Skip to main content
summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRoberto E. Escobar2014-08-08 22:20:11 +0000
committerRoberto E. Escobar2014-09-29 22:55:18 +0000
commitae55c5a19aa0c72da73ac22756a9df75228528d9 (patch)
treebbaa75ff994581e93f9792033de815d2f029503b
parent37254d2d90b25e35458ebdb493fe148c138ad924 (diff)
downloadorg.eclipse.osee-ae55c5a19aa0c72da73ac22756a9df75228528d9.tar.gz
org.eclipse.osee-ae55c5a19aa0c72da73ac22756a9df75228528d9.tar.xz
org.eclipse.osee-ae55c5a19aa0c72da73ac22756a9df75228528d9.zip
feature[ats_ATS64254]: Remove Subject interface and cleanup SubjectProvider
-rw-r--r--plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/OAuthUtil.java36
-rw-r--r--plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/OAuth2RequestFilter.java22
-rw-r--r--plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/SubjectProvider.java1
-rw-r--r--plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/adapters/SubjectProviderImpl.java21
-rw-r--r--plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/security/JaxRsAuthenticator.java21
-rw-r--r--plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/security/JaxRsOAuthResourceServerFilter.java12
-rw-r--r--plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/security/JaxRsSessionProvider.java4
7 files changed, 48 insertions, 69 deletions
diff --git a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/OAuthUtil.java b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/OAuthUtil.java
index 7b360b2d2c4..253e82a5a30 100644
--- a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/OAuthUtil.java
+++ b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/OAuthUtil.java
@@ -28,6 +28,7 @@ import org.apache.cxf.common.util.Base64Utility;
import org.apache.cxf.jaxrs.impl.HttpHeadersImpl;
import org.apache.cxf.jaxrs.utils.HttpUtils;
import org.apache.cxf.message.Message;
+import org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation;
import org.apache.cxf.rs.security.oauth2.common.UserSubject;
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
import org.apache.cxf.rs.security.oauth2.utils.AuthorizationUtils;
@@ -38,7 +39,6 @@ import org.eclipse.osee.framework.jdk.core.type.BaseIdentity;
import org.eclipse.osee.framework.jdk.core.type.OseePrincipal;
import org.eclipse.osee.framework.jdk.core.util.Strings;
import org.eclipse.osee.jaxrs.server.internal.JaxRsUtils;
-import org.eclipse.osee.jaxrs.server.security.JaxRsAuthenticator.Subject;
/**
* @author Roberto E. Escobar
@@ -125,8 +125,25 @@ public final class OAuthUtil {
}
}
+ public static SecurityContext getSecurityContext(AccessTokenValidation accessTokenV, boolean useUserSubject) {
+ UserSubject resourceOwnerSubject = accessTokenV.getTokenSubject();
+ UserSubject clientSubject = accessTokenV.getClientSubject();
+
+ UserSubject subject;
+ if (resourceOwnerSubject != null || useUserSubject) {
+ subject = resourceOwnerSubject;
+ } else {
+ subject = clientSubject;
+ }
+ return OAuthUtil.newSecurityContext(subject);
+ }
+
public static SecurityContext newSecurityContext(UserSubject subject) {
final OseePrincipal principal = newOseePrincipal(subject);
+ return newSecurityContext(principal);
+ }
+
+ public static SecurityContext newSecurityContext(final OseePrincipal principal) {
return new SecurityContext() {
@Override
public boolean isUserInRole(String role) {
@@ -144,19 +161,19 @@ public final class OAuthUtil {
};
}
- public static final String SUBJECT_USERNAME = "username";
- public static final String SUBJECT_DISPLAY_NAME = "display.name";
- public static final String SUBJECT_EMAIL = "email";
- public static final String SUBJECT_IS_ACTIVE = "is.active";
- public static final String SUBJECT_IS_AUTHENTICATED = "is.authenticated";
+ private static final String SUBJECT_USERNAME = "username";
+ private static final String SUBJECT_DISPLAY_NAME = "display.name";
+ private static final String SUBJECT_EMAIL = "email";
+ private static final String SUBJECT_IS_ACTIVE = "is.active";
+ private static final String SUBJECT_IS_AUTHENTICATED = "is.authenticated";
- public static UserSubject newUserSubject(Subject subject) {
+ public static UserSubject newUserSubject(OseePrincipal subject) {
List<String> roles = new ArrayList<String>();
for (String role : subject.getRoles()) {
roles.add(role);
}
UserSubject data = new UserSubject();
- data.setId(String.valueOf(subject.getId()));
+ data.setId(String.valueOf(subject.getGuid()));
data.setLogin(subject.getUserName());
data.setRoles(roles);
@@ -166,7 +183,6 @@ public final class OAuthUtil {
properties.put(SUBJECT_EMAIL, subject.getEmailAddress());
properties.put(SUBJECT_IS_ACTIVE, Boolean.toString(subject.isActive()));
properties.put(SUBJECT_IS_AUTHENTICATED, Boolean.toString(subject.isAuthenticated()));
-
data.setProperties(properties);
return data;
}
@@ -185,7 +201,7 @@ public final class OAuthUtil {
return getProperty(subject.getProperties(), SUBJECT_DISPLAY_NAME, subject.getLogin());
}
- public static String getProperty(Map<String, String> props, String key, String defaultValue) {
+ private static String getProperty(Map<String, String> props, String key, String defaultValue) {
String toReturn = props.get(key);
if (toReturn == null) {
toReturn = defaultValue;
diff --git a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/OAuth2RequestFilter.java b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/OAuth2RequestFilter.java
index 5a89bfa6d57..d0811da810e 100644
--- a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/OAuth2RequestFilter.java
+++ b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/OAuth2RequestFilter.java
@@ -23,7 +23,6 @@ import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.jaxrs.utils.JAXRSUtils;
import org.apache.cxf.message.Message;
import org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation;
-import org.apache.cxf.rs.security.oauth2.common.UserSubject;
import org.apache.cxf.rs.security.oauth2.filters.OAuthRequestFilter;
import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
import org.apache.cxf.security.SecurityContext;
@@ -44,16 +43,16 @@ import org.eclipse.osee.logger.Log;
public class OAuth2RequestFilter extends OAuthRequestFilter {
private final Log logger;
- private final SubjectProvider sessionProvider;
+ private final SubjectProvider subjectProvider;
private volatile boolean useUserSubject;
private volatile URI redirectURI;
private volatile boolean ignoreBasePath;
- public OAuth2RequestFilter(Log logger, SubjectProvider sessionProvider) {
+ public OAuth2RequestFilter(Log logger, SubjectProvider subjectProvider) {
super();
this.logger = logger;
- this.sessionProvider = sessionProvider;
+ this.subjectProvider = subjectProvider;
}
@Override
@@ -92,7 +91,7 @@ public class OAuth2RequestFilter extends OAuthRequestFilter {
Message msg = JAXRSUtils.getCurrentMessage();
MessageContext mc = getMessageContext();
- SecurityContext sc = sessionProvider.getSecurityContextFromSession(mc);
+ SecurityContext sc = subjectProvider.getSecurityContextFromSession(mc);
if (sc == null) {
String authorizationHeader = context.getHeaderString(HttpHeaders.AUTHORIZATION);
@@ -128,20 +127,11 @@ public class OAuth2RequestFilter extends OAuthRequestFilter {
String[] basicAuthParts = OAuthUtil.decodeCredentials(header);
String username = basicAuthParts[0];
String password = basicAuthParts[1];
- sessionProvider.authenticate(mc, OAuthConstants.BASIC_SCHEME, username, password);
+ subjectProvider.authenticate(mc, OAuthConstants.BASIC_SCHEME, username, password);
}
@Override
protected SecurityContext createSecurityContext(HttpServletRequest request, AccessTokenValidation accessTokenV) {
- UserSubject resourceOwnerSubject = accessTokenV.getTokenSubject();
- UserSubject clientSubject = accessTokenV.getClientSubject();
-
- UserSubject subject;
- if (resourceOwnerSubject != null || useUserSubject) {
- subject = resourceOwnerSubject;
- } else {
- subject = clientSubject;
- }
- return OAuthUtil.newSecurityContext(subject);
+ return OAuthUtil.getSecurityContext(accessTokenV, useUserSubject);
}
} \ No newline at end of file
diff --git a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/SubjectProvider.java b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/SubjectProvider.java
index 51aa63bc139..eb121eab4c4 100644
--- a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/SubjectProvider.java
+++ b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/SubjectProvider.java
@@ -30,4 +30,5 @@ public interface SubjectProvider extends SessionAuthenticityTokenProvider, Subje
SecurityContext getSecurityContextFromSession(MessageContext mc);
UserSubject getSubjectById(long subjectId);
+
} \ No newline at end of file
diff --git a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/adapters/SubjectProviderImpl.java b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/adapters/SubjectProviderImpl.java
index b5fc34348e0..f4c1b06413b 100644
--- a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/adapters/SubjectProviderImpl.java
+++ b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/adapters/SubjectProviderImpl.java
@@ -20,11 +20,11 @@ import org.apache.cxf.rs.security.oauth2.common.UserSubject;
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
import org.apache.cxf.security.SecurityContext;
+import org.eclipse.osee.framework.jdk.core.type.OseePrincipal;
import org.eclipse.osee.framework.jdk.core.util.Strings;
import org.eclipse.osee.jaxrs.server.internal.security.oauth2.OAuthUtil;
import org.eclipse.osee.jaxrs.server.internal.security.oauth2.provider.SubjectProvider;
import org.eclipse.osee.jaxrs.server.security.JaxRsAuthenticator;
-import org.eclipse.osee.jaxrs.server.security.JaxRsAuthenticator.Subject;
import org.eclipse.osee.jaxrs.server.security.JaxRsSessionProvider;
import org.eclipse.osee.logger.Log;
@@ -135,9 +135,8 @@ public class SubjectProviderImpl implements SubjectProvider {
@Override
public void authenticate(MessageContext mc, String scheme, String username, String password) {
- UserSubject subject = authenticate(scheme, username, password);
- SecurityContext securityContext = OAuthUtil.newSecurityContext(subject);
-
+ OseePrincipal principal = authenticate(scheme, username, password);
+ SecurityContext securityContext = OAuthUtil.newSecurityContext(principal);
if (sessionDelegate != null) {
// Add security context resolution through session delegate
} else {
@@ -149,14 +148,13 @@ public class SubjectProviderImpl implements SubjectProvider {
@Override
public UserSubject createSubject(String username, String password) {
- return authenticate(OAuthConstants.BASIC_SCHEME, username, password);
+ OseePrincipal principal = authenticate(OAuthConstants.BASIC_SCHEME, username, password);
+ return OAuthUtil.newUserSubject(principal);
}
- private UserSubject authenticate(String scheme, String username, String password) {
+ private OseePrincipal authenticate(String scheme, String username, String password) {
logger.debug("Authenticate - scheme[%s] username[%s]", scheme, username);
-
- Subject user = authenticator.authenticate(scheme, username, password);
- return OAuthUtil.newUserSubject(user);
+ return authenticator.authenticate(scheme, username, password);
}
private SecurityContext getSecurityContext(MessageContext mc) {
@@ -191,10 +189,11 @@ public class SubjectProviderImpl implements SubjectProvider {
long subjectId2 = getSubjectId(subject);
if (subjectId2 != subjectId) {
if (sessionDelegate != null) {
- Subject user = sessionDelegate.getSubjectById(subjectId);
- subject = OAuthUtil.newUserSubject(user);
+ OseePrincipal principal = sessionDelegate.getSubjectById(subjectId);
+ subject = OAuthUtil.newUserSubject(principal);
}
}
return subject;
}
+
} \ No newline at end of file
diff --git a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/security/JaxRsAuthenticator.java b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/security/JaxRsAuthenticator.java
index ef961a67763..7f3d80defcb 100644
--- a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/security/JaxRsAuthenticator.java
+++ b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/security/JaxRsAuthenticator.java
@@ -10,30 +10,13 @@
*******************************************************************************/
package org.eclipse.osee.jaxrs.server.security;
+import org.eclipse.osee.framework.jdk.core.type.OseePrincipal;
/**
* @author Roberto E. Escobar
*/
public interface JaxRsAuthenticator {
- public interface Subject {
-
- long getId();
-
- String getDisplayName();
-
- String getUserName();
-
- String getEmailAddress();
-
- boolean isActive();
-
- Iterable<String> getRoles();
-
- boolean isAuthenticated();
-
- }
-
- Subject authenticate(String scheme, String username, String password);
+ OseePrincipal authenticate(String scheme, String username, String password);
} \ No newline at end of file
diff --git a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/security/JaxRsOAuthResourceServerFilter.java b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/security/JaxRsOAuthResourceServerFilter.java
index b4d147a428a..95feba8dcd3 100644
--- a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/security/JaxRsOAuthResourceServerFilter.java
+++ b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/security/JaxRsOAuthResourceServerFilter.java
@@ -22,7 +22,6 @@ import javax.ws.rs.core.Form;
import javax.ws.rs.ext.Provider;
import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.rs.security.oauth2.common.AccessTokenValidation;
-import org.apache.cxf.rs.security.oauth2.common.UserSubject;
import org.apache.cxf.rs.security.oauth2.filters.OAuthRequestFilter;
import org.apache.cxf.rs.security.oauth2.provider.AccessTokenValidator;
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
@@ -177,16 +176,7 @@ public class JaxRsOAuthResourceServerFilter implements ContainerRequestFilter {
@Override
protected SecurityContext createSecurityContext(HttpServletRequest request, AccessTokenValidation accessTokenV) {
- UserSubject resourceOwnerSubject = accessTokenV.getTokenSubject();
- UserSubject clientSubject = accessTokenV.getClientSubject();
-
- UserSubject subject;
- if (resourceOwnerSubject != null || useUserSubject) {
- subject = resourceOwnerSubject;
- } else {
- subject = clientSubject;
- }
- return OAuthUtil.newSecurityContext(subject);
+ return OAuthUtil.getSecurityContext(accessTokenV, useUserSubject);
}
}
diff --git a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/security/JaxRsSessionProvider.java b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/security/JaxRsSessionProvider.java
index 43af6a4fd90..09c49771759 100644
--- a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/security/JaxRsSessionProvider.java
+++ b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/security/JaxRsSessionProvider.java
@@ -10,7 +10,7 @@
*******************************************************************************/
package org.eclipse.osee.jaxrs.server.security;
-import org.eclipse.osee.jaxrs.server.security.JaxRsAuthenticator.Subject;
+import org.eclipse.osee.framework.jdk.core.type.OseePrincipal;
/**
* @author Roberto E. Escobar
@@ -23,6 +23,6 @@ public interface JaxRsSessionProvider {
String getSessionToken(Long subjectId);
- Subject getSubjectById(Long subjectId);
+ OseePrincipal getSubjectById(Long subjectId);
} \ No newline at end of file

Back to the top