Making it simpler to customize OAuth2 scope to permission conversion
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/0635c044 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/0635c044 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/0635c044 Branch: refs/heads/master-jaxrs-2.1 Commit: 0635c0442ca44652c025b7f9e58284015dd85ab5 Parents: 524fe76 Author: Sergey Beryozkin <[email protected]> Authored: Mon Aug 29 12:53:40 2016 +0100 Committer: Sergey Beryozkin <[email protected]> Committed: Mon Aug 29 12:53:40 2016 +0100 ---------------------------------------------------------------------- .../provider/AbstractOAuthDataProvider.java | 24 ++++++++++++-------- 1 file changed, 15 insertions(+), 9 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/0635c044/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java index 0ce7fd9..9a3631e 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java @@ -246,19 +246,25 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider, Cl } if (requestedScopes.isEmpty()) { return Collections.emptyList(); - } else if (!permissionMap.isEmpty()) { + } else { List<OAuthPermission> list = new ArrayList<OAuthPermission>(); for (String scope : requestedScopes) { - OAuthPermission permission = permissionMap.get(scope); - if (permission == null) { - throw new OAuthServiceException("Unexpected scope: " + scope); - } - list.add(permission); + list.add(convertSingleScopeToPermission(client, scope)); } - return list; - } else { - throw new OAuthServiceException("Requested scopes can not be mapped"); + if (!list.isEmpty()) { + return list; + } + } + throw new OAuthServiceException("Requested scopes can not be mapped"); + + } + + protected OAuthPermission convertSingleScopeToPermission(Client client, String scope) { + OAuthPermission permission = permissionMap.get(scope); + if (permission == null) { + throw new OAuthServiceException("Unexpected scope: " + scope); } + return permission; } @Override
