svn commit: r1414658 - in /cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2: common/OAuthContext.java filters/OAuthRequestFilter.java grants/refresh/RefreshTokenGrant.java utils/OAuthContextUtils.java

Wed, 28 Nov 2012 05:02:56 -0800 

Author: sergeyb
Date: Wed Nov 28 13:02:27 2012
New Revision: 1414658

URL: http://svn.apache.org/viewvc?rev=1414658&view=rev
Log:
Minor modifications to the Oauth2 code

Modified:
    
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthContext.java
    
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java
    
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrant.java
    
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java

Modified: 
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthContext.java
URL: 
http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthContext.java?rev=1414658&r1=1414657&r2=1414658&view=diff
==============================================================================
--- 
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthContext.java
 (original)
+++ 
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/OAuthContext.java
 Wed Nov 28 13:02:27 2012
@@ -28,27 +28,37 @@ import java.util.List;
  */
 public class OAuthContext {
 
-    private UserSubject subject;
-    private List<OAuthPermission> permissions;
+    private UserSubject resourceOwnerSubject;
+    private UserSubject clientSubject;
+    private List<OAuthPermission> tokenPermissions;
     private String tokenGrantType;
     private String clientId;
     private String tokenKey;
     
-    public OAuthContext(UserSubject subject, 
+    public OAuthContext(UserSubject resourceOwnerSubject,
+                        UserSubject clientSubject,
                         List<OAuthPermission> perms,
                         String tokenGrantType) {
-        this.subject = subject;
-        this.permissions = perms;
+        this.resourceOwnerSubject = resourceOwnerSubject;
+        this.clientSubject = clientSubject;
+        this.tokenPermissions = perms;
         this.tokenGrantType = tokenGrantType;
     }
    
     /**
-     * Gets the {@link UserSubject} representing the end user authorizing the 
client 
-     * at the authorization grant creation time 
+     * Gets the {@link UserSubject} representing the resource owner
      * @return the subject
      */
     public UserSubject getSubject() {
-        return subject;
+        return resourceOwnerSubject;
+    }
+    
+    /**
+     * Gets the {@link UserSubject} representing the client
+     * @return the subject
+     */
+    public UserSubject getClientSubject() {
+        return clientSubject;
     }
     
     /**
@@ -56,7 +66,7 @@ public class OAuthContext {
      * @return the permissions
      */
     public List<OAuthPermission> getPermissions() {
-        return Collections.unmodifiableList(permissions);
+        return Collections.unmodifiableList(tokenPermissions);
     }
 
     /**

Modified: 
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java
URL: 
http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java?rev=1414658&r1=1414657&r2=1414658&view=diff
==============================================================================
--- 
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java
 (original)
+++ 
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java
 Wed Nov 28 13:02:27 2012
@@ -86,6 +86,7 @@ public class OAuthRequestFilter extends 
         
         // Also set the OAuthContext
         OAuthContext oauthContext = new 
OAuthContext(accessTokenV.getTokenSubject(),
+                                                     
accessTokenV.getClientSubject(),
                                                      matchingPermissions,
                                                      
accessTokenV.getTokenGrantType());
         
@@ -134,11 +135,11 @@ public class OAuthRequestFilter extends 
     
     protected SecurityContext createSecurityContext(HttpServletRequest 
request, 
                                                     AccessTokenValidation 
accessTokenV) {
-        UserSubject endUserSubject = accessTokenV.getTokenSubject();
+        UserSubject resourceOwnerSubject = accessTokenV.getTokenSubject();
         UserSubject clientSubject = accessTokenV.getClientSubject();
 
         final UserSubject theSubject = 
-            OAuthRequestFilter.this.useUserSubject ? endUserSubject : 
clientSubject;
+            OAuthRequestFilter.this.useUserSubject ? resourceOwnerSubject : 
clientSubject;
                     
         return new SecurityContext() {
 

Modified: 
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrant.java
URL: 
http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrant.java?rev=1414658&r1=1414657&r2=1414658&view=diff
==============================================================================
--- 
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrant.java
 (original)
+++ 
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrant.java
 Wed Nov 28 13:02:27 2012
@@ -26,11 +26,17 @@ import org.apache.cxf.rs.security.oauth2
 
 public class RefreshTokenGrant implements AccessTokenGrant {
     private String refreshToken;
+    private String scope;
     
     public RefreshTokenGrant(String refreshToken) {
         this.refreshToken = refreshToken;
     }
     
+    public RefreshTokenGrant(String refreshToken, String scope) {
+        this.refreshToken = refreshToken;
+        this.scope = scope;
+    }
+    
     public String getType() {
         return OAuthConstants.REFRESH_TOKEN_GRANT;
     }
@@ -39,6 +45,9 @@ public class RefreshTokenGrant implement
         MultivaluedMap<String, String> map = new MetadataMap<String, String>();
         map.putSingle(OAuthConstants.GRANT_TYPE, 
OAuthConstants.REFRESH_TOKEN_GRANT);
         map.putSingle(OAuthConstants.REFRESH_TOKEN, refreshToken);
+        if (scope != null) {
+            map.putSingle(OAuthConstants.SCOPE, scope);
+        }
         return map;
     }
 

Modified: 
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java
URL: 
http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java?rev=1414658&r1=1414657&r2=1414658&view=diff
==============================================================================
--- 
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java
 (original)
+++ 
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthContextUtils.java
 Wed Nov 28 13:02:27 2012
@@ -35,7 +35,7 @@ public final class OAuthContextUtils {
     
     /**
      * @param mc the {@link MessageContext}
-     * @return the name of the UserSubject of the logged in user
+     * @return the name of the UserSubject of the logged in user or resource 
owner
      * @throws WebApplicationException with Status 401 if not authenticated
      */
     public static String resolveUserName(final MessageContext mc) {
@@ -45,7 +45,7 @@ public final class OAuthContextUtils {
 
     /**
      * @param mc the {@link MessageContext}
-     * @return the list of roles of the logged in user
+     * @return the list of roles of the logged in user or resource owner
      * @throws WebApplicationException with Status 401 if not authenticated
      */
     public static List<String> resolveUserRoles(final MessageContext mc) {
@@ -98,7 +98,7 @@ public final class OAuthContextUtils {
 
     /**
      * @param mc the {@link MessageContext}
-     * @return the client the user is using to access
+     * @return the client registration id
      * @throws WebApplicationException with Status 401 if not authenticated
      */
     public static String resolveClient(MessageContext mc) {
@@ -108,9 +108,8 @@ public final class OAuthContextUtils {
 
     /**
      * @param mc the {@link MessageContext}
-     * @param client the desired client
-     * @throws WebApplicationException with Status 401 if not authenticated
-     * @throws WebApplicationException with Status 403 if user doesn't have 
needed role
+     * @param client the desired client registration id
+     * @throws WebApplicationException with Status 403 if the current client 
id is not valid
      */
     public static void assertClient(MessageContext mc, String client) {
         String cl = resolveClient(mc);

Reply via email to