Hi
I've updated OAuth2 AccessTokenValidator interface to accept an extra
parameter, a multivalued map of properties. This change has been done on
the 3.1.0-SNAPSHOT trunk only.
It is needed for the custom token validators be capable of validating a
token if the validation input requires some extra properties in addition
to those found in HTTP Authorization header (client ip address, custom
headers, URI properties, etc). The interface already accepts
MessageContext which may be sufficient when extra properties are
required in a local validation case but it does not work if RS (resource
server) and AS (Authorization Server) are not collocated.
The reason I'm sending this email to the users list is that I'm keen to
push this change to CXF 3.0.4-SNAPSHOT (but not to CXF 2.7.15-SNAPSHOT)
and would like to ask: has someone working with CXF OAuth2 implemented a
custom AccessTokenValidator and works with CXF 3.0.0-3.0.3 ? Let me know
please
Thanks, Sergey
[1]
https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f=rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AccessTokenValidator.java
