Repository: cxf Updated Branches: refs/heads/master 1963e01b4 -> 0caf56378
Setting a correct token to permission relationship Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/0caf5637 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/0caf5637 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/0caf5637 Branch: refs/heads/master Commit: 0caf563789f6968e2480bc885abd9ab01c8eae35 Parents: 1963e01 Author: Sergey Beryozkin <[email protected]> Authored: Thu Apr 14 17:13:55 2016 +0100 Committer: Sergey Beryozkin <[email protected]> Committed: Thu Apr 14 17:13:55 2016 +0100 ---------------------------------------------------------------------- rt/rs/security/oauth-parent/oauth2/pom.xml | 13 +++++---- .../oauth2/common/ServerAccessToken.java | 4 +-- .../oauth2/provider/JPAOAuthDataProvider.java | 12 ++++---- .../provider/JPAOAuthDataProviderTest.java | 6 ++++ .../src/test/resources/META-INF/persistence.xml | 1 + rt/rs/security/sso/oidc/pom.xml | 30 ++++++++++---------- .../oidc/idp/JPAOidcUserSubjectTest.java | 22 +++++++------- .../src/test/resources/META-INF/persistence.xml | 1 - 8 files changed, 49 insertions(+), 40 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/0caf5637/rt/rs/security/oauth-parent/oauth2/pom.xml ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/pom.xml b/rt/rs/security/oauth-parent/oauth2/pom.xml index e0d78f9..b15a3b6 100644 --- a/rt/rs/security/oauth-parent/oauth2/pom.xml +++ b/rt/rs/security/oauth-parent/oauth2/pom.xml @@ -96,6 +96,12 @@ <artifactId>easymock</artifactId> <scope>test</scope> </dependency> + <dependency> + <groupId>hsqldb</groupId> + <artifactId>hsqldb</artifactId> + <version>${hsqldb.version}</version> + <scope>test</scope> + </dependency> <!-- <dependency> <groupId>org.apache.openjpa</groupId> @@ -110,12 +116,7 @@ <version>${hibernate.em.version}</version> <scope>test</scope> </dependency> - <dependency> - <groupId>hsqldb</groupId> - <artifactId>hsqldb</artifactId> - <version>${hsqldb.version}</version> - <scope>test</scope> - </dependency> + </dependencies> <!-- <build> http://git-wip-us.apache.org/repos/asf/cxf/blob/0caf5637/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java index 7d64ea5..903c864 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/common/ServerAccessToken.java @@ -24,9 +24,9 @@ import java.util.List; import java.util.Map; import javax.persistence.ElementCollection; +import javax.persistence.ManyToMany; import javax.persistence.MapKeyColumn; import javax.persistence.MappedSuperclass; -import javax.persistence.OneToMany; import javax.persistence.OneToOne; import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException; @@ -107,7 +107,7 @@ public abstract class ServerAccessToken extends AccessToken { * Returns a list of opaque permissions/scopes * @return the scopes */ - @OneToMany + @ManyToMany public List<OAuthPermission> getScopes() { return scopes; } http://git-wip-us.apache.org/repos/asf/cxf/blob/0caf5637/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java index 87e37c6..e5cbdc6 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java @@ -51,11 +51,13 @@ public class JPAOAuthDataProvider extends AbstractOAuthDataProvider { } public void setClient(Client client) { - UserSubject sub = getEntityManager().find(UserSubject.class, client.getResourceOwnerSubject().getLogin()); - if (sub == null) { - persistEntity(client.getResourceOwnerSubject()); - } else { - client.setResourceOwnerSubject(sub); + if (client.getResourceOwnerSubject() != null) { + UserSubject sub = getEntityManager().find(UserSubject.class, client.getResourceOwnerSubject().getLogin()); + if (sub == null) { + persistEntity(client.getResourceOwnerSubject()); + } else { + client.setResourceOwnerSubject(sub); + } } persistEntity(client); } http://git-wip-us.apache.org/repos/asf/cxf/blob/0caf5637/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java index 25d981e..ec0c020 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java +++ b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProviderTest.java @@ -73,6 +73,11 @@ public class JPAOAuthDataProviderTest extends Assert { Client c2 = provider.getClient(c.getClientId()); compareClients(c, c2); + c2.setClientSecret("567"); + provider.setClient(c); + Client c22 = provider.getClient(c.getClientId()); + compareClients(c2, c22); + provider.removeClient(c.getClientId()); Client c3 = provider.getClient(c.getClientId()); assertNull(c3); @@ -179,6 +184,7 @@ public class JPAOAuthDataProviderTest extends Assert { Client c = new Client(); c.setRedirectUris(Collections.singletonList("http://client/redirect";)); c.setClientId(clientId); + c.setClientSecret("123"); c.setResourceOwnerSubject(new UserSubject(userLogin)); provider.setClient(c); return c; http://git-wip-us.apache.org/repos/asf/cxf/blob/0caf5637/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml b/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml index 1e8328b..814650c 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml +++ b/rt/rs/security/oauth-parent/oauth2/src/test/resources/META-INF/persistence.xml @@ -24,6 +24,7 @@ <property name="javax.persistence.validation.mode" value="none"/> </properties> </persistence-unit> + <!-- <persistence-unit name="testUnitOpenJPA" transaction-type="RESOURCE_LOCAL"> <provider>org.apache.openjpa.persistence.PersistenceProviderImpl</provider> http://git-wip-us.apache.org/repos/asf/cxf/blob/0caf5637/rt/rs/security/sso/oidc/pom.xml ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/pom.xml b/rt/rs/security/sso/oidc/pom.xml index db5f424..c271cd3 100644 --- a/rt/rs/security/sso/oidc/pom.xml +++ b/rt/rs/security/sso/oidc/pom.xml @@ -53,16 +53,21 @@ <scope>provided</scope> <optional>true</optional> </dependency> + <!--test dependencies--> <dependency> - <groupId>hsqldb</groupId> - <artifactId>hsqldb</artifactId> - <version>${hsqldb.version}</version> + <groupId>junit</groupId> + <artifactId>junit</artifactId> <scope>test</scope> </dependency> <dependency> - <groupId>org.hibernate</groupId> - <artifactId>hibernate-entitymanager</artifactId> - <version>${hibernate.em.version}</version> + <groupId>org.easymock</groupId> + <artifactId>easymock</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>hsqldb</groupId> + <artifactId>hsqldb</artifactId> + <version>${hsqldb.version}</version> <scope>test</scope> </dependency> <!-- @@ -70,18 +75,13 @@ <groupId>org.apache.openjpa</groupId> <artifactId>openjpa</artifactId> <version>${openjpa.version}</version> - <scope>provided</scope> + <scope>test</scope> </dependency> --> - <!--test dependencies--> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> <dependency> - <groupId>org.easymock</groupId> - <artifactId>easymock</artifactId> + <groupId>org.hibernate</groupId> + <artifactId>hibernate-entitymanager</artifactId> + <version>${hibernate.em.version}</version> <scope>test</scope> </dependency> </dependencies> http://git-wip-us.apache.org/repos/asf/cxf/blob/0caf5637/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java b/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java index 6799297..4b18902 100644 --- a/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java +++ b/rt/rs/security/sso/oidc/src/test/java/org/apache/cxf/rs/security/oidc/idp/JPAOidcUserSubjectTest.java @@ -86,17 +86,17 @@ public class JPAOidcUserSubjectTest extends Assert { OidcUserSubject oidcSubject2 = (OidcUserSubject)at2.getSubject(); assertEquals(c.getClientId(), oidcSubject2.getIdToken().getAudience()); -// OidcUserSubject oidcSubject3 = new OidcUserSubject(); -// oidcSubject3.setLogin("bob"); -// IdToken idToken2 = new IdToken(); -// idToken2.setAudience(c.getClientId()); -// oidcSubject3.setIdToken(idToken2); -// atr.setSubject(oidcSubject3); -// -// ServerAccessToken at3 = provider.createAccessToken(atr); -// ServerAccessToken at4 = provider.getAccessToken(at3.getTokenKey()); -// OidcUserSubject oidcSubject4 = (OidcUserSubject)at4.getSubject(); -// assertEquals(c.getClientId(), oidcSubject4.getIdToken().getAudience()); + OidcUserSubject oidcSubject3 = new OidcUserSubject(); + oidcSubject3.setLogin("bob"); + IdToken idToken2 = new IdToken(); + idToken2.setAudience(c.getClientId()); + oidcSubject3.setIdToken(idToken2); + atr.setSubject(oidcSubject3); + + ServerAccessToken at3 = provider.createAccessToken(atr); + ServerAccessToken at4 = provider.getAccessToken(at3.getTokenKey()); + OidcUserSubject oidcSubject4 = (OidcUserSubject)at4.getSubject(); + assertEquals(c.getClientId(), oidcSubject4.getIdToken().getAudience()); } http://git-wip-us.apache.org/repos/asf/cxf/blob/0caf5637/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml b/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml index 80a1e82..0966633 100644 --- a/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml +++ b/rt/rs/security/sso/oidc/src/test/resources/META-INF/persistence.xml @@ -2,7 +2,6 @@ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://java.sun.com/xml/ns/persistence http://java.sun.com/xml/ns/persistence/persistence_2_0.xsd"; version="2.0"> - <persistence-unit name="testUnitHibernate" transaction-type="RESOURCE_LOCAL"> <provider>org.hibernate.ejb.HibernatePersistence</provider> <class>org.apache.cxf.rs.security.oidc.idp.OidcUserSubject</class>
