cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1333058 - /cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenHandler.java
Date Wed, 02 May 2012 14:28:11 GMT
Author: sergeyb
Date: Wed May  2 14:28:10 2012
New Revision: 1333058

URL: http://svn.apache.org/viewvc?rev=1333058&view=rev
Log:
[CXF-4283] Checking OAuth10 preauthorized tokens for missing or empty verifiers, thanks to
Jordi T.

Modified:
    cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenHandler.java

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenHandler.java?rev=1333058&r1=1333057&r2=1333058&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenHandler.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenHandler.java
Wed May  2 14:28:10 2012
@@ -31,6 +31,7 @@ import net.oauth.OAuthMessage;
 import net.oauth.OAuthProblemException;
 
 import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.jaxrs.ext.MessageContext;
 import org.apache.cxf.rs.security.oauth.data.AccessToken;
 import org.apache.cxf.rs.security.oauth.data.AccessTokenRegistration;
@@ -64,7 +65,7 @@ public class AccessTokenHandler {
             }
             
             String oauthVerifier = oAuthMessage.getParameter(OAuth.OAUTH_VERIFIER);
-            if (oauthVerifier == null) {
+            if (StringUtils.isEmpty(oauthVerifier)) {
                 if (requestToken.getSubject() != null && requestToken.isPreAuthorized())
{
                     LOG.fine("Preauthorized request token");
                 } else {



Mime
View raw message