Author: sergeyb
Date: Sun Dec 11 17:15:18 2011
New Revision: 1213022
URL: http://svn.apache.org/viewvc?rev=1213022&view=rev
Log:
[CXF-3967] Adding OAuthContext to be used by custom filters for extra checks
Added:
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthContext.java
(with props)
Modified:
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/Token.java
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthRequestFilter.java
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthServletFilter.java
Added:
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthContext.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthContext.java?rev=1213022&view=auto
==============================================================================
---
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthContext.java
(added)
+++
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthContext.java
Sun Dec 11 17:15:18 2011
@@ -0,0 +1,40 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.rs.security.oauth.data;
+
+
+/**
+ * Captures the information which custom filters may use to further protect
the endpoints
+ */
+public class OAuthContext {
+
+ private UserSubject subject;
+
+ public void setSubject(UserSubject subject) {
+ this.subject = subject;
+ }
+
+ public UserSubject getSubject() {
+ return subject;
+ }
+
+
+
+
+}
Propchange:
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthContext.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/OAuthContext.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Modified:
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/Token.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/Token.java?rev=1213022&r1=1213021&r2=1213022&view=diff
==============================================================================
---
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/Token.java
(original)
+++
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/data/Token.java
Sun Dec 11 17:15:18 2011
@@ -116,10 +116,22 @@ public abstract class Token {
this.uris = uris;
}
+ /**
+ * Sets a subject capturing the login name
+ * the end user used to login to the resource server
+ * when authorizing a given client request
+ * @param subject
+ */
public void setSubject(UserSubject subject) {
this.subject = subject;
}
+ /**
+ * Returns a subject capturing the login name
+ * the end user used to login to the resource server
+ * when authorizing a given client request
+ * @return UserSubject
+ */
public UserSubject getSubject() {
return subject;
}
Modified:
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java?rev=1213022&r1=1213021&r2=1213022&view=diff
==============================================================================
---
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java
(original)
+++
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java
Sun Dec 11 17:15:18 2011
@@ -34,6 +34,7 @@ import org.apache.cxf.common.logging.Log
import org.apache.cxf.common.security.SimplePrincipal;
import org.apache.cxf.rs.security.oauth.data.AccessToken;
import org.apache.cxf.rs.security.oauth.data.Client;
+import org.apache.cxf.rs.security.oauth.data.OAuthContext;
import org.apache.cxf.rs.security.oauth.data.OAuthPermission;
import org.apache.cxf.rs.security.oauth.data.UserSubject;
import org.apache.cxf.rs.security.oauth.provider.OAuthDataProvider;
@@ -196,4 +197,12 @@ public class AbstractAuthFilter {
};
}
+
+ protected OAuthContext createOAuthContext(OAuthInfo info) {
+ OAuthContext context = new OAuthContext();
+ if (info.getToken() != null) {
+ context.setSubject(info.getToken().getSubject());
+ }
+ return context;
+ }
}
Modified:
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthRequestFilter.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthRequestFilter.java?rev=1213022&r1=1213021&r2=1213022&view=diff
==============================================================================
---
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthRequestFilter.java
(original)
+++
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthRequestFilter.java
Sun Dec 11 17:15:18 2011
@@ -29,6 +29,7 @@ import org.apache.cxf.jaxrs.ext.RequestH
import org.apache.cxf.jaxrs.model.ClassResourceInfo;
import org.apache.cxf.message.Message;
import org.apache.cxf.message.MessageUtils;
+import org.apache.cxf.rs.security.oauth.data.OAuthContext;
import org.apache.cxf.security.SecurityContext;
/**
@@ -58,5 +59,7 @@ public class OAuthRequestFilter extends
SecurityContext sc = createSecurityContext(mc.getHttpServletRequest(),
info);
m.setContent(SecurityContext.class, sc);
+ m.put(OAuthContext.class.getName(), createOAuthContext(info));
+
}
}
Modified:
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthServletFilter.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthServletFilter.java?rev=1213022&r1=1213021&r2=1213022&view=diff
==============================================================================
---
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthServletFilter.java
(original)
+++
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/OAuthServletFilter.java
Sun Dec 11 17:15:18 2011
@@ -35,6 +35,7 @@ import net.oauth.OAuthProblemException;
import net.oauth.server.OAuthServlet;
import org.apache.cxf.message.MessageUtils;
+import org.apache.cxf.rs.security.oauth.data.OAuthContext;
import org.apache.cxf.rs.security.oauth.utils.OAuthUtils;
import org.apache.cxf.security.SecurityContext;
@@ -85,6 +86,7 @@ public class OAuthServletFilter extends
return "OAuth";
}
};
+ newRequest.setAttribute(OAuthContext.class.getName(),
createOAuthContext(info));
return newRequest;
}
