Repository: cxf Updated Branches: refs/heads/3.1.x-fixes cef686653 -> adb0ce538
Some cleanup around saving refresh tokens Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/adb0ce53 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/adb0ce53 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/adb0ce53 Branch: refs/heads/3.1.x-fixes Commit: adb0ce53862e37ccd2f16029c7b13b4fa0cb0ac9 Parents: cef6866 Author: Sergey Beryozkin <sberyoz...@gmail.com> Authored: Wed Apr 6 16:27:45 2016 +0100 Committer: Sergey Beryozkin <sberyoz...@gmail.com> Committed: Wed Apr 6 16:28:35 2016 +0100 ---------------------------------------------------------------------- .../oauth2/provider/AbstractOAuthDataProvider.java | 17 +++++++++-------- .../provider/DefaultEHCacheOAuthDataProvider.java | 2 +- .../DefaultEncryptingOAuthDataProvider.java | 10 +++++----- .../oauth2/provider/JPAOAuthDataProvider.java | 2 +- 4 files changed, 16 insertions(+), 15 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/adb0ce53/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java index 00608e2..b5f7ebf 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java @@ -136,7 +136,7 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider, Cl if (rt.getAccessTokens().isEmpty()) { revokeRefreshToken(rt.getTokenKey()); } else { - saveRefreshToken(null, rt); + saveRefreshToken(rt); } } @@ -220,14 +220,14 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider, Cl } protected RefreshToken updateRefreshToken(RefreshToken rt, ServerAccessToken at) { - linkRefreshAccessTokens(rt, at); - saveRefreshToken(at, rt); + linkAccessTokenToRefreshToken(rt, at); + saveRefreshToken(rt); + linkRefreshTokenToAccessToken(rt, at); return rt; } protected RefreshToken createNewRefreshToken(ServerAccessToken at) { RefreshToken rt = doCreateNewRefreshToken(at); - saveRefreshToken(at, rt); - return rt; + return updateRefreshToken(rt, at); } protected RefreshToken doCreateNewRefreshToken(ServerAccessToken at) { RefreshToken rt = new RefreshToken(at.getClient(), refreshTokenLifetime); @@ -244,12 +244,13 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider, Cl } rt.setSubject(at.getSubject()); rt.setClientCodeVerifier(at.getClientCodeVerifier()); - linkRefreshAccessTokens(rt, at); return rt; } - private void linkRefreshAccessTokens(RefreshToken rt, ServerAccessToken at) { + protected void linkAccessTokenToRefreshToken(RefreshToken rt, ServerAccessToken at) { rt.getAccessTokens().add(at.getTokenKey()); + } + protected void linkRefreshTokenToAccessToken(RefreshToken rt, ServerAccessToken at) { at.setRefreshToken(rt.getTokenKey()); } @@ -356,7 +357,7 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider, Cl protected abstract void saveAccessToken(ServerAccessToken serverToken); - protected abstract void saveRefreshToken(ServerAccessToken at, RefreshToken refreshToken); + protected abstract void saveRefreshToken(RefreshToken refreshToken); protected abstract void doRevokeAccessToken(ServerAccessToken accessToken); protected abstract void doRevokeRefreshToken(RefreshToken refreshToken); protected abstract RefreshToken getRefreshToken(String refreshTokenKey); http://git-wip-us.apache.org/repos/asf/cxf/blob/adb0ce53/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEHCacheOAuthDataProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEHCacheOAuthDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEHCacheOAuthDataProvider.java index c6e65f3..7d376ed 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEHCacheOAuthDataProvider.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEHCacheOAuthDataProvider.java @@ -143,7 +143,7 @@ public class DefaultEHCacheOAuthDataProvider extends AbstractOAuthDataProvider { putCacheValue(accessTokenCache, serverToken.getTokenKey(), serverToken, serverToken.getExpiresIn()); } - protected void saveRefreshToken(ServerAccessToken at, RefreshToken refreshToken) { + protected void saveRefreshToken(RefreshToken refreshToken) { putCacheValue(refreshTokenCache, refreshToken.getTokenKey(), refreshToken, refreshToken.getExpiresIn()); } http://git-wip-us.apache.org/repos/asf/cxf/blob/adb0ce53/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEncryptingOAuthDataProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEncryptingOAuthDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEncryptingOAuthDataProvider.java index e436aec..02d66d8 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEncryptingOAuthDataProvider.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/DefaultEncryptingOAuthDataProvider.java @@ -39,7 +39,7 @@ import org.apache.cxf.rt.security.crypto.KeyProperties; public class DefaultEncryptingOAuthDataProvider extends AbstractOAuthDataProvider { protected SecretKey key; private Set<String> tokens = Collections.synchronizedSet(new HashSet<String>()); - private ConcurrentHashMap<String, String> refreshTokens = new ConcurrentHashMap<String, String>(); + private Set<String> refreshTokens = Collections.synchronizedSet(new HashSet<String>()); private ConcurrentHashMap<String, String> clientsMap = new ConcurrentHashMap<String, String>(); public DefaultEncryptingOAuthDataProvider(String algo, int keySize) { this(new KeyProperties(algo, keySize)); @@ -90,7 +90,7 @@ public class DefaultEncryptingOAuthDataProvider extends AbstractOAuthDataProvide @Override public List<RefreshToken> getRefreshTokens(Client c, UserSubject sub) { List<RefreshToken> list = new ArrayList<RefreshToken>(refreshTokens.size()); - for (String tokenKey : tokens) { + for (String tokenKey : refreshTokens) { RefreshToken token = getRefreshToken(tokenKey); if (isTokenMatched(token, c, sub)) { list.add(token); @@ -118,9 +118,10 @@ public class DefaultEncryptingOAuthDataProvider extends AbstractOAuthDataProvide } @Override - protected void saveRefreshToken(ServerAccessToken at, RefreshToken refreshToken) { + protected void saveRefreshToken(RefreshToken refreshToken) { String encryptedRefreshToken = ModelEncryptionSupport.encryptRefreshToken(refreshToken, key); - at.setRefreshToken(encryptedRefreshToken); + refreshToken.setTokenKey(encryptedRefreshToken); + refreshTokens.add(encryptedRefreshToken); } @Override @@ -131,7 +132,6 @@ public class DefaultEncryptingOAuthDataProvider extends AbstractOAuthDataProvide private void encryptAccessToken(ServerAccessToken token) { String encryptedToken = ModelEncryptionSupport.encryptAccessToken(token, key); tokens.add(encryptedToken); - refreshTokens.put(token.getRefreshToken(), encryptedToken); token.setTokenKey(encryptedToken); } @Override http://git-wip-us.apache.org/repos/asf/cxf/blob/adb0ce53/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java index bc9db23..409fe25 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JPAOAuthDataProvider.java @@ -103,7 +103,7 @@ public class JPAOAuthDataProvider extends AbstractOAuthDataProvider { persistEntity(serverToken); } - protected void saveRefreshToken(ServerAccessToken at, RefreshToken refreshToken) { + protected void saveRefreshToken(RefreshToken refreshToken) { persistEntity(refreshToken); } protected void persistEntityWithPossibleRollback(Object entity) {