Skip to content

Commit

Permalink
Update OAuth logic to work in basic flow
Browse files Browse the repository at this point in the history 
An exception was being thrown due to an attempt to retrieve a potentially missing Node property: oauth-principal.
Additionally, the response headers have been updated to provide a more accurate "Location"
  • Loading branch information
Andrew Woods committed Aug 9, 2013
1 parent 091c1d2 commit bf2b280
Show file tree
Hide file tree
Showing 4 changed files with 24 additions and 23 deletions.
8 changes: 5 additions & 3 deletions fcrepo-auth-oauth/src/main/java/org/fcrepo/auth/oauth/DefaultOAuthResourceProvider.java
View file
Expand Up @@ -70,9 +70,11 @@ public OAuthDecision validateRequest(final String rsId, final String token,
final String client =
tokenNode.getProperty(CLIENT_PROPERTY).getString();
LOGGER.debug("Retrieved client: {}", client);
final String principal =
tokenNode.getProperty(PRINCIPAL_PROPERTY)
.getString();
String principal = null;
if (tokenNode.hasProperty(PRINCIPAL_PROPERTY)) {
principal = tokenNode.getProperty(PRINCIPAL_PROPERTY)
.getString();
}
LOGGER.debug("Retrieved principal: {}", principal);
return new Decision(client, principal);
}
Expand Down
17 changes: 17 additions & 0 deletions fcrepo-auth-oauth/src/main/java/org/fcrepo/auth/oauth/api/AuthzEndpoint.java
View file
Expand Up @@ -104,6 +104,20 @@ public Response getAuthorization(@Context final HttpServletRequest request)
final Set<String> scopes = oauthRequest.getScopes();
saveAuthCode(authCode, scopes, client);
builder.setCode(authCode);

builder.setParam("grant_type", "authorization_code");

if (null != client) {
builder.setParam("client_id", client);
}

String clientSecret = oauthRequest.getClientSecret();
if (null != clientSecret) {
builder.setParam("client_secret", clientSecret);
} else {
builder.setParam("client_secret", "YOUR_SECRET");
}

/** as far as I can tell from spec and a number of docs,
* "token" is not a valid response type for the authCode
* endpoint
Expand All @@ -126,6 +140,9 @@ public Response getAuthorization(@Context final HttpServletRequest request)

final String redirectURI =
oauthRequest.getParam(OAUTH_REDIRECT_URI);
if (null != redirectURI) {
builder.setParam(OAUTH_REDIRECT_URI, redirectURI);
}

if (oauthRequest.getState() != null) {
builder.setParam(OAUTH_STATE, oauthRequest.getState());
Expand Down
19 changes: 0 additions & 19 deletions fcrepo-auth-oauth/src/main/java/org/fcrepo/auth/oauth/filter/OAuthFilter.java
View file
Expand Up @@ -29,7 +29,6 @@
import static org.slf4j.LoggerFactory.getLogger;

import java.io.IOException;
import java.security.Principal;
import java.util.Set;

import javax.annotation.PostConstruct;
Expand All @@ -40,7 +39,6 @@
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;

import org.apache.oltu.oauth2.common.OAuth;
Expand Down Expand Up @@ -111,23 +109,6 @@ public void doFilter(ServletRequest request,
final OAuthDecision decision =
provider.validateRequest(realm, accessToken, req);

final Principal principal = decision.getPrincipal();

request =
new HttpServletRequestWrapper((HttpServletRequest) request) {

@Override
public String getRemoteUser() {
return principal != null ? principal.getName() : null;
}

@Override
public Principal getUserPrincipal() {
return principal;
}

};

request.setAttribute(OAUTH_CLIENT_ID, decision.getOAuthClient()
.getClientId());

Expand Down
3 changes: 2 additions & 1 deletion fcrepo-auth-oauth/src/test/java/org/fcrepo/auth/oauth/integration/api/AuthzEndpointIT.java
View file
Expand Up @@ -62,8 +62,9 @@ public void testUseAuthCode() throws ClientProtocolException, IOException {
logger.debug("Retrieved authorization endpoint response.");
final String redirectHeader =
response.getFirstHeader("Location").getValue();
logger.debug("Redirect header '{}'", redirectHeader);
final String authCode =
URI.create(redirectHeader).getQuery().split("&")[0].split("=")[1];
URI.create(redirectHeader).getQuery().split("&")[4].split("=")[1];
assertNotNull("Didn't find authorization code!", authCode);
logger.debug("with authorization code: {}", authCode);
final HttpPost post =
Expand Down

0 comments on commit bf2b280

Please sign in to comment.