Heads Up: OAuth2 SessionAuthenticityTokenProvider changed for the incoming CXF 3.0.0

Fri, 25 Apr 2014 04:50:31 -0700 

Hi, if you work with this provider, please see the changes below,
Very important for making it possible to control the authorization sessions better 

Thanks, Sergey
[1] https://issues.apache.org/jira/browse/CXF-5712



http://git-wip-us.apache.org/repos/asf/cxf/blob/7e2f8ba3/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/SessionAuthenticityTokenProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/SessionAuthenticityTokenProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/SessionAuthenticityTokenProvider.java 
index 34c581c..741acb0 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/SessionAuthenticityTokenProvider.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/SessionAuthenticityTokenProvider.java 
@@ -19,7 +19,10 @@

 package org.apache.cxf.rs.security.oauth2.provider;

+import javax.ws.rs.core.MultivaluedMap;
+
 import org.apache.cxf.jaxrs.ext.MessageContext;
+import org.apache.cxf.rs.security.oauth2.common.UserSubject;

 /**
* SessionAuthenticityTokenProvider responsible for storing and retrieving tokens 
@@ -31,23 +34,35 @@ public interface SessionAuthenticityTokenProvider {
      * Creates a new session token and stores it
      *
      * @param mc the {@link MessageContext} of this request
+     * @param params redirection-based grant request parameters
+     * @param subject authenticated end user
      * @return the created session token
      */
-    String createSessionToken(MessageContext mc);
+    String createSessionToken(MessageContext mc,
+                              MultivaluedMap<String, String> params,
+                              UserSubject subject);

     /**
      * Retrieves the stored session token
      *
      * @param mc the {@link MessageContext} of this request
+     * @param params grant authorization parameters
+     * @param subject authenticated end user
      * @return the stored token
      */
-    String getSessionToken(MessageContext mc);
+    String getSessionToken(MessageContext mc,
+                           MultivaluedMap<String, String> params,
+                           UserSubject subject);

     /**
      * Removes the stored session token
      *
      * @param mc the {@link MessageContext} of this request
+     * @param params grant authorization parameters
+     * @param subject authenticated end user
      */
-    String removeSessionToken(MessageContext mc);
+    String removeSessionToken(MessageContext mc,
+                              MultivaluedMap<String, String> params,
+                              UserSubject subject);

 }

Reply via email to