Prototyping an oauth2 code auth supplier
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e2782f77 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e2782f77 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e2782f77 Branch: refs/heads/3.0.x-fixes Commit: e2782f7738f20af922cc7b11a582ed79ef17b1c6 Parents: 90bd0ea Author: Sergey Beryozkin <[email protected]> Authored: Wed Apr 8 17:17:01 2015 +0100 Committer: Sergey Beryozkin <[email protected]> Committed: Wed Apr 8 17:19:54 2015 +0100 ---------------------------------------------------------------------- .../oauth2/client/AbstractAuthSupplier.java | 8 +++++++- .../oauth2/client/BearerAuthSupplier.java | 19 +++++++++++-------- 2 files changed, 18 insertions(+), 9 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/e2782f77/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java index 5932f28..aecc472 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/AbstractAuthSupplier.java @@ -22,7 +22,7 @@ package org.apache.cxf.rs.security.oauth2.client; import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken; public abstract class AbstractAuthSupplier { - protected ClientAccessToken clientAccessToken = new ClientAccessToken(); + private ClientAccessToken clientAccessToken = new ClientAccessToken(); protected AbstractAuthSupplier(String type) { clientAccessToken = new ClientAccessToken(); clientAccessToken.setTokenType(type); @@ -33,5 +33,11 @@ public abstract class AbstractAuthSupplier { protected String createAuthorizationHeader() { return clientAccessToken.getTokenType() + " " + clientAccessToken.getTokenKey(); } + protected ClientAccessToken getClientAccessToken() { + return clientAccessToken; + } + protected void setClientAccessToken(ClientAccessToken clientAccessToken) { + this.clientAccessToken = clientAccessToken; + } } http://git-wip-us.apache.org/repos/asf/cxf/blob/e2782f77/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/BearerAuthSupplier.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/BearerAuthSupplier.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/BearerAuthSupplier.java index 04c94ab..1ad0722 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/BearerAuthSupplier.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/BearerAuthSupplier.java @@ -25,6 +25,7 @@ import java.util.Collections; import org.apache.cxf.configuration.security.AuthorizationPolicy; import org.apache.cxf.jaxrs.client.WebClient; import org.apache.cxf.message.Message; +import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken; import org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider; import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants; import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils; @@ -46,7 +47,7 @@ public class BearerAuthSupplier extends AbstractAuthSupplier implements HttpAuth URI currentURI, Message message, String fullHeader) { - if (clientAccessToken.getTokenKey() == null) { + if (getClientAccessToken().getTokenKey() == null) { return null; } @@ -67,9 +68,10 @@ public class BearerAuthSupplier extends AbstractAuthSupplier implements HttpAuth } } private void refreshAccessTokenIfExpired(AuthorizationPolicy authPolicy) { - if (clientAccessToken.getExpiresIn() != -1 - && OAuthUtils.isExpired(clientAccessToken.getIssuedAt(), - clientAccessToken.getExpiresIn())) { + ClientAccessToken at = getClientAccessToken(); + if (at.getExpiresIn() != -1 + && OAuthUtils.isExpired(at.getIssuedAt(), + at.getExpiresIn())) { refreshAccessToken(authPolicy); } @@ -77,7 +79,8 @@ public class BearerAuthSupplier extends AbstractAuthSupplier implements HttpAuth private boolean refreshAccessToken(AuthorizationPolicy authPolicy) { - if (clientAccessToken.getRefreshToken() == null) { + ClientAccessToken at = getClientAccessToken(); + if (at.getRefreshToken() == null) { return false; } // Client id and secret are needed to refresh the tokens @@ -100,16 +103,16 @@ public class BearerAuthSupplier extends AbstractAuthSupplier implements HttpAuth // not be done on every request the current approach is quite reasonable WebClient accessTokenService = createAccessTokenServiceClient(); - clientAccessToken = OAuthClientUtils.refreshAccessToken(accessTokenService, theConsumer, clientAccessToken); + setClientAccessToken(OAuthClientUtils.refreshAccessToken(accessTokenService, theConsumer, at)); return true; } - private WebClient createAccessTokenServiceClient() { + WebClient createAccessTokenServiceClient() { return WebClient.create(accessTokenServiceUri, Collections.singletonList(new OAuthJSONProvider())); } public void setRefreshToken(String refreshToken) { - clientAccessToken.setRefreshToken(refreshToken); + getClientAccessToken().setRefreshToken(refreshToken); } public void setAccessTokenServiceUri(String uri) {
