Permalink
Browse files

Bringing fcrepo-auth-oauth under fcrepo4

  • Loading branch information...
1 parent 82015a3 commit eea2ad67be5d73ed4675cb3194eda9e0b1d38f10 ajs6f committed Jul 2, 2013
Showing with 2,734 additions and 0 deletions.
  1. +7 −0 fcrepo-auth-oauth/checkstyle-suppressions.xml
  2. +180 −0 fcrepo-auth-oauth/pom.xml
  3. +32 −0 fcrepo-auth-oauth/src/main/java/org/fcrepo/auth/oauth/Constants.java
  4. +73 −0 fcrepo-auth-oauth/src/main/java/org/fcrepo/auth/oauth/Decision.java
  5. +92 −0 fcrepo-auth-oauth/src/main/java/org/fcrepo/auth/oauth/DefaultOAuthResourceProvider.java
  6. +175 −0 fcrepo-auth-oauth/src/main/java/org/fcrepo/auth/oauth/api/AuthzEndpoint.java
  7. +252 −0 fcrepo-auth-oauth/src/main/java/org/fcrepo/auth/oauth/api/TokenEndpoint.java
  8. +52 −0 fcrepo-auth-oauth/src/main/java/org/fcrepo/auth/oauth/api/Util.java
  9. +69 −0 fcrepo-auth-oauth/src/main/java/org/fcrepo/auth/oauth/filter/Decision.java
  10. +77 −0 fcrepo-auth-oauth/src/main/java/org/fcrepo/auth/oauth/filter/DefaultOAuthResourceProvider.java
  11. +204 −0 fcrepo-auth-oauth/src/main/java/org/fcrepo/auth/oauth/filter/OAuthFilter.java
  12. +93 −0 fcrepo-auth-oauth/src/main/java/org/fcrepo/auth/oauth/filter/RestrictToAuthNFilter.java
  13. +130 −0 fcrepo-auth-oauth/src/test/java/org/fcrepo/auth/oauth/integration/api/AbstractOAuthResourceIT.java
  14. +82 −0 fcrepo-auth-oauth/src/test/java/org/fcrepo/auth/oauth/integration/api/AuthzEndpointIT.java
  15. +144 −0 fcrepo-auth-oauth/src/test/java/org/fcrepo/auth/oauth/integration/api/ContainerWrapper.java
  16. +72 −0 fcrepo-auth-oauth/src/test/java/org/fcrepo/auth/oauth/integration/api/TestBinding.java
  17. +94 −0 fcrepo-auth-oauth/src/test/java/org/fcrepo/auth/oauth/integration/api/TokenEndpointIT.java
  18. +115 −0 fcrepo-auth-oauth/src/test/java/org/fcrepo/auth/oauth/integration/api/WebAppConfig.java
  19. +32 −0 fcrepo-auth-oauth/src/test/java/org/fcrepo/auth/oauth/integration/api/bind/ContextParam.java
  20. +30 −0 fcrepo-auth-oauth/src/test/java/org/fcrepo/auth/oauth/integration/api/bind/Describable.java
  21. +29 −0 fcrepo-auth-oauth/src/test/java/org/fcrepo/auth/oauth/integration/api/bind/Displayable.java
  22. +54 −0 fcrepo-auth-oauth/src/test/java/org/fcrepo/auth/oauth/integration/api/bind/Filter.java
  23. +49 −0 fcrepo-auth-oauth/src/test/java/org/fcrepo/auth/oauth/integration/api/bind/FilterMapping.java
  24. +32 −0 fcrepo-auth-oauth/src/test/java/org/fcrepo/auth/oauth/integration/api/bind/InitParam.java
  25. +56 −0 fcrepo-auth-oauth/src/test/java/org/fcrepo/auth/oauth/integration/api/bind/Listener.java
  26. +63 −0 fcrepo-auth-oauth/src/test/java/org/fcrepo/auth/oauth/integration/api/bind/Param.java
  27. +61 −0 fcrepo-auth-oauth/src/test/java/org/fcrepo/auth/oauth/integration/api/bind/Servlet.java
  28. +30 −0 fcrepo-auth-oauth/src/test/java/org/fcrepo/auth/oauth/integration/api/bind/ServletMapping.java
  29. +30 −0 fcrepo-auth-oauth/src/test/java/org/fcrepo/auth/oauth/integration/api/bind/UrlMappable.java
  30. +92 −0 ...uth-oauth/src/test/java/org/fcrepo/auth/oauth/test/filter/AuthenticatedRequestWrappingFilter.java
  31. +22 −0 fcrepo-auth-oauth/src/test/resources/logback-test.xml
  32. +14 −0 fcrepo-auth-oauth/src/test/resources/spring-test/master.xml
  33. +22 −0 fcrepo-auth-oauth/src/test/resources/spring-test/repo.xml
  34. +19 −0 fcrepo-auth-oauth/src/test/resources/spring-test/rest.xml
  35. +39 −0 fcrepo-auth-oauth/src/test/resources/spring-test/security.xml
  36. +15 −0 fcrepo-auth-oauth/src/test/resources/spring-test/test-container.xml
  37. +16 −0 fcrepo-auth-oauth/src/test/resources/spring-test/transactions.xml
  38. +86 −0 fcrepo-auth-oauth/src/test/resources/web.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE suppressions PUBLIC
+ "-//Puppy Crawl//DTD Suppressions 1.1//EN"
+ "http://www.puppycrawl.com/dtds/suppressions_1_1.dtd">
+<suppressions>
+ <suppress files="[\\/]fcrepo-auth-oauth[\\/]" checks="[a-zA-Z0-9]*"/>
+</suppressions>
View
@@ -0,0 +1,180 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.fcrepo</groupId>
+ <artifactId>fcrepo</artifactId>
+ <version>4.0-SNAPSHOT</version>
+ </parent>
+ <artifactId>fcrepo-auth-oauth</artifactId>
+ <name>${project.artifactId}</name>
+ <description>Fedora OAuth 2.0 module</description>
+ <packaging>bundle</packaging>
+ <properties>
+ <oltu.version>0.31-SNAPSHOT</oltu.version>
+ </properties>
+ <dependencies>
+ <dependency>
+ <artifactId>fcrepo-http-api</artifactId>
+ <groupId>org.fcrepo</groupId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.oltu.oauth2</groupId>
+ <artifactId>org.apache.oltu.oauth2.authzserver</artifactId>
+ <version>${oltu.version}</version>
+ <exclusions>
+ <!-- Dependency convergence: fcrepo-http-api (via jersey-json:1.17.1) depends
+ on jettison:1.1, but org.apache.oltu.oauth2.authzserver depends on jettison:1.2 -->
+ <exclusion>
+ <groupId>org.codehaus.jettison</groupId>
+ <artifactId>jettison</artifactId>
+ </exclusion>
+ <!-- Dependency convergence: fcrepo-http-api (via fcrepo-jcr) depends on
+ commons-codec:1.6, but org.apache.oltu.oauth2.authzserver depends on commons-codec:1.8 -->
+ <exclusion>
+ <groupId>commons-codec</groupId>
+ <artifactId>commons-codec</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.oltu.oauth2</groupId>
+ <artifactId>oltu-oauth2-resourceserver-filter</artifactId>
+ <version>${oltu.version}</version>
+ <exclusions>
+ <!-- Dependency convergence: fcrepo-http-api (via jersey-json:1.17.1)
+ depends on jettison:1.1, but org.apache.oltu.oauth2.authzserver depends on
+ jettison:1.2 -->
+ <exclusion>
+ <groupId>org.codehaus.jettison</groupId>
+ <artifactId>jettison</artifactId>
+ </exclusion>
+ <!-- Dependency convergence: fcrepo-http-api (via fcrepo-jcr) depends
+ on commons-codec:1.6, but org.apache.oltu.oauth2.authzserver depends on commons-codec:1.8 -->
+ <exclusion>
+ <groupId>commons-codec</groupId>
+ <artifactId>commons-codec</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <!-- test gear -->
+ <dependency>
+ <groupId>org.fcrepo</groupId>
+ <artifactId>fcrepo-kernel</artifactId>
+ <version>${project.version}</version>
+ <classifier>tests</classifier>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.fcrepo</groupId>
+ <artifactId>fcrepo-http-commons</artifactId>
+ <version>${project.version}</version>
+ <scope>test</scope>
+ <type>test-jar</type>
+ </dependency>
+ <dependency>
+ <groupId>org.glassfish.grizzly</groupId>
+ <artifactId>grizzly-http-server</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.glassfish.grizzly</groupId>
+ <artifactId>grizzly-http-servlet</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>com.sun.jersey</groupId>
+ <artifactId>jersey-grizzly2</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>javax.mail</groupId>
+ <artifactId>mail</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>com.sun.jersey.contribs</groupId>
+ <artifactId>jersey-spring</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-test</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpclient</artifactId>
+ <exclusions>
+ <!-- Dependency convergence: httpclient:4.2.5 depends on commons-codec:1.6,
+ but org.apache.oltu.oauth2.authzserver depends on commons-codec:1.8 -->
+ <exclusion>
+ <groupId>commons-codec</groupId>
+ <artifactId>commons-codec</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>com.sun.jersey.jersey-test-framework</groupId>
+ <artifactId>jersey-test-framework-grizzly2</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>com.sun.jersey</groupId>
+ <artifactId>jersey-servlet</artifactId>
+ <version>${jersey.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <!-- Playing with ordered loading for tests -->
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>javax.servlet-api</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>javax.annotation</groupId>
+ <artifactId>javax.annotation-api</artifactId>
+ <version>1.2</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.glassfish.jersey.containers</groupId>
+ <artifactId>jersey-container-grizzly2-servlet</artifactId>
+ <version>2.0</version>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>maven-bundle-plugin</artifactId>
+ </plugin>
+ <plugin>
+ <artifactId>maven-checkstyle-plugin</artifactId>
+ <configuration>
+ <consoleOutput>true</consoleOutput>
+ <configLocation>fcrepo-checkstyle/checkstyle.xml</configLocation>
+ <suppressionsLocation>checkstyle-suppressions.xml</suppressionsLocation>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>build-helper-maven-plugin</artifactId>
+ </plugin>
+ </plugins>
+ </build>
+ <repositories>
+ <repository>
+ <id>Apache Snapshots</id>
+ <url>https://repository.apache.org/content/repositories/snapshots/</url>
+ <snapshots>
+ <enabled>true</enabled>
+ </snapshots>
+ </repository>
+ </repositories>
+</project>
@@ -0,0 +1,32 @@
+/**
+ * Copyright 2013 DuraSpace, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.fcrepo.auth.oauth;
+
+public interface Constants {
+
+ public static final String OAUTH_WORKSPACE = "oauth";
+
+ // TODO get namespaced properties to work
+ public static final String CLIENT_PROPERTY = "oauth-client";
+
+ // TODO get namespaced properties to work
+ public static final String PRINCIPAL_PROPERTY = "oauth-principal";
+
+ // TODO get namespaced properties to work
+ public static final String SCOPES_PROPERTY = "oauth-scopes";
+
+ public static final Long EXPIRATION_TIMEOUT = 3600l;
+}
@@ -0,0 +1,73 @@
+/**
+ * Copyright 2013 DuraSpace, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.fcrepo.auth.oauth;
+
+import java.security.Principal;
+
+import org.apache.oltu.oauth2.rsfilter.OAuthClient;
+import org.apache.oltu.oauth2.rsfilter.OAuthDecision;
+
+/**
+ * @author ajs6f
+ * @date Jul 1, 2013
+ */
+public class Decision implements OAuthDecision {
+
+ private OAuthClient oAuthClient;
+
+ private Principal principal;
+
+ private boolean isAuthorized;
+
+ public Decision(final String client, final String principal) {
+ this.oAuthClient = new OAuthClient() {
+
+ @Override
+ public String getClientId() {
+ return client;
+ }
+
+ };
+ this.principal = new Principal() {
+
+ @Override
+ public String getName() {
+ return principal;
+ }
+
+ };
+ }
+
+ @Override
+ public OAuthClient getOAuthClient() {
+ return oAuthClient;
+ }
+
+ @Override
+ public Principal getPrincipal() {
+ return principal;
+ }
+
+ @Override
+ public boolean isAuthorized() {
+ return isAuthorized;
+ }
+
+ public void setAuthorized(final boolean isAuthorized) {
+ this.isAuthorized = isAuthorized;
+ }
+
+}
@@ -0,0 +1,92 @@
+/**
+ * Copyright 2013 DuraSpace, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.fcrepo.auth.oauth;
+
+import static com.google.common.base.Throwables.propagate;
+import static org.fcrepo.auth.oauth.Constants.CLIENT_PROPERTY;
+import static org.fcrepo.auth.oauth.Constants.OAUTH_WORKSPACE;
+import static org.fcrepo.auth.oauth.Constants.PRINCIPAL_PROPERTY;
+import static org.slf4j.LoggerFactory.getLogger;
+
+import javax.jcr.Node;
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
+import org.apache.oltu.oauth2.common.exception.OAuthRuntimeException;
+import org.apache.oltu.oauth2.rsfilter.OAuthDecision;
+import org.apache.oltu.oauth2.rsfilter.OAuthRSProvider;
+import org.fcrepo.session.SessionFactory;
+import org.slf4j.Logger;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+/**
+ * @author ajs6f
+ * @date Jul 1, 2013
+ */
+@Component
+public class DefaultOAuthResourceProvider implements OAuthRSProvider {
+
+ @Autowired
+ private SessionFactory sessionFactory;
+
+ private static final Logger LOGGER =
+ getLogger(DefaultOAuthResourceProvider.class);
+
+ /*
+ * (non-Javadoc)
+ * @see
+ * org.apache.oltu.oauth2.rsfilter.OAuthRSProvider#validateRequest(java.
+ * lang.String, java.lang.String, javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public OAuthDecision validateRequest(final String rsId, final String token,
+ final HttpServletRequest req) throws OAuthProblemException {
+ // first check validity of token
+ try {
+ final Session session = sessionFactory.getSession(OAUTH_WORKSPACE);
+ try {
+ if (!session.itemExists("/tokens/" + token)) {
+ throw new OAuthRuntimeException("Invalid token!");
+ } else {
+ final Node tokenNode = session.getNode("/tokens/" + token);
+ LOGGER.debug("Retrieved token from: {}", tokenNode
+ .getPath());
+ final String client =
+ tokenNode.getProperty(CLIENT_PROPERTY).getString();
+ LOGGER.debug("Retrieved client: {}", client);
+ final String principal =
+ tokenNode.getProperty(PRINCIPAL_PROPERTY)
+ .getString();
+ LOGGER.debug("Retrieved principal: {}", principal);
+ return new Decision(client, principal);
+ }
+ } finally {
+ session.logout();
+ }
+ } catch (final RepositoryException e) {
+ propagate(e);
+ }
+
+ return null;
+ }
+
+ public void setSessionFactory(final SessionFactory sessionFactory) {
+ this.sessionFactory = sessionFactory;
+ }
+}
Oops, something went wrong.

0 comments on commit eea2ad6

Please sign in to comment.