cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Injecting MessageContext into ResourceOwner handler too
Date Thu, 02 Mar 2017 17:53:42 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 06d2a32ad -> 963a541fe


Injecting MessageContext into ResourceOwner handler too


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/963a541f
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/963a541f
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/963a541f

Branch: refs/heads/3.1.x-fixes
Commit: 963a541fe53a4d3f0481472c75fe6b7310c929c7
Parents: 06d2a32
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Thu Mar 2 17:38:53 2017 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Thu Mar 2 17:52:20 2017 +0000

----------------------------------------------------------------------
 .../grants/owner/ResourceOwnerGrantHandler.java | 11 ++++++--
 .../provider/AbstractOAuthDataProvider.java     |  8 ++++++
 .../oauth2/services/AbstractOAuthService.java   | 28 ++++++++------------
 .../oauth2/services/AccessTokenService.java     | 13 +++++++--
 .../security/oauth2/utils/OAuthConstants.java   |  1 +
 .../rs/security/oauth2/utils/OAuthUtils.java    | 18 +++++++++++++
 6 files changed, 58 insertions(+), 21 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/963a541f/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
index 19e0f6b..4a5d03b 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
@@ -20,6 +20,7 @@ package org.apache.cxf.rs.security.oauth2.grants.owner;
 
 import javax.ws.rs.core.MultivaluedMap;
 
+import org.apache.cxf.jaxrs.ext.MessageContext;
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rs.security.oauth2.common.OAuthError;
 import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
@@ -27,6 +28,7 @@ import org.apache.cxf.rs.security.oauth2.common.UserSubject;
 import org.apache.cxf.rs.security.oauth2.grants.AbstractGrantHandler;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
+import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
 
 /**
  * The "resource owner" grant handler
@@ -37,7 +39,7 @@ public class ResourceOwnerGrantHandler extends AbstractGrantHandler {
     public ResourceOwnerGrantHandler() {
         super(OAuthConstants.RESOURCE_OWNER_GRANT);
     }
-
+    
     public ServerAccessToken createAccessToken(Client client, MultivaluedMap<String, String>
params)
         throws OAuthServiceException {
         
@@ -62,5 +64,10 @@ public class ResourceOwnerGrantHandler extends AbstractGrantHandler {
         this.loginHandler = loginHandler;
     }
 
-
+    public void setMessageContext(MessageContext context) {
+        if (loginHandler != null) {
+            OAuthUtils.injectContextIntoOAuthProvider(context, loginHandler);
+        }
+    }
+    
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/963a541f/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
index e39c9be..e5a8eba 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
@@ -25,6 +25,8 @@ import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
 
+import javax.ws.rs.core.MultivaluedMap;
+
 import org.apache.cxf.jaxrs.ext.MessageContext;
 import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
 import org.apache.cxf.rs.security.jose.jwt.JwtToken;
@@ -311,6 +313,12 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider,
Cl
     protected String getCurrentClientSecret() {
         return (String)messageContext.get(OAuthConstants.CLIENT_SECRET);
     }
+    protected MultivaluedMap<String, String> getCurrentRequestParams() {
+        @SuppressWarnings("unchecked")
+        MultivaluedMap<String, String> params = 
+            (MultivaluedMap<String, String>)messageContext.get(OAuthConstants.TOKEN_REQUEST_PARAMS);
+        return params;
+    }
     protected RefreshToken updateRefreshToken(RefreshToken rt, ServerAccessToken at) {
         linkAccessTokenToRefreshToken(rt, at);
         saveRefreshToken(rt);

http://git-wip-us.apache.org/repos/asf/cxf/blob/963a541f/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java
index 79187d1..a3791f2 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java
@@ -18,7 +18,6 @@
  */
 package org.apache.cxf.rs.security.oauth2.services;
 
-import java.lang.reflect.Method;
 import java.util.logging.Logger;
 
 import javax.ws.rs.core.Context;
@@ -35,6 +34,7 @@ import org.apache.cxf.rs.security.oauth2.common.OAuthError;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthDataProvider;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
+import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
 
 /**
  * Abstract OAuth service
@@ -45,7 +45,6 @@ public abstract class AbstractOAuthService {
     private OAuthDataProvider dataProvider;
     private boolean blockUnsecureRequests;
     private boolean writeOptionalParameters = true;
-    private Method dataProviderContextMethod;
     
     public void setWriteOptionalParameters(boolean write) {
         writeOptionalParameters = write;
@@ -57,14 +56,12 @@ public abstract class AbstractOAuthService {
     
     @Context 
     public void setMessageContext(MessageContext context) {
-        this.mc = context;    
-        if (dataProviderContextMethod != null) {
-            try {
-                dataProviderContextMethod.invoke(dataProvider, new Object[]{mc});
-            } catch (Throwable t) {
-                throw new RuntimeException(t); 
-            }
-        }
+        this.mc = context;
+        injectContextIntoOAuthProviders();
+    }
+
+    protected void injectContextIntoOAuthProviders() {
+        OAuthUtils.injectContextIntoOAuthProvider(mc, dataProvider);
     }
     
     public MessageContext getMessageContext() {
@@ -73,13 +70,6 @@ public abstract class AbstractOAuthService {
 
     public void setDataProvider(OAuthDataProvider dataProvider) {
         this.dataProvider = dataProvider;
-        try {
-            dataProviderContextMethod = dataProvider.getClass().getMethod("setMessageContext",

-                                                                          new Class[]{MessageContext.class});
-        } catch (Throwable t) {
-            // ignore
-        }
-        
     }
 
     public OAuthDataProvider getDataProvider() {
@@ -101,6 +91,7 @@ public abstract class AbstractOAuthService {
         if (clientId != null) {
             mc.put(OAuthConstants.CLIENT_SECRET, params.getFirst(OAuthConstants.CLIENT_SECRET));
             mc.put(OAuthConstants.GRANT_TYPE, params.getFirst(OAuthConstants.GRANT_TYPE));
+            mc.put(OAuthConstants.TOKEN_REQUEST_PARAMS, params);
             return dataProvider.getClient(clientId);
         }
         LOG.fine("No valid client found as the given clientId is null");
@@ -152,4 +143,7 @@ public abstract class AbstractOAuthService {
     public void setBlockUnsecureRequests(boolean blockUnsecureRequests) {
         this.blockUnsecureRequests = blockUnsecureRequests;
     }
+    
+    
+
 }

http://git-wip-us.apache.org/repos/asf/cxf/blob/963a541f/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
index 28410b8..b31d6b4 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
@@ -19,6 +19,7 @@
 
 package org.apache.cxf.rs.security.oauth2.services;
 
+import java.util.Collections;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.logging.Level;
@@ -59,13 +60,21 @@ public class AccessTokenService extends AbstractTokenService {
     public void setGrantHandlers(List<AccessTokenGrantHandler> handlers) {
         grantHandlers = handlers;
     }
+
+    @Override
+    protected void injectContextIntoOAuthProviders() {
+        super.injectContextIntoOAuthProviders();
+        for (AccessTokenGrantHandler grantHandler : grantHandlers) {
+            OAuthUtils.injectContextIntoOAuthProvider(getMessageContext(), grantHandler);
   
+        }
+    }
     
     /**
      * Sets a grant handler
      * @param handler the grant handler
      */
     public void setGrantHandler(AccessTokenGrantHandler handler) {
-        grantHandlers.add(handler);
+        setGrantHandlers(Collections.singletonList(handler));
     }
 
     public void setResponseFilters(List<AccessTokenResponseFilter> handlers) {
@@ -174,4 +183,4 @@ public class AccessTokenService extends AbstractTokenService {
         
         return null;
     }
-}
\ No newline at end of file
+}

http://git-wip-us.apache.org/repos/asf/cxf/blob/963a541f/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
index a14fa97..19c06e9 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
@@ -44,6 +44,7 @@ public final class OAuthConstants {
     public static final String RESPONSE_MODE = "response_mode";
     public static final String FORM_RESPONSE_MODE = "form_post";
     // CXF-Specific
+    public static final String TOKEN_REQUEST_PARAMS = "token_request_params";
     public static final String ACCESS_TOKEN_ISSUED_AT = "issued_at";
     
     

http://git-wip-us.apache.org/repos/asf/cxf/blob/963a541f/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
index ab2e88c..fab0323 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
@@ -18,6 +18,7 @@
  */
 package org.apache.cxf.rs.security.oauth2.utils;
 
+import java.lang.reflect.Method;
 import java.security.Principal;
 import java.util.ArrayList;
 import java.util.Collections;
@@ -64,6 +65,23 @@ public final class OAuthUtils {
 
     private OAuthUtils() {
     }
+
+    public static void injectContextIntoOAuthProvider(MessageContext context, Object provider)
{
+        Method dataProviderContextMethod = null;
+        try {
+            dataProviderContextMethod = provider.getClass().getMethod("setMessageContext",
+                                                                          new Class[]{MessageContext.class});
+        } catch (Throwable t) {
+            // ignore
+        }
+        if (dataProviderContextMethod != null) {
+            try {
+                dataProviderContextMethod.invoke(provider, new Object[]{context});
+            } catch (Throwable t) {
+                throw new RuntimeException(t);
+            }
+        }
+    }
     
     public static String setSessionToken(MessageContext mc) {
         return setSessionToken(mc, 0);


Mime
View raw message