This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch 3.1.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git

commit f296bbc76729a349c5e164ff9f7436a4df40e439
Author: Colm O hEigeartaigh <cohei...@apache.org>
AuthorDate: Thu Feb 22 13:05:07 2018 +0000

    Adding OAuth 2.0 ClientCodeRequestFilter test
    
    (cherry picked from commit c8dcde0b5811ce608fd98269d9e5efa2580f397b)
    
    # Conflicts:
    #   
systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuthDataProviderImpl.java
    #   
systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
---
 .../security/oauth2/common/OAuth2TestUtils.java    |   1 +
 .../oauth2/common/OAuthDataProviderImpl.java       |  24 +++--
 .../oauth2/common/WSS4JBasicAuthFilter.java        |   5 +
 .../security/oauth2/filters/OAuth2FiltersTest.java |  93 +++++++++++++++-
 .../security/oauth2/filters/PartnerServer.java     |  49 +++++++++
 .../security/oauth2/filters/PartnerService.java    |  73 +++++++++++++
 .../security/oauth2/filters/oauth20-server.xml     |   1 +
 .../{oauth20-server.xml => partner-service.xml}    | 120 ++++++++++-----------
 8 files changed, 295 insertions(+), 71 deletions(-)

diff --git 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
index 2ddfd87..3754aa4 100644
--- 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
+++ 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuth2TestUtils.java
@@ -154,6 +154,7 @@ public final class OAuth2TestUtils {
         if (audience != null) {
             form.param("audience", audience);
         }
+        form.param("redirect_uri", "http://www.blah.apache.org";);
         Response response = client.post(form);
 
         return response.readEntity(ClientAccessToken.class);
diff --git 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuthDataProviderImpl.java
 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuthDataProviderImpl.java
index 3ec0169..91c34c6 100644
--- 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuthDataProviderImpl.java
+++ 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/OAuthDataProviderImpl.java
@@ -40,12 +40,22 @@ import org.apache.xml.security.utils.ClassLoaderUtils;
  * Extend the DefaultEHCacheCodeDataProvider to allow refreshing of tokens
  */
 public class OAuthDataProviderImpl extends DefaultEHCacheCodeDataProvider {
-    private Set<String> externalClients = new HashSet<String>();
+    private Set<String> externalClients = new HashSet<>();
+
     public OAuthDataProviderImpl(String servicePort) throws Exception {
+        this(servicePort, null);
+    }
+
+    public OAuthDataProviderImpl(String servicePort, String partnerPort) 
throws Exception {
         // filters/grants test client
         Client client = new Client("consumer-id", "this-is-a-secret", true);
-        
client.setRedirectUris(Collections.singletonList("http://www.blah.apache.org";));
-        
+        List<String> redirectUris = new ArrayList<>();
+        redirectUris.add("http://www.blah.apache.org";);
+        if (partnerPort != null) {
+            redirectUris.add("https://localhost:"; + partnerPort + 
"/partnerservice/bookstore/books");
+        }
+        client.setRedirectUris(redirectUris);
+
         client.getAllowedGrantTypes().add("authorization_code");
         client.getAllowedGrantTypes().add("refresh_token");
         client.getAllowedGrantTypes().add("implicit");
@@ -110,15 +120,15 @@ public class OAuthDataProviderImpl extends 
DefaultEHCacheCodeDataProvider {
         
client.getAllowedGrantTypes().add("urn:ietf:params:oauth:grant-type:jwt-bearer");
         client.getAllowedGrantTypes().add("custom_grant");
         this.setClient(client);
-        
+
         client = new Client("fredNoPassword", null, true);
         client.getAllowedGrantTypes().add("custom_grant");
         this.setClient(client);
-        
+
         client = new Client("fredPublic", null, false);
         client.getAllowedGrantTypes().add("custom_grant");
         this.setClient(client);
-        
+
         client = new Client("fred", "password", true);
         client.getAllowedGrantTypes().add("custom_grant");
         this.setClient(client);
@@ -237,4 +247,4 @@ public class OAuthDataProviderImpl extends 
DefaultEHCacheCodeDataProvider {
         
         return permissions;
     }
-}
\ No newline at end of file
+}
diff --git 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/WSS4JBasicAuthFilter.java
 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/WSS4JBasicAuthFilter.java
index fe1170d..14372d7 100644
--- 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/WSS4JBasicAuthFilter.java
+++ 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/common/WSS4JBasicAuthFilter.java
@@ -20,8 +20,11 @@ package org.apache.cxf.systest.jaxrs.security.oauth2.common;
 
 import java.io.IOException;
 
+import javax.annotation.Priority;
+import javax.ws.rs.Priorities;
 import javax.ws.rs.container.ContainerRequestContext;
 import javax.ws.rs.container.ContainerRequestFilter;
+import javax.ws.rs.container.PreMatching;
 import javax.ws.rs.core.Response;
 
 import org.apache.cxf.configuration.security.AuthorizationPolicy;
@@ -33,6 +36,8 @@ import 
org.apache.cxf.rt.security.saml.interceptor.WSS4JBasicAuthValidator;
 /**
  * Extends the WSS4J validator as a JAX-RS request filter
  */
+@PreMatching
+@Priority(Priorities.AUTHENTICATION)
 public class WSS4JBasicAuthFilter extends WSS4JBasicAuthValidator implements 
ContainerRequestFilter {
 
     public void filter(ContainerRequestContext requestContext) throws 
IOException {
diff --git 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
index f031078..af5eb1f 100644
--- 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
+++ 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/OAuth2FiltersTest.java
@@ -22,10 +22,12 @@ package 
org.apache.cxf.systest.jaxrs.security.oauth2.filters;
 import java.net.URL;
 import java.util.UUID;
 
+import javax.ws.rs.core.Form;
 import javax.ws.rs.core.Response;
 
 import org.apache.cxf.jaxrs.client.WebClient;
 import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken;
+import org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData;
 import org.apache.cxf.systest.jaxrs.security.Book;
 import org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuth2TestUtils;
 import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
@@ -38,13 +40,16 @@ import org.junit.BeforeClass;
 public class OAuth2FiltersTest extends AbstractBusClientServerTestBase {
     public static final String PORT = BookServerOAuth2Filters.PORT;
     public static final String OAUTH_PORT = BookServerOAuth2Service.PORT;
-    
+    public static final String PARTNER_PORT = PartnerServer.PORT;
+
     @BeforeClass
     public static void startServers() throws Exception {
         assertTrue("server did not launch correctly", 
                    launchServer(BookServerOAuth2Filters.class, true));
         assertTrue("server did not launch correctly", 
                    launchServer(BookServerOAuth2Service.class, true));
+        assertTrue("server did not launch correctly",
+                   launchServer(PartnerServer.class, true));
     }
 
     @org.junit.Test
@@ -367,5 +372,89 @@ public class OAuth2FiltersTest extends 
AbstractBusClientServerTestBase {
         Response response = client.post(new Book("book", 123L));
         assertNotEquals(response.getStatus(), 200);
     }
-    
+
+    @org.junit.Test
+    public void testPartnerServiceUsingClientCodeRequestFilter() throws 
Exception {
+        URL busFile = OAuth2FiltersTest.class.getResource("client.xml");
+
+        // Invoke on the partner service, which is secured with the 
ClientCodeRequestFilter
+        String partnerService = "https://localhost:"; + PARTNER_PORT + 
"/partnerservice/bookstore/books";
+
+        WebClient partnerClient =
+            WebClient.create(partnerService, OAuth2TestUtils.setupProviders(), 
"bob", "security", busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(partnerClient).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+        Response response = partnerClient.type("application/xml").post(new 
Book("book", 123L));
+
+        // Response response = partnerClient.get();
+        // Get the "Location"
+        String location = response.getHeaderString("Location");
+        // Now make an invocation on the OIDC IdP using another WebClient 
instance
+
+
+        WebClient idpClient =
+            WebClient.create(location, OAuth2TestUtils.setupProviders(), 
"bob", "security", busFile.toString());
+        // Save the Cookie for the second request...
+        WebClient.getConfig(idpClient).getRequestContext().put(
+            org.apache.cxf.message.Message.MAINTAIN_SESSION, Boolean.TRUE);
+
+        // Get Authorization Code + State
+        String receivedLocation = 
getLocationUsingAuthorizationCodeGrant(idpClient);
+        assertNotNull(receivedLocation);
+        String code = getSubstring(receivedLocation, "code");
+        String state = getSubstring(receivedLocation, "state");
+
+        // Add Referer
+        String referer = "https://localhost:"; + OAUTH_PORT + 
"/services/authorize";
+        partnerClient.header("Referer", referer);
+
+        // Now invoke back on the service using the authorization code
+        partnerClient.query("code", code);
+        partnerClient.query("state", state);
+
+        Response serviceResponse = 
partnerClient.accept("application/xml").post(new Book("book", 123L));
+        assertEquals(serviceResponse.getStatus(), 200);
+        Book returnedBook = serviceResponse.readEntity(Book.class);
+        assertEquals(returnedBook.getName(), "book");
+        assertEquals(returnedBook.getId(), 123L);
+    }
+
+    private String getLocationUsingAuthorizationCodeGrant(WebClient client) {
+        client.type("application/json").accept("application/json");
+
+        Response response = client.get();
+
+        OAuthAuthorizationData authzData = 
response.readEntity(OAuthAuthorizationData.class);
+
+        // Now call "decision" to get the authorization code grant
+        client.path("decision");
+        client.type("application/x-www-form-urlencoded");
+
+        Form form = new Form();
+        form.param("session_authenticity_token", 
authzData.getAuthenticityToken());
+        form.param("client_id", authzData.getClientId());
+        form.param("redirect_uri", authzData.getRedirectUri());
+        if (authzData.getProposedScope() != null) {
+            form.param("scope", authzData.getProposedScope());
+        }
+        form.param("state", authzData.getState());
+        form.param("oauthDecision", "allow");
+
+        response = client.post(form);
+        return response.getHeaderString("Location");
+    }
+
+
+    private String getSubstring(String parentString, String substringName) {
+        String foundString =
+            parentString.substring(parentString.indexOf(substringName + "=") + 
(substringName + "=").length());
+        int ampersandIndex = foundString.indexOf('&');
+        if (ampersandIndex < 1) {
+            ampersandIndex = foundString.length();
+        }
+        return foundString.substring(0, ampersandIndex);
+    }
+
 }
diff --git 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/PartnerServer.java
 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/PartnerServer.java
new file mode 100644
index 0000000..c838954
--- /dev/null
+++ 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/PartnerServer.java
@@ -0,0 +1,49 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.jaxrs.security.oauth2.filters;
+
+import java.net.URL;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.bus.spring.SpringBusFactory;
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+import org.apache.cxf.testutil.common.TestUtil;
+
+public class PartnerServer extends AbstractBusTestServerBase {
+
+    public static final String PORT = 
TestUtil.getPortNumber("jaxrs-oauth2-filters-partner");
+
+    public PartnerServer() {
+
+    }
+
+    protected void run()  {
+        URL busFile = PartnerServer.class.getResource("partner-service.xml");
+        Bus busLocal = new SpringBusFactory().createBus(busFile);
+        BusFactory.setDefaultBus(busLocal);
+        setBus(busLocal);
+
+        try {
+            new PartnerServer();
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+    }
+}
diff --git 
a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/PartnerService.java
 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/PartnerService.java
new file mode 100644
index 0000000..7e1954b
--- /dev/null
+++ 
b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/filters/PartnerService.java
@@ -0,0 +1,73 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.jaxrs.security.oauth2.filters;
+
+
+import java.net.URL;
+
+import javax.ws.rs.Consumes;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.Response;
+
+import org.apache.cxf.jaxrs.client.WebClient;
+import org.apache.cxf.rs.security.oauth2.client.ClientTokenContext;
+import org.apache.cxf.systest.jaxrs.security.Book;
+
+/**
+ * A "Partner" service that delegates an "echoBook" call to the BookStore, 
first getting an OAuth token using the
+ * ClientCodeRequestFilter.
+ */
+@Path("/bookstore")
+public class PartnerService {
+
+    @Context
+    private ClientTokenContext context;
+
+
+    @POST
+    @Path("/books")
+    @Produces("application/xml")
+    @Consumes("application/xml")
+    public Book echoBookXml(Book book) {
+
+        URL busFile = PartnerService.class.getResource("client.xml");
+
+        String address = "https://localhost:"; + OAuth2FiltersTest.PORT + 
"/secured/bookstore/books";
+        WebClient client = WebClient.create(address, busFile.toString());
+
+        client.type("application/xml").accept("application/xml");
+
+        client.header("Authorization", "Bearer " + 
context.getToken().getTokenKey());
+
+        // Now make a service invocation with the access token
+        Response serviceResponse = client.post(book);
+        if (serviceResponse.getStatus() == 200) {
+            return serviceResponse.readEntity(Book.class);
+        }
+
+        throw new WebApplicationException(Response.Status.FORBIDDEN);
+    }
+
+}
+
diff --git 
a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/filters/oauth20-server.xml
 
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/filters/oauth20-server.xml
index 17df73d..fe3f023 100644
--- 
a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/filters/oauth20-server.xml
+++ 
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/filters/oauth20-server.xml
@@ -64,6 +64,7 @@ under the License.
     
    <bean id="oauthProvider" 
class="org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuthDataProviderImpl">
        
<constructor-arg><value>${testutil.ports.jaxrs-oauth2-filters}</value></constructor-arg>
+       
<constructor-arg><value>${testutil.ports.jaxrs-oauth2-filters-partner}</value></constructor-arg>
    </bean>
    
    <bean id="authorizationService" 
class="org.apache.cxf.rs.security.oauth2.services.AuthorizationCodeGrantService">
diff --git 
a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/filters/oauth20-server.xml
 
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/filters/partner-service.xml
similarity index 56%
copy from 
systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/filters/oauth20-server.xml
copy to 
systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/filters/partner-service.xml
index 17df73d..d01228b 100644
--- 
a/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/filters/oauth20-server.xml
+++ 
b/systests/rs-security/src/test/resources/org/apache/cxf/systest/jaxrs/security/oauth2/filters/partner-service.xml
@@ -23,12 +23,14 @@ under the License.
     xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"; 
     xmlns:sec="http://cxf.apache.org/configuration/security"; 
     xmlns:cxf="http://cxf.apache.org/core"; 
-    xmlns:jaxrs="http://cxf.apache.org/jaxrs"; 
+    xmlns:jaxrs="http://cxf.apache.org/jaxrs";
+    xmlns:jaxrs-client="http://cxf.apache.org/jaxrs-client";
     xmlns:util="http://www.springframework.org/schema/util";
     xsi:schemaLocation="http://cxf.apache.org/jaxrs 
http://cxf.apache.org/schemas/jaxrs.xsd
+             http://cxf.apache.org/jaxrs-client 
http://cxf.apache.org/schemas/jaxrs-client.xsd
              http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd
-             http://www.springframework.org/schema/beans 
http://www.springframework.org/schema/beans/spring-beans.xsd
-             http://www.springframework.org/schema/util  
http://www.springframework.org/schema/util/spring-util.xsd
+             http://www.springframework.org/schema/beans 
http://www.springframework.org/schema/beans/spring-beans-4.2.xsd
+             http://www.springframework.org/schema/util  
http://www.springframework.org/schema/util/spring-util-4.2.xsd
              http://cxf.apache.org/transports/http/configuration 
http://cxf.apache.org/schemas/configuration/http-conf.xsd
              http://cxf.apache.org/transports/http-jetty/configuration 
http://cxf.apache.org/schemas/configuration/http-jetty.xsd 
              http://cxf.apache.org/configuration/security 
http://cxf.apache.org/schemas/configuration/security.xsd";>
@@ -37,18 +39,61 @@ under the License.
         <cxf:features>
             <cxf:logging/>
         </cxf:features>
-        <cxf:properties> 
-          <entry key="org.apache.cxf.jaxrs.bus.providers" 
value-ref="busProviders"/> 
-        </cxf:properties>
     </cxf:bus>
-    <!-- providers -->
-    <util:list id="busProviders"> 
-        <ref bean="oauthJson"/> 
-    </util:list> 
-    <bean id="oauthJson" 
class="org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider"/>
+    
+   <bean id="partnerServiceBean" 
+         
class="org.apache.cxf.systest.jaxrs.security.oauth2.filters.PartnerService" />
+   
+   <bean id="callbackHandler" 
class="org.apache.cxf.systest.jaxrs.security.oauth2.common.CallbackHandlerImpl"/>
+   <bean id="basicAuthFilter" 
class="org.apache.cxf.systest.jaxrs.security.oauth2.common.WSS4JBasicAuthFilter">
+       <property name="callbackHandler" ref="callbackHandler"/>
+   </bean>
+   
+   <bean id="consumer" 
class="org.apache.cxf.rs.security.oauth2.client.Consumer">
+        <property name="key" value="consumer-id"/>
+        <property name="secret" value="this-is-a-secret"/>
+   </bean>
+ 
+   <jaxrs-client:client id="atServiceClient" 
serviceClass="org.apache.cxf.jaxrs.client.WebClient"
+        
address="https://localhost:${testutil.ports.jaxrs-oauth2-service}/services/token";>
+        <jaxrs-client:headers>
+           <entry key="Accept" value="application/json"/>
+        </jaxrs-client:headers>
+   </jaxrs-client:client>
+   
+   <bean id="stateManager" 
class="org.apache.cxf.rs.security.oauth2.client.MemoryClientCodeStateManager"/>
+   
+   <bean id="codeRequestFilter" 
class="org.apache.cxf.rs.security.oauth2.client.ClientCodeRequestFilter">
+       <property name="authorizationServiceUri" 
value="https://localhost:${testutil.ports.jaxrs-oauth2-service}/services/authorize"/>
+       <property name="accessTokenServiceClient" ref="atServiceClient"/>
+       <property name="consumer" ref="consumer"/>
+       <property name="clientCodeStateManager" ref="stateManager"/>
+   </bean>
+   
+   <jaxrs:server 
+        depends-on="tls-config" 
+        
address="https://localhost:${testutil.ports.jaxrs-oauth2-filters-partner}/partnerservice";>
+        <jaxrs:serviceBeans>
+            <ref bean="partnerServiceBean"/>
+        </jaxrs:serviceBeans>
+        <jaxrs:providers>
+            <bean 
class="org.apache.cxf.rs.security.oauth2.client.ClientTokenContextProvider" />
+            <ref bean="basicAuthFilter"/>
+            <ref bean="codeRequestFilter"/>
+        </jaxrs:providers>
+        
+   </jaxrs:server>
+   
+   <http:conduit name="https://localhost.*";>
+        <http:tlsClientParameters disableCNCheck="true">
+            <sec:trustManagers>
+                <sec:keyStore type="JKS" password="password" 
resource="keys/Truststore.jks"/>
+            </sec:trustManagers>
+        </http:tlsClientParameters>
+    </http:conduit>
     
     <httpj:engine-factory id="tls-config">
-        <httpj:engine port="${testutil.ports.jaxrs-oauth2-service}">
+        <httpj:engine port="${testutil.ports.jaxrs-oauth2-filters-partner}">
             <httpj:tlsServerParameters>
                 <sec:keyManagers keyPassword="password">
                     <sec:keyStore type="JKS" password="password" 
resource="keys/Bethal.jks"/>
@@ -56,59 +101,10 @@ under the License.
                 <sec:trustManagers>
                     <sec:keyStore type="JKS" password="password" 
resource="keys/Truststore.jks"/>
                 </sec:trustManagers>
-                <sec:clientAuthentication want="true" required="false"/>
+                <sec:clientAuthentication want="true" required="true"/>
             </httpj:tlsServerParameters>
             <httpj:sessionSupport>true</httpj:sessionSupport>
         </httpj:engine>
     </httpj:engine-factory>
-    
-   <bean id="oauthProvider" 
class="org.apache.cxf.systest.jaxrs.security.oauth2.common.OAuthDataProviderImpl">
-       
<constructor-arg><value>${testutil.ports.jaxrs-oauth2-filters}</value></constructor-arg>
-   </bean>
-   
-   <bean id="authorizationService" 
class="org.apache.cxf.rs.security.oauth2.services.AuthorizationCodeGrantService">
-      <property name="dataProvider" ref="oauthProvider"/>
-   </bean>
-   
-   <bean id="implicitService" 
class="org.apache.cxf.rs.security.oauth2.services.ImplicitGrantService">
-      <property name="dataProvider" ref="oauthProvider"/>
-   </bean>
-   
-   <bean id="refreshGrantHandler" 
class="org.apache.cxf.rs.security.oauth2.grants.refresh.RefreshTokenGrantHandler">
-      <property name="dataProvider" ref="oauthProvider"/>
-   </bean>
-   
-   <bean id="tokenService" 
class="org.apache.cxf.rs.security.oauth2.services.AccessTokenService">
-      <property name="dataProvider" ref="oauthProvider"/>
-      <property name="grantHandlers">
-         <list>
-             <ref bean="refreshGrantHandler"/>
-         </list>
-      </property>
-   </bean>
-   
-   <bean id="tokenValidateService" 
class="org.apache.cxf.rs.security.oauth2.services.AccessTokenValidatorService">
-       <property name="dataProvider" ref="oauthProvider"/>
-   </bean>
-   
-   <bean id="callbackHandler" 
class="org.apache.cxf.systest.jaxrs.security.oauth2.common.CallbackHandlerImpl"/>
-   <bean id="basicAuthFilter" 
class="org.apache.cxf.systest.jaxrs.security.oauth2.common.WSS4JBasicAuthFilter">
-       <property name="callbackHandler" ref="callbackHandler"/>
-   </bean>
-   
-   <jaxrs:server 
-       depends-on="tls-config" 
-       
address="https://localhost:${testutil.ports.jaxrs-oauth2-service}/services";>
-       <jaxrs:serviceBeans>
-           <ref bean="authorizationService"/>
-           <ref bean="implicitService"/>
-           <ref bean="tokenService"/>
-           <ref bean="tokenValidateService"/>
-       </jaxrs:serviceBeans>
-       <jaxrs:providers>
-           <ref bean="basicAuthFilter"/>
-       </jaxrs:providers>
-   </jaxrs:server>
-   
 
 </beans>

-- 
To stop receiving notification emails like this one, please contact
cohei...@apache.org.

Reply via email to