aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHirotaka Matsumoto2014-03-25 06:54:08 (EDT)
committerHirotaka Matsumoto2014-03-25 06:54:08 (EDT)
commitc305fb54ca92028374a3547b63277a18b0102d92 (patch)
tree9d64b273f12bae3dc87362e919e77f1f6dde20ca
parent16574f7dda846cb4a07cbffce383b8ec68bf6003 (diff)
downloadorg.eclipse.lyo.docs-c305fb54ca92028374a3547b63277a18b0102d92.zip
org.eclipse.lyo.docs-c305fb54ca92028374a3547b63277a18b0102d92.tar.gz
org.eclipse.lyo.docs-c305fb54ca92028374a3547b63277a18b0102d92.tar.bz2
Bug 430259 - Integrate the latest OSLC4JBugzilla code to TRS4JBugzillarefs/changes/51/23851/1
Change-Id: Iaa288dbe447ce69c138120cbce8016875253de2a Signed-off-by: Hirotaka Matsumoto <jljlmatu@jp.ibm.com>
-rw-r--r--org.eclipse.lyo.oslc4j.bugzilla.trs/.settings/org.eclipse.jdt.core.prefs21
-rw-r--r--org.eclipse.lyo.oslc4j.bugzilla.trs/pom.xml2
-rw-r--r--org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/BugzillaManager.java6
-rw-r--r--org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/Constants.java3
-rw-r--r--org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/services/BugzillaChangeRequestService.java9
-rw-r--r--org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/servlet/AbstractAdapterCredentialsFilter.java507
-rw-r--r--org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/servlet/BugzillaAdapterCredentialsFilter.java21
-rw-r--r--org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/servlet/BugzillaAdapterCredentialsFilterMT.java2
-rw-r--r--org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/webapp/WEB-INF/web.xml19
9 files changed, 42 insertions, 548 deletions
diff --git a/org.eclipse.lyo.oslc4j.bugzilla.trs/.settings/org.eclipse.jdt.core.prefs b/org.eclipse.lyo.oslc4j.bugzilla.trs/.settings/org.eclipse.jdt.core.prefs
index 3a00b27..107056a 100644
--- a/org.eclipse.lyo.oslc4j.bugzilla.trs/.settings/org.eclipse.jdt.core.prefs
+++ b/org.eclipse.lyo.oslc4j.bugzilla.trs/.settings/org.eclipse.jdt.core.prefs
@@ -1,9 +1,12 @@
-#Tue Apr 03 16:25:04 EDT 2012
-eclipse.preferences.version=1
-org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
-org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.6
-org.eclipse.jdt.core.compiler.compliance=1.6
-org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
-org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
-org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
-org.eclipse.jdt.core.compiler.source=1.6
+eclipse.preferences.version=1
+org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.6
+org.eclipse.jdt.core.compiler.codegen.unusedLocal=preserve
+org.eclipse.jdt.core.compiler.compliance=1.6
+org.eclipse.jdt.core.compiler.debug.lineNumber=generate
+org.eclipse.jdt.core.compiler.debug.localVariable=generate
+org.eclipse.jdt.core.compiler.debug.sourceFile=generate
+org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
+org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
+org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
+org.eclipse.jdt.core.compiler.source=1.6
diff --git a/org.eclipse.lyo.oslc4j.bugzilla.trs/pom.xml b/org.eclipse.lyo.oslc4j.bugzilla.trs/pom.xml
index 136602e..72dbbda 100644
--- a/org.eclipse.lyo.oslc4j.bugzilla.trs/pom.xml
+++ b/org.eclipse.lyo.oslc4j.bugzilla.trs/pom.xml
@@ -49,7 +49,7 @@
<dependency>
<groupId>org.eclipse.lyo.server</groupId>
<artifactId>oauth-core</artifactId>
- <version>2.0.0</version>
+ <version>[2.0.0,)</version>
</dependency>
<dependency>
diff --git a/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/BugzillaManager.java b/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/BugzillaManager.java
index 6f92fb4..f21e982 100644
--- a/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/BugzillaManager.java
+++ b/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/BugzillaManager.java
@@ -1,5 +1,5 @@
/*******************************************************************************
- * Copyright (c) 2011, 2013 IBM Corporation.
+ * Copyright (c) 2011, 2014 IBM Corporation.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
@@ -163,7 +163,7 @@ public class BugzillaManager implements ServletContextListener {
public static BugzillaConnector getBugzillaConnector(HttpServletRequest request)
{
//connector should never be null if CredentialsFilter is doing its job
- BugzillaConnector connector = CredentialsFilter.getConnector(request);
+ BugzillaConnector connector = (BugzillaConnector) request.getSession().getAttribute(CredentialsFilter.CONNECTOR_ATTRIBUTE);
return connector;
}
@@ -331,7 +331,7 @@ public class BugzillaManager implements ServletContextListener {
buffer.append("&order=bug_id");
}
- Credentials credentials = CredentialsFilter.getCredentials(httpServletRequest);
+ Credentials credentials = (Credentials)httpServletRequest.getSession().getAttribute(CredentialsFilter.CREDENTIALS_ATTRIBUTE);
BugzillaHttpClient client = new BugzillaHttpClient(getBugzillaUri(), credentials);
diff --git a/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/Constants.java b/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/Constants.java
index a8c8096..1aa0d88 100644
--- a/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/Constants.java
+++ b/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/Constants.java
@@ -1,5 +1,5 @@
/*******************************************************************************
- * Copyright (c) 2012 IBM Corporation.
+ * Copyright (c) 2012, 2014 IBM Corporation.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
@@ -56,6 +56,7 @@ public interface Constants
public static String USAGE_LIST = CHANGE_MANAGEMENT_NAMESPACE + "list";
public static final String HDR_OSLC_VERSION = "OSLC-Core-Version";
+ public static final String OSLC_VERSION_V2 = "2.0";
public static final String NEXT_PAGE = "org.eclipse.lyo.oslc4j.bugzilla.NextPage";
}
diff --git a/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/services/BugzillaChangeRequestService.java b/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/services/BugzillaChangeRequestService.java
index dafc0bc..cd8e0a2 100644
--- a/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/services/BugzillaChangeRequestService.java
+++ b/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/services/BugzillaChangeRequestService.java
@@ -1,5 +1,5 @@
/*******************************************************************************
- * Copyright (c) 2012, 2013 IBM Corporation.
+ * Copyright (c) 2012, 2014 IBM Corporation.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
@@ -376,7 +376,7 @@ public class BugzillaChangeRequestService
@GET
@Path("{changeRequestId}")
@Produces({OslcMediaType.APPLICATION_RDF_XML, OslcMediaType.APPLICATION_XML, OslcMediaType.APPLICATION_JSON})
- public BugzillaChangeRequest getChangeRequest(@PathParam("productId") final String productId,
+ public Response getChangeRequest(@PathParam("productId") final String productId,
@PathParam("changeRequestId") final String changeRequestId,
@QueryParam("oslc.properties") final String propertiesString,
@QueryParam("oslc.prefix") final String prefix) throws IOException, ServletException, URISyntaxException
@@ -417,8 +417,7 @@ public class BugzillaChangeRequestService
httpServletRequest.setAttribute(OSLC4JConstants.OSLC4J_SELECTED_PROPERTIES,
QueryUtils.invertSelectedProperties(properties));
- httpServletResponse.addHeader(Constants.HDR_OSLC_VERSION,"2.0");
- return changeRequest;
+ return Response.ok(changeRequest).header(Constants.HDR_OSLC_VERSION, Constants.OSLC_VERSION_V2).build();
}
throw new WebApplicationException(Status.NOT_FOUND);
@@ -669,7 +668,7 @@ public class BugzillaChangeRequestService
newChangeRequest.setAbout(about);
setETagHeader(getETagFromChangeRequest(newChangeRequest), httpServletResponse);
- return Response.created(about).entity(changeRequest).build();
+ return Response.created(about).entity(changeRequest).header(Constants.HDR_OSLC_VERSION, Constants.OSLC_VERSION_V2).build();
}
/**
diff --git a/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/servlet/AbstractAdapterCredentialsFilter.java b/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/servlet/AbstractAdapterCredentialsFilter.java
deleted file mode 100644
index 7f8655f..0000000
--- a/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/servlet/AbstractAdapterCredentialsFilter.java
+++ /dev/null
@@ -1,507 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2013 IBM Corporation.
- *
- * All rights reserved. This program and the accompanying materials
- * are made available under the terms of the Eclipse Public License v1.0
- * and Eclipse Distribution License v. 1.0 which accompanies this distribution.
- *
- * The Eclipse Public License is available at http://www.eclipse.org/legal/epl-v10.html
- * and the Eclipse Distribution License is available at
- * http://www.eclipse.org/org/documents/edl-v10.php.
- *
- * * Contributors:
- *
- * Susumu Fukuda - Initial implementation
- *******************************************************************************/
-package org.eclipse.lyo.oslc4j.bugzilla.servlet;
-
-import java.io.IOException;
-import java.net.URISyntaxException;
-
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-import javax.servlet.http.HttpSessionEvent;
-import javax.servlet.http.HttpSessionListener;
-
-import net.oauth.OAuth;
-import net.oauth.OAuthAccessor;
-import net.oauth.OAuthException;
-import net.oauth.OAuthMessage;
-import net.oauth.OAuthProblemException;
-import net.oauth.http.HttpMessage;
-import net.oauth.server.OAuthServlet;
-
-import org.eclipse.lyo.oslc4j.bugzilla.exception.UnauthorizedException;
-import org.eclipse.lyo.server.oauth.core.Application;
-import org.eclipse.lyo.server.oauth.core.AuthenticationException;
-import org.eclipse.lyo.server.oauth.core.OAuthConfiguration;
-import org.eclipse.lyo.server.oauth.core.OAuthRequest;
-import org.eclipse.lyo.server.oauth.core.consumer.ConsumerStore;
-import org.eclipse.lyo.server.oauth.core.consumer.LyoOAuthConsumer;
-import org.eclipse.lyo.server.oauth.core.token.LRUCache;
-import org.eclipse.lyo.server.oauth.core.token.SimpleTokenStrategy;
-
-/**
- * <h3>Overview</h3>
- * Purpose: Provide a JEE Servlet filter base implementation for accepting
- * both HTTP basic and OAuth provider authentication, connecting your tool using the
- * credentials, and managing the connections.
- *
- * <p>With this credentitals filter:<ul>
- * <li>Your Webapp can accepts HTTP Basic authentication
- * <li>Your Webapp can works as an OAuth provider
- * </ul>
- * <p>Once user entered credentials via HTTP Basic auth or OAuth, it
- * is passed to a callback method {@link #getCredentialsFromRequest(HttpServletRequest)}
- * or {@link #getCredentialsForOAuth(String, String)} so that your implementation
- * can build a Credentials object from the given data.
- * And then, next callback method {@link #login(Object, HttpServletRequest)} is invoked for
- * authenticate the credentials and building connection to your back-end tool.
- * Concrete types of the credentials and the connection can be specified as type
- * parameters of this class.
- *
- * <p>While processing a request, the credentials and the connection are available
- * as attributes of the request. Your subsequent process such as {@link HttpServlet#service(ServletRequest, ServletResponse)}
- * can extract and use them for accessing your tool. You can use {@link #getConnector(HttpServletRequest)}
- * and {@link #getCredentials(HttpServletRequest)} to retrieve them from the request.
- *
- * <h3>Usage</h3>
- * <p>You have to subclass this class and give implementations for the following methods:
- * <ul>
- * <li>{@link #login(Object, HttpServletRequest)}
- * <li>{@link #getCredentialsFromRequest(HttpServletRequest)}
- * <li>{@link #getCredentialsForOAuth(String, String)}
- * <li>{@link #isAdminSession(String, Object, HttpServletRequest)}
- * <li>{@link #createConsumerStore()}
- * <li>{@link #logout(Object, HttpSession)} (optional)
- * </ul>
- * Then, add the follwoing filter-mapping to your web.xml:
- * <pre>
- * &lt;filter&gt;
- * &lt;display-name&gt;[YOUR FILTER CLASS NAME (MyFilter)]&lt;/display-name&gt;
- * &lt;filter-name&gt;[YOUR FILTER CLASS NAME (MyFilter)]&lt;/filter-name&gt;
- * &lt;filter-class&gt;[FULLY QUALIFIED YOUR FILTER CLASS NAME (com.example.MyFilter)]&lt;/filter-class&gt;
- * &lt;/filter&gt;
- * &lt;filter-mapping&gt;
- * &lt;filter-name&gt;[YOUR FILTER CLASS NAME (MyFilter)]&lt;/filter-name&gt;
- * &lt;url-pattern&gt;/services/*&lt;/url-pattern&gt;
- * &lt;/filter-mapping&gt;
- * </pre>
- *
- * @param <Connection> Type for connection to your tool
- * @param <Credentials> Type for credentials for your tool. (e.g. UsernamePasswordCredentials)
- */
-abstract public class AbstractAdapterCredentialsFilter<Credentials, Connection> implements Filter {
-
- private static final String ATTRIBUTE_BASE = "org.eclipse.lyo.server.oauth.core.utils.";
- protected static final String CONNECTOR_ATTRIBUTE = ATTRIBUTE_BASE + "Connector";
- protected static final String CREDENTIALS_ATTRIBUTE = ATTRIBUTE_BASE + "Credentials";
- protected static final String ADMIN_SESSION_ATTRIBUTE = ATTRIBUTE_BASE + "AdminSession";
- protected static final String JAZZ_INVALID_EXPIRED_TOKEN_OAUTH_PROBLEM = "invalid_expired_token";
- protected static final String OAUTH_EMPTY_TOKEN_KEY = new String("OAUTH_EMPTY_TOKEN_KEY");
-
- private final LRUCache<String, Connection> keyToConnectorCache = new LRUCache<String, Connection>(200);
-
- final private String displayName;
- final private String realm;
-
- /**
- *
- * @param displayName
- * @param realm
- */
- protected AbstractAdapterCredentialsFilter(String displayName, String realm) {
- this.displayName = displayName;
- this.realm = realm;
- }
-
- /**
- * Extract credentials from the request and return it.
- * @param request {@link HttpServletRequest}
- * @return credentials
- * @throws UnauthorizedException
- */
- abstract protected Credentials getCredentialsFromRequest(HttpServletRequest request) throws UnauthorizedException;
-
- /**
- * Create a Credentials object from given user id and password.
- *
- * <p>For OAuth two-legged request, the <code>id</code> is set to {@link #OAUTH_EMPTY_TOKEN_KEY}
- * object. Implementor can compare the value using <code>==</code> to identify the request.
- * In the request the consumer key is set to the <code>password</code>. So you might find a functional
- * user associated to the consumer key with the value.
- * @param id user id or {@link #OAUTH_EMPTY_TOKEN_KEY}
- * @param password password or OAuth consumer key
- * @return credentials
- */
- abstract protected Credentials getCredentialsForOAuth(String id, String password);
-
- /**
- * Create connection to your tool using the given credentials, and returns the connection.
- * @param crdentials credentials for login
- * @param request {@link HttpServletRequest}
- * @return connection that represents the successful login session
- * @throws UnauthorizedException
- * @throws ServletException
- */
- abstract protected Connection login(Credentials crdentials, HttpServletRequest request) throws UnauthorizedException, ServletException;
-
- /**
- * Logout
- * @param loginSession
- * @param session
- */
- protected void logout(Connection loginSession, HttpSession session) {
- // do nothing by default
- }
-
- /**
- * Tell if this is an admin session. For admin session, Lyo provides user-interface to
- * accept provisional authentication key.
- * @param id
- * @param session
- * @param request
- * @return
- */
- abstract protected boolean isAdminSession(String id, Connection session, HttpServletRequest request);
-
- /**
- * Invoked from this class to create {@link ConsumerStore} for OAuth keys.
- * Typical implementation can be:
- * <pre>return new FileSystemConsumerStore("YourOAuthStore.xml");
- * </pre>
- * @return
- * @throws Exception
- */
- abstract protected ConsumerStore createConsumerStore() throws Exception;
-
- /**
- * get Connector assigned to this request
- *
- * The connector should be placed in the session by the CredentialsFilter servlet filter
- *
- * @param request
- * @return connector
- */
- public static <T> T getConnector(HttpServletRequest request)
- {
- //connector should never be null if CredentialsFilter is doing its job
- @SuppressWarnings("unchecked")
- T connector = (T) request.getAttribute(CONNECTOR_ATTRIBUTE);
- return connector;
- }
-
- /**
- * Get Credentials for this session
- * @param request
- * @return credentials
- */
- public static <T> T getCredentials(HttpServletRequest request)
- {
- @SuppressWarnings("unchecked")
- T credentials = (T) request.getSession().getAttribute(CREDENTIALS_ATTRIBUTE);
- return credentials;
- }
-
- protected String getOAuthRealm() {
- return realm;
- }
- protected String getDisplayName() {
- return displayName;
- }
-
-
- @Override
- public void destroy() {
-
- }
-
- /**
- * Check for OAuth or BasicAuth credentials and challenge if not found.
- *
- * Store the Connector in the HttpSession for retrieval in the REST services.
- */
- @SuppressWarnings("unchecked")
- @Override
- public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
- FilterChain chain) throws IOException, ServletException {
-
- if(servletRequest instanceof HttpServletRequest && servletResponse instanceof HttpServletResponse) {
- HttpServletRequest request = (HttpServletRequest) servletRequest;
- HttpServletResponse response = (HttpServletResponse) servletResponse;
-
- boolean isTwoLeggedOAuthRequest = false;
- String twoLeggedOAuthConsumerKey = null;
-
- //Don't protect requests to oauth service. TODO: possibly do this in web.xml
- if (! request.getPathInfo().startsWith("/oauth"))
- {
-
- // First check if this is an OAuth request.
- try {
- try {
- OAuthMessage message = OAuthServlet.getMessage(request, null);
- // test if this is a valid two-legged oauth request
- if ("".equals(message.getToken())) {
- validateTwoLeggedOAuthMessage(message);
- isTwoLeggedOAuthRequest = true;
- twoLeggedOAuthConsumerKey = message.getConsumerKey();
- }
-
- if (!isTwoLeggedOAuthRequest && message.getToken() != null) {
- OAuthRequest oAuthRequest = new OAuthRequest(request);
- oAuthRequest.validate();
- Connection connector = keyToConnectorCache.get(message.getToken());
- if (connector == null) {
- throw new OAuthProblemException(
- OAuth.Problems.TOKEN_REJECTED);
- }
-
- request.getSession().setAttribute(CONNECTOR_ATTRIBUTE, connector);
- }
- } catch (OAuthProblemException e) {
- if (OAuth.Problems.TOKEN_REJECTED.equals(e.getProblem()))
- throwInvalidExpiredException(e);
- else
- throw e;
- }
- } catch (OAuthException e) {
- OAuthServlet.handleException(response, e, getOAuthRealm());
- return;
- } catch (URISyntaxException e) {
- throw new ServletException(e);
- }
-
- // This is not an OAuth request. Check for basic access authentication.
- HttpSession session = request.getSession();
- Connection connector = (Connection) session.getAttribute(CONNECTOR_ATTRIBUTE);
- if (connector == null) {
- try {
- Credentials credentials;
- if (isTwoLeggedOAuthRequest) {
- connector = keyToConnectorCache.get("");
- if (connector == null) {
- credentials = getCredentialsForOAuth(OAUTH_EMPTY_TOKEN_KEY, twoLeggedOAuthConsumerKey);
- connector = login(credentials, request);
- keyToConnectorCache.put("", connector);
- }
- credentials = null; // TODO; Do we need to keep the credentials for this path ??
- } else {
- credentials = (Credentials) request.getSession().getAttribute(CREDENTIALS_ATTRIBUTE);
- if (credentials == null)
- {
- credentials = getCredentialsFromRequest(request);
- if (credentials == null) {
- throw new UnauthorizedException();
- }
- }
- connector = login(credentials, request);
- }
- session.setAttribute(CONNECTOR_ATTRIBUTE, connector);
- session.setAttribute(CREDENTIALS_ATTRIBUTE, credentials);
-
- } catch (UnauthorizedException e)
- {
- sendUnauthorizedResponse(response, e);
- System.err.println(e.getMessage());
- return;
- } catch (ServletException ce)
- {
- throw ce;
- }
- }
-
- if (connector != null) {
- doChainDoFilterWithConnector(request, response, chain, connector);
- return;
- }
-
- }
- }
-
- chain.doFilter(servletRequest, servletResponse);
- }
-
- /**
- * The default implementation is:
- * <pre>
- * request.setAttribute(CONNECTOR_ATTRIBUTE, connector);
- * chain.doFilter(request, response);</pre>
- *
- * Subclass may invoke the <code>chain.doFilter()</code> directly instead of invoking super method.
- *
- * @param request {@link HttpServletRequest}
- * @param response {@link HttpServletResponse}
- * @param chain {@link FilterChain}
- * @param sessionConnector {@link Connector} to be used for processing rest of the chain (i.e. REST request)
- * @throws IOException
- * @throws ServletException
- */
- protected void doChainDoFilterWithConnector(HttpServletRequest request,
- HttpServletResponse response, FilterChain chain, Connection connector) throws IOException, ServletException {
- request.setAttribute(CONNECTOR_ATTRIBUTE, connector);
- chain.doFilter(request, response);
- }
-
- private void validateTwoLeggedOAuthMessage(OAuthMessage message)
- throws IOException, OAuthException,
- URISyntaxException {
- OAuthConfiguration config = OAuthConfiguration.getInstance();
- LyoOAuthConsumer consumer = config.getConsumerStore().getConsumer(message.getConsumerKey());
- if (consumer != null && consumer.isTrusted()) {
- // The request can be a two-legged oauth request because it's a trusted consumer
- // Validate the message with an empty token and an empty secret
- OAuthAccessor accessor = new OAuthAccessor(consumer);
- accessor.requestToken = "";
- accessor.tokenSecret = "";
- config.getValidator().validateMessage(message, accessor);
- } else {
- throw new OAuthProblemException(
- OAuth.Problems.TOKEN_REJECTED);
- }
- }
-
- private HttpSessionListener listener = new HttpSessionListener() {
- @Override
- public void sessionDestroyed(HttpSessionEvent se) {
- HttpSession session = se.getSession();
- @SuppressWarnings("unchecked")
- Connection loginSession = (Connection) session.getAttribute(CONNECTOR_ATTRIBUTE);
- logout(loginSession, session);
- }
-
- @Override
- public void sessionCreated(HttpSessionEvent se) {
- // nothing
- }
- };
-
- @Override
- public void init(FilterConfig arg0) throws ServletException {
- OAuthConfiguration config = OAuthConfiguration.getInstance();
-
- // Add session listener
- arg0.getServletContext().addListener(listener);
-
- // Validates a user's ID and password.
- config.setApplication(new Application() {
- @Override
- public void login(HttpServletRequest request, String id,
- String password) throws AuthenticationException {
- try {
- Credentials creds = getCredentialsForOAuth(id, password);
- request.getSession().setAttribute(CREDENTIALS_ATTRIBUTE, creds);
-
- Connection bc = AbstractAdapterCredentialsFilter.this.login(creds, request);
- request.setAttribute(CONNECTOR_ATTRIBUTE, bc);
-
- boolean isAdmin = AbstractAdapterCredentialsFilter.this.isAdminSession(id, bc, request);
- request.getSession().setAttribute(ADMIN_SESSION_ATTRIBUTE, isAdmin);
- } catch (Exception e) {
- throw new AuthenticationException(e.getCause().getMessage(), e);
- }
- }
-
- @Override
- public String getName() {
- // Display name for this application.
- return getDisplayName();
- }
-
- @Override
- public boolean isAdminSession(HttpServletRequest request) {
- return Boolean.TRUE.equals(request.getSession().getAttribute(
- ADMIN_SESSION_ATTRIBUTE));
- }
-
- @Override
- public String getRealm(HttpServletRequest request) {
- return getOAuthRealm();
- }
-
- @Override
- public boolean isAuthenticated(HttpServletRequest request) {
- @SuppressWarnings("unchecked")
- Connection connector = (Connection) request.getSession().getAttribute(CONNECTOR_ATTRIBUTE);
- if (connector == null) {
- return false;
- }
- request.setAttribute(CONNECTOR_ATTRIBUTE, connector);
- return true;
- }
- });
-
- /*
- * Override some SimpleTokenStrategy methods so that we can keep the
- * Connector associated with the OAuth tokens.
- */
- config.setTokenStrategy(new SimpleTokenStrategy() {
- @SuppressWarnings("unchecked")
- @Override
- public void markRequestTokenAuthorized(
- HttpServletRequest httpRequest, String requestToken)
- throws OAuthProblemException {
- keyToConnectorCache.put(requestToken,
- (Connection) httpRequest.getAttribute(CONNECTOR_ATTRIBUTE));
- super.markRequestTokenAuthorized(httpRequest, requestToken);
- }
-
- @Override
- public void generateAccessToken(OAuthRequest oAuthRequest)
- throws OAuthProblemException, IOException {
- String requestToken = oAuthRequest.getMessage().getToken();
- Connection bc = keyToConnectorCache.remove(requestToken);
- super.generateAccessToken(oAuthRequest);
- keyToConnectorCache.put(oAuthRequest.getAccessor().accessToken, bc);
- }
- });
-
- try {
- // For now, hard-code the consumers.
- config.setConsumerStore(createConsumerStore());
- } catch (Throwable t) {
- System.err.println("Error initializing the OAuth consumer store: " + t.getMessage());
- }
- }
-
- /**
- * Jazz requires a exception with the magic string "invalid_expired_token" to restart
- * OAuth authentication
- * @param e
- * @return
- * @throws OAuthProblemException
- */
- private void throwInvalidExpiredException(OAuthProblemException e) throws OAuthProblemException {
- OAuthProblemException ope = new OAuthProblemException(JAZZ_INVALID_EXPIRED_TOKEN_OAUTH_PROBLEM);
- ope.setParameter(HttpMessage.STATUS_CODE, new Integer(
- HttpServletResponse.SC_UNAUTHORIZED));
- throw ope;
- }
-
- private void sendUnauthorizedResponse(HttpServletResponse response,
- UnauthorizedException e) throws IOException, ServletException {
- // Accept basic access or OAuth authentication.
- final String WWW_AUTHENTICATE_HEADER = "WWW-Authenticate";
- final String BASIC_AUTHORIZATION_PREFIX = "Basic ";
- final String BASIC_AUTHENTICATION_CHALLENGE = BASIC_AUTHORIZATION_PREFIX
- + "realm=\"" + getOAuthRealm() + "\"";
- final String OAUTH_AUTHORIZATION_PREFIX = "OAuth ";
- final String OAUTH_AUTHENTICATION_CHALLENGE = OAUTH_AUTHORIZATION_PREFIX
- + "realm=\"" + getOAuthRealm() + "\"";
-
- response.addHeader(WWW_AUTHENTICATE_HEADER,
- OAUTH_AUTHENTICATION_CHALLENGE);
- response.addHeader(WWW_AUTHENTICATE_HEADER,
- BASIC_AUTHENTICATION_CHALLENGE);
- response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
- }
-
-}
diff --git a/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/servlet/BugzillaAdapterCredentialsFilter.java b/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/servlet/BugzillaAdapterCredentialsFilter.java
index 86ac1b4..c9ae045 100644
--- a/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/servlet/BugzillaAdapterCredentialsFilter.java
+++ b/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/servlet/BugzillaAdapterCredentialsFilter.java
@@ -1,5 +1,5 @@
/*******************************************************************************
- * Copyright (c) 2012, 2013 IBM Corporation.
+ * Copyright (c) 2012, 2014 IBM Corporation.
*
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
@@ -30,6 +30,7 @@ import org.eclipse.lyo.oslc4j.bugzilla.exception.UnauthorizedException;
import org.eclipse.lyo.oslc4j.bugzilla.utils.HttpUtils;
import org.eclipse.lyo.server.oauth.consumerstore.FileSystemConsumerStore;
import org.eclipse.lyo.server.oauth.core.consumer.ConsumerStore;
+import org.eclipse.lyo.server.oauth.core.utils.AbstractAdapterCredentialsFilter;
import com.j2bugzilla.base.BugzillaConnector;
import com.j2bugzilla.base.BugzillaException;
@@ -67,17 +68,21 @@ public class BugzillaAdapterCredentialsFilter
}
@Override
- protected Credentials getCredentialsFromRequest(HttpServletRequest request) throws UnauthorizedException {
- Credentials credentials = HttpUtils.getCredentials(request);
- if (credentials == null) {
- throw new UnauthorizedException();
+ protected Credentials getCredentialsFromRequest(HttpServletRequest request) throws org.eclipse.lyo.server.oauth.core.utils.UnauthorizedException {
+ try {
+ Credentials credentials = HttpUtils.getCredentials(request);
+ if (credentials == null) {
+ throw new org.eclipse.lyo.server.oauth.core.utils.UnauthorizedException();
+ }
+ return credentials;
+ } catch (org.eclipse.lyo.oslc4j.bugzilla.exception.UnauthorizedException e) {
+ throw new org.eclipse.lyo.server.oauth.core.utils.UnauthorizedException(e);
}
- return credentials;
}
@Override
protected BugzillaConnector login(Credentials creds, HttpServletRequest request)
- throws UnauthorizedException, ServletException
+ throws org.eclipse.lyo.server.oauth.core.utils.UnauthorizedException, ServletException
{
BugzillaConnector bc = new BugzillaConnector();
try {
@@ -91,7 +96,7 @@ public class BugzillaAdapterCredentialsFilter
bc.executeMethod(login);
} catch (BugzillaException e) {
e.printStackTrace();
- throw new UnauthorizedException(e.getCause().getMessage());
+ throw new org.eclipse.lyo.server.oauth.core.utils.UnauthorizedException(e.getCause().getMessage());
}
return bc;
}
diff --git a/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/servlet/BugzillaAdapterCredentialsFilterMT.java b/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/servlet/BugzillaAdapterCredentialsFilterMT.java
index 389efe5..44f5660 100644
--- a/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/servlet/BugzillaAdapterCredentialsFilterMT.java
+++ b/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/java/org/eclipse/lyo/oslc4j/bugzilla/servlet/BugzillaAdapterCredentialsFilterMT.java
@@ -28,7 +28,7 @@ import javax.servlet.http.HttpServletResponse;
import org.eclipse.lyo.oslc4j.bugzilla.BugzillaManager;
import org.eclipse.lyo.oslc4j.bugzilla.Credentials;
-import org.eclipse.lyo.oslc4j.bugzilla.exception.UnauthorizedException;
+import org.eclipse.lyo.server.oauth.core.utils.UnauthorizedException;
import com.j2bugzilla.base.BugzillaConnector;
import com.j2bugzilla.base.BugzillaException;
diff --git a/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/webapp/WEB-INF/web.xml b/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/webapp/WEB-INF/web.xml
index af90358..e56b90c 100644
--- a/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/webapp/WEB-INF/web.xml
+++ b/org.eclipse.lyo.oslc4j.bugzilla.trs/src/main/webapp/WEB-INF/web.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
- Copyright (c) 2012 IBM Corporation.
+ Copyright (c) 2012, 2014 IBM Corporation.
All rights reserved. This program and the accompanying materials
are made available under the terms of the Eclipse Public License v1.0
@@ -14,7 +14,11 @@
IBM Corporation - initial API and implementation
-->
-<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
+<web-app xmlns="http://java.sun.com/xml/ns/javaee"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
+ http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+ version="3.0">
<display-name>OSLC4JBugzillaAdapter</display-name>
<context-param>
<description>Scheme used for URI when registering ServiceProvider. Can be overridden by System property of the same name.</description>
@@ -29,17 +33,6 @@
<listener>
<listener-class>org.eclipse.lyo.oslc4j.bugzilla.BugzillaManager</listener-class>
</listener>
- <!--
- <servlet>
- <servlet-name>JAX-RS Servlet</servlet-name>
- <servlet-class>org.apache.wink.server.internal.servlet.RestServlet</servlet-class>
- <init-param>
- <param-name>applicationConfigLocation</param-name>
- <param-value>/WEB-INF/classes/org/eclipse/lyo/oslc4j/bugzilla/services/providers;/WEB-INF/classes/org/eclipse/lyo/oslc4j/bugzilla/services/resources;</param-value>
- </init-param>
- <load-on-startup>1</load-on-startup>
- </servlet>
- -->
<servlet>
<servlet-name>JAX-RS Servlet</servlet-name>
<servlet-class>org.apache.wink.server.internal.servlet.RestServlet</servlet-class>