cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf-fediz git commit: Simplifying the fediz oidc provider client cred code as it is done at the abstract level now
Date Tue, 07 Mar 2017 14:13:18 GMT
Repository: cxf-fediz
Updated Branches:
  refs/heads/master 3f0c6be07 -> 294522cbc


Simplifying the fediz oidc provider client cred code as it is done at the abstract level now


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/294522cb
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/294522cb
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/294522cb

Branch: refs/heads/master
Commit: 294522cbcef36c51f4d0e7bf992207aa891886e0
Parents: 3f0c6be
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Tue Mar 7 14:13:02 2017 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Tue Mar 7 14:13:02 2017 +0000

----------------------------------------------------------------------
 .../oidc/JAASAuthenticationStrategy.java        |  1 +
 .../service/oidc/OAuthDataProviderImpl.java     | 74 --------------------
 .../oidc/ProviderAuthenticationStrategy.java    | 23 ------
 3 files changed, 1 insertion(+), 97 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/294522cb/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/JAASAuthenticationStrategy.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/JAASAuthenticationStrategy.java
b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/JAASAuthenticationStrategy.java
index 10e4255..7fc9a88 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/JAASAuthenticationStrategy.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/JAASAuthenticationStrategy.java
@@ -28,6 +28,7 @@ import javax.security.auth.login.LoginException;
 
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.interceptor.security.NamePasswordCallbackHandler;
+import org.apache.cxf.rs.security.oauth2.provider.ProviderAuthenticationStrategy;
 
 public class JAASAuthenticationStrategy implements ProviderAuthenticationStrategy {
     private static final Logger LOG = LogUtils.getL7dLogger(JAASAuthenticationStrategy.class);

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/294522cb/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java
b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java
index 888d70a..e672b3e 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java
@@ -18,50 +18,17 @@
  */
 package org.apache.cxf.fediz.service.oidc;
 
-import java.security.Principal;
-import java.util.Collections;
 import java.util.List;
 
-import org.apache.cxf.jaxrs.ext.MessageContext;
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
 import org.apache.cxf.rs.security.oauth2.grants.code.DefaultEHCacheCodeDataProvider;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
-import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
 import org.apache.cxf.rs.security.oidc.utils.OidcUtils;
 
 public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider {
 
-    private boolean checkOnlyRegisteredClients;
-    private boolean persistUnregisteredClients = true;
-    private ProviderAuthenticationStrategy authenticationStrategy;
-    
-    @Override
-    public Client getClient(String clientId) {
-        Client client = super.getClient(clientId);
-        if (client != null || checkOnlyRegisteredClients) {
-            return client;
-        }
-
-        String grantType = getCurrentRequestedGrantType();
-        if (OAuthConstants.CLIENT_CREDENTIALS_GRANT.equals(grantType)) {
-            // Pre-registering the OAuth2 Client representations for
-            // "client_credentials" can be difficult.
-            String clientSecret = (String)getMessageContext().get(OAuthConstants.CLIENT_SECRET);
-            if (clientSecret != null) {
-                // Direct authentication with the back-end storage
-                return authenticateClient(clientId, clientSecret);
-            } else {
-                Principal p = super.getMessageContext().getSecurityContext().getUserPrincipal();
-                if (clientId.equals(p.getName())) {
-                    return createClientCredClient(clientId, null);
-                }
-            }
-        }
-        return null;
-    }
-
     @Override
     public List<OAuthPermission> convertScopeToPermissions(Client client, List<String>
requestedScopes) {
         //TODO: push this code into the abstract class
@@ -75,45 +42,4 @@ public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider
{
         }
         return super.convertScopeToPermissions(client, requestedScopes);
     }
-
-    public void setCheckOnlyRegisteredClients(boolean checkOnlyRegisteredClients) {
-        this.checkOnlyRegisteredClients = checkOnlyRegisteredClients;
-    }
-
-    public void setPersistUnregisteredClients(boolean persistUnregisteredClients) {
-        this.persistUnregisteredClients = persistUnregisteredClients;
-    }
-
-    public void setAuthenticationStrategy(ProviderAuthenticationStrategy authenticationStrategy)
{
-        this.authenticationStrategy = authenticationStrategy;
-    }
-    
-    protected Client authenticateClient(String clientId, String clientSecret) {
-        if (doAuthenticate(clientId, clientSecret)) {
-            return createClientCredClient(clientId, clientSecret);
-        }
-        return null;
-    }
-    
-    protected Client createClientCredClient(String clientId, String password) {
-        Client c = new Client(clientId, password, true);
-        c.setAllowedGrantTypes(Collections.singletonList(OAuthConstants.CLIENT_CREDENTIALS_GRANT));
-        if (persistUnregisteredClients) {
-            // It will enable seeing these clients and their tokens in the OIDC management
console
-            super.setClient(c);
-        }
-        return c;
-    }
-
-    protected boolean doAuthenticate(String id, String password) {
-        return authenticationStrategy != null
-            && authenticationStrategy.authenticate(id, password);
-    }
-    @Override
-    public void setMessageContext(MessageContext mc) {
-        super.setMessageContext(mc);
-        if (authenticationStrategy != null) {
-            OAuthUtils.injectContextIntoOAuthProvider(mc, authenticationStrategy);
-        }
-    }
 }

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/294522cb/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ProviderAuthenticationStrategy.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ProviderAuthenticationStrategy.java
b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ProviderAuthenticationStrategy.java
deleted file mode 100644
index 71dd1b7..0000000
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/ProviderAuthenticationStrategy.java
+++ /dev/null
@@ -1,23 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.cxf.fediz.service.oidc;
-
-public interface ProviderAuthenticationStrategy {
-    boolean authenticate(String name, String password);
-}


Mime
View raw message