private List<OAuthPermission> getPermissionsInfo(List<String> scopes) { List<OAuthPermission> list = new ArrayList<OAuthPermission>(); for (String scope : scopes) { if (scope.equals(OAuthConstants.READ_CALENDAR_SCOPE)) { list.add(READ_CALENDAR_PERMISSION); } else if (scope.startsWith(OAuthConstants.UPDATE_CALENDAR_SCOPE)) { String hourValue = scope.substring(OAuthConstants.UPDATE_CALENDAR_SCOPE.length()); list.add(new OAuthPermission(scope, OAuthConstants.UPDATE_CALENDAR_DESCRIPTION + hourValue + " o'clock", Collections.<String>emptyList())); } } if (!scopes.contains(OAuthConstants.READ_CALENDAR_SCOPE)) { list.add(READ_CALENDAR_PERMISSION); } return list; }
public List<String> getRoles() { List<String> authorities = new ArrayList<>(); for (OAuthPermission permission : permissions) { authorities.addAll(permission.getRoles()); } return authorities; }
String param = oAuthMessage.getParameter(perm.getPermission() + "_status"); if (param != null && OAuthConstants.AUTHORIZATION_DECISION_ALLOW.equals(param)) { approvedScopesSet.add(perm); } else if (approvedScopes.size() < originalScopes.size()) { for (OAuthPermission perm : originalScopes) { if (perm.isDefault() && !approvedScopes.contains(perm)) { approvedScopes.add(perm);
@POST public void updateCalendar(@FormParam("hour") int hour, @FormParam("description") String description) { // This permission check can be done in a custom filter; it can be simpler to do // in the actual service code if the context data (such as an hour in this case) // are not available in the request URI but in the message payload OAuthContext oauth = getOAuthContext(); List<OAuthPermission> perms = oauth.getPermissions(); boolean checkPassed = false; for (OAuthPermission perm : perms) { if (perm.getPermission().startsWith(OAuthConstants.UPDATE_CALENDAR_SCOPE)) { int authorizedHour = Integer.valueOf(perm.getPermission().substring(OAuthConstants.UPDATE_CALENDAR_SCOPE.length())); if (authorizedHour == hour) { checkPassed = true; } } } if (!checkPassed) { throw new WebApplicationException(403); } // end of the check Calendar calendar = getUserCalendar(); calendar.getEntry(hour).setEventDescription(description); }
boolean uriOK = checkRequestURI(req, perm.getUris()); boolean verbOK = checkHttpVerb(req, perm.getHttpVerbs()); if (uriOK && verbOK) { matchingPermissions.add(perm);