cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r1025603 - in /websites/production/cxf/content: cache/docs.pageCache docs/jax-rs-oauth2.html
Date Mon, 19 Feb 2018 15:56:38 GMT
Author: buildbot
Date: Mon Feb 19 15:56:38 2018
New Revision: 1025603

Log:
Production update by buildbot for cxf

Modified:
    websites/production/cxf/content/cache/docs.pageCache
    websites/production/cxf/content/docs/jax-rs-oauth2.html

Modified: websites/production/cxf/content/cache/docs.pageCache
==============================================================================
Binary files - no diff available.

Modified: websites/production/cxf/content/docs/jax-rs-oauth2.html
==============================================================================
--- websites/production/cxf/content/docs/jax-rs-oauth2.html (original)
+++ websites/production/cxf/content/docs/jax-rs-oauth2.html Mon Feb 19 15:56:38 2018
@@ -32,9 +32,9 @@
 <link type="text/css" rel="stylesheet" href="/resources/highlighter/styles/shThemeCXF.css">
 
 <script src='/resources/highlighter/scripts/shCore.js'></script>
-<script src='/resources/highlighter/scripts/shBrushBash.js'></script>
-<script src='/resources/highlighter/scripts/shBrushXml.js'></script>
 <script src='/resources/highlighter/scripts/shBrushJava.js'></script>
+<script src='/resources/highlighter/scripts/shBrushXml.js'></script>
+<script src='/resources/highlighter/scripts/shBrushBash.js'></script>
 <script>
   SyntaxHighlighter.defaults['toolbar'] = false;
   SyntaxHighlighter.all();
@@ -119,11 +119,11 @@ Apache CXF -- JAX-RS OAuth2
            <!-- Content -->
            <div class="wiki-content">
 <div id="ConfluenceContent"><h1 id="JAX-RSOAuth2-JAX-RS:OAuth2">JAX-RS: OAuth2</h1><p><style
type="text/css">/*<![CDATA[*/
-div.rbtoc1508777316134 {padding: 0px;}
-div.rbtoc1508777316134 ul {list-style: disc;margin-left: 0px;}
-div.rbtoc1508777316134 li {margin-left: 0px;padding-left: 0px;}
+div.rbtoc1519055759680 {padding: 0px;}
+div.rbtoc1519055759680 ul {list-style: disc;margin-left: 0px;}
+div.rbtoc1519055759680 li {margin-left: 0px;padding-left: 0px;}
 
-/*]]>*/</style></p><div class="toc-macro rbtoc1508777316134">
+/*]]>*/</style></p><div class="toc-macro rbtoc1519055759680">
 <ul class="toc-indentation"><li><a shape="rect" href="#JAX-RSOAuth2-JAX-RS:OAuth2">JAX-RS:
OAuth2</a></li><li><a shape="rect" href="#JAX-RSOAuth2-Introduction">Introduction</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-Mavendependencies">Maven dependencies</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-ClientRegistration">Client Registration</a></li><li><a
shape="rect" href="#JAX-RSOAuth2-DevelopingOAuth2Servers">Developing OAuth2 Servers</a>
 <ul class="toc-indentation"><li><a shape="rect" href="#JAX-RSOAuth2-AuthorizationService">Authorization
Service</a>
 <ul class="toc-indentation"><li><a shape="rect" href="#JAX-RSOAuth2-HowtocreateAuthorizationView">How
to create Authorization View</a></li><li><a shape="rect" href="#JAX-RSOAuth2-EndUserNameinAuthorizationForm">EndUser
Name in Authorization Form</a></li><li><a shape="rect" href="#JAX-RSOAuth2-PublicClients(Devices)">Public
Clients (Devices)</a>
@@ -665,7 +665,7 @@ try {
 
 }
 </pre>
-</div></div><p>The client code directly dealing with OAuth2 specifics can
be the most flelxible option: the client which has both access and refresh tokens can check
the current access token expiry time and if it is known to have expiried then it can proactively</p><p>refresh
the tokens, avoiding doing a futile HTTP request that is bound to return 401. Or/and indeed
it can take care of JAX-RS NotAuthorizedException (401) and refresh the tokens. Sophisticated
clients might want to check which scopes have been approved for a given access token and dynamically
decide if a given HTTP service call can be made or not. Clients can also proactively revoke
the tokens using a token revocation mechanism.</p><h2 id="JAX-RSOAuth2-OAuth2clientapplicationswithcode-grantfilters">OAuth2
client applications with code-grant filters</h2><p>The code in the previous section
shows the client application code directly supporting OAuth2 dynamics (redirection, the access
token acquisition). Starting from CXF
  3.0.6 a simpler option is possible with the help of ClientCodeRequestFilter. This filter
manages the initial redirection, exchanging code grants for tokens, persisting the request
state, and then making the token and the state available to the application code, for example,
the following code does not deal itself with teh redirection or interacting with OAuth2 servers:</p><div
class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent
pdl">
+</div></div><p>The client code directly dealing with OAuth2 specifics can
be the most flelxible option: the client which has both access and refresh tokens can check
the current access token expiry time and if it is known to have expiried then it can proactively</p><p>refresh
the tokens, avoiding doing a futile HTTP request that is bound to return 401. Or/and indeed
it can take care of JAX-RS NotAuthorizedException (401) and refresh the tokens. Sophisticated
clients might want to check which scopes have been approved for a given access token and dynamically
decide if a given HTTP service call can be made or not. Clients can also proactively revoke
the tokens using a token revocation mechanism.</p><h2 id="JAX-RSOAuth2-OAuth2clientapplicationswithcode-grantfilters">OAuth2
client applications with code-grant filters</h2><p>The code in the previous section
shows the client application code directly supporting OAuth2 dynamics (redirection, the access
token acquisition). Starting from CXF
  3.0.6 a simpler option is possible with the help of ClientCodeRequestFilter. This filter
manages the initial redirection, exchanging code grants for tokens, persisting the request
state, and then making the token and the state available to the application code, for example,
the following code does not deal itself with the redirection or interacting with OAuth2 servers:</p><div
class="code panel pdl" style="border-width: 1px;"><div class="codeContent panelContent
pdl">
 <pre class="brush: java; gutter: false; theme: Default" style="font-size:12px;">import
org.apache.cxf.jaxrs.client.WebClient;
 import org.apache.cxf.rs.security.oauth2.client.ClientTokenContext;
 



Mime
View raw message