cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1342573 - in /cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2: services/AccessTokenService.java utils/OAuthConstants.java
Date Fri, 25 May 2012 11:06:47 GMT
Author: sergeyb
Date: Fri May 25 11:06:47 2012
New Revision: 1342573

URL: http://svn.apache.org/viewvc?rev=1342573&view=rev
Log:
[CXF-4341] Doing the case-insensitive comparison for the default Basic auth scheme

Modified:
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java?rev=1342573&r1=1342572&r2=1342573&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
Fri May 25 11:06:47 2012
@@ -132,14 +132,14 @@ public class AccessTokenService extends 
             // client has already authenticated
             Principal p = sc.getUserPrincipal();
             String scheme = sc.getAuthenticationScheme();
-            if ("Basic".equals(scheme)) {
+            if (OAuthConstants.BASIC_SCHEME.equalsIgnoreCase(scheme)) {
                 // section 2.3.1
                 client = getClient(p.getName());
             } else {
                 // section 2.3.2
                 // the client has authenticated itself using some other scheme
                 // in which case the mapping between the scheme and the client_id
-                // should've been done, in which case the client_id is expected
+                // should've been done and the client_id is expected
                 // on the current message
                 Object clientIdProp = getMessageContext().get(OAuthConstants.CLIENT_ID);
                 if (clientIdProp != null) {
@@ -152,7 +152,7 @@ public class AccessTokenService extends 
             // the client id and secret are expected to be in the Basic scheme data
             String[] parts = 
                 AuthorizationUtils.getAuthorizationParts(getMessageContext());
-            if ("Basic".equals(parts[0])) {
+            if (OAuthConstants.BASIC_SCHEME.equalsIgnoreCase(parts[0])) {
                 String[] authInfo = AuthorizationUtils.getBasicAuthParts(parts[1]);
                 client = getAndValidateClient(authInfo[0], authInfo[1]);
             }

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java?rev=1342573&r1=1342572&r2=1342573&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
Fri May 25 11:06:47 2012
@@ -53,6 +53,8 @@ public final class OAuthConstants {
     public static final String MAC_AUTHORIZATION_SCHEME = "Mac";
     public static final String ALL_AUTH_SCHEMES = "*";
 
+    // Default Client Authentication Scheme
+    public static final String BASIC_SCHEME = "Basic";
     
     // Authorization Code grant constants
     public static final String AUTHORIZATION_CODE_VALUE = "code";



Mime
View raw message