[06/14] cxf-fediz git commit: Optinally persisting client cred client records

[coheigea]

Optinally persisting client cred client records


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/b0774d6f
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/b0774d6f
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/b0774d6f

Branch: refs/heads/1.3.x-fixes
Commit: b0774d6fd19d087098a2961b365ea3da2aaec318
Parents: af92516
Author: Sergey Beryozkin <sberyoz...@gmail.com>
Authored: Mon Sep 26 13:46:59 2016 +0100
Committer: Colm O hEigeartaigh <cohei...@apache.org>
Committed: Tue Nov 8 14:43:38 2016 +0000

----------------------------------------------------------------------
 .../service/oidc/OAuthDataProviderImpl.java     | 32 +++++++++++---------
 1 file changed, 17 insertions(+), 15 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/b0774d6f/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java
----------------------------------------------------------------------
diff --git 
a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java
 
b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java
index 6b402b7..a14af3b 100644
--- 
a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java
+++ 
b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java
@@ -43,6 +43,7 @@ public class OAuthDataProviderImpl extends 
DefaultEHCacheCodeDataProvider {
     private static final Logger LOG = 
LogUtils.getL7dLogger(OAuthDataProviderImpl.class);
     
     private boolean checkOnlyRegisteredClients;
+    private boolean persistUnregisteredClients = true;
     private String contextName;
     private Configuration loginConfig;
 
@@ -59,7 +60,6 @@ public class OAuthDataProviderImpl extends 
DefaultEHCacheCodeDataProvider {
         if (OAuthConstants.CLIENT_CREDENTIALS_GRANT.equals(grantType)) {
             // Pre-registering the OAuth2 Client representations for 
             // "client_credentials" can be difficult. 
-            
             String clientSecret = 
(String)getMessageContext().get(OAuthConstants.CLIENT_SECRET);
             if (clientSecret != null) {
                 // Direct authentication with the back-end storage
@@ -67,9 +67,7 @@ public class OAuthDataProviderImpl extends 
DefaultEHCacheCodeDataProvider {
             } else {
                 Principal p = 
super.getMessageContext().getSecurityContext().getUserPrincipal();
                 if (clientId.equals(p.getName())) {
-                    Client c = new Client(clientId, null, true);
-                    
c.setAllowedGrantTypes(Collections.singletonList(OAuthConstants.CLIENT_CREDENTIALS_GRANT));
-                    return c;
+                    return createClientCredClient(clientId, null);
                 }
             }
         }
@@ -95,10 +93,9 @@ public class OAuthDataProviderImpl extends 
DefaultEHCacheCodeDataProvider {
                 // Login using JAAS
                 CallbackHandler callbackHandler = 
                     new NamePasswordCallbackHandler(clientId, clientSecret);
-                LoginContext ctx = new LoginContext(getContextName(), null, 
callbackHandler, loginConfig);  
+                LoginContext ctx = new LoginContext(contextName, null, 
callbackHandler, loginConfig);  
                 ctx.login();
-                Client client = new Client(clientId, clientSecret, true);
-                
client.setAllowedGrantTypes(Collections.singletonList(OAuthConstants.CLIENT_CREDENTIALS_GRANT));
+                Client client = createClientCredClient(clientId, clientSecret);
                 ctx.logout();
                 return client;
             } catch (LoginException ex) {
@@ -113,20 +110,25 @@ public class OAuthDataProviderImpl extends 
DefaultEHCacheCodeDataProvider {
         this.checkOnlyRegisteredClients = checkOnlyRegisteredClients;
     }
     
-    public String getContextName() {
-        return contextName;
-    }
-
     public void setContextName(String contextName) {
         this.contextName = contextName;
     }
 
-    public Configuration getLoginConfig() {
-        return loginConfig;
-    }
-
     public void setLoginConfig(Configuration loginConfig) {
         this.loginConfig = loginConfig;
     }
 
+    public void setPersistUnregisteredClients(boolean 
persistUnregisteredClients) {
+        this.persistUnregisteredClients = persistUnregisteredClients;
+    }
+    
+    protected Client createClientCredClient(String clientId, String password) {
+        Client c = new Client(clientId, password, true);
+        
c.setAllowedGrantTypes(Collections.singletonList(OAuthConstants.CLIENT_CREDENTIALS_GRANT));
+        if (persistUnregisteredClients) {
+            // It will enable seeing these clients and their tokens in the 
OIDC management console
+            super.setClient(c);
+        }
+        return c;
+    }
 }