Commit fdcb6ec9 authored by Matija Obreza's avatar Matija Obreza
Browse files

OAuth2: added interface JPATokenStore

parent 7815effb
/**
* Copyright 2014 Global Crop Diversity Trust
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
package org.genesys2.server.service;
import org.springframework.security.oauth2.provider.token.TokenStore;
public interface JPATokenStore extends TokenStore {
void removeAccessToken(String tokenId);
}
......@@ -16,12 +16,24 @@
package org.genesys2.server.service.impl;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.genesys2.server.model.oauth.OAuthAccessToken;
import org.genesys2.server.model.oauth.OAuthRefreshToken;
import org.genesys2.server.persistence.domain.OAuthAccessTokenPersistence;
import org.genesys2.server.persistence.domain.OAuthRefreshTokenPersistence;
import org.genesys2.server.service.JPATokenStore;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2RefreshToken;
......@@ -30,16 +42,9 @@ import org.springframework.security.oauth2.common.util.SerializationUtils;
import org.springframework.security.oauth2.provider.AuthorizationRequest;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.token.AuthenticationKeyGenerator;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.*;
/**
* OAuth2JPATokenStoreImpl based on JdbcTokenStore
*
......@@ -54,7 +59,7 @@ import java.util.*;
*/
@Service("tokenStore")
@Transactional(readOnly = false)
public class OAuth2JPATokenStoreImpl implements TokenStore {
public class OAuth2JPATokenStoreImpl implements JPATokenStore {
private static final Log LOG = LogFactory.getLog(OAuth2JPATokenStoreImpl.class);
@Autowired
......@@ -241,7 +246,8 @@ public class OAuth2JPATokenStoreImpl implements TokenStore {
removeAccessToken(token.getValue());
}
private void removeAccessToken(String tokenId) {
@Override
public void removeAccessToken(String tokenId) {
if (accessTokenPersistence.exists(tokenId))
accessTokenPersistence.delete(tokenId);
}
......
package org.genesys2.server.servlet.controller;
import java.util.Collection;
import org.genesys2.server.model.oauth.OAuthAccessToken;
import org.genesys2.server.service.JPATokenStore;
import org.genesys2.server.service.OAuth2ClientDetailsService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import java.util.Collection;
@Controller
@RequestMapping("/management")
public class OAuthManagementController extends BaseController {
......@@ -24,7 +24,7 @@ public class OAuthManagementController extends BaseController {
@Autowired
@Qualifier("tokenStore")
private TokenStore tokenStore;
private JPATokenStore tokenStore;
@PreAuthorize("hasRole('ADMINISTRATOR')")
@RequestMapping("/allTokens")
......@@ -60,7 +60,7 @@ public class OAuthManagementController extends BaseController {
@RequestMapping("/{clientId}/{tokenId}/remove")
public String removeAccessTokens(@PathVariable("tokenId") String tokenId, @PathVariable("clientId") String clientId) {
tokenStore.removeAccessToken(new DefaultOAuth2AccessToken(tokenId));
tokenStore.removeAccessToken(tokenId);
return "redirect:/management/" + clientId;
}
......@@ -75,7 +75,7 @@ public class OAuthManagementController extends BaseController {
@RequestMapping("/user/{uuid}/{tokenId}/remove")
@PreAuthorize("hasRole('ADMINISTRATOR') || principal.user.uuid == #uuid")
public String removeUsersAccessToken(@PathVariable("tokenId") String tokenId, @PathVariable("uuid") String uuid) {
tokenStore.removeAccessToken(new DefaultOAuth2AccessToken(tokenId));
tokenStore.removeAccessToken(tokenId);
return "redirect:/management/user/" + uuid + "/tokens";
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment