Repository: cxf Updated Branches: refs/heads/3.0.x-fixes 934012437 -> ea9f508c3
Some updates around checking the scheme in Oauth2 filter Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/ea9f508c Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/ea9f508c Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/ea9f508c Branch: refs/heads/3.0.x-fixes Commit: ea9f508c344df826593c960c086c82d218e90756 Parents: 9340124 Author: Sergey Beryozkin <[email protected]> Authored: Mon Nov 2 16:00:47 2015 +0000 Committer: Sergey Beryozkin <[email protected]> Committed: Mon Nov 2 16:02:04 2015 +0000 ---------------------------------------------------------------------- .../oauth2/filters/AccessTokenValidatorClient.java | 13 +++++++++++-- .../rs/security/oauth2/utils/AuthorizationUtils.java | 4 +++- 2 files changed, 14 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/ea9f508c/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenValidatorClient.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenValidatorClient.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenValidatorClient.java index 984995b..71bb021 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenValidatorClient.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/AccessTokenValidatorClient.java @@ -19,6 +19,7 @@ package org.apache.cxf.rs.security.oauth2.filters; import java.util.Collections; +import java.util.LinkedList; import java.util.List; import javax.ws.rs.core.MultivaluedMap; @@ -34,9 +35,11 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants; public class AccessTokenValidatorClient implements AccessTokenValidator { private WebClient tokenValidatorClient; - + private List<String> supportedSchemes = new LinkedList<String>(); public List<String> getSupportedAuthorizationSchemes() { - return Collections.singletonList(OAuthConstants.ALL_AUTH_SCHEMES); + return supportedSchemes.isEmpty() + ? Collections.singletonList(OAuthConstants.ALL_AUTH_SCHEMES) + : Collections.unmodifiableList(supportedSchemes); } public AccessTokenValidation validateAccessToken(MessageContext mc, @@ -57,5 +60,11 @@ public class AccessTokenValidatorClient implements AccessTokenValidator { public void setTokenValidatorClient(WebClient tokenValidatorClient) { this.tokenValidatorClient = tokenValidatorClient; } + public void setSupportedSchemes(List<String> schemes) { + this.supportedSchemes.addAll(schemes); + } + public void setSupportedScheme(String scheme) { + this.supportedSchemes.add(scheme); + } } http://git-wip-us.apache.org/repos/asf/cxf/blob/ea9f508c/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java index 09df5ef..51446a2 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/AuthorizationUtils.java @@ -76,7 +76,9 @@ public final class AuthorizationUtils { if (headers != null && headers.size() == 1) { String[] parts = headers.get(0).split(" "); if (parts.length > 0 - && (challenges == null || challenges.isEmpty() || challenges.contains(parts[0]))) { + && (challenges == null || challenges.isEmpty() + || challenges.contains(parts[0]) + || challenges.size() == 1 && challenges.contains("*"))) { return parts; } }
