Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 547f8af05 -> 448fdcf01
Passing request params to SubjectCreator too Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/448fdcf0 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/448fdcf0 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/448fdcf0 Branch: refs/heads/3.1.x-fixes Commit: 448fdcf01e27006fef31de39c7672cc251e07dbc Parents: 547f8af Author: Sergey Beryozkin <[email protected]> Authored: Tue Feb 9 12:19:47 2016 +0000 Committer: Sergey Beryozkin <[email protected]> Committed: Tue Feb 9 12:20:35 2016 +0000 ---------------------------------------------------------------------- .../security/oauth2/provider/DefaultSubjectCreator.java | 6 +++++- .../cxf/rs/security/oauth2/provider/SubjectCreator.java | 7 ++++++- .../oauth2/services/DirectAuthorizationService.java | 7 ++++--- .../oauth2/services/RedirectionBasedGrantService.java | 12 ++++++++---- 4 files changed, 23 insertions(+), 9 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/448fdcf0/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultSubjectCreator.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultSubjectCreator.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultSubjectCreator.java index 36afd1b..53c1d54 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultSubjectCreator.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultSubjectCreator.java @@ -18,6 +18,8 @@ */ package org.apache.cxf.rs.security.oauth2.provider; +import javax.ws.rs.core.MultivaluedMap; + import org.apache.cxf.jaxrs.ext.MessageContext; import org.apache.cxf.rs.security.oauth2.common.Client; import org.apache.cxf.rs.security.oauth2.common.UserSubject; @@ -27,7 +29,9 @@ import org.apache.cxf.security.SecurityContext; public class DefaultSubjectCreator implements SubjectCreator { @Override - public UserSubject createUserSubject(MessageContext mc, Client client) throws OAuthServiceException { + public UserSubject createUserSubject(MessageContext mc, + Client client, + MultivaluedMap<String, String> params) throws OAuthServiceException { return OAuthUtils.createSubject(mc, (SecurityContext)mc.get(SecurityContext.class.getName())); } http://git-wip-us.apache.org/repos/asf/cxf/blob/448fdcf0/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/SubjectCreator.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/SubjectCreator.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/SubjectCreator.java index e21b4d6..4ddee90 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/SubjectCreator.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/SubjectCreator.java @@ -19,6 +19,8 @@ package org.apache.cxf.rs.security.oauth2.provider; +import javax.ws.rs.core.MultivaluedMap; + import org.apache.cxf.jaxrs.ext.MessageContext; import org.apache.cxf.rs.security.oauth2.common.Client; import org.apache.cxf.rs.security.oauth2.common.UserSubject; @@ -34,8 +36,11 @@ public interface SubjectCreator { * Create a {@link UserSubject} * @param mc the {@link MessageContext} of this request * @param client the client + * @param params the request parameters * @return {@link UserSubject} * @throws OAuthServiceException */ - UserSubject createUserSubject(MessageContext mc, Client client) throws OAuthServiceException; + UserSubject createUserSubject(MessageContext mc, + Client client, + MultivaluedMap<String, String> params) throws OAuthServiceException; } http://git-wip-us.apache.org/repos/asf/cxf/blob/448fdcf0/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/DirectAuthorizationService.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/DirectAuthorizationService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/DirectAuthorizationService.java index c39badb..e8b5e16 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/DirectAuthorizationService.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/DirectAuthorizationService.java @@ -53,7 +53,7 @@ public class DirectAuthorizationService extends AbstractOAuthService { SecurityContext sc = getAndValidateSecurityContext(params); Client client = getClient(params); // Create a UserSubject representing the end user - UserSubject userSubject = createUserSubject(sc, client); + UserSubject userSubject = createUserSubject(sc, client, params); AccessTokenRegistration reg = new AccessTokenRegistration(); @@ -83,10 +83,11 @@ public class DirectAuthorizationService extends AbstractOAuthService { checkTransportSecurity(); return securityContext; } - protected UserSubject createUserSubject(SecurityContext securityContext, Client client) { + protected UserSubject createUserSubject(SecurityContext securityContext, Client client, + MultivaluedMap<String, String> params) { UserSubject subject = null; if (subjectCreator != null) { - subject = subjectCreator.createUserSubject(getMessageContext(), client); + subject = subjectCreator.createUserSubject(getMessageContext(), client, params); if (subject != null) { return subject; } http://git-wip-us.apache.org/repos/asf/cxf/blob/448fdcf0/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java index 12b6f2a..d7cd724 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java @@ -120,7 +120,7 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService SecurityContext sc = getAndValidateSecurityContext(params); Client client = getClient(params); // Create a UserSubject representing the end user - UserSubject userSubject = createUserSubject(sc, client); + UserSubject userSubject = createUserSubject(sc, client, params); return startAuthorization(params, userSubject, client); } @@ -312,7 +312,7 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService SecurityContext securityContext = getAndValidateSecurityContext(params); Client client = getClient(params.getFirst(OAuthConstants.CLIENT_ID)); - UserSubject userSubject = createUserSubject(securityContext, client); + UserSubject userSubject = createUserSubject(securityContext, client, params); // Make sure the session is valid String sessionTokenParamName = params.getFirst(OAuthConstants.SESSION_AUTHENTICITY_TOKEN_PARAM_NAME); @@ -370,10 +370,14 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService this.subjectCreator = creator; } - protected UserSubject createUserSubject(SecurityContext securityContext, Client client) { + protected UserSubject createUserSubject(SecurityContext securityContext, + Client client, + MultivaluedMap<String, String> params) { UserSubject subject = null; if (subjectCreator != null) { - subject = subjectCreator.createUserSubject(getMessageContext(), client); + subject = subjectCreator.createUserSubject(getMessageContext(), + client, + params); if (subject != null) { return subject; }
