From dc6106870202f1eae7ee23b9e54cc1cb3ee0386c Mon Sep 17 00:00:00 2001 From: Amanda Anganes Date: Wed, 22 Aug 2012 15:21:42 -0400 Subject: [PATCH 1/4] Split approved site and whitelisted site scope tables. --- .../mitre/openid/connect/model/ApprovedSite.java | 4 ++-- .../openid/connect/model/WhitelistedSite.java | 4 ++-- .../db/tables/database_tables.sql | 14 +++++++++----- 3 files changed, 13 insertions(+), 9 deletions(-) diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java index 060adae49..7b5ffdd88 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/ApprovedSite.java @@ -165,10 +165,10 @@ public class ApprovedSite { */ @ElementCollection(fetch = FetchType.EAGER) @CollectionTable( - name="allowed_scope", + name="approved_site_scope", joinColumns=@JoinColumn(name="owner_id") ) - @Column(name="allowed_scope") + @Column(name="scope") public Set getAllowedScopes() { return allowedScopes; } diff --git a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/WhitelistedSite.java b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/WhitelistedSite.java index 1ac232ade..50dd016d7 100644 --- a/openid-connect-common/src/main/java/org/mitre/openid/connect/model/WhitelistedSite.java +++ b/openid-connect-common/src/main/java/org/mitre/openid/connect/model/WhitelistedSite.java @@ -103,10 +103,10 @@ public class WhitelistedSite { */ @ElementCollection(fetch = FetchType.EAGER) @CollectionTable( - name="allowed_scope", + name="whitelisted_site_scope", joinColumns=@JoinColumn(name="owner_id") ) - @Column(name="allowed_scope") + @Column(name="scope") public Set getAllowedScopes() { return allowedScopes; } diff --git a/openid-connect-server/db/tables/database_tables.sql b/openid-connect-server/db/tables/database_tables.sql index ebf1e825d..3c96ea092 100644 --- a/openid-connect-server/db/tables/database_tables.sql +++ b/openid-connect-server/db/tables/database_tables.sql @@ -19,11 +19,6 @@ CREATE TABLE address ( country VARCHAR(256) ); -CREATE TABLE allowed_scope ( - owner_id BIGINT, - allowed_scope VARCHAR(256) -); - CREATE TABLE approved_site ( id BIGINT AUTO_INCREMENT PRIMARY KEY, user_id VARCHAR(4096), @@ -34,6 +29,11 @@ CREATE TABLE approved_site ( whitelisted_site_id VARCHAR(256) ); +CREATE TABLE approved_site_scope ( + owner_id BIGINT, + scope VARCHAR(256) +); + CREATE TABLE authentication_holder ( id BIGINT AUTO_INCREMENT PRIMARY KEY, owner_id BIGINT, @@ -169,3 +169,7 @@ CREATE TABLE whitelisted_site ( client_id VARCHAR(256) ); +CREATE TABLE whitelisted_site_scope ( + owner_id BIGINT, + scope VARCHAR(256) +); From 4b76cc514bbe806110d40400473282da7a8625b4 Mon Sep 17 00:00:00 2001 From: Amanda Anganes Date: Wed, 22 Aug 2012 16:54:00 -0400 Subject: [PATCH 2/4] Added a database-backed authorization-code system. Untested; needs to be injected into configuration in the place of the in-memory one and tested --- .../oauth2/model/AuthorizationCodeEntity.java | 92 +++++++++++++++++++ .../AuthorizationCodeRepository.java | 16 ++++ .../db/tables/database_tables.sql | 6 ++ .../impl/JpaAuthorizationCodeRepository.java | 60 ++++++++++++ ...DefaultOAuth2AuthorizationCodeService.java | 59 ++++++++++++ 5 files changed, 233 insertions(+) create mode 100644 openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java create mode 100644 openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java create mode 100644 openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java create mode 100644 openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java new file mode 100644 index 000000000..70b5ac76c --- /dev/null +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java @@ -0,0 +1,92 @@ +package org.mitre.oauth2.model; + +import javax.persistence.Basic; +import javax.persistence.Column; +import javax.persistence.Entity; +import javax.persistence.FetchType; +import javax.persistence.GeneratedValue; +import javax.persistence.GenerationType; +import javax.persistence.Id; +import javax.persistence.Lob; +import javax.persistence.NamedQueries; +import javax.persistence.NamedQuery; +import javax.persistence.Table; + +import org.springframework.security.oauth2.provider.code.AuthorizationRequestHolder; + +/** + * Entity class for authorization codes + * @author aanganes + * + */ +@Entity +@Table(name="authorization_code") +@NamedQueries({ + @NamedQuery(name = "AuthorizationCodeEntity.getByValue", query = "select a from AuthorizationCodeEntity a where a.code = :code") +}) +public class AuthorizationCodeEntity { + + private Long id; + + private String code; + + private AuthorizationRequestHolder authorizationRequestHolder; + + /** + * Create a new AuthorizationCodeEntity with the given code. + * + * @param code the authorization code + */ + public AuthorizationCodeEntity(String code) { + this.code = code; + } + + /** + * @return the id + */ + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + public Long getId() { + return id; + } + + /** + * @param id the id to set + */ + public void setId(Long id) { + this.id = id; + } + + /** + * @return the code + */ + @Basic + public String getCode() { + return code; + } + + /** + * @param code the code to set + */ + public void setCode(String code) { + this.code = code; + } + + /** + * @return the authorizationRequestHolder + */ + @Lob + @Basic(fetch=FetchType.LAZY) + @Column(name="authorization_request_holder") + public AuthorizationRequestHolder getAuthorizationRequestHolder() { + return authorizationRequestHolder; + } + + /** + * @param authorizationRequestHolder the authorizationRequestHolder to set + */ + public void setAuthorizationRequestHolder(AuthorizationRequestHolder authorizationRequestHolder) { + this.authorizationRequestHolder = authorizationRequestHolder; + } + +} diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java new file mode 100644 index 000000000..6510f8852 --- /dev/null +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java @@ -0,0 +1,16 @@ +package org.mitre.oauth2.repository; + +import org.mitre.oauth2.model.AuthorizationCodeEntity; +import org.springframework.security.oauth2.common.exceptions.InvalidGrantException; +import org.springframework.security.oauth2.provider.code.AuthorizationRequestHolder; + +/** + * @author amanda + * + */ +public interface AuthorizationCodeRepository { + + public AuthorizationCodeEntity save(AuthorizationCodeEntity authorizationCode); + + public AuthorizationRequestHolder consume(String code) throws InvalidGrantException; +} diff --git a/openid-connect-server/db/tables/database_tables.sql b/openid-connect-server/db/tables/database_tables.sql index 3c96ea092..f8731024e 100644 --- a/openid-connect-server/db/tables/database_tables.sql +++ b/openid-connect-server/db/tables/database_tables.sql @@ -45,6 +45,12 @@ CREATE TABLE authority ( authority LONGBLOB ); +CREATE TABLE authorization_code ( + id BIGINT AUTO_INCREMENT PRIMARY KEY, + code VARCHAR(256), + authorization_request_holder LONGBLOB +); + CREATE TABLE authorized_grant_type ( owner_id BIGINT, authorized_grant_type VARCHAR(2000) diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java new file mode 100644 index 000000000..ccfe8acba --- /dev/null +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java @@ -0,0 +1,60 @@ +/** + * + */ +package org.mitre.oauth2.repository.impl; + +import javax.persistence.EntityManager; +import javax.persistence.PersistenceContext; +import javax.persistence.TypedQuery; + +import org.mitre.oauth2.model.AuthorizationCodeEntity; +import org.mitre.oauth2.repository.AuthorizationCodeRepository; +import org.mitre.util.jpa.JpaUtil; +import org.springframework.security.oauth2.common.exceptions.InvalidGrantException; +import org.springframework.security.oauth2.provider.code.AuthorizationRequestHolder; +import org.springframework.stereotype.Repository; +import org.springframework.transaction.annotation.Transactional; + +/** + * @author aanganes + * + */ +@Repository +@Transactional +public class JpaAuthorizationCodeRepository implements AuthorizationCodeRepository { + + @PersistenceContext + EntityManager manager; + + /* (non-Javadoc) + * @see org.mitre.oauth2.repository.AuthorizationCodeRepository#save(org.mitre.oauth2.model.AuthorizationCodeEntity) + */ + @Override + @Transactional + public AuthorizationCodeEntity save(AuthorizationCodeEntity authorizationCode) { + + return JpaUtil.saveOrUpdate(authorizationCode.getId(), manager, authorizationCode); + + } + + /* (non-Javadoc) + * @see org.mitre.oauth2.repository.AuthorizationCodeRepository#consume(java.lang.String) + */ + @Override + @Transactional + public AuthorizationRequestHolder consume(String code) throws InvalidGrantException { + + TypedQuery query = manager.createNamedQuery("AuthorizationCodeEntity.getByValue", AuthorizationCodeEntity.class); + query.setParameter("code", code); + + AuthorizationCodeEntity result = JpaUtil.getSingleResult(query.getResultList()); + + if (result == null) { + throw new InvalidGrantException("JpaAuthorizationCodeRepository: no authorization code found for value " + code); + } + + return result.getAuthorizationRequestHolder(); + + } + +} diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java new file mode 100644 index 000000000..f653d3a1d --- /dev/null +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java @@ -0,0 +1,59 @@ +/** + * + */ +package org.mitre.oauth2.service.impl; + +import org.mitre.oauth2.model.AuthorizationCodeEntity; +import org.mitre.oauth2.repository.AuthorizationCodeRepository; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.oauth2.common.exceptions.InvalidGrantException; +import org.springframework.security.oauth2.common.util.RandomValueStringGenerator; +import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices; +import org.springframework.security.oauth2.provider.code.AuthorizationRequestHolder; +import org.springframework.stereotype.Service; + +/** + * @author aanganes + * + */ +@Service +public class DefaultOAuth2AuthorizationCodeService implements AuthorizationCodeServices { + + @Autowired + private AuthorizationCodeRepository repository; + + private RandomValueStringGenerator generator = new RandomValueStringGenerator(); + + /* (non-Javadoc) + * @see org.springframework.security.oauth2.provider.code.AuthorizationCodeServices#createAuthorizationCode(org.springframework.security.oauth2.provider.code.AuthorizationRequestHolder) + */ + @Override + public String createAuthorizationCode(AuthorizationRequestHolder authentication) { + String code = generator.generate(); + + AuthorizationCodeEntity entity = new AuthorizationCodeEntity(code); + + repository.save(entity); + + return code; + } + + /* (non-Javadoc) + * @see org.springframework.security.oauth2.provider.code.AuthorizationCodeServices#consumeAuthorizationCode(java.lang.String) + */ + @Override + public AuthorizationRequestHolder consumeAuthorizationCode(String code) throws InvalidGrantException { + + AuthorizationRequestHolder auth = repository.consume(code); + return auth; + } + + public AuthorizationCodeRepository getRepository() { + return repository; + } + + public void setRepository(AuthorizationCodeRepository repository) { + this.repository = repository; + } + +} From c23b176567dec5dc026b792636264395ad82377c Mon Sep 17 00:00:00 2001 From: Amanda Anganes Date: Thu, 23 Aug 2012 10:46:08 -0400 Subject: [PATCH 3/4] Database backed authorization-code-service now works. --- .../mitre/oauth2/model/AuthorizationCodeEntity.java | 12 ++++++++++-- .../impl/JpaAuthorizationCodeRepository.java | 5 ++++- .../impl/DefaultOAuth2AuthorizationCodeService.java | 3 +-- .../src/main/resources/META-INF/persistence.xml | 1 + .../src/main/webapp/WEB-INF/application-context.xml | 2 +- 5 files changed, 17 insertions(+), 6 deletions(-) diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java index 70b5ac76c..2747b6f3a 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java @@ -32,13 +32,21 @@ public class AuthorizationCodeEntity { private AuthorizationRequestHolder authorizationRequestHolder; + /** + * Default constructor. + */ + public AuthorizationCodeEntity() { + + } + /** * Create a new AuthorizationCodeEntity with the given code. * * @param code the authorization code */ - public AuthorizationCodeEntity(String code) { + public AuthorizationCodeEntity(String code, AuthorizationRequestHolder authRequest) { this.code = code; + this.authorizationRequestHolder = authRequest; } /** @@ -76,7 +84,7 @@ public class AuthorizationCodeEntity { * @return the authorizationRequestHolder */ @Lob - @Basic(fetch=FetchType.LAZY) + @Basic(fetch=FetchType.EAGER) @Column(name="authorization_request_holder") public AuthorizationRequestHolder getAuthorizationRequestHolder() { return authorizationRequestHolder; diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java index ccfe8acba..e549735fb 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java @@ -53,7 +53,10 @@ public class JpaAuthorizationCodeRepository implements AuthorizationCodeReposito throw new InvalidGrantException("JpaAuthorizationCodeRepository: no authorization code found for value " + code); } - return result.getAuthorizationRequestHolder(); + AuthorizationRequestHolder authRequest = result.getAuthorizationRequestHolder(); + //authRequest.getAuthenticationRequest(); + + return authRequest; } diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java index f653d3a1d..fff72ce5b 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java @@ -31,8 +31,7 @@ public class DefaultOAuth2AuthorizationCodeService implements AuthorizationCodeS public String createAuthorizationCode(AuthorizationRequestHolder authentication) { String code = generator.generate(); - AuthorizationCodeEntity entity = new AuthorizationCodeEntity(code); - + AuthorizationCodeEntity entity = new AuthorizationCodeEntity(code, authentication); repository.save(entity); return code; diff --git a/openid-connect-server/src/main/resources/META-INF/persistence.xml b/openid-connect-server/src/main/resources/META-INF/persistence.xml index 57aeaf32b..8cd495e85 100644 --- a/openid-connect-server/src/main/resources/META-INF/persistence.xml +++ b/openid-connect-server/src/main/resources/META-INF/persistence.xml @@ -9,6 +9,7 @@ org.mitre.oauth2.model.OAuth2AccessTokenEntity org.mitre.oauth2.model.OAuth2RefreshTokenEntity org.mitre.oauth2.model.AuthenticationHolder + org.mitre.oauth2.model.AuthorizationCodeEntity org.mitre.openid.connect.model.Address org.mitre.openid.connect.model.ApprovedSite org.mitre.openid.connect.model.Event diff --git a/openid-connect-server/src/main/webapp/WEB-INF/application-context.xml b/openid-connect-server/src/main/webapp/WEB-INF/application-context.xml index b06dacfdc..7ba55d719 100644 --- a/openid-connect-server/src/main/webapp/WEB-INF/application-context.xml +++ b/openid-connect-server/src/main/webapp/WEB-INF/application-context.xml @@ -85,7 +85,7 @@ authorization-endpoint-url="/authorize" token-endpoint-url="/token"> - + From ba5572b28ad6931392d0cde4228fe81240d31d22 Mon Sep 17 00:00:00 2001 From: Amanda Anganes Date: Thu, 23 Aug 2012 11:05:10 -0400 Subject: [PATCH 4/4] Tidied up a bit, added javadoc comments to new classes --- .../oauth2/model/AuthorizationCodeEntity.java | 6 ++-- .../AuthorizationCodeRepository.java | 18 +++++++++++- .../impl/JpaAuthorizationCodeRepository.java | 5 +++- ...DefaultOAuth2AuthorizationCodeService.java | 28 ++++++++++++++++--- 4 files changed, 49 insertions(+), 8 deletions(-) diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java index 2747b6f3a..363f2f4ab 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/AuthorizationCodeEntity.java @@ -16,6 +16,7 @@ import org.springframework.security.oauth2.provider.code.AuthorizationRequestHol /** * Entity class for authorization codes + * * @author aanganes * */ @@ -40,9 +41,10 @@ public class AuthorizationCodeEntity { } /** - * Create a new AuthorizationCodeEntity with the given code. + * Create a new AuthorizationCodeEntity with the given code and AuthorizationRequestHolder. * - * @param code the authorization code + * @param code the authorization code + * @param authRequest the AuthoriztionRequestHolder associated with the original code request */ public AuthorizationCodeEntity(String code, AuthorizationRequestHolder authRequest) { this.code = code; diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java index 6510f8852..bdd2e295d 100644 --- a/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java +++ b/openid-connect-common/src/main/java/org/mitre/oauth2/repository/AuthorizationCodeRepository.java @@ -5,12 +5,28 @@ import org.springframework.security.oauth2.common.exceptions.InvalidGrantExcepti import org.springframework.security.oauth2.provider.code.AuthorizationRequestHolder; /** - * @author amanda + * Interface for saving and consuming OAuth2 authorization codes as AuthorizationCodeEntitys. + * + * @author aanganes * */ public interface AuthorizationCodeRepository { + /** + * Save an AuthorizationCodeEntity to the repository + * + * @param authorizationCode the AuthorizationCodeEntity to save + * @return the saved AuthorizationCodeEntity + */ public AuthorizationCodeEntity save(AuthorizationCodeEntity authorizationCode); + /** + * Consume an authorization code. + * + * @param code the authorization code value + * @return the authentication associated with the code + * @throws InvalidGrantException if no AuthorizationCodeEntity is found with the given value + */ public AuthorizationRequestHolder consume(String code) throws InvalidGrantException; + } diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java index e549735fb..13e1a4350 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/repository/impl/JpaAuthorizationCodeRepository.java @@ -16,6 +16,8 @@ import org.springframework.stereotype.Repository; import org.springframework.transaction.annotation.Transactional; /** + * JPA AuthorizationCodeRepository implementation. + * * @author aanganes * */ @@ -54,7 +56,8 @@ public class JpaAuthorizationCodeRepository implements AuthorizationCodeReposito } AuthorizationRequestHolder authRequest = result.getAuthorizationRequestHolder(); - //authRequest.getAuthenticationRequest(); + + manager.remove(result); return authRequest; diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java index fff72ce5b..7c2c0fbc6 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java @@ -13,6 +13,8 @@ import org.springframework.security.oauth2.provider.code.AuthorizationRequestHol import org.springframework.stereotype.Service; /** + * Database-backed, random-value authorization code service implementation. + * * @author aanganes * */ @@ -24,8 +26,13 @@ public class DefaultOAuth2AuthorizationCodeService implements AuthorizationCodeS private RandomValueStringGenerator generator = new RandomValueStringGenerator(); - /* (non-Javadoc) - * @see org.springframework.security.oauth2.provider.code.AuthorizationCodeServices#createAuthorizationCode(org.springframework.security.oauth2.provider.code.AuthorizationRequestHolder) + /** + * Generate a random authorization code and create an AuthorizationCodeEntity, + * which will be stored in the repository. + * + * @param authentication the authentication of the current user, to be retrieved when the + * code is consumed + * @return the authorization code */ @Override public String createAuthorizationCode(AuthorizationRequestHolder authentication) { @@ -37,8 +44,15 @@ public class DefaultOAuth2AuthorizationCodeService implements AuthorizationCodeS return code; } - /* (non-Javadoc) - * @see org.springframework.security.oauth2.provider.code.AuthorizationCodeServices#consumeAuthorizationCode(java.lang.String) + /** + * Consume a given authorization code. + * Match the provided string to an AuthorizationCodeEntity. If one is found, return + * the authentication associated with the code. If one is not found, throw an + * InvalidGrantException. + * + * @param code the authorization code + * @return the authentication that made the original request + * @throws InvalidGrantException, if an AuthorizationCodeEntity is not found with the given value */ @Override public AuthorizationRequestHolder consumeAuthorizationCode(String code) throws InvalidGrantException { @@ -47,10 +61,16 @@ public class DefaultOAuth2AuthorizationCodeService implements AuthorizationCodeS return auth; } + /** + * @return the repository + */ public AuthorizationCodeRepository getRepository() { return repository; } + /** + * @param repository the repository to set + */ public void setRepository(AuthorizationCodeRepository repository) { this.repository = repository; }