subject:"cxf git commit\: \[CXF\-6280\] Updating AuthorizationCode service to support returning a code out of band even for confidential clients"

cxf git commit: [CXF-6280] Updating AuthorizationCode service to support returning a code out of band even for confidential clients

2015-04-22 Thread sergeyb

Repository: cxf
Updated Branches:
  refs/heads/master 6fd84bc9f - a802b442c


[CXF-6280] Updating AuthorizationCode service to support returning a code out 
of band even for confidential clients


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a802b442
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a802b442
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a802b442

Branch: refs/heads/master
Commit: a802b442cdfdd8e4c23fae7de16a11f5de2004dc
Parents: 6fd84bc
Author: Sergey Beryozkin sberyoz...@talend.com
Authored: Wed Apr 22 13:22:03 2015 +0100
Committer: Sergey Beryozkin sberyoz...@talend.com
Committed: Wed Apr 22 13:22:03 2015 +0100

--
 .../oauth2/services/AuthorizationCodeGrantService.java  | 9 -
 1 file changed, 8 insertions(+), 1 deletion(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/a802b442/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
--
diff --git 
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
 
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
index 9b7239a..184d219 100644
--- 
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
+++ 
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
@@ -55,6 +55,7 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 public class AuthorizationCodeGrantService extends 
RedirectionBasedGrantService {
 private static final Integer RECOMMENDED_CODE_EXPIRY_TIME_MINS = 10;
 private boolean canSupportPublicClients;
+private boolean canSupportEmptyRedirectForPrivateClients;
 private OOBResponseDeliverer oobDeliverer;
 private AuthorizationCodeRequestFilter codeRequestFilter;
 private AuthorizationCodeResponseFilter codeResponseFilter;
@@ -179,7 +180,10 @@ public class AuthorizationCodeGrantService extends 
RedirectionBasedGrantService
 
 @Override
 protected boolean canRedirectUriBeEmpty(Client c) {
-return canSupportPublicClient(c)  c.getRedirectUris().isEmpty();
+// If a redirect URI is empty then the code will be returned out of 
band, 
+// typically will be returned directly to a human user
+return (c.isConfidential()  canSupportEmptyRedirectForPrivateClients 
|| canSupportPublicClient(c)) 
+ c.getRedirectUris().isEmpty();
 }
 
 public void setCanSupportPublicClients(boolean support) {
@@ -193,6 +197,9 @@ public class AuthorizationCodeGrantService extends 
RedirectionBasedGrantService
 public void setCodeRequestFilter(AuthorizationCodeRequestFilter 
codeRequestFilter) {
 this.codeRequestFilter = codeRequestFilter;
 }
+public void setCanSupportEmptyRedirectForPrivateClients(boolean 
canSupportEmptyRedirectForPrivateClients) {
+this.canSupportEmptyRedirectForPrivateClients = 
canSupportEmptyRedirectForPrivateClients;
+}
 
 
 }

cxf git commit: [CXF-6280] Updating AuthorizationCode service to support returning a code out of band even for confidential clients

2015-04-22 Thread sergeyb

Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 312e27e75 - 03b7d19c8


[CXF-6280] Updating AuthorizationCode service to support returning a code out 
of band even for confidential clients


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/03b7d19c
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/03b7d19c
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/03b7d19c

Branch: refs/heads/3.0.x-fixes
Commit: 03b7d19c8e934e98040f064bb36843638b428f63
Parents: 312e27e
Author: Sergey Beryozkin sberyoz...@talend.com
Authored: Wed Apr 22 13:22:03 2015 +0100
Committer: Sergey Beryozkin sberyoz...@talend.com
Committed: Wed Apr 22 13:24:11 2015 +0100

--
 .../oauth2/services/AuthorizationCodeGrantService.java  | 9 -
 1 file changed, 8 insertions(+), 1 deletion(-)
--


http://git-wip-us.apache.org/repos/asf/cxf/blob/03b7d19c/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
--
diff --git 
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
 
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
index edbbe51..a4c9d9e 100644
--- 
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
+++ 
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java
@@ -54,6 +54,7 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 public class AuthorizationCodeGrantService extends 
RedirectionBasedGrantService {
 private static final Integer RECOMMENDED_CODE_EXPIRY_TIME_MINS = 10;
 private boolean canSupportPublicClients;
+private boolean canSupportEmptyRedirectForPrivateClients;
 private OOBResponseDeliverer oobDeliverer;
 private AuthorizationCodeRequestFilter codeRequestFilter;
 private AuthorizationCodeResponseFilter codeResponseFilter;
@@ -171,7 +172,10 @@ public class AuthorizationCodeGrantService extends 
RedirectionBasedGrantService
 
 @Override
 protected boolean canRedirectUriBeEmpty(Client c) {
-return canSupportPublicClient(c)  c.getRedirectUris().isEmpty();
+// If a redirect URI is empty then the code will be returned out of 
band, 
+// typically will be returned directly to a human user
+return (c.isConfidential()  canSupportEmptyRedirectForPrivateClients 
|| canSupportPublicClient(c)) 
+ c.getRedirectUris().isEmpty();
 }
 
 public void setCanSupportPublicClients(boolean support) {
@@ -185,6 +189,9 @@ public class AuthorizationCodeGrantService extends 
RedirectionBasedGrantService
 public void setCodeRequestFilter(AuthorizationCodeRequestFilter 
codeRequestFilter) {
 this.codeRequestFilter = codeRequestFilter;
 }
+public void setCanSupportEmptyRedirectForPrivateClients(boolean 
canSupportEmptyRedirectForPrivateClients) {
+this.canSupportEmptyRedirectForPrivateClients = 
canSupportEmptyRedirectForPrivateClients;
+}
 
 
 }

cxf git commit: [CXF-6280] Updating AuthorizationCode service to support returning a code out of band even for confidential clients

cxf git commit: [CXF-6280] Updating AuthorizationCode service to support returning a code out of band even for confidential clients

2 matches

Site Navigation

Mail list logo

Footer information