Author: sergeyb Date: Mon Sep 23 21:32:39 2013 New Revision: 1525708 URL: http://svn.apache.org/r1525708 Log: Merged revisions 1525707 via svnmerge from https://svn.apache.org/repos/asf/cxf/branches/2.7.x-fixes
................ r1525707 | sergeyb | 2013-09-23 22:20:08 +0100 (Mon, 23 Sep 2013) | 9 lines Merged revisions 1525704 via svnmerge from https://svn.apache.org/repos/asf/cxf/trunk ........ r1525704 | sergeyb | 2013-09-23 22:17:16 +0100 (Mon, 23 Sep 2013) | 1 line [CXF-5296] Correctly parsing custom params with semicolon, dealing with missing token_type parameters ........ ................ Modified: cxf/branches/2.6.x-fixes/ (props changed) cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProviderTest.java Propchange: cxf/branches/2.6.x-fixes/ ------------------------------------------------------------------------------ Merged /cxf/branches/2.7.x-fixes:r1525707 Merged /cxf/trunk:r1525704 Propchange: cxf/branches/2.6.x-fixes/ ------------------------------------------------------------------------------ Binary property 'svnmerge-integrated' - no diff available. Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java?rev=1525708&r1=1525707&r2=1525708&view=diff ============================================================================== --- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java (original) +++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthClientUtils.java Mon Sep 23 21:32:39 2013 @@ -153,6 +153,32 @@ public final class OAuthClientUtils { AccessTokenGrant grant, boolean setAuthorizationHeader) throws OAuthServiceException { + return getAccessToken(accessTokenService, consumer, grant, extraParams, + null, setAuthorizationHeader); + } + + /** + * Obtains the access token from OAuth AccessToken Service + * using the initialized web client + * @param accessTokenService the AccessToken client + * @param consumer {@link Consumer} representing the registered client. + * @param grant {@link AccessTokenGrant} grant + * @param extraParams extra parameters + * @param defaultTokenType default expected token type - some early + * well-known OAuth2 services do not return a required token_type parameter + * @param setAuthorizationHeader if set to true then HTTP Basic scheme + * will be used to pass client id and secret, otherwise they will + * be passed in the form payload + * @return {@link ClientAccessToken} access token + * @throws OAuthServiceException + */ + public static ClientAccessToken getAccessToken(WebClient accessTokenService, + Consumer consumer, + AccessTokenGrant grant, + Map<String, String> extraParams, + String defaultTokenType, + boolean setAuthorizationHeader) + throws OAuthServiceException { Form form = new Form(grant.toMap()); @@ -185,7 +211,7 @@ public final class OAuthClientUtils { throw new ClientWebApplicationException(ex); } if (200 == response.getStatus()) { - ClientAccessToken token = fromMapToClientToken(map); + ClientAccessToken token = fromMapToClientToken(map, defaultTokenType); if (token == null) { throw new OAuthServiceException(OAuthConstants.SERVER_ERROR); } else { @@ -201,33 +227,44 @@ public final class OAuthClientUtils { } public static ClientAccessToken fromMapToClientToken(Map<String, String> map) { - if (map.containsKey(OAuthConstants.ACCESS_TOKEN) - && map.containsKey(OAuthConstants.ACCESS_TOKEN_TYPE)) { - ClientAccessToken token = new ClientAccessToken( - map.remove(OAuthConstants.ACCESS_TOKEN_TYPE), - map.remove(OAuthConstants.ACCESS_TOKEN)); + return fromMapToClientToken(map, null); + } + + public static ClientAccessToken fromMapToClientToken(Map<String, String> map, + String defaultTokenType) { + if (map.containsKey(OAuthConstants.ACCESS_TOKEN)) { - String refreshToken = map.remove(OAuthConstants.REFRESH_TOKEN); - if (refreshToken != null) { - token.setRefreshToken(refreshToken); - } - String expiresInStr = map.remove(OAuthConstants.ACCESS_TOKEN_EXPIRES_IN); - if (expiresInStr != null) { - token.setExpiresIn(Long.valueOf(expiresInStr)); - } - String issuedAtStr = map.remove(OAuthConstants.ACCESS_TOKEN_ISSUED_AT); - token.setIssuedAt(issuedAtStr != null ? Long.valueOf(issuedAtStr) - : System.currentTimeMillis() / 1000); - String scope = map.remove(OAuthConstants.SCOPE); - if (scope != null) { - token.setApprovedScope(scope); + String tokenType = map.remove(OAuthConstants.ACCESS_TOKEN_TYPE); + if (tokenType == null) { + tokenType = defaultTokenType; + } + if (tokenType != null) { + ClientAccessToken token = new ClientAccessToken( + tokenType, + map.remove(OAuthConstants.ACCESS_TOKEN)); + + String refreshToken = map.remove(OAuthConstants.REFRESH_TOKEN); + if (refreshToken != null) { + token.setRefreshToken(refreshToken); + } + String expiresInStr = map.remove(OAuthConstants.ACCESS_TOKEN_EXPIRES_IN); + if (expiresInStr != null) { + token.setExpiresIn(Long.valueOf(expiresInStr)); + } + String issuedAtStr = map.remove(OAuthConstants.ACCESS_TOKEN_ISSUED_AT); + token.setIssuedAt(issuedAtStr != null ? Long.valueOf(issuedAtStr) + : System.currentTimeMillis() / 1000); + String scope = map.remove(OAuthConstants.SCOPE); + if (scope != null) { + token.setApprovedScope(scope); + } + + token.setParameters(map); + return token; } - - token.setParameters(map); - return token; - } else { - return null; - } + } + + return null; } /** Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java?rev=1525708&r1=1525707&r2=1525708&view=diff ============================================================================== --- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java (original) +++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java Mon Sep 23 21:32:39 2013 @@ -169,12 +169,12 @@ public class OAuthJSONProvider implement if (pair.length() == 0) { continue; } - String[] entry = pair.split(":"); - String key = entry[0].trim(); + int index = pair.indexOf(":"); + String key = pair.substring(0, index).trim(); if (key.startsWith("\"") && key.endsWith("\"")) { key = key.substring(1, key.length() - 1); } - String value = entry[1].trim(); + String value = pair.substring(index + 1); if (value.startsWith("\"") && value.endsWith("\"")) { value = value.substring(1, value.length() - 1); } Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProviderTest.java URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProviderTest.java?rev=1525708&r1=1525707&r2=1525708&view=diff ============================================================================== --- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProviderTest.java (original) +++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProviderTest.java Mon Sep 23 21:32:39 2013 @@ -42,7 +42,7 @@ public class OAuthJSONProviderTest exten token.setExpiresIn(12345); token.setRefreshToken("5678"); token.setApprovedScope("read"); - token.setParameters(Collections.singletonMap("my_parameter", "abc")); + token.setParameters(Collections.singletonMap("my_parameter", "http://abc";)); OAuthJSONProvider provider = new OAuthJSONProvider(); ByteArrayOutputStream bos = new ByteArrayOutputStream(); @@ -65,10 +65,10 @@ public class OAuthJSONProviderTest exten + "\"refresh_token\":\"5678\"," + "\"expires_in\":12345," + "\"scope\":\"read\"," - + "\"my_parameter\":\"abc\"" + + "\"my_parameter\":\"http://abc\""; + "}"; doReadClientAccessToken(response, OAuthConstants.BEARER_TOKEN_TYPE, - Collections.singletonMap("my_parameter", "abc")); + Collections.singletonMap("my_parameter", "http://abc";)); } @SuppressWarnings({ @@ -94,7 +94,7 @@ public class OAuthJSONProviderTest exten if (expectedParams != null) { assertEquals(expectedParams, extraParams); } - assertEquals("abc", extraParams.get("my_parameter")); + assertEquals("http://abc";, extraParams.get("my_parameter")); return token; @@ -109,7 +109,7 @@ public class OAuthJSONProviderTest exten Map<String, String> params = new LinkedHashMap<String, String>(); params.put(OAuthConstants.MAC_TOKEN_KEY, "test_mac_secret"); params.put(OAuthConstants.MAC_TOKEN_ALGORITHM, OAuthConstants.MAC_TOKEN_ALGO_HMAC_SHA_1); - params.put("my_parameter", "abc"); + params.put("my_parameter", "http://abc";); token.setParameters(params); @@ -128,7 +128,7 @@ public class OAuthJSONProviderTest exten String response = "{" + "\"access_token\":\"1234\"," + "\"token_type\":\"mac\"," + "\"refresh_token\":\"5678\"," + "\"expires_in\":12345," + "\"scope\":\"read\"," + "\"mac_key\":\"adijq39jdlaska9asud\"," + "\"mac_algorithm\":\"hmac-sha-256\"," - + "\"my_parameter\":\"abc\"" + "}"; + + "\"my_parameter\":\"http://abc\""; + "}"; ClientAccessToken macToken = doReadClientAccessToken(response, "mac", null); assertEquals("adijq39jdlaska9asud", macToken.getParameters().get(OAuthConstants.MAC_TOKEN_KEY));
