Removing printlns + adding some logging
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/3a1084d8 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/3a1084d8 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/3a1084d8 Branch: refs/heads/master-jaxrs-2.1 Commit: 3a1084d86a60aec4a56a46ad182ed23857bd3d00 Parents: c9e1cb7 Author: Colm O hEigeartaigh <[email protected]> Authored: Thu Apr 21 17:17:48 2016 +0100 Committer: Colm O hEigeartaigh <[email protected]> Committed: Thu Apr 21 17:17:48 2016 +0100 ---------------------------------------------------------------------- .../oauth2/services/AbstractImplicitGrantService.java | 1 - .../security/oauth2/services/AbstractOAuthService.java | 8 +++----- .../security/oauth2/services/AccessTokenService.java | 6 ++++++ .../oauth2/services/RedirectionBasedGrantService.java | 13 ++++++------- .../cxf/rs/security/oidc/idp/OidcImplicitService.java | 1 + 5 files changed, 16 insertions(+), 13 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/3a1084d8/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java index 497270d..3a18a66 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractImplicitGrantService.java @@ -62,7 +62,6 @@ public abstract class AbstractImplicitGrantService extends RedirectionBasedGrant List<String> approvedScope, UserSubject userSubject, ServerAccessToken preAuthorizedToken) { -System.out.println("STATE: " + (state == null)); StringBuilder sb = prepareGrant(state, client, requestedScope, approvedScope, userSubject, preAuthorizedToken); return Response.seeOther(URI.create(sb.toString())).build(); http://git-wip-us.apache.org/repos/asf/cxf/blob/3a1084d8/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java index 994f0d7..7873aa8 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractOAuthService.java @@ -100,13 +100,11 @@ public abstract class AbstractOAuthService { * @throws {@link OAuthServiceExcepption} if no matching Client is found */ protected Client getValidClient(String clientId) throws OAuthServiceException { - Client client = null; - if (clientId != null) { - client = dataProvider.getClient(clientId); + return dataProvider.getClient(clientId); } - return client; - + LOG.fine("No valid client found as the given clientId is null"); + return null; } /** http://git-wip-us.apache.org/repos/asf/cxf/blob/3a1084d8/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java index 61bac1c..28410b8 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java @@ -21,6 +21,7 @@ package org.apache.cxf.rs.security.oauth2.services; import java.util.LinkedList; import java.util.List; +import java.util.logging.Level; import javax.ws.rs.Consumes; import javax.ws.rs.POST; @@ -90,6 +91,8 @@ public class AccessTokenService extends AbstractTokenService { if (!OAuthUtils.isGrantSupportedForClient(client, isCanSupportPublicClients(), params.getFirst(OAuthConstants.GRANT_TYPE))) { + LOG.log(Level.FINE, "The grant type {} is not supported for the client", + params.getFirst(OAuthConstants.GRANT_TYPE)); return createErrorResponse(params, OAuthConstants.UNAUTHORIZED_CLIENT); } @@ -102,6 +105,7 @@ public class AccessTokenService extends AbstractTokenService { // Find the grant handler AccessTokenGrantHandler handler = findGrantHandler(params); if (handler == null) { + LOG.fine("No Grant Handler found"); return createErrorResponse(params, OAuthConstants.UNSUPPORTED_GRANT_TYPE); } @@ -119,6 +123,7 @@ public class AccessTokenService extends AbstractTokenService { return handleException(oauthEx, OAuthConstants.INVALID_GRANT); } if (serverToken == null) { + LOG.fine("No access token was created"); return createErrorResponse(params, OAuthConstants.INVALID_GRANT); } @@ -139,6 +144,7 @@ public class AccessTokenService extends AbstractTokenService { protected void checkAudience(Client c, MultivaluedMap<String, String> params) { String audienceParam = params.getFirst(OAuthConstants.CLIENT_AUDIENCE); if (!OAuthUtils.validateAudience(audienceParam, c.getRegisteredAudiences())) { + LOG.fine("Error validating the audience parameter"); throw new OAuthServiceException(new OAuthError(OAuthConstants.ACCESS_DENIED)); } http://git-wip-us.apache.org/repos/asf/cxf/blob/3a1084d8/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java index 3a8394d..5ed3e2c 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java @@ -24,6 +24,7 @@ import java.util.LinkedList; import java.util.List; import java.util.Map; import java.util.Set; +import java.util.logging.Level; import javax.ws.rs.Consumes; import javax.ws.rs.GET; @@ -78,7 +79,6 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService String supportedGrantType) { this.supportedResponseTypes = supportedResponseTypes; this.supportedGrantType = supportedGrantType; -System.out.println("SUPP: " + supportedGrantType); } /** @@ -123,7 +123,6 @@ System.out.println("SUPP: " + supportedGrantType); // Make sure the end user has authenticated, check if HTTPS is used SecurityContext sc = getAndValidateSecurityContext(params); Client client = getClient(params); -System.out.println("HERE1"); // Create a UserSubject representing the end user UserSubject userSubject = createUserSubject(sc, params); return startAuthorization(params, userSubject, client); @@ -139,22 +138,20 @@ System.out.println("HERE1"); // Validate the provided request URI, if any, against the ones Client provided // during the registration -System.out.println("HERE2"); String redirectUri = validateRedirectUri(client, params.getFirst(OAuthConstants.REDIRECT_URI)); -System.out.println("HERE3"); // Enforce the client confidentiality requirements if (!OAuthUtils.isGrantSupportedForClient(client, canSupportPublicClient(client), supportedGrantType)) { + LOG.fine("The grant type is not supported"); return createErrorResponse(params, redirectUri, OAuthConstants.UNAUTHORIZED_CLIENT); } -System.out.println("HERE4"); // Check response_type String responseType = params.getFirst(OAuthConstants.RESPONSE_TYPE); if (responseType == null || !getSupportedResponseTypes().contains(responseType)) { + LOG.fine("The response type is null or not supported"); return createErrorResponse(params, redirectUri, OAuthConstants.UNSUPPORTED_RESPONSE_TYPE); } -System.out.println("HERE5"); // Get the requested scopes String providedScope = params.getFirst(OAuthConstants.SCOPE); List<String> requestedScope = null; @@ -164,14 +161,15 @@ System.out.println("HERE5"); useAllClientScopes, partialMatchScopeValidation); } catch (OAuthServiceException ex) { + LOG.log(Level.FINE, "Error parsing scopes", ex); return createErrorResponse(params, redirectUri, OAuthConstants.INVALID_SCOPE); } -System.out.println("HERE6"); // Convert the requested scopes to OAuthPermission instances List<OAuthPermission> requestedPermissions = null; try { requestedPermissions = getDataProvider().convertScopeToPermissions(client, requestedScope); } catch (OAuthServiceException ex) { + LOG.log(Level.FINE, "Error converting scopes into OAuthPermissions", ex); return createErrorResponse(params, redirectUri, OAuthConstants.INVALID_SCOPE); } // Validate the audience @@ -179,6 +177,7 @@ System.out.println("HERE6"); // Right now if the audience parameter is set it is expected to be contained // in the list of Client audiences set at the Client registration time. if (!OAuthUtils.validateAudience(clientAudience, client.getRegisteredAudiences())) { + LOG.fine("Error validating audience parameter"); throw new OAuthServiceException(new OAuthError(OAuthConstants.INVALID_REQUEST)); } http://git-wip-us.apache.org/repos/asf/cxf/blob/3a1084d8/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcImplicitService.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcImplicitService.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcImplicitService.java index faaac6d..60d1773 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcImplicitService.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/OidcImplicitService.java @@ -66,6 +66,7 @@ public class OidcImplicitService extends ImplicitGrantService { Client client) { // Validate the nonce, it must be present for the Implicit flow if (params.getFirst(OAuthConstants.NONCE) == null) { + LOG.fine("A nonce is required for the Implicit flow"); throw new OAuthServiceException(new OAuthError(OAuthConstants.INVALID_REQUEST)); } return super.startAuthorization(params, userSubject, client);
