diff options
author | Angel Avila | 2015-04-29 01:57:18 +0000 |
---|---|---|
committer | jmisinco | 2015-04-29 01:57:18 +0000 |
commit | 4ca21719d44791d7ca25cf665c00cb69bbb34a74 (patch) | |
tree | 198f0751c2b6809dc97dcc62e9cf9773c74185e9 /plugins/org.eclipse.osee.jaxrs.server | |
parent | 156763e5f94e4167040f7c172ffa3ea057c7c88e (diff) | |
download | org.eclipse.osee-4ca21719d44791d7ca25cf665c00cb69bbb34a74.tar.gz org.eclipse.osee-4ca21719d44791d7ca25cf665c00cb69bbb34a74.tar.xz org.eclipse.osee-4ca21719d44791d7ca25cf665c00cb69bbb34a74.zip |
feature[ats_ATS192531]: Enable OAuth for Coverage
Change-Id: Ibdef0dca7bd243dc794fffef18a239737890f3d4
Diffstat (limited to 'plugins/org.eclipse.osee.jaxrs.server')
4 files changed, 31 insertions, 9 deletions
diff --git a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/OAuthUtil.java b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/OAuthUtil.java index 7fdaf001b85..f60f8d9aaa5 100644 --- a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/OAuthUtil.java +++ b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/OAuthUtil.java @@ -177,7 +177,12 @@ public final class OAuthUtil { Map<String, String> properties = new HashMap<String, String>(); properties.put(SUBJECT_USERNAME, subject.getUserName()); - properties.put(SUBJECT_DISPLAY_NAME, subject.getDisplayName()); + String displayName = subject.getDisplayName(); + if (displayName.contains(",")) { + String[] names = displayName.split(","); + displayName = String.format("%s %s", names[1].trim(), names[0].trim()); + } + properties.put(SUBJECT_DISPLAY_NAME, displayName); properties.put(SUBJECT_EMAIL, subject.getEmailAddress()); properties.put(SUBJECT_IS_ACTIVE, Boolean.toString(subject.isActive())); properties.put(SUBJECT_IS_AUTHENTICATED, Boolean.toString(subject.isAuthenticated())); diff --git a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/OAuth2DataProvider.java b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/OAuth2DataProvider.java index 95724a16941..3c836068176 100644 --- a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/OAuth2DataProvider.java +++ b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/OAuth2DataProvider.java @@ -314,11 +314,6 @@ public class OAuth2DataProvider implements AuthorizationCodeDataProvider { if (!isExpired && entry.getGrantType().equals(grantType)) { token = serializer.decryptAccessToken(this, entry.getTokenKey(), getSecretKey()); } - - boolean isRolesOutdated = isRolesOutdated(subject, token); - if (isRolesOutdated) { - revokeAllTokens(client, subjectId, grantType); - } break; } break; @@ -327,6 +322,15 @@ public class OAuth2DataProvider implements AuthorizationCodeDataProvider { break; } } + + if (token != null) { + boolean isRolesOutdated = isRolesOutdated(subject, token); + if (isRolesOutdated) { + revokeAllTokens(client, subjectId, grantType); + token = null; + } + } + return token; } diff --git a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/OAuth2RequestFilter.java b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/OAuth2RequestFilter.java index c8c83305abc..c451038ca14 100644 --- a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/OAuth2RequestFilter.java +++ b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/OAuth2RequestFilter.java @@ -17,6 +17,7 @@ import javax.ws.rs.container.ContainerRequestContext; import javax.ws.rs.container.PreMatching; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.Response; +import javax.ws.rs.core.UriInfo; import org.apache.cxf.jaxrs.ext.MessageContext; import org.apache.cxf.jaxrs.utils.JAXRSUtils; import org.apache.cxf.message.Message; @@ -85,7 +86,9 @@ public class OAuth2RequestFilter extends OAuthRequestFilter { @Override public void filter(ContainerRequestContext context) { boolean isSecurePath = isPathSecure(context); - if (isSecurePath) { + UriInfo uriInfo = context.getUriInfo(); + String path = uriInfo.getAbsolutePath().getPath(); + if (isSecurePath && (path.contains("dispo") || path.contains("oauth2")) || path.contains("accounts/self")) { if (isResourceOwnerRequest(context)) { handleResourceOwnerRequest(context); } else { diff --git a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/OseeAuthorizingFilter.java b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/OseeAuthorizingFilter.java index 35aed4eb494..b365cd18211 100644 --- a/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/OseeAuthorizingFilter.java +++ b/plugins/org.eclipse.osee.jaxrs.server/src/org/eclipse/osee/jaxrs/server/internal/security/oauth2/provider/OseeAuthorizingFilter.java @@ -10,12 +10,15 @@ *******************************************************************************/ package org.eclipse.osee.jaxrs.server.internal.security.oauth2.provider; +import java.util.List; +import java.util.TreeMap; import javax.ws.rs.container.ContainerRequestContext; import javax.ws.rs.core.Response; import javax.ws.rs.ext.Provider; import org.apache.cxf.interceptor.security.AbstractAuthorizingInInterceptor; import org.apache.cxf.jaxrs.security.SimpleAuthorizingFilter; import org.apache.cxf.jaxrs.utils.JAXRSUtils; +import org.apache.cxf.message.Message; import org.eclipse.osee.jaxrs.server.internal.JaxRsResourceManager; import org.eclipse.osee.jaxrs.server.internal.JaxRsResourceManager.Resource; @@ -33,9 +36,16 @@ public class OseeAuthorizingFilter extends SimpleAuthorizingFilter { public void filter(ContainerRequestContext context) { context.getSecurityContext().getUserPrincipal(); Resource resource = resourceManager.findResource(context); - if (resource == null) { + + Message currentMessage = JAXRSUtils.getCurrentMessage(); + @SuppressWarnings("unchecked") + TreeMap<String, List<String>> protocolHeaders = + (TreeMap<String, List<String>>) currentMessage.getContextualProperty("org.apache.cxf.message.Message.PROTOCOL_HEADERS"); + List<String> referers = protocolHeaders.get("Referer"); + + if (resource != null && referers != null && !referers.toString().contains("coverage")) { try { - interceptor.handleMessage(JAXRSUtils.getCurrentMessage()); + interceptor.handleMessage(currentMessage); } catch (Exception ex) { context.abortWith(Response.status(Response.Status.FORBIDDEN).build()); } |