[cxf] branch master updated: cxf-rt-rs-security-oauth2: process data with streams

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[cxf] branch master updated: cxf-rt-rs-security-oauth2: process data with streams

buhhunyx
This is an automated email from the ASF dual-hosted git repository.

buhhunyx pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git


The following commit(s) were added to refs/heads/master by this push:
     new a5aeebd  cxf-rt-rs-security-oauth2: process data with streams
a5aeebd is described below

commit a5aeebd9835ce93c2c61fdbdeb614682d4437057
Author: Alexey Markevich <[hidden email]>
AuthorDate: Tue Feb 11 22:20:38 2020 +0300

    cxf-rt-rs-security-oauth2: process data with streams
---
 rt/rs/security/oauth-parent/oauth2/pom.xml         | 45 ++++++++--------------
 .../services/RedirectionBasedGrantService.java     |  2 +-
 .../cxf/rs/security/oauth2/utils/OAuthUtils.java   | 32 +++++----------
 .../rs/security/oauth2/utils/OAuthUtilsTest.java   | 20 ++++++++++
 rt/rs/security/oauth-parent/pom.xml                |  5 ---
 5 files changed, 47 insertions(+), 57 deletions(-)

diff --git a/rt/rs/security/oauth-parent/oauth2/pom.xml b/rt/rs/security/oauth-parent/oauth2/pom.xml
index 9f4f5b1..f87ebaf 100644
--- a/rt/rs/security/oauth-parent/oauth2/pom.xml
+++ b/rt/rs/security/oauth-parent/oauth2/pom.xml
@@ -38,7 +38,7 @@
       javax.annotation*;version="${cxf.osgi.javax.annotation.version}",
       javax.persistence*;resolution:=optional
     </cxf.osgi.import>
-    <compilerArguments>-Aopenjpa.source=7 -Aopenjpa.metamodel=true</compilerArguments>
+    <compilerArguments>-Aopenjpa.source=8 -Aopenjpa.metamodel=true</compilerArguments>
   </properties>
   <dependencies>
     <dependency>
@@ -246,41 +246,30 @@
           </execution>
         </executions>
       </plugin>
+        <!-- this tells maven to set a property pointing to the openjpa agent jar -->
+        <!-- where surefire can see it -->
+        <plugin>
+            <groupId>org.apache.maven.plugins</groupId>
+            <artifactId>maven-dependency-plugin</artifactId>
+            <executions>
+                <execution>
+                    <phase>generate-test-resources</phase>
+                    <goals>
+                        <goal>properties</goal>
+                    </goals>
+                </execution>
+            </executions>
+        </plugin>
       <!-- this configures the surefire plugin to run your tests with the javaagent enabled -->
       <!-- (openJPA loadtime weaving) -->
       <plugin>
         <groupId>org.apache.maven.plugins</groupId>
         <artifactId>maven-surefire-plugin</artifactId>
         <configuration>
-          <argLine>-javaagent:${project.basedir}/target/openjpa-${cxf.openjpa.version}.jar ${cxf.surefire.fork.vmargs}</argLine>
-          <workingDirectory>${project.basedir}/target</workingDirectory>
+          <argLine>-javaagent:${org.apache.openjpa:openjpa:jar} ${cxf.surefire.fork.vmargs}</argLine>
+          <workingDirectory>${project.build.directory}</workingDirectory>
         </configuration>
       </plugin>
-      <!-- this tells maven to copy the openjpa agent jar into your target/ directory -->
-      <!-- where surefire can see it -->
-      <plugin>
-        <groupId>org.apache.maven.plugins</groupId>
-        <artifactId>maven-dependency-plugin</artifactId>
-        <executions>
-          <execution>
-            <id>copy</id>
-            <phase>process-resources</phase>
-            <goals>
-              <goal>copy</goal>
-            </goals>
-            <configuration>
-              <artifactItems>
-                <artifactItem>
-                  <groupId>org.apache.openjpa</groupId>
-                  <artifactId>openjpa</artifactId>
-                  <version>${cxf.openjpa.version}</version>
-                  <outputDirectory>${project.build.directory}</outputDirectory>
-                </artifactItem>
-              </artifactItems>
-            </configuration>
-          </execution>
-        </executions>
-      </plugin>
     </plugins>
   </build>
 </project>
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
index e4af350..6f1f551 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
@@ -172,7 +172,7 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService
         }
         // Get the requested scopes
         String providedScope = params.getFirst(OAuthConstants.SCOPE);
-        List<String> requestedScope = null;
+        final List<String> requestedScope;
         List<OAuthPermission> requestedPermissions = null;
         try {
             requestedScope = OAuthUtils.getRequestedScopes(client,
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
index f975a31..3896f7c 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java
@@ -23,14 +23,11 @@ import java.security.MessageDigest;
 import java.security.Principal;
 import java.security.cert.Certificate;
 import java.security.cert.X509Certificate;
-import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.HashMap;
-import java.util.LinkedList;
 import java.util.List;
 import java.util.Properties;
-import java.util.Set;
 
 import javax.security.auth.x500.X500Principal;
 import javax.servlet.http.HttpSession;
@@ -67,6 +64,8 @@ import org.apache.cxf.security.LoginSecurityContext;
 import org.apache.cxf.security.SecurityContext;
 import org.apache.cxf.security.transport.TLSSessionInfo;
 
+import static java.util.stream.Collectors.toList;
+
 /**
  * Various utility methods
  */
@@ -211,11 +210,8 @@ public final class OAuthUtils {
     public static UserSubject createSubject(SecurityContext securityContext) {
         List<String> roleNames = Collections.emptyList();
         if (securityContext instanceof LoginSecurityContext) {
-            roleNames = new ArrayList<>();
-            Set<Principal> roles = ((LoginSecurityContext)securityContext).getUserRoles();
-            for (Principal p : roles) {
-                roleNames.add(p.getName());
-            }
+            roleNames = ((LoginSecurityContext) securityContext).getUserRoles().stream().map(Principal::getName)
+                .collect(toList());
         }
         UserSubject subject = new UserSubject(securityContext.getUserPrincipal().getName(), roleNames);
         Message m = JAXRSUtils.getCurrentMessage();
@@ -240,11 +236,7 @@ public final class OAuthUtils {
     }
 
     public static List<String> convertPermissionsToScopeList(List<OAuthPermission> perms) {
-        List<String> list = new LinkedList<>();
-        for (OAuthPermission perm : perms) {
-            list.add(perm.getPermission());
-        }
-        return list;
+        return perms.stream().map(OAuthPermission::getPermission).collect(toList());
     }
 
     public static boolean isGrantSupportedForClient(Client client,
@@ -258,16 +250,11 @@ public final class OAuthUtils {
     }
 
     public static List<String> parseScope(String requestedScope) {
-        List<String> list = new LinkedList<>();
         if (requestedScope != null) {
-            String[] scopeValues = requestedScope.split(" ");
-            for (String scope : scopeValues) {
-                if (!StringUtils.isEmpty(scope)) {
-                    list.add(scope);
-                }
-            }
+            return Arrays.stream(requestedScope.split(" ")).filter(StringUtils.notEmpty()).collect(toList());
+        } else {
+            return Collections.emptyList();
         }
-        return list;
     }
 
     public static String generateRandomTokenKey() throws OAuthServiceException {
@@ -332,8 +319,7 @@ public final class OAuthUtils {
         List<String> requestScopes = parseScope(scopeParameter);
         List<String> registeredScopes = client.getRegisteredScopes();
         if (requestScopes.isEmpty()) {
-            requestScopes.addAll(registeredScopes);
-            return requestScopes;
+            return registeredScopes;
         }
         if (!validateScopes(requestScopes, registeredScopes, partialMatchScopeValidation)) {
             throw new OAuthServiceException("Unexpected scope");
diff --git a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtilsTest.java b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtilsTest.java
index d49cef6..7252096 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtilsTest.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/test/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtilsTest.java
@@ -18,10 +18,14 @@
  */
 package org.apache.cxf.rs.security.oauth2.utils;
 
+import java.util.Collections;
 import java.util.List;
 
+import org.apache.cxf.rs.security.oauth2.common.Client;
+
 import org.junit.Test;
 
+import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertTrue;
 
@@ -53,4 +57,20 @@ public class OAuthUtilsTest {
         List<String> registeredScopes = OAuthUtils.parseScope("a b");
         assertFalse(OAuthUtils.validateScopes(requestScopes, registeredScopes, true));
     }
+
+    @Test
+    public void testGetRequestedScopesRegistered() {
+        Client c = new Client();
+        List<String> scopes = Collections.singletonList("a");
+        c.setRegisteredScopes(scopes);
+        assertEquals(scopes, OAuthUtils.getRequestedScopes(c, "", false, false));
+    }
+
+    @Test
+    public void testParseScopeEmpty() {
+        assertTrue(OAuthUtils.parseScope(null).isEmpty());
+        assertTrue(OAuthUtils.parseScope("").isEmpty());
+        assertTrue(OAuthUtils.parseScope(" ").isEmpty());
+    }
+
 }
diff --git a/rt/rs/security/oauth-parent/pom.xml b/rt/rs/security/oauth-parent/pom.xml
index 015ac71..3233b10 100644
--- a/rt/rs/security/oauth-parent/pom.xml
+++ b/rt/rs/security/oauth-parent/pom.xml
@@ -30,11 +30,6 @@
         <version>3.4.0-SNAPSHOT</version>
         <relativePath>../../../../parent/pom.xml</relativePath>
     </parent>
-    <properties>
-        <cxf.osgi.import>
-            javax.servlet*;version="${cxf.osgi.javax.servlet.version}",
-        </cxf.osgi.import>
-    </properties>
     <modules>
         <module>oauth</module>
         <module>oauth2</module>