dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #38155
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 19479: minor changes, also sets OAuth2 metadata = false (in SchemaDescriptor)
------------------------------------------------------------
revno: 19479
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Sun 2015-06-21 19:44:37 +0700
message:
minor changes, also sets OAuth2 metadata = false (in SchemaDescriptor)
modified:
dhis-2/dhis-api/src/main/java/org/hisp/dhis/schema/descriptors/OAuth2ClientSchemaDescriptor.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/oauth2/DefaultClientDetailsService.java
dhis-2/dhis-web/dhis-web-api/src/main/resources/META-INF/dhis/servlet.xml
dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/schema/descriptors/OAuth2ClientSchemaDescriptor.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/schema/descriptors/OAuth2ClientSchemaDescriptor.java 2015-06-10 12:17:45 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/schema/descriptors/OAuth2ClientSchemaDescriptor.java 2015-06-21 12:44:37 +0000
@@ -53,6 +53,7 @@
{
Schema schema = new Schema( OAuth2Client.class, SINGULAR, PLURAL );
schema.setRelativeApiEndpoint( API_ENDPOINT );
+ schema.setMetadata( false );
schema.setOrder( 1030 );
schema.getAuthorities().add( new Authority( AuthorityType.READ, Lists.newArrayList( "F_OAUTH2_CLIENT_MANAGE" ) ) );
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/oauth2/DefaultClientDetailsService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/oauth2/DefaultClientDetailsService.java 2015-06-21 10:51:09 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/oauth2/DefaultClientDetailsService.java 2015-06-21 12:44:37 +0000
@@ -48,10 +48,12 @@
private OAuth2ClientService oAuth2ClientService;
private final Set<String> GRANT_TYPES =
- Sets.newHashSet( "password", "authorization_code", "refresh_token" );
+ Sets.newHashSet( "password", "authorization_code", "refresh_token", "implicit" );
private final Set<String> SCOPES = Sets.newHashSet( "ALL" );
+ private final Set<String> REDIRECT_URIS = Sets.newHashSet( "http://www.example.org"; );
+
@Override
public ClientDetails loadClientByClientId( String clientId ) throws ClientRegistrationException
{
@@ -77,6 +79,7 @@
clientDetails.setClientSecret( client.getSecret() );
clientDetails.setAuthorizedGrantTypes( GRANT_TYPES );
clientDetails.setScope( SCOPES );
+ clientDetails.setRegisteredRedirectUri( REDIRECT_URIS );
return clientDetails;
}
=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/resources/META-INF/dhis/servlet.xml'
--- dhis-2/dhis-web/dhis-web-api/src/main/resources/META-INF/dhis/servlet.xml 2015-06-21 09:08:48 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/resources/META-INF/dhis/servlet.xml 2015-06-21 12:44:37 +0000
@@ -140,6 +140,8 @@
<!-- OAuth2 -->
<oauth:authorization-server client-details-service-ref="clientDetailsService" token-services-ref="tokenServices">
+ <oauth:authorization-code />
+ <oauth:implicit />
<oauth:refresh-token />
<oauth:password authentication-manager-ref="authenticationManager" />
</oauth:authorization-server>
=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml'
--- dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml 2015-06-21 10:51:09 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml 2015-06-21 12:44:37 +0000
@@ -16,26 +16,15 @@
<property name="authenticationManager" ref="clientAuthenticationManager" />
</bean>
- <sec:http pattern="/api/oauth/token" create-session="stateless" authentication-manager-ref="clientAuthenticationManager">
- <sec:intercept-url pattern="/api/oauth/token" access="IS_AUTHENTICATED_FULLY" />
+ <oauth:resource-server id="resourceServerFilter" token-services-ref="tokenServices" entry-point-ref="oauthAuthenticationEntryPoint" />
+
+ <sec:http pattern="/api/oauth/**" create-session="stateless" authentication-manager-ref="clientAuthenticationManager">
+ <sec:intercept-url pattern="/api/oauth/**" access="IS_AUTHENTICATED_FULLY" />
<sec:anonymous enabled="false" />
<sec:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
<sec:custom-filter ref="clientCredentialsTokenEndpointFilter" before="BASIC_AUTH_FILTER" />
<sec:access-denied-handler ref="oauthAccessDeniedHandler" />
</sec:http>
-
- <oauth:resource-server id="resourceServerFilter" token-services-ref="tokenServices" entry-point-ref="oauthAuthenticationEntryPoint" />
-
- <!--
- <sec:http pattern="/oauth/authorize/**" access-denied-page="/login.jsp?authorization_error=true" disable-url-rewriting="true">
- <sec:intercept-url pattern="/oauth/authorize/**" access="IS_AUTHENTICATED_FULLY" />
- <sec:form-login authentication-failure-url="/login.jsp?authentication_error=true"
- default-target-url="http://www.ourwebsite.com/"; login-page="/login.jsp"
- login-processing-url="/login.do" />
- <sec:http-basic />
- <sec:anonymous />
- </sec:http>
- -->
<!-- End OAuth2 -->
<bean id="mappedRedirectStrategy" class="org.hisp.dhis.security.MappedRedirectStrategy">
