Author: lmoren
Date: Sun Oct 24 21:14:58 2010
New Revision: 1026892
URL: http://svn.apache.org/viewvc?rev=1026892&view=rev
Log:
- added support for @Secured annotation
- improved scopes definition
- simplified configuration
Added:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/CustomAuth.java
(with props)
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/oauth/SampleOAuthDataProvider.java
(contents, props changed)
- copied, changed from r985017,
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/oauth/SpringOAuthRequestHandler.java
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/SpringOAuthAuthenticationFilter.java
(with props)
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/SpringSecurityExceptionMapper.java
(with props)
Removed:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/oauth/SpringOAuthRequestHandler.java
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/appengine-web.xml
Modified:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/pom.xml
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/SampleResourceProvider.java
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/controllers/ApplicationController.java
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationSuccessfullHandler.java
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/oauth-beans.xml
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/security-beans.xml
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/web.xml
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp
Modified:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/pom.xml
URL:
http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/pom.xml?rev=1026892&r1=1026891&r2=1026892&view=diff
==============================================================================
---
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/pom.xml
(original)
+++
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/pom.xml
Sun Oct 24 21:14:58 2010
@@ -65,49 +65,65 @@
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
- <version>${spring.version}</version>
+ <version>3.0.3.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
- <version>${spring.version}</version>
+ <version>3.0.3.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
- <version>${spring.version}</version>
+ <version>3.0.3.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-beans</artifactId>
- <version>${spring.version}</version>
+ <version>3.0.3.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
- <version>${spring.version}</version>
+ <version>3.0.3.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
- <version>${spring.version}</version>
+ <version>3.0.3.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
- <version>${spring.version}</version>
+ <version>3.0.3.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
- <version>${spring.version}</version>
+ <version>3.0.3.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-acl</artifactId>
- <version>${spring.version}</version>
+ <version>3.0.3.RELEASE</version>
</dependency>
+ <dependency>
+ <groupId>javax.annotation</groupId>
+ <artifactId>jsr250-api</artifactId>
+ <version>1.0</version>
+ </dependency>
+ <dependency>
+ <groupId>cglib</groupId>
+ <artifactId>cglib</artifactId>
+ <version>2.1</version>
+ </dependency>
+ <dependency>
+ <groupId>asm</groupId>
+ <artifactId>asm</artifactId>
+ <version>1.5.3</version>
+ </dependency>
+
<dependency>
<artifactId>standard</artifactId>
Added:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/CustomAuth.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/CustomAuth.java?rev=1026892&view=auto
==============================================================================
---
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/CustomAuth.java
(added)
+++
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/CustomAuth.java
Sun Oct 24 21:14:58 2010
@@ -0,0 +1,20 @@
+package org.apache.cxf.auth.oauth.demo.server;
+
+import java.io.IOException;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.security.core.AuthenticationException;
+import
org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
+
+/**
+ * @author Lukasz Moren
+ */
+public class CustomAuth extends LoginUrlAuthenticationEntryPoint {
+ @Override
+ public void commence(HttpServletRequest request, HttpServletResponse
response,
+ AuthenticationException authException) throws
IOException, ServletException {
+ super.commence(request, response, authException);
+ }
+}
Propchange:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/CustomAuth.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/CustomAuth.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Modified:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/SampleResourceProvider.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/SampleResourceProvider.java?rev=1026892&r1=1026891&r2=1026892&view=diff
==============================================================================
---
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/SampleResourceProvider.java
(original)
+++
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/SampleResourceProvider.java
Sun Oct 24 21:14:58 2010
@@ -18,6 +18,7 @@
*/
package org.apache.cxf.auth.oauth.demo.server;
+import javax.annotation.security.RolesAllowed;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
@@ -26,7 +27,6 @@ import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
-import javax.xml.ws.handler.MessageContext;
/**
* Sample JAX-RS resource service
@@ -36,20 +36,19 @@ import javax.xml.ws.handler.MessageConte
@Path("/")
public class SampleResourceProvider {
- @Context
- private MessageContext mc;
-
@GET
@Produces("text/html")
- @Path("/person/{name}")
+ @Path("/person/get/{name}")
+ @RolesAllowed( {"ROLE_USER"})
public Response getInfo(@PathParam("name") String name, @Context
HttpServletRequest request) {
return Response.ok("Successfully accessed OAuth protected person: " +
name).build();
}
@POST
@Produces("text/html")
- @Path("/person/{name}")
- public Response modifyInfo(@PathParam("name") String name) {
+ @Path("/person/modify/{name}")
+ @RolesAllowed( {"ROLE_ADMIN"})
+ public Response modifyInfo(@PathParam("name") String name, @Context
HttpServletRequest request) {
return Response.ok("Successfully modified OAuth protected person: " +
name).build();
}
}
Modified:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/controllers/ApplicationController.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/controllers/ApplicationController.java?rev=1026892&r1=1026891&r2=1026892&view=diff
==============================================================================
---
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/controllers/ApplicationController.java
(original)
+++
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/controllers/ApplicationController.java
Sun Oct 24 21:14:58 2010
@@ -21,24 +21,24 @@ package org.apache.cxf.auth.oauth.demo.s
import java.security.Principal;
import java.security.SecureRandom;
import java.util.Set;
-import javax.annotation.Resource;
+import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import org.apache.cxf.auth.oauth.demo.server.ClientApp;
import org.apache.cxf.auth.oauth.provider.Client;
import org.apache.cxf.auth.oauth.provider.ClientImpl;
-import org.apache.cxf.auth.oauth.provider.ClientManager;
+import org.apache.cxf.auth.oauth.provider.OAuthClientManager;
import org.apache.cxf.auth.oauth.provider.OAuthDataProvider;
import org.apache.cxf.auth.oauth.token.MD5TokenGenerator;
import org.apache.cxf.auth.oauth.token.TokenGenerator;
+import org.apache.cxf.auth.oauth.utils.OAuthUtils;
import org.apache.cxf.common.util.StringUtils;
-
-import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.context.ServletContextAware;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.view.RedirectView;
@@ -46,13 +46,11 @@ import org.springframework.web.servlet.v
* @author Lukasz Moren
*/
@Controller
-public class ApplicationController {
+public class ApplicationController implements ServletContextAware {
- @Autowired
private OAuthDataProvider oauthDataProvider;
- @Resource(name = "oauthDataProvider")
- private ClientManager clientManager;
+ private OAuthClientManager clientManager;
@RequestMapping("/newClientForm")
public ModelAndView handleRequest(@ModelAttribute("client") ClientApp
clientApp) {
@@ -149,4 +147,9 @@ public class ApplicationController {
modelAndView.getModel().put("client", app);
return modelAndView;
}
+
+ public void setServletContext(ServletContext servletContext) {
+ oauthDataProvider =
OAuthUtils.getOAuthDataProviderFromServletContext(servletContext);
+ clientManager =
(OAuthClientManager)OAuthUtils.getOAuthDataProviderFromServletContext(servletContext);
+ }
}
Copied:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/oauth/SampleOAuthDataProvider.java
(from r985017,
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/oauth/SpringOAuthRequestHandler.java)
URL:
http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/oauth/SampleOAuthDataProvider.java?p2=cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/oauth/SampleOAuthDataProvider.java&p1=cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/oauth/SpringOAuthRequestHandler.java&r1=985017&r2=1026892&rev=1026892&view=diff
==============================================================================
---
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/oauth/SpringOAuthRequestHandler.java
(original)
+++
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/oauth/SampleOAuthDataProvider.java
Sun Oct 24 21:14:58 2010
@@ -22,8 +22,7 @@ import java.security.Principal;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
-import org.apache.cxf.auth.oauth.handlers.AbstractOAuthRequestHandler;
-
+import org.apache.cxf.auth.oauth.provider.MemoryOauthDataProvider;
import org.springframework.security.core.context.SecurityContext;
import
org.springframework.security.web.context.HttpSessionSecurityContextRepository;
@@ -31,7 +30,7 @@ import org.springframework.security.web.
/**
* @author Lukasz Moren
*/
-public class SpringOAuthRequestHandler extends AbstractOAuthRequestHandler {
+public class SampleOAuthDataProvider extends MemoryOauthDataProvider {
public Principal loggedPrincipal(HttpServletRequest request) {
HttpSession session = request.getSession();
Propchange:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/oauth/SampleOAuthDataProvider.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/oauth/SampleOAuthDataProvider.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Modified:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java?rev=1026892&r1=1026891&r2=1026892&view=diff
==============================================================================
---
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java
(original)
+++
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationFailureHandler.java
Sun Oct 24 21:14:58 2010
@@ -25,10 +25,9 @@ import javax.servlet.http.HttpServletRes
import net.oauth.OAuth;
-import org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler;
+import org.apache.cxf.auth.oauth.endpoints.AuthorizationService;
import org.apache.cxf.common.util.StringUtils;
-
import org.springframework.security.core.AuthenticationException;
import
org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
@@ -42,14 +41,14 @@ public class AuthenticationFailureHandle
public void onAuthenticationFailure(HttpServletRequest request,
HttpServletResponse response,
AuthenticationException exception)
throws IOException, ServletException {
- String xOAuthScope =
request.getParameter(OAuthRequestHandler.X_OAUTH_SCOPE);
+ String xOAuthScope =
request.getParameter(AuthorizationService.X_OAUTH_SCOPE);
String oauthToken = request.getParameter(OAuth.OAUTH_TOKEN);
StringBuffer url = new
StringBuffer(authorizeUrl).append("?").append(OAuth.OAUTH_TOKEN).append("=")
.append(oauthToken);
if (!StringUtils.isEmpty(xOAuthScope)) {
-
url.append("&").append(OAuthRequestHandler.X_OAUTH_SCOPE).append("=")
+
url.append("&").append(AuthorizationService.X_OAUTH_SCOPE).append("=")
.append(xOAuthScope);
}
Modified:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationSuccessfullHandler.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationSuccessfullHandler.java?rev=1026892&r1=1026891&r2=1026892&view=diff
==============================================================================
---
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationSuccessfullHandler.java
(original)
+++
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/AuthenticationSuccessfullHandler.java
Sun Oct 24 21:14:58 2010
@@ -25,10 +25,9 @@ import javax.servlet.http.HttpServletRes
import net.oauth.OAuth;
-import org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler;
+import org.apache.cxf.auth.oauth.endpoints.AuthorizationService;
import org.apache.cxf.common.util.StringUtils;
-
import org.springframework.security.core.Authentication;
import
org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
@@ -47,25 +46,25 @@ public class AuthenticationSuccessfullHa
protected String determineTargetUrl(HttpServletRequest request,
HttpServletResponse response) {
String oauthToken = request.getParameter(OAuth.OAUTH_TOKEN);
- String authToken =
request.getParameter(OAuthRequestHandler.AUTHENTICITY_TOKEN);
- String decision =
request.getParameter(OAuthRequestHandler.AUTHORIZATION_DECISION_KEY);
- String xOAuthScope =
request.getParameter(OAuthRequestHandler.X_OAUTH_SCOPE);
+ String authToken =
request.getParameter(AuthorizationService.AUTHENTICITY_TOKEN);
+ String decision =
request.getParameter(AuthorizationService.AUTHORIZATION_DECISION_KEY);
+ String xOAuthScope =
request.getParameter(AuthorizationService.X_OAUTH_SCOPE);
if (StringUtils.isEmpty(oauthToken)) {
return super.determineTargetUrl(request, response);
}
StringBuffer url = new
StringBuffer(confirmationUrl).append("?").append(OAuth.OAUTH_TOKEN).append("=")
-
.append(oauthToken).append("&").append(OAuthRequestHandler.AUTHENTICITY_TOKEN).append("=")
+
.append(oauthToken).append("&").append(AuthorizationService.AUTHENTICITY_TOKEN).append("=")
.append(authToken);
if (!StringUtils.isEmpty(decision)) {
-
url.append("&").append(OAuthRequestHandler.AUTHORIZATION_DECISION_KEY).append("=")
+
url.append("&").append(AuthorizationService.AUTHORIZATION_DECISION_KEY).append("=")
.append(decision);
}
if (!StringUtils.isEmpty(xOAuthScope)) {
-
url.append("&").append(OAuthRequestHandler.X_OAUTH_SCOPE).append("=")
+
url.append("&").append(AuthorizationService.X_OAUTH_SCOPE).append("=")
.append(xOAuthScope);
}
Added:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/SpringOAuthAuthenticationFilter.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/SpringOAuthAuthenticationFilter.java?rev=1026892&view=auto
==============================================================================
---
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/SpringOAuthAuthenticationFilter.java
(added)
+++
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/SpringOAuthAuthenticationFilter.java
Sun Oct 24 21:14:58 2010
@@ -0,0 +1,63 @@
+package org.apache.cxf.auth.oauth.demo.server.spring;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.UUID;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.cxf.auth.oauth.interceptors.OAuthSecurityFilter;
+
+import
org.springframework.security.authentication.AnonymousAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.GrantedAuthorityImpl;
+import org.springframework.security.core.context.SecurityContextHolder;
+
+/**
+ * @author Lukasz Moren
+ */
+public class SpringOAuthAuthenticationFilter implements Filter {
+
+
+ @Override
+ public void init(FilterConfig filterConfig) throws ServletException {
+
+ }
+
+ @Override
+ public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
+ throws IOException, ServletException {
+ HttpServletRequest req = (HttpServletRequest)request;
+ HttpServletResponse resp = (HttpServletResponse)response;
+
+ List<String> authorities =
(List<String>)request.getAttribute(OAuthSecurityFilter.OAUTH_AUTHORITIES);
+ List<GrantedAuthority> grantedAuthorities = new
ArrayList<GrantedAuthority>();
+
+ if (authorities != null) {
+ for (String authority : authorities) {
+ grantedAuthorities.add(new GrantedAuthorityImpl(authority));
+ }
+
+ Authentication auth = new
AnonymousAuthenticationToken(UUID.randomUUID().toString(),
+ req.getUserPrincipal(), grantedAuthorities);
+
+ SecurityContextHolder.getContext().setAuthentication(auth);
+ }
+
+
+ chain.doFilter(req, resp);
+ }
+
+ @Override
+ public void destroy() {
+
+ }
+}
Propchange:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/SpringOAuthAuthenticationFilter.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/SpringOAuthAuthenticationFilter.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Added:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/SpringSecurityExceptionMapper.java
URL:
http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/SpringSecurityExceptionMapper.java?rev=1026892&view=auto
==============================================================================
---
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/SpringSecurityExceptionMapper.java
(added)
+++
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/SpringSecurityExceptionMapper.java
Sun Oct 24 21:14:58 2010
@@ -0,0 +1,16 @@
+package org.apache.cxf.auth.oauth.demo.server.spring;
+
+import javax.ws.rs.core.Response;
+import javax.ws.rs.ext.ExceptionMapper;
+
+import org.springframework.security.access.AccessDeniedException;
+
+/**
+ * @author Lukasz Moren
+ */
+public class SpringSecurityExceptionMapper implements
ExceptionMapper<AccessDeniedException> {
+
+ public Response toResponse(AccessDeniedException exception) {
+ return Response.status(Response.Status.FORBIDDEN).build();
+ }
+}
Propchange:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/SpringSecurityExceptionMapper.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/java/org/apache/cxf/auth/oauth/demo/server/spring/SpringSecurityExceptionMapper.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Modified:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/oauth-beans.xml
URL:
http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/oauth-beans.xml?rev=1026892&r1=1026891&r2=1026892&view=diff
==============================================================================
---
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/oauth-beans.xml
(original)
+++
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/oauth-beans.xml
Sun Oct 24 21:14:58 2010
@@ -62,38 +62,20 @@
<property name="resourcePath" value="/oAuthLogin.jsp"/>
</bean>
- <!-- Intercept request to OAuth protected resources -->
- <bean id="oauthSecurityInterceptor"
-
class="org.apache.cxf.auth.oauth.interceptors.OAuthSecurityInterceptor">
- <property name="handler" ref="requestHandler"/>
- </bean>
-
- <!--OAuth data provider -->
- <bean id="oauthDataProvider"
class="org.apache.cxf.auth.oauth.provider.MemoryOauthDataProvider">
- <property name="validator" ref="validator"/>
- </bean>
-
- <bean id="requestHandler"
class="org.apache.cxf.auth.oauth.demo.server.oauth.SpringOAuthRequestHandler">
- <property name="OAuthDataProvider" ref="oauthDataProvider"/>
- </bean>
-
<bean id="validator"
class="org.apache.cxf.auth.oauth.validation.OAuthMessageValidator"/>
<!--Definitions of OAuth module endpoints-->
<bean id="resourceOwnerAuthorizationEndpoint"
class="org.apache.cxf.auth.oauth.endpoints.AuthorizationServiceImpl">
- <property name="handler" ref="requestHandler"/>
<property name="displayVerifierURL"
value="http://localhost:8081/app/displayVerifier"/>
</bean>
<bean id="tokenService"
class="org.apache.cxf.auth.oauth.endpoints.TokenCredentialsServiceImpl">
- <property name="handler" ref="requestHandler"/>
</bean>
<bean id="temporaryCredentialService"
class="org.apache.cxf.auth.oauth.endpoints.TemporaryCredentialsServiceImpl">
- <property name="handler" ref="requestHandler"/>
</bean>
@@ -102,11 +84,13 @@
<jaxrs:serviceBeans>
<ref bean="resource"/>
</jaxrs:serviceBeans>
- <jaxrs:inInterceptors>
- <ref bean="oauthSecurityInterceptor"/>
- </jaxrs:inInterceptors>
+ <jaxrs:providers>
+ <ref bean="springSecurityExceptionMapper"/>
+ </jaxrs:providers>
</jaxrs:server>
+ <bean id="springSecurityExceptionMapper"
+
class="org.apache.cxf.auth.oauth.demo.server.spring.SpringSecurityExceptionMapper"/>
<!-- Resource Provider -->
<bean id="resource"
class="org.apache.cxf.auth.oauth.demo.server.SampleResourceProvider"/>
</beans>
\ No newline at end of file
Modified:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/security-beans.xml
URL:
http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/security-beans.xml?rev=1026892&r1=1026891&r2=1026892&view=diff
==============================================================================
---
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/security-beans.xml
(original)
+++
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/security-beans.xml
Sun Oct 24 21:14:58 2010
@@ -36,7 +36,13 @@
<beans:property name="authorizeUrl" value="/auth/oauth/authorize"/>
</beans:bean>
- <http auto-config="false">
+ <global-method-security secured-annotations="enabled"
jsr250-annotations="enabled"/>
+
+ <beans:bean id="entryPoint"
class="org.apache.cxf.auth.oauth.demo.server.CustomAuth">
+ <beans:property name="loginFormUrl" value="/index.jsp"/>
+ </beans:bean>
+
+ <http auto-config="false" entry-point-ref="entryPoint">
<intercept-url pattern="/oAuthLogin.jsp" filters="none"/>
<intercept-url pattern="/index.jsp" filters="none"/>
<intercept-url pattern="/" filters="none"/>
Modified:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/web.xml
URL:
http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/web.xml?rev=1026892&r1=1026891&r2=1026892&view=diff
==============================================================================
---
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/web.xml
(original)
+++
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/WEB-INF/web.xml
Sun Oct 24 21:14:58 2010
@@ -23,7 +23,31 @@
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd";
metadata-complete="true" version="2.5">
+ <context-param>
+ <param-name>oauth.data.provider-class</param-name>
+
<param-value>org.apache.cxf.auth.oauth.demo.server.oauth.SampleOAuthDataProvider</param-value>
+ </context-param>
+ <filter>
+ <filter-name>oauthFilter</filter-name>
+
<filter-class>org.apache.cxf.auth.oauth.interceptors.OAuthSecurityFilter</filter-class>
+ </filter>
+
+ <filter-mapping>
+ <filter-name>oauthFilter</filter-name>
+ <url-pattern>/auth/resources/person/*</url-pattern>
+ </filter-mapping>
+
+
+ <filter>
+ <filter-name>oauthSpringFilter</filter-name>
+
<filter-class>org.apache.cxf.auth.oauth.demo.server.spring.SpringOAuthAuthenticationFilter
+ </filter-class>
+ </filter>
+ <filter-mapping>
+ <filter-name>oauthSpringFilter</filter-name>
+ <url-pattern>/auth/resources/person/*</url-pattern>
+ </filter-mapping>
<!-- **************** Spring configuration *****************-->
<context-param>
Modified:
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp
URL:
http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp?rev=1026892&r1=1026891&r2=1026892&view=diff
==============================================================================
---
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp
(original)
+++
cxf/sandbox/oauth_1.0a/distribution/src/main/release/samples/oauth_1.0a/server/src/main/webapp/oAuthLogin.jsp
Sun Oct 24 21:14:58 2010
@@ -1,4 +1,4 @@
-<%@ page import="org.apache.cxf.auth.oauth.handlers.OAuthRequestHandler" %>
+<%@ page import="org.apache.cxf.auth.oauth.endpoints.AuthorizationService" %>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
@@ -36,9 +36,11 @@ under the License.
<form name="f" action="/j_spring_security_check"
method="POST">
<input type="hidden" name="oauth_token"
value="${oauthauthorizationdata.oauthToken}"/>
- <input type="hidden"
name="<%=OAuthRequestHandler.AUTHENTICITY_TOKEN%>"
+ <input type="hidden"
+
name="<%=org.apache.cxf.auth.oauth.endpoints.AuthorizationService.AUTHENTICITY_TOKEN%>"
value="${oauthauthorizationdata.authenticityToken}"/>
- <input type="hidden"
name="<%=OAuthRequestHandler.X_OAUTH_SCOPE%>"
+ <input type="hidden"
+
name="<%=org.apache.cxf.auth.oauth.endpoints.AuthorizationService.X_OAUTH_SCOPE%>"
value="<%=request.getParameter("x_oauth_scope")%>"/>
<p>The application
<b>${oauthauthorizationdata.applicationName}</b> would like the
@@ -69,12 +71,14 @@ under the License.
<label for="password">Password</label>
<input type="password" id="password"
name="j_password"/>
<br>
- <button
name="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_KEY%>" type="submit"
-
value="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_DENY%>">
+ <button
name="<%=org.apache.cxf.auth.oauth.endpoints.AuthorizationService.AUTHORIZATION_DECISION_KEY%>"
+ type="submit"
+
value="<%=org.apache.cxf.auth.oauth.endpoints.AuthorizationService.AUTHORIZATION_DECISION_DENY%>">
Deny
</button>
- <button
name="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_KEY%>" type="submit"
-
value="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_ALLOW%>">
+ <button
name="<%=org.apache.cxf.auth.oauth.endpoints.AuthorizationService.AUTHORIZATION_DECISION_KEY%>"
+ type="submit"
+
value="<%=org.apache.cxf.auth.oauth.endpoints.AuthorizationService.AUTHORIZATION_DECISION_ALLOW%>">
Allow
</button>
</form>
@@ -84,9 +88,11 @@ under the License.
<form action="/auth/oauth/authorize">
<input type="hidden" name="oauth_token"
value="${oauthauthorizationdata.oauthToken}"/>
- <input type="hidden"
name="<%=OAuthRequestHandler.AUTHENTICITY_TOKEN%>"
+ <input type="hidden"
+
name="<%=org.apache.cxf.auth.oauth.endpoints.AuthorizationService.AUTHENTICITY_TOKEN%>"
value="${oauthauthorizationdata.authenticityToken}"/>
- <input type="hidden"
name="<%=OAuthRequestHandler.X_OAUTH_SCOPE%>"
+ <input type="hidden"
+
name="<%=org.apache.cxf.auth.oauth.endpoints.AuthorizationService.X_OAUTH_SCOPE%>"
value="<%=request.getParameter("x_oauth_scope")%>"/>
<p>The application
<b>${oauthauthorizationdata.applicationName}</b> would like
@@ -99,14 +105,14 @@ under the License.
</c:forEach></ul>
Please ensure that you trust this website with
your information before
proceeding!</p>
- <button
name="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_KEY%>"
+ <button
name="<%=AuthorizationService.AUTHORIZATION_DECISION_KEY%>"
type="submit"
-
value="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_DENY%>">
+
value="<%=AuthorizationService.AUTHORIZATION_DECISION_DENY%>">
Deny
</button>
- <button
name="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_KEY%>"
+ <button
name="<%=AuthorizationService.AUTHORIZATION_DECISION_KEY%>"
type="submit"
-
value="<%=OAuthRequestHandler.AUTHORIZATION_DECISION_ALLOW%>">
+
value="<%=AuthorizationService.AUTHORIZATION_DECISION_ALLOW%>">
Allow
</button>
</form>
