grails-plugins
diff --git a/‎.classpath
+32 b/‎.classpath
+32
diff --git a/‎.gitignore
+3 b/‎.gitignore
+3
diff --git a/‎.project
+46 b/‎.project
+46
diff --git a/‎.settings/.gitignore
+1 b/‎.settings/.gitignore
+1
diff --git a/‎.settings/org.codehaus.groovy.eclipse.preferences.prefs
+3 b/‎.settings/org.codehaus.groovy.eclipse.preferences.prefs
+3
diff --git a/‎SpringSecurityOauthConsumerGrailsPlugin.groovy
+211 b/‎SpringSecurityOauthConsumerGrailsPlugin.groovy
+211
diff --git a/‎application.properties
+6 b/‎application.properties
+6
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+	<classpathentry kind="src" path="grails-app/conf"/>
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
+	<classpathentry kind="con" path="com.springsource.sts.grails.core.CLASSPATH_CONTAINER"/>
+	<classpathentry kind="src" path="spring-security-core-0.4.1-grails-app-conf">
+		<attributes>
+			<attribute name="com.springsource.sts.grails.core.SOURCE_FOLDER" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" path="spring-security-core-0.4.1-grails-app-services">
+		<attributes>
+			<attribute name="com.springsource.sts.grails.core.SOURCE_FOLDER" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" path="spring-security-core-0.4.1-grails-app-taglib">
+		<attributes>
+			<attribute name="com.springsource.sts.grails.core.SOURCE_FOLDER" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" path="spring-security-core-0.4.1-src-java">
+		<attributes>
+			<attribute name="com.springsource.sts.grails.core.SOURCE_FOLDER" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" path="spring-security-core-0.4.1-src-groovy">
+		<attributes>
+			<attribute name="com.springsource.sts.grails.core.SOURCE_FOLDER" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="output" path="target/eclipseclasses"/>
+</classpath>
@@ -0,0 +1,3 @@
+/target
+/grails-spring-security-oauth-consumer-*.zip
+/plugin.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>grails-spring-security-oauth-consumer</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>org.eclipse.jdt.core.javabuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>com.springsource.sts.grails.core.nature</nature>
+		<nature>org.eclipse.jdt.groovy.core.groovyNature</nature>
+		<nature>org.eclipse.jdt.core.javanature</nature>
+	</natures>
+	<linkedResources>
+		<link>
+			<name>spring-security-core-0.4.1-grails-app-conf</name>
+			<type>2</type>
+			<locationURI>DOTGRAILS/1.2.3/projects/spring-security-oauth-consumer/plugins/spring-security-core-0.4.1/grails-app/conf</locationURI>
+		</link>
+		<link>
+			<name>spring-security-core-0.4.1-grails-app-services</name>
+			<type>2</type>
+			<locationURI>DOTGRAILS/1.2.3/projects/spring-security-oauth-consumer/plugins/spring-security-core-0.4.1/grails-app/services</locationURI>
+		</link>
+		<link>
+			<name>spring-security-core-0.4.1-grails-app-taglib</name>
+			<type>2</type>
+			<locationURI>DOTGRAILS/1.2.3/projects/spring-security-oauth-consumer/plugins/spring-security-core-0.4.1/grails-app/taglib</locationURI>
+		</link>
+		<link>
+			<name>spring-security-core-0.4.1-src-groovy</name>
+			<type>2</type>
+			<locationURI>DOTGRAILS/1.2.3/projects/spring-security-oauth-consumer/plugins/spring-security-core-0.4.1/src/groovy</locationURI>
+		</link>
+		<link>
+			<name>spring-security-core-0.4.1-src-java</name>
+			<type>2</type>
+			<locationURI>DOTGRAILS/1.2.3/projects/spring-security-oauth-consumer/plugins/spring-security-core-0.4.1/src/java</locationURI>
+		</link>
+	</linkedResources>
+</projectDescription>
@@ -0,0 +1 @@
+/com.springsource.sts.grails.core.prefs
@@ -0,0 +1,3 @@
+#Created by grails
+eclipse.preferences.version=1
+groovy.dont.generate.class.files=true
@@ -0,0 +1,211 @@
+/* Copyright 2006-2010 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+import org.codehaus.groovy.grails.plugins.springsecurity.SecurityFilterPosition
+import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils
+
+import org.springframework.security.access.ConfigAttribute
+import org.springframework.security.access.SecurityConfig
+import org.springframework.security.oauth.common.signature.CoreOAuthSignatureMethodFactory
+import org.springframework.security.oauth.common.signature.HMAC_SHA1SignatureMethod
+import org.springframework.security.oauth.common.signature.SharedConsumerSecret
+import org.springframework.security.oauth.consumer.BaseProtectedResourceDetails
+import org.springframework.security.oauth.consumer.CoreOAuthConsumerSupport
+import org.springframework.security.oauth.consumer.InMemoryProtectedResourceDetailsService
+import org.springframework.security.oauth.consumer.OAuthConsumerProcessingFilter
+import org.springframework.security.oauth.consumer.net.DefaultOAuthURLStreamHandlerFactory
+import org.springframework.security.oauth.consumer.nonce.UUIDNonceFactory
+import org.springframework.security.oauth.consumer.token.HttpSessionBasedTokenServicesFactory
+import org.springframework.security.web.access.intercept.DefaultFilterInvocationSecurityMetadataSource
+import org.springframework.security.web.access.intercept.RequestKey
+import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint
+import org.springframework.security.web.util.AntUrlPathMatcher
+import org.springframework.security.web.util.RegexUrlPathMatcher
+import org.springframework.util.StringUtils
+
+class SpringSecurityOauthConsumerGrailsPlugin {
+
+	String version = '0.1'
+	String grailsVersion = '1.2.2 > *'
+	Map dependsOn = ['springSecurityCore': '0.4 > *']
+
+	List pluginExcludes = [
+		'docs/**',
+		'src/docs/**'
+	]
+
+	String author = 'Burt Beckwith'
+	String authorEmail = '[email protected]'
+	String title = 'OAuth Consumer support for the Spring Security plugin.'
+	String description = 'OAuth Consumer support for the Spring Security plugin.'
+
+	String documentation = 'http://grails.org/plugin/spring-security-oauth-consumer'
+
+	def doWithSpring = {
+
+		def conf = SpringSecurityUtils.securityConfig
+		if (!conf || !conf.active) {
+			return
+		}
+
+		println 'Configuring Spring Security OAuth Consumer ...'
+
+		SpringSecurityUtils.loadSecondaryConfig 'DefaultOAuthConsumerSecurityConfig'
+		// have to get again after overlaying DefaultOAuthConsumerSecurityConfig
+		conf = SpringSecurityUtils.securityConfig
+
+		SpringSecurityUtils.registerFilter 'oauthConsumerFilter',
+				SecurityFilterPosition.LAST.order - 1
+
+		def resources = parseResources(conf)
+		oauthProtectedResourceDetailsService(InMemoryProtectedResourceDetailsService) {
+			resourceDetailsStore = resources
+		}
+
+		oauthSignatureMethodFactory(CoreOAuthSignatureMethodFactory) {
+			supportPlainText = conf.oauthConsumer.signature.supportPlainText // false
+			supportHMAC_SHA1 = conf.oauthConsumer.signature.supportHMAC_SHA1 // true
+			supportRSA_SHA1 = conf.oauthConsumer.signature.supportRSA_SHA1 // true
+		}
+
+		oauthNonceFactory(UUIDNonceFactory)
+
+		oauthStreamHandlerFactory(DefaultOAuthURLStreamHandlerFactory)
+
+		oauthProxySelector(ProxySelector) { bean ->
+			bean.factoryMethod = 'getDefault'
+		}
+ 
+		oauthConsumerSupport(CoreOAuthConsumerSupport) {
+			connectionTimeout = conf.oauthConsumer.protectedResource.connectionTimeout // 1000 * 60
+			readTimeout = conf.oauthConsumer.protectedResource.readTimeout // 1000 * 60
+			signatureFactory = ref('oauthSignatureMethodFactory')
+			protectedResourceDetailsService = ref('oauthProtectedResourceDetailsService')
+			nonceFactory = ref('oauthNonceFactory')
+			streamHandlerFactory = ref('oauthStreamHandlerFactory')
+			proxySelector = ref('oauthProxySelector')
+		}
+
+		oauthTokenServicesFactory(HttpSessionBasedTokenServicesFactory)
+
+		oauthFailureEntryPoint(LoginUrlAuthenticationEntryPoint) {
+			forceHttps = conf.auth.forceHttps // false
+			useForward = conf.auth.useForward // false
+			loginFormUrl = conf.oauthConsumer.failurePage
+			portMapper = ref('portMapper')
+			portResolver = ref('portResolver')
+		}
+
+		String pathType = conf.oauthConsumer.ods.pathType // 'ant'
+		def urlMatcher = 'ant'.equals(pathType) ? new AntUrlPathMatcher() : new RegexUrlPathMatcher()
+		urlMatcher.requiresLowerCaseUrl = conf.oauthConsumer.ods.lowercaseComparisons // true
+
+		LinkedHashMap<RequestKey, Collection<ConfigAttribute>> invocationDefinitionMap = [:]
+		for (Map<String, String> map : conf.oauthConsumer.ods.urls) {
+			String path = map.pattern
+			if (conf.oauthConsumer.ods.lowercaseComparisons) {
+				path = path.toLowerCase()
+			}
+			if (map.resources) {
+				invocationDefinitionMap[new RequestKey(path, map.httpMethod ?: null)] = SecurityConfig.createList(
+					StringUtils.commaDelimitedListToStringArray(map.resources))
+			}
+		}
+
+ 		oauthObjectDefinitionSource(DefaultFilterInvocationSecurityMetadataSource, urlMatcher, invocationDefinitionMap)
+
+		oauthConsumerFilter(OAuthConsumerProcessingFilter) {
+			protectedResourceDetailsService = ref('oauthProtectedResourceDetailsService')
+			OAuthFailureEntryPoint = ref('oauthFailureEntryPoint')
+			tokenServicesFactory = ref('oauthTokenServicesFactory')
+			objectDefinitionSource = ref('oauthObjectDefinitionSource')
+			consumerSupport = ref('oauthConsumerSupport')
+			portResolver = ref('portResolver')
+			requireAuthenticated = conf.oauthConsumer.consumerFilter.requireAuthenticated // true
+			accessTokensRequestAttribute = conf.oauthConsumer.consumerFilter.accessTokensRequestAttribute // 'OAUTH_ACCESS_TOKENS'
+		}
+	}
+
+	private Map<String, BaseProtectedResourceDetails> parseResources(conf) {
+		Map<String, BaseProtectedResourceDetails> resources = new TreeMap<String, BaseProtectedResourceDetails>()
+
+		for (Map<String, Object> resourceDef in conf.oauthConsumer.resourceDefs) {
+			BaseProtectedResourceDetails resource = new BaseProtectedResourceDetails()
+
+			setIfString 'id',                          resourceDef, resource, 'A resource id'
+			setIfString 'consumerKey',                 resourceDef, resource, 'A consumer key'
+			setIfString 'requestTokenURL',             resourceDef, resource, 'A request token URL'
+			setIfString 'accessTokenURL',              resourceDef, resource, 'An access token URL'
+			setIfString 'accessTokenHttpMethod',       resourceDef, resource
+			setIfString 'userAuthorizationURL',        resourceDef, resource, 'A user authorization URL'
+			setIfString 'authorizationHeaderRealm'   , resourceDef, resource
+			setIfBoolean 'acceptsAuthorizationHeader', resourceDef, resource
+			setIfBoolean 'use10a',                     resourceDef, resource
+
+			def secret = resourceDef.secret
+			if (secret instanceof String && secret) {
+				resource.sharedSecret = new SharedConsumerSecret(secret)
+			}
+			else {
+				error "A shared secret must be supplied with the definition of a resource: $resourceDef"
+			}
+
+			def signatureMethod = resourceDef.signatureMethod
+			if (!(signatureMethod instanceof String && signatureMethod)) {
+				signatureMethod = HMAC_SHA1SignatureMethod.SIGNATURE_NAME
+			}
+			resource.signatureMethod = signatureMethod
+
+			def additionalParameters = resourceDef.addtionalParameters
+			if (additionalParameters instanceof Map && additionalParameters) {
+				resource.additionalParameters = additionalParameters
+			}
+
+			def additionalRequestHeaders = resourceDef.additionalRequestHeaders
+			if (additionalRequestHeaders instanceof Map && additionalRequestHeaders) {
+				resource.additionalRequestHeaders = additionalRequestHeaders
+			}
+
+			resources[resourceDef.id] = resource
+		}
+
+		resources
+	}
+
+	private void setIfString(String attrName, Map<String, Object> resourceDef,
+			BaseProtectedResourceDetails resource, String errorPrefix = null) {
+
+		def value = resourceDef."$attrName"
+		if (value instanceof String && value) {
+			resource."$attrName" = value
+			return
+		}
+
+		if (errorPrefix) {
+			error "$errorPrefix must be supplied with the definition of a protected resource: $resourceDef"
+		}
+	}
+
+	private void setIfBoolean(String attrName, Map<String, Object> resourceDef, BaseProtectedResourceDetails resource) {
+		def value = resourceDef."$attrName"
+		if (value instanceof Boolean) {
+			resource."$attrName" = value
+		}
+	}
+
+	private void error(String message) {
+		// OAuth parser throws BeanDefinitionParsingException but Problem/Location aren't as necessary in Grails
+		throw new RuntimeException(message) 
+	}
+}
@@ -0,0 +1,6 @@
+#Grails Metadata file
+#Fri Jul 02 01:01:10 EDT 2010
+app.grails.version=1.2.3
+app.name=spring-security-oauth-consumer
+plugins.hibernate=1.2.3
+plugins.spring-security-core=0.4.1
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+/target`
	`2`	`+/grails-spring-security-oauth-consumer-*.zip`
	`3`	`+/plugin.xml`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+/com.springsource.sts.grails.core.prefs`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+#Created by grails`
	`2`	`+eclipse.preferences.version=1`
	`3`	`+groovy.dont.generate.class.files=true`