Search in sources :

Example 6 with OAuthPermission

use of org.apache.cxf.rs.security.oauth.data.OAuthPermission in project tesb-rt-se by Talend.

the class ThirdPartyAccessService method updateCalendar.

@POST
public void updateCalendar(@FormParam("hour") int hour, @FormParam("description") String description) {
    // This permission check can be done in a custom filter; it can be simpler to do
    // in the actual service code if the context data (such as an hour in this case)
    // are not available in the request URI but in the message payload
    OAuthContext oauth = getOAuthContext();
    List<OAuthPermission> perms = oauth.getPermissions();
    boolean checkPassed = false;
    for (OAuthPermission perm : perms) {
        if (perm.getPermission().startsWith(OAuthConstants.UPDATE_CALENDAR_SCOPE)) {
            int authorizedHour = Integer.valueOf(perm.getPermission().substring(OAuthConstants.UPDATE_CALENDAR_SCOPE.length()));
            if (authorizedHour == hour) {
                checkPassed = true;
            }
        }
    }
    if (!checkPassed) {
        throw new WebApplicationException(403);
    }
    // end of the check
    Calendar calendar = getUserCalendar();
    calendar.getEntry(hour).setEventDescription(description);
}
Also used : OAuthPermission(org.apache.cxf.rs.security.oauth.data.OAuthPermission) WebApplicationException(javax.ws.rs.WebApplicationException) Calendar(oauth.common.Calendar) OAuthContext(org.apache.cxf.rs.security.oauth.data.OAuthContext) POST(javax.ws.rs.POST)

Aggregations

OAuthPermission (org.apache.cxf.rs.security.oauth.data.OAuthPermission)6 ArrayList (java.util.ArrayList)4 OAuthMessage (net.oauth.OAuthMessage)2 OAuthProblemException (net.oauth.OAuthProblemException)2 Client (org.apache.cxf.rs.security.oauth.data.Client)2 RequestToken (org.apache.cxf.rs.security.oauth.data.RequestToken)2 IOException (java.io.IOException)1 URI (java.net.URI)1 Principal (java.security.Principal)1 HashMap (java.util.HashMap)1 HashSet (java.util.HashSet)1 LinkedList (java.util.LinkedList)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 POST (javax.ws.rs.POST)1 WebApplicationException (javax.ws.rs.WebApplicationException)1 Calendar (oauth.common.Calendar)1 AuthorizationPolicy (org.apache.cxf.configuration.security.AuthorizationPolicy)1 AccessToken (org.apache.cxf.rs.security.oauth.data.AccessToken)1 AuthorizationInput (org.apache.cxf.rs.security.oauth.data.AuthorizationInput)1 OAuthAuthorizationData (org.apache.cxf.rs.security.oauth.data.OAuthAuthorizationData)1