 6 files changed, 57 insertions(+), 20 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/13d33c9e/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
index ea39634..5aba67e 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
@@ -20,6 +20,7 @@ package org.apache.cxf.rs.security.oauth2.grants.owner;
 
 import javax.ws.rs.core.MultivaluedMap;
 
+import org.apache.cxf.jaxrs.ext.MessageContext;
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rs.security.oauth2.common.OAuthError;
 import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
@@ -27,6 +28,7 @@ import org.apache.cxf.rs.security.oauth2.common.UserSubject;
 import org.apache.cxf.rs.security.oauth2.grants.AbstractGrantHandler;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
+import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
 
 /**
  * The "resource owner" grant handler
@@ -37,7 +39,7 @@ public class ResourceOwnerGrantHandler extends AbstractGrantHandler {
     public ResourceOwnerGrantHandler() {
         super(OAuthConstants.RESOURCE_OWNER_GRANT);
     }
-
+    
     public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String>
params)
         throws OAuthServiceException {
 
@@ -62,5 +64,10 @@ public class ResourceOwnerGrantHandler extends AbstractGrantHandler {
         this.loginHandler = loginHandler;
     }
 
-
+    public void setMessageContext(MessageContext context) {
+        if (loginHandler != null) {
+            OAuthUtils.injectContextIntoOAuthProvider(context, loginHandler);
+        }
+    }
+    
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/13d33c9e/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
index 298835e..95ab72f 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
@@ -25,6 +25,8 @@ import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
 
+import javax.ws.rs.core.MultivaluedMap;
+
 import org.apache.cxf.jaxrs.ext.MessageContext;
 import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
 import org.apache.cxf.rs.security.jose.jwt.JwtToken;
@@ -306,6 +308,12 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider,
Cl
     protected String getCurrentClientSecret() {
         return (String)messageContext.get(OAuthConstants.CLIENT_SECRET);
     }
+    protected MultivaluedMap<String, String> getCurrentRequestParams() {
+        @SuppressWarnings("unchecked")
+        MultivaluedMap<String, String> params = 
+            (MultivaluedMap<String, String>)messageContext.get(OAuthConstants.TOKEN_REQUEST_PARAMS);
+        return params;
+    }
     protected RefreshToken updateRefreshToken(RefreshToken rt, ServerAccessToken at) {
         linkAccessTokenToRefreshToken(rt, at);
         saveRefreshToken(rt);

http://git-wip-us.apache.org/repos/asf/cxf/blob/13d33c9e/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java
index 097a5c6..f64ce6e 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java
@@ -18,7 +18,6 @@
  */
 package org.apache.cxf.rs.security.oauth2.services;
 
-import java.lang.reflect.Method;
 import java.util.logging.Logger;
 
 import javax.ws.rs.core.Context;
@@ -35,6 +34,7 @@ import org.apache.cxf.rs.security.oauth2.common.OAuthError;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthDataProvider;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
+import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
 
 /**
  * Abstract OAuth service
@@ -45,8 +45,7 @@ public abstract class AbstractOAuthService {
     private OAuthDataProvider dataProvider;
     private boolean blockUnsecureRequests;
     private boolean writeOptionalParameters = true;
-    private Method dataProviderContextMethod;
-
+    
     public void setWriteOptionalParameters(boolean write) {
         writeOptionalParameters = write;
     }
@@ -58,13 +57,11 @@ public abstract class AbstractOAuthService {
     @Context
     public void setMessageContext(MessageContext context) {
         this.mc = context;
-        if (dataProviderContextMethod != null) {
-            try {
-                dataProviderContextMethod.invoke(dataProvider, new Object[]{mc});
-            } catch (Throwable t) {
-                throw new RuntimeException(t);
-            }
-        }
+        injectContextIntoOAuthProviders();
+    }
+
+    protected void injectContextIntoOAuthProviders() {
+        OAuthUtils.injectContextIntoOAuthProvider(mc, dataProvider);
     }
 
     public MessageContext getMessageContext() {
@@ -73,13 +70,6 @@ public abstract class AbstractOAuthService {
 
     public void setDataProvider(OAuthDataProvider dataProvider) {
         this.dataProvider = dataProvider;
-        try {
-            dataProviderContextMethod = dataProvider.getClass().getMethod("setMessageContext",
-                                                                          new Class[]{MessageContext.class});
-        } catch (Throwable t) {
-            // ignore
-        }
-
     }
 
     public OAuthDataProvider getDataProvider() {
@@ -101,6 +91,7 @@ public abstract class AbstractOAuthService {
         if (clientId != null) {
             mc.put(OAuthConstants.CLIENT_SECRET, params.getFirst(OAuthConstants.CLIENT_SECRET));
             mc.put(OAuthConstants.GRANT_TYPE, params.getFirst(OAuthConstants.GRANT_TYPE));
+            mc.put(OAuthConstants.TOKEN_REQUEST_PARAMS, params);
             return dataProvider.getClient(clientId);
         }
         LOG.fine("No valid client found as the given clientId is null");
@@ -152,4 +143,7 @@ public abstract class AbstractOAuthService {
     public void setBlockUnsecureRequests(boolean blockUnsecureRequests) {
         this.blockUnsecureRequests = blockUnsecureRequests;
     }
+    
+    
+
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/13d33c9e/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
index 882be54..1fa88d58 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
@@ -19,6 +19,7 @@
 
 package org.apache.cxf.rs.security.oauth2.services;
 
+import java.util.Collections;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.logging.Level;
@@ -60,12 +61,20 @@ public class AccessTokenService extends AbstractTokenService {
         grantHandlers = handlers;
     }
 
+    @Override
+    protected void injectContextIntoOAuthProviders() {
+        super.injectContextIntoOAuthProviders();
+        for (AccessTokenGrantHandler grantHandler : grantHandlers) {
+            OAuthUtils.injectContextIntoOAuthProvider(getMessageContext(), grantHandler);
   
+        }
+    }
+    
     /**
      * Sets a grant handler
      * @param handler the grant handler
      */
     public void setGrantHandler(AccessTokenGrantHandler handler) {
-        grantHandlers.add(handler);
+        setGrantHandlers(Collections.singletonList(handler));
     }
 
     public void setResponseFilters(List<AccessTokenResponseFilter> handlers) {

http://git-wip-us.apache.org/repos/asf/cxf/blob/13d33c9e/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
index 8f31c47..751a88a 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
@@ -44,6 +44,7 @@ public final class OAuthConstants {
     public static final String RESPONSE_MODE = "response_mode";
     public static final String FORM_RESPONSE_MODE = "form_post";
     // CXF-Specific
+    public static final String TOKEN_REQUEST_PARAMS = "token_request_params";
     public static final String ACCESS_TOKEN_ISSUED_AT = "issued_at";
 
 

http://git-wip-us.apache.org/repos/asf/cxf/blob/13d33c9e/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
index 91a5fb4..743147e 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
@@ -18,6 +18,7 @@
  */
 package org.apache.cxf.rs.security.oauth2.utils;
 
+import java.lang.reflect.Method;
 import java.security.Principal;
 import java.util.ArrayList;
 import java.util.Collections;
@@ -65,6 +66,23 @@ public final class OAuthUtils {
     private OAuthUtils() {
     }
 
+    public static void injectContextIntoOAuthProvider(MessageContext context, Object provider)
{
+        Method dataProviderContextMethod = null;
+        try {
+            dataProviderContextMethod = provider.getClass().getMethod("setMessageContext",
+                                                                          new Class[]{MessageContext.class});
+        } catch (Throwable t) {
+            // ignore
+        }
+        if (dataProviderContextMethod != null) {
+            try {
+                dataProviderContextMethod.invoke(provider, new Object[]{context});
+            } catch (Throwable t) {
+                throw new RuntimeException(t);
+            }
+        }
+    }
+    
     public static String setSessionToken(MessageContext mc) {
         return setSessionToken(mc, 0);
     }


Mime
View raw message