From 9dc2865a7408c33f403056f408690c227bdfe690 Mon Sep 17 00:00:00 2001
From: ulrich
Date: Tue, 08 Jun 2021 15:00:45 +0000
Subject: [PATCH] Aufgeraeumt
---
src/de/uhilger/httpserver/oauth/BearerLoginHandler.java | 15 ---------------
src/de/uhilger/httpserver/oauth/BearerRefreshHandler.java | 14 ++++++++++++--
src/de/uhilger/httpserver/oauth/BearerAuthenticator.java | 8 +++-----
3 files changed, 15 insertions(+), 22 deletions(-)
diff --git a/src/de/uhilger/httpserver/oauth/BearerAuthenticator.java b/src/de/uhilger/httpserver/oauth/BearerAuthenticator.java
index c9c783a..8c3805f 100644
--- a/src/de/uhilger/httpserver/oauth/BearerAuthenticator.java
+++ b/src/de/uhilger/httpserver/oauth/BearerAuthenticator.java
@@ -36,12 +36,10 @@
/**
* Die Klasse Authenticator authentifziert gemäß OAuth-Spezifikation
- *
- *
* "The OAuth 2.0 Authorization Framework: Bearer Token Usage"
* https://datatracker.ietf.org/doc/html/rfc6750
*
- *
+ * weitere Info-Links
* https://www.oauth.com/oauth2-servers/making-authenticated-requests/refreshing-an-access-token/
* https://swagger.io/docs/specification/authentication/bearer-authentication/
*
@@ -239,6 +237,7 @@
* im WWW-Authenticate Header bestimmen
*
* @param exchange
+ * @return den Ausdruck fuer den WWW-Authenticate Header
*/
protected String getWWWAuthRealm(HttpExchange exchange) {
return wwwAuthRealm;
@@ -308,8 +307,7 @@
* WWW-Authenticate: Bearer realm="example"
*
* @param exchange
- * @return
- * @throws java.io.IOException
+ * @return das Ergebnis
*/
protected Result unauthorized(HttpExchange exchange) {
StringBuilder sb = new StringBuilder();
diff --git a/src/de/uhilger/httpserver/oauth/BearerLoginHandler.java b/src/de/uhilger/httpserver/oauth/BearerLoginHandler.java
index a563ece..3fda7b8 100644
--- a/src/de/uhilger/httpserver/oauth/BearerLoginHandler.java
+++ b/src/de/uhilger/httpserver/oauth/BearerLoginHandler.java
@@ -26,7 +26,6 @@
import de.uhilger.httpserver.base.handler.HttpHelper;
import de.uhilger.httpserver.base.handler.HttpResponder;
import java.io.IOException;
-import java.util.logging.Level;
import java.util.logging.Logger;
/**
@@ -87,18 +86,6 @@
User user = getUser(exchange);
LoginResponse response = auth.login(user.getName(), user.getPassword());
handleLoginResponse(exchange, response);
- /*
- if(response != null) {
- // hier erfolg melden
- // 200 OK
- setLoginHeader(exchange);
- HttpResponder r = new HttpResponder();
- r.antwortSenden(exchange, 200, response.toJson());
- } else {
- HttpResponder r = new HttpResponder();
- r.antwortSenden(exchange, 406, "Login failed.");
- }
- */
} else {
HttpResponder r = new HttpResponder();
r.antwortSenden(exchange, 500, "No suitable authenticator.");
@@ -107,8 +94,6 @@
protected void handleLoginResponse(HttpExchange exchange, LoginResponse response) throws IOException {
if(response != null) {
- // hier erfolg melden
- // 200 OK
setLoginHeader(exchange);
HttpResponder r = new HttpResponder();
r.antwortSenden(exchange, 200, response.toJson());
diff --git a/src/de/uhilger/httpserver/oauth/BearerRefreshHandler.java b/src/de/uhilger/httpserver/oauth/BearerRefreshHandler.java
index ee5a4ac..ec799b1 100644
--- a/src/de/uhilger/httpserver/oauth/BearerRefreshHandler.java
+++ b/src/de/uhilger/httpserver/oauth/BearerRefreshHandler.java
@@ -19,14 +19,24 @@
import com.sun.net.httpserver.HttpContext;
import com.sun.net.httpserver.HttpExchange;
-import com.sun.net.httpserver.HttpHandler;
import de.uhilger.httpserver.base.handler.HttpHelper;
-import de.uhilger.httpserver.base.handler.HttpResponder;
import static de.uhilger.httpserver.oauth.BearerLoginHandler.ATTR_AUTHENTICATOR;
import java.io.IOException;
/**
+ * Einen abgelaufenen Token mit Hilfe eines Refresh Token erneuern
*
+ * Gemaess
+ * https://www.oauth.com/oauth2-servers/making-authenticated-requests/refreshing-an-access-token/
+ * sieht die HTTP Anfrage zum Refresh wie folgt aus:
+ *
+ * POST /oauth/token HTTP/1.1
+ * Host: authorization-server.com
+ *
+ * grant_type=refresh_token
+ * &refresh_token=xxxxxxxxxxx
+ * &client_id=xxxxxxxxxx
+ * &client_secret=xxxxxxxxxx
*
* @author Ulrich Hilger
* @version 1, 08.06.2021
--
Gitblit v1.9.3