This is an automated email from the ASF dual-hosted git repository.
buhhunyx pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git
The following commit(s) were added to refs/heads/master by this push:
new a5aeebd cxf-rt-rs-security-oauth2: process data with streams
a5aeebd is described below
commit a5aeebd9835ce93c2c61fdbdeb614682d4437057
Author: Alexey Markevich <[email protected]>
AuthorDate: Tue Feb 11 22:20:38 2020 +0300
cxf-rt-rs-security-oauth2: process data with streams
---
rt/rs/security/oauth-parent/oauth2/pom.xml | 45 ++++++++--------------
.../services/RedirectionBasedGrantService.java | 2 +-
.../cxf/rs/security/oauth2/utils/OAuthUtils.java | 32 +++++----------
.../rs/security/oauth2/utils/OAuthUtilsTest.java | 20 ++++++++++
rt/rs/security/oauth-parent/pom.xml | 5 ---
5 files changed, 47 insertions(+), 57 deletions(-)
diff --git a/rt/rs/security/oauth-parent/oauth2/pom.xml
b/rt/rs/security/oauth-parent/oauth2/pom.xml
index 9f4f5b1..f87ebaf 100644
--- a/rt/rs/security/oauth-parent/oauth2/pom.xml
+++ b/rt/rs/security/oauth-parent/oauth2/pom.xml
@@ -38,7 +38,7 @@
javax.annotation*;version="${cxf.osgi.javax.annotation.version}",
javax.persistence*;resolution:=optional
</cxf.osgi.import>
- <compilerArguments>-Aopenjpa.source=7
-Aopenjpa.metamodel=true</compilerArguments>
+ <compilerArguments>-Aopenjpa.source=8
-Aopenjpa.metamodel=true</compilerArguments>
</properties>
<dependencies>
<dependency>
@@ -246,41 +246,30 @@
</execution>
</executions>
</plugin>
+ <!-- this tells maven to set a property pointing to the openjpa agent
jar -->
+ <!-- where surefire can see it -->
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-dependency-plugin</artifactId>
+ <executions>
+ <execution>
+ <phase>generate-test-resources</phase>
+ <goals>
+ <goal>properties</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
<!-- this configures the surefire plugin to run your tests with the
javaagent enabled -->
<!-- (openJPA loadtime weaving) -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
-
<argLine>-javaagent:${project.basedir}/target/openjpa-${cxf.openjpa.version}.jar
${cxf.surefire.fork.vmargs}</argLine>
- <workingDirectory>${project.basedir}/target</workingDirectory>
+ <argLine>-javaagent:${org.apache.openjpa:openjpa:jar}
${cxf.surefire.fork.vmargs}</argLine>
+ <workingDirectory>${project.build.directory}</workingDirectory>
</configuration>
</plugin>
- <!-- this tells maven to copy the openjpa agent jar into your target/
directory -->
- <!-- where surefire can see it -->
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-dependency-plugin</artifactId>
- <executions>
- <execution>
- <id>copy</id>
- <phase>process-resources</phase>
- <goals>
- <goal>copy</goal>
- </goals>
- <configuration>
- <artifactItems>
- <artifactItem>
- <groupId>org.apache.openjpa</groupId>
- <artifactId>openjpa</artifactId>
- <version>${cxf.openjpa.version}</version>
- <outputDirectory>${project.build.directory}</outputDirectory>
- </artifactItem>
- </artifactItems>
- </configuration>
- </execution>
- </executions>
- </plugin>
</plugins>
</build>
</project>
diff --git
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
index e4af350..6f1f551 100644
---
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
+++
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
@@ -172,7 +172,7 @@ public abstract class RedirectionBasedGrantService extends
AbstractOAuthService
}
// Get the requested scopes
String providedScope = params.getFirst(OAuthConstants.SCOPE);
- List<String> requestedScope = null;
+ final List<String> requestedScope;
List<OAuthPermission> requestedPermissions = null;
try {
requestedScope = OAuthUtils.getRequestedScopes(client,
diff --git
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
index f975a31..3896f7c 100644
---
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
+++
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
@@ -23,14 +23,11 @@ import java.security.MessageDigest;
import java.security.Principal;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
-import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
-import java.util.LinkedList;
import java.util.List;
import java.util.Properties;
-import java.util.Set;
import javax.security.auth.x500.X500Principal;
import javax.servlet.http.HttpSession;
@@ -67,6 +64,8 @@ import org.apache.cxf.security.LoginSecurityContext;
import org.apache.cxf.security.SecurityContext;
import org.apache.cxf.security.transport.TLSSessionInfo;
+import static java.util.stream.Collectors.toList;
+
/**
* Various utility methods
*/
@@ -211,11 +210,8 @@ public final class OAuthUtils {
public static UserSubject createSubject(SecurityContext securityContext) {
List<String> roleNames = Collections.emptyList();
if (securityContext instanceof LoginSecurityContext) {
- roleNames = new ArrayList<>();
- Set<Principal> roles =
((LoginSecurityContext)securityContext).getUserRoles();
- for (Principal p : roles) {
- roleNames.add(p.getName());
- }
+ roleNames = ((LoginSecurityContext)
securityContext).getUserRoles().stream().map(Principal::getName)
+ .collect(toList());
}
UserSubject subject = new
UserSubject(securityContext.getUserPrincipal().getName(), roleNames);
Message m = JAXRSUtils.getCurrentMessage();
@@ -240,11 +236,7 @@ public final class OAuthUtils {
}
public static List<String>
convertPermissionsToScopeList(List<OAuthPermission> perms) {
- List<String> list = new LinkedList<>();
- for (OAuthPermission perm : perms) {
- list.add(perm.getPermission());
- }
- return list;
+ return
perms.stream().map(OAuthPermission::getPermission).collect(toList());
}
public static boolean isGrantSupportedForClient(Client client,
@@ -258,16 +250,11 @@ public final class OAuthUtils {
}
public static List<String> parseScope(String requestedScope) {
- List<String> list = new LinkedList<>();
if (requestedScope != null) {
- String[] scopeValues = requestedScope.split(" ");
- for (String scope : scopeValues) {
- if (!StringUtils.isEmpty(scope)) {
- list.add(scope);
- }
- }
+ return Arrays.stream(requestedScope.split("
")).filter(StringUtils.notEmpty()).collect(toList());
+ } else {
+ return Collections.emptyList();
}
- return list;
}
public static String generateRandomTokenKey() throws OAuthServiceException
{
@@ -332,8 +319,7 @@ public final class OAuthUtils {
List<String> requestScopes = parseScope(scopeParameter);
List<String> registeredScopes = client.getRegisteredScopes();
if (requestScopes.isEmpty()) {
- requestScopes.addAll(registeredScopes);
- return requestScopes;
+ return registeredScopes;
}
if (!validateScopes(requestScopes, registeredScopes,
partialMatchScopeValidation)) {
throw new OAuthServiceException("Unexpected scope");
diff --git
a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtilsTest.java
b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtilsTest.java
index d49cef6..7252096 100644
---
a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtilsTest.java
+++
b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtilsTest.java
@@ -18,10 +18,14 @@
*/
package org.apache.cxf.rs.security.oauth2.utils;
+import java.util.Collections;
import java.util.List;
+import org.apache.cxf.rs.security.oauth2.common.Client;
+
import org.junit.Test;
+import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
@@ -53,4 +57,20 @@ public class OAuthUtilsTest {
List<String> registeredScopes = OAuthUtils.parseScope("a b");
assertFalse(OAuthUtils.validateScopes(requestScopes, registeredScopes,
true));
}
+
+ @Test
+ public void testGetRequestedScopesRegistered() {
+ Client c = new Client();
+ List<String> scopes = Collections.singletonList("a");
+ c.setRegisteredScopes(scopes);
+ assertEquals(scopes, OAuthUtils.getRequestedScopes(c, "", false,
false));
+ }
+
+ @Test
+ public void testParseScopeEmpty() {
+ assertTrue(OAuthUtils.parseScope(null).isEmpty());
+ assertTrue(OAuthUtils.parseScope("").isEmpty());
+ assertTrue(OAuthUtils.parseScope(" ").isEmpty());
+ }
+
}
diff --git a/rt/rs/security/oauth-parent/pom.xml
b/rt/rs/security/oauth-parent/pom.xml
index 015ac71..3233b10 100644
--- a/rt/rs/security/oauth-parent/pom.xml
+++ b/rt/rs/security/oauth-parent/pom.xml
@@ -30,11 +30,6 @@
<version>3.4.0-SNAPSHOT</version>
<relativePath>../../../../parent/pom.xml</relativePath>
</parent>
- <properties>
- <cxf.osgi.import>
- javax.servlet*;version="${cxf.osgi.javax.servlet.version}",
- </cxf.osgi.import>
- </properties>
<modules>
<module>oauth</module>
<module>oauth2</module>
