Author: sergeyb Date: Mon Jul 23 14:59:45 2012 New Revision: 1364666 URL: http://svn.apache.org/viewvc?rev=1364666&view=rev Log: Merged revisions 1362993 via svnmerge from https://svn.apache.org/repos/asf/cxf/branches/2.6.x-fixes
................ r1362993 | sergeyb | 2012-07-18 17:03:19 +0100 (Wed, 18 Jul 2012) | 13 lines Merged revisions 1362988,1362991 via svnmerge from https://svn.apache.org/repos/asf/cxf/trunk ........ r1362988 | sergeyb | 2012-07-18 16:52:07 +0100 (Wed, 18 Jul 2012) | 1 line [CXF-4428] Optionally reporting oAuth 1.0 error details, using 400 by default, 401 if no client is found, mostly in line with the 1.0 spec, consistent with 2.0 too ........ r1362991 | sergeyb | 2012-07-18 16:53:50 +0100 (Wed, 18 Jul 2012) | 1 line Minor updates to OAuth2 module, with the code to report new invalid_client error condition to be updated later ........ ................ Modified: cxf/branches/2.5.x-fixes/ (props changed) cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AbstractOAuthService.java cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenHandler.java cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/RequestTokenHandler.java cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthUtils.java Propchange: cxf/branches/2.5.x-fixes/ ------------------------------------------------------------------------------ Merged /cxf/trunk:r1362988-1362991 Merged /cxf/branches/2.6.x-fixes:r1362993 Propchange: cxf/branches/2.5.x-fixes/ ------------------------------------------------------------------------------ Binary property 'svnmerge-integrated' - no diff available. Modified: cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AbstractOAuthService.java URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AbstractOAuthService.java?rev=1364666&r1=1364665&r2=1364666&view=diff ============================================================================== --- cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AbstractOAuthService.java (original) +++ cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AbstractOAuthService.java Mon Jul 23 14:59:45 2012 @@ -35,13 +35,15 @@ public abstract class AbstractOAuthServi private OAuthDataProvider dataProvider; private OAuthValidator validator = new DefaultOAuthValidator(); - + private boolean reportFailureDetails; + @Context public void setMessageContext(MessageContext context) { this.mc = context; } public MessageContext getMessageContext() { + mc.put(OAuthUtils.REPORT_FAILURE_DETAILS, reportFailureDetails); return mc; } Modified: cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenHandler.java URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenHandler.java?rev=1364666&r1=1364665&r2=1364666&view=diff ============================================================================== --- cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenHandler.java (original) +++ cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenHandler.java Mon Jul 23 14:59:45 2012 @@ -38,6 +38,7 @@ import org.apache.cxf.rs.security.oauth. import org.apache.cxf.rs.security.oauth.data.AccessTokenRegistration; import org.apache.cxf.rs.security.oauth.data.RequestToken; import org.apache.cxf.rs.security.oauth.provider.OAuthDataProvider; +import org.apache.cxf.rs.security.oauth.provider.OAuthServiceException; import org.apache.cxf.rs.security.oauth.utils.OAuthConstants; import org.apache.cxf.rs.security.oauth.utils.OAuthUtils; @@ -97,19 +98,19 @@ public class AccessTokenHandler { return Response.ok(responseString).build(); } catch (OAuthProblemException e) { - if (LOG.isLoggable(Level.WARNING)) { - LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[] {e.fillInStackTrace()}); - } + LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[] {e.fillInStackTrace()}); int code = e.getHttpStatusCode(); - if (code == 200) { - code = HttpServletResponse.SC_UNAUTHORIZED; + if (code == HttpServletResponse.SC_OK) { + code = e.getProblem() == OAuth.Problems.CONSUMER_KEY_UNKNOWN + ? 401 : 400; } - return OAuthUtils.handleException(e, code, String.valueOf(e.getParameters().get("realm"))); + return OAuthUtils.handleException(mc, e, code); + } catch (OAuthServiceException e) { + return OAuthUtils.handleException(mc, e, HttpServletResponse.SC_BAD_REQUEST); } catch (Exception e) { - if (LOG.isLoggable(Level.WARNING)) { - LOG.log(Level.WARNING, "Server Exception: {0}", new Object[] {e.fillInStackTrace()}); - } - return OAuthUtils.handleException(e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + LOG.log(Level.SEVERE, "Unexpected internal server exception: {0}", + new Object[] {e.fillInStackTrace()}); + return OAuthUtils.handleException(mc, e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } } } Modified: cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java?rev=1364666&r1=1364665&r2=1364666&view=diff ============================================================================== --- cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java (original) +++ cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AuthorizationRequestHandler.java Mon Jul 23 14:59:45 2012 @@ -53,6 +53,7 @@ import org.apache.cxf.rs.security.oauth. import org.apache.cxf.rs.security.oauth.data.UserSubject; import org.apache.cxf.rs.security.oauth.provider.DefaultOAuthValidator; import org.apache.cxf.rs.security.oauth.provider.OAuthDataProvider; +import org.apache.cxf.rs.security.oauth.provider.OAuthServiceException; import org.apache.cxf.rs.security.oauth.utils.OAuthConstants; import org.apache.cxf.rs.security.oauth.utils.OAuthUtils; import org.apache.cxf.security.LoginSecurityContext; @@ -141,19 +142,19 @@ public class AuthorizationRequestHandler return Response.seeOther(callback).build(); } catch (OAuthProblemException e) { - if (LOG.isLoggable(Level.WARNING)) { - LOG.log(Level.WARNING, "An OAuth related problem: {0}", new Object[]{e.fillInStackTrace()}); - } + LOG.log(Level.WARNING, "An OAuth related problem: {0}", new Object[]{e.fillInStackTrace()}); int code = e.getHttpStatusCode(); - if (code == 200) { - code = HttpServletResponse.SC_UNAUTHORIZED; - } - return OAuthUtils.handleException(e, code, String.valueOf(e.getParameters().get("realm"))); + if (code == HttpServletResponse.SC_OK) { + code = e.getProblem() == OAuth.Problems.CONSUMER_KEY_UNKNOWN + ? 401 : 400; + } + return OAuthUtils.handleException(mc, e, code); + } catch (OAuthServiceException e) { + return OAuthUtils.handleException(mc, e, HttpServletResponse.SC_BAD_REQUEST); } catch (Exception e) { - if (LOG.isLoggable(Level.SEVERE)) { - LOG.log(Level.SEVERE, "Server exception: {0}", new Object[]{e.fillInStackTrace()}); - } - return OAuthUtils.handleException(e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + LOG.log(Level.SEVERE, "Unexpected internal server exception: {0}", + new Object[] {e.fillInStackTrace()}); + return OAuthUtils.handleException(mc, e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } } Modified: cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/RequestTokenHandler.java URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/RequestTokenHandler.java?rev=1364666&r1=1364665&r2=1364666&view=diff ============================================================================== --- cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/RequestTokenHandler.java (original) +++ cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/RequestTokenHandler.java Mon Jul 23 14:59:45 2012 @@ -39,6 +39,7 @@ import org.apache.cxf.rs.security.oauth. import org.apache.cxf.rs.security.oauth.data.RequestToken; import org.apache.cxf.rs.security.oauth.data.RequestTokenRegistration; import org.apache.cxf.rs.security.oauth.provider.OAuthDataProvider; +import org.apache.cxf.rs.security.oauth.provider.OAuthServiceException; import org.apache.cxf.rs.security.oauth.utils.OAuthConstants; import org.apache.cxf.rs.security.oauth.utils.OAuthUtils; @@ -104,20 +105,19 @@ public class RequestTokenHandler { return Response.ok(responseBody).build(); } catch (OAuthProblemException e) { - if (LOG.isLoggable(Level.WARNING)) { - LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[] {e.fillInStackTrace()}); - } + LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[] {e.fillInStackTrace()}); int code = e.getHttpStatusCode(); - if (code == 200) { - code = HttpServletResponse.SC_UNAUTHORIZED; + if (code == HttpServletResponse.SC_OK) { + code = e.getProblem() == OAuth.Problems.CONSUMER_KEY_UNKNOWN + ? 401 : 400; } - return OAuthUtils.handleException(e, code, String.valueOf(e.getParameters().get("realm"))); + return OAuthUtils.handleException(mc, e, code); + } catch (OAuthServiceException e) { + return OAuthUtils.handleException(mc, e, HttpServletResponse.SC_BAD_REQUEST); } catch (Exception e) { - if (LOG.isLoggable(Level.SEVERE)) { - LOG.log(Level.SEVERE, "Unexpected internal server exception: {0}", - new Object[] {e.fillInStackTrace()}); - } - return OAuthUtils.handleException(e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + LOG.log(Level.SEVERE, "Unexpected internal server exception: {0}", + new Object[] {e.fillInStackTrace()}); + return OAuthUtils.handleException(mc, e, HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } } Modified: cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthUtils.java URL: http://svn.apache.org/viewvc/cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthUtils.java?rev=1364666&r1=1364665&r2=1364666&view=diff ============================================================================== --- cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthUtils.java (original) +++ cxf/branches/2.5.x-fixes/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/utils/OAuthUtils.java Mon Jul 23 14:59:45 2012 @@ -35,6 +35,7 @@ import javax.ws.rs.WebApplicationExcepti import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MultivaluedMap; import javax.ws.rs.core.Response; +import javax.ws.rs.core.Response.ResponseBuilder; import net.oauth.OAuth; import net.oauth.OAuthAccessor; @@ -50,6 +51,7 @@ import org.apache.cxf.jaxrs.ext.MessageC import org.apache.cxf.jaxrs.impl.MetadataMap; import org.apache.cxf.jaxrs.model.URITemplate; import org.apache.cxf.jaxrs.utils.FormUtils; +import org.apache.cxf.message.MessageUtils; import org.apache.cxf.phase.PhaseInterceptorChain; import org.apache.cxf.rs.security.oauth.data.Client; import org.apache.cxf.rs.security.oauth.data.RequestToken; @@ -61,6 +63,7 @@ import org.apache.cxf.rs.security.oauth. * Various utility methods */ public final class OAuthUtils { + public static final String REPORT_FAILURE_DETAILS = "report.failure.details"; private OAuthUtils() { } @@ -155,27 +158,14 @@ public final class OAuthUtils { } - public static Response handleException(Exception e, int status) { - return handleException(e, status, null); - } - - public static Response handleException(Exception e, int status, - String realm) { - if (e instanceof OAuthProblemException) { - OAuthProblemException problem = (OAuthProblemException) e; - OAuthMessage message = new OAuthMessage(null, null, problem - .getParameters().entrySet()); - try { - return - Response.status(status).header("WWW-Authenticate", - message.getAuthorizationHeader(realm)).entity(e.getMessage()).build(); - } catch (IOException e1) { - throw new WebApplicationException( - Response.status(status).entity(e.getMessage()).build()); - } + public static Response handleException(MessageContext mc, + Exception e, + int status) { + ResponseBuilder builder = Response.status(status); + if (MessageUtils.isTrue(mc.get(REPORT_FAILURE_DETAILS))) { + builder.entity(e.getMessage()); } - throw new WebApplicationException( - Response.status(status).entity(e.getMessage()).build()); + throw new WebApplicationException(builder.build()); } public static List<String> parseParamValue(String paramValue, String defaultValue)
