cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sergey Beryozkin <sberyoz...@gmail.com>
Subject OAuth2 AccessTokenValidator interface change
Date Tue, 09 Dec 2014 11:49:22 GMT
Hi

I've updated OAuth2 AccessTokenValidator interface to accept an extra 
parameter, a multivalued map of properties. This change has been done on 
the 3.1.0-SNAPSHOT trunk only.
It is needed for the custom token validators be capable of validating a 
token if the validation input requires some extra properties in addition 
to those found in HTTP Authorization header (client ip address, custom 
headers, URI properties, etc). The interface already accepts 
MessageContext which may be sufficient when extra properties are 
required in a local validation case but it does not work if RS (resource 
server) and AS (Authorization Server) are not collocated.

The reason I'm sending this email to the users list is that I'm keen to 
push this change to CXF 3.0.4-SNAPSHOT (but not to CXF 2.7.15-SNAPSHOT) 
and would like to ask: has someone working with CXF OAuth2 implemented a 
custom AccessTokenValidator and works with CXF 3.0.0-3.0.3 ? Let me know 
please

Thanks, Sergey



[1] 
https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f=rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AccessTokenValidator.java

Mime
View raw message