Repository: cxf Updated Branches: refs/heads/master 075b4f205 -> f4bc11621
Some cleanup around saving refresh tokens Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f4bc1162 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f4bc1162 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f4bc1162 Branch: refs/heads/master Commit: f4bc1162145e0aa5d87bc0c3e04fb74a70df080e Parents: 075b4f2 Author: Sergey Beryozkin <sberyoz...@gmail.com> Authored: Wed Apr 6 16:27:45 2016 +0100 Committer: Sergey Beryozkin <sberyoz...@gmail.com> Committed: Wed Apr 6 16:27:45 2016 +0100 ---------------------------------------------------------------------- .../oauth2/provider/AbstractOAuthDataProvider.java | 17 +++++++++-------- .../provider/DefaultEHCacheOAuthDataProvider.java | 2 +- .../DefaultEncryptingOAuthDataProvider.java | 10 +++++----- .../oauth2/provider/JPAOAuthDataProvider.java | 2 +- 4 files changed, 16 insertions(+), 15 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/f4bc1162/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java index c971985..1a312f6 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java @@ -131,7 +131,7 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider, Cl if (rt.getAccessTokens().isEmpty()) { revokeRefreshToken(rt.getTokenKey()); } else { - saveRefreshToken(null, rt); + saveRefreshToken(rt); } } @@ -215,14 +215,14 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider, Cl } protected RefreshToken updateRefreshToken(RefreshToken rt, ServerAccessToken at) { - linkRefreshAccessTokens(rt, at); - saveRefreshToken(at, rt); + linkAccessTokenToRefreshToken(rt, at); + saveRefreshToken(rt); + linkRefreshTokenToAccessToken(rt, at); return rt; } protected RefreshToken createNewRefreshToken(ServerAccessToken at) { RefreshToken rt = doCreateNewRefreshToken(at); - saveRefreshToken(at, rt); - return rt; + return updateRefreshToken(rt, at); } protected RefreshToken doCreateNewRefreshToken(ServerAccessToken at) { RefreshToken rt = new RefreshToken(at.getClient(), refreshTokenLifetime); @@ -239,12 +239,13 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider, Cl } rt.setSubject(at.getSubject()); rt.setClientCodeVerifier(at.getClientCodeVerifier()); - linkRefreshAccessTokens(rt, at); return rt; } - private void linkRefreshAccessTokens(RefreshToken rt, ServerAccessToken at) { + protected void linkAccessTokenToRefreshToken(RefreshToken rt, ServerAccessToken at) { rt.getAccessTokens().add(at.getTokenKey()); + } + protected void linkRefreshTokenToAccessToken(RefreshToken rt, ServerAccessToken at) { at.setRefreshToken(rt.getTokenKey()); } @@ -351,7 +352,7 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider, Cl protected abstract void saveAccessToken(ServerAccessToken serverToken); - protected abstract void saveRefreshToken(ServerAccessToken at, RefreshToken refreshToken); + protected abstract void saveRefreshToken(RefreshToken refreshToken); protected abstract void doRevokeAccessToken(ServerAccessToken accessToken); protected abstract void doRevokeRefreshToken(RefreshToken refreshToken); protected abstract RefreshToken getRefreshToken(String refreshTokenKey); http://git-wip-us.apache.org/repos/asf/cxf/blob/f4bc1162/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEHCacheOAuthDataProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEHCacheOAuthDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEHCacheOAuthDataProvider.java index c6e65f3..7d376ed 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEHCacheOAuthDataProvider.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEHCacheOAuthDataProvider.java @@ -143,7 +143,7 @@ public class DefaultEHCacheOAuthDataProvider extends AbstractOAuthDataProvider { putCacheValue(accessTokenCache, serverToken.getTokenKey(), serverToken, serverToken.getExpiresIn()); } - protected void saveRefreshToken(ServerAccessToken at, RefreshToken refreshToken) { + protected void saveRefreshToken(RefreshToken refreshToken) { putCacheValue(refreshTokenCache, refreshToken.getTokenKey(), refreshToken, refreshToken.getExpiresIn()); } http://git-wip-us.apache.org/repos/asf/cxf/blob/f4bc1162/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEncryptingOAuthDataProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEncryptingOAuthDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEncryptingOAuthDataProvider.java index e436aec..02d66d8 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEncryptingOAuthDataProvider.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEncryptingOAuthDataProvider.java @@ -39,7 +39,7 @@ import org.apache.cxf.rt.security.crypto.KeyProperties; public class DefaultEncryptingOAuthDataProvider extends AbstractOAuthDataProvider { protected SecretKey key; private Set<String> tokens = Collections.synchronizedSet(new HashSet<String>()); - private ConcurrentHashMap<String, String> refreshTokens = new ConcurrentHashMap<String, String>(); + private Set<String> refreshTokens = Collections.synchronizedSet(new HashSet<String>()); private ConcurrentHashMap<String, String> clientsMap = new ConcurrentHashMap<String, String>(); public DefaultEncryptingOAuthDataProvider(String algo, int keySize) { this(new KeyProperties(algo, keySize)); @@ -90,7 +90,7 @@ public class DefaultEncryptingOAuthDataProvider extends AbstractOAuthDataProvide @Override public List<RefreshToken> getRefreshTokens(Client c, UserSubject sub) { List<RefreshToken> list = new ArrayList<RefreshToken>(refreshTokens.size()); - for (String tokenKey : tokens) { + for (String tokenKey : refreshTokens) { RefreshToken token = getRefreshToken(tokenKey); if (isTokenMatched(token, c, sub)) { list.add(token); @@ -118,9 +118,10 @@ public class DefaultEncryptingOAuthDataProvider extends AbstractOAuthDataProvide } @Override - protected void saveRefreshToken(ServerAccessToken at, RefreshToken refreshToken) { + protected void saveRefreshToken(RefreshToken refreshToken) { String encryptedRefreshToken = ModelEncryptionSupport.encryptRefreshToken(refreshToken, key); - at.setRefreshToken(encryptedRefreshToken); + refreshToken.setTokenKey(encryptedRefreshToken); + refreshTokens.add(encryptedRefreshToken); } @Override @@ -131,7 +132,6 @@ public class DefaultEncryptingOAuthDataProvider extends AbstractOAuthDataProvide private void encryptAccessToken(ServerAccessToken token) { String encryptedToken = ModelEncryptionSupport.encryptAccessToken(token, key); tokens.add(encryptedToken); - refreshTokens.put(token.getRefreshToken(), encryptedToken); token.setTokenKey(encryptedToken); } @Override http://git-wip-us.apache.org/repos/asf/cxf/blob/f4bc1162/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java index bc9db23..409fe25 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java @@ -103,7 +103,7 @@ public class JPAOAuthDataProvider extends AbstractOAuthDataProvider { persistEntity(serverToken); } - protected void saveRefreshToken(ServerAccessToken at, RefreshToken refreshToken) { + protected void saveRefreshToken(RefreshToken refreshToken) { persistEntity(refreshToken); } protected void persistEntityWithPossibleRollback(Object entity) {