Skip to content
Permalink
Browse files
Making it possible to register OAuthRequestFilter as the interceptor …
…and also use it on non-JAX-RS paths

git-svn-id: https://svn.apache.org/repos/asf/cxf/trunk@1565629 13f79535-47bb-0310-9956-ffa450edef68
  • Loading branch information
Sergey Beryozkin committed Feb 7, 2014
1 parent 4e8e5f2 commit 2cf133d0cb05680ee3b21e3d6905faca8e2189a5
Show file tree
Hide file tree
Showing 3 changed files with 82 additions and 4 deletions.
@@ -57,7 +57,10 @@ public class OAuthRequestFilter extends AbstractAccessTokenValidator
private boolean audienceIsEndpointAddress;

public void filter(ContainerRequestContext context) {
Message m = JAXRSUtils.getCurrentMessage();
validateRequest(JAXRSUtils.getCurrentMessage());
}

protected void validateRequest(Message m) {
if (isCorsRequest(m)) {
return;
}
@@ -0,0 +1,70 @@
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.cxf.rs.security.oauth2.filters;

import java.util.Collection;
import java.util.Collections;
import java.util.Set;

import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.Phase;
import org.apache.cxf.phase.PhaseInterceptor;


public class OAuthRequestInterceptor extends OAuthRequestFilter implements PhaseInterceptor<Message> {

public void handleMessage(Message message) throws Fault {
validateRequest(message);
}

public Collection<PhaseInterceptor<? extends Message>> getAdditionalInterceptors() {
return null;
}

public Set<String> getAfter() {
return Collections.emptySet();
}

public Set<String> getBefore() {
return Collections.emptySet();
}

public String getId() {
return getClass().getName();
}

public String getPhase() {
return Phase.PRE_INVOKE;
}

public void handleFault(Message message) {
}

// protected String[] getAuthorizationParts() {
// // the current message is wrapped in MessageContext
// MessageContext mc = getMessageContext();
//
// // extract the token from the message, example, get
// // WS-Security Binary token put on the message by WSS4JInInterceptor
//
// String token = getTokenFromCurrentMessage(mc);
// return new String[] {"Bearer", token};
// }
}
@@ -28,6 +28,8 @@
import javax.ws.rs.core.Context;

import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.jaxrs.ext.MessageContextImpl;
import org.apache.cxf.phase.PhaseInterceptorChain;
import org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation;
import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
import org.apache.cxf.rs.security.oauth2.provider.AccessTokenValidator;
@@ -73,7 +75,7 @@ public void setMessageContext(MessageContext context) {
}

public MessageContext getMessageContext() {
return mc;
return mc != null ? mc : new MessageContextImpl(PhaseInterceptorChain.getCurrentMessage());
}

protected AccessTokenValidator findTokenValidator(String authScheme) {
@@ -99,7 +101,7 @@ protected AccessTokenValidation getAccessTokenValidation() {
// Get the scheme and its data, Bearer only is supported by default
// WWW-Authenticate with the list of supported schemes will be sent back
// if the scheme is not accepted
String[] authParts = AuthorizationUtils.getAuthorizationParts(mc, supportedSchemes);
String[] authParts = getAuthorizationParts();
String authScheme = authParts[0];
String authSchemeData = authParts[1];

@@ -108,7 +110,7 @@ protected AccessTokenValidation getAccessTokenValidation() {
if (handler != null) {
try {
// Convert the HTTP Authorization scheme data into a token
accessTokenV = handler.validateAccessToken(mc, authScheme, authSchemeData);
accessTokenV = handler.validateAccessToken(getMessageContext(), authScheme, authSchemeData);
} catch (OAuthServiceException ex) {
AuthorizationUtils.throwAuthorizationFailure(
Collections.singleton(authScheme), realm);
@@ -163,5 +165,8 @@ public void setAudiences(List<String> audiences) {
this.audiences = audiences;
}

protected String[] getAuthorizationParts() {
return AuthorizationUtils.getAuthorizationParts(getMessageContext(), supportedSchemes);
}

}

0 comments on commit 2cf133d

Please sign in to comment.