cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1417400 - /cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrantHandler.java
Date Wed, 05 Dec 2012 13:05:55 GMT
Author: sergeyb
Date: Wed Dec  5 13:05:54 2012
New Revision: 1417400

URL: http://svn.apache.org/viewvc?rev=1417400&view=rev
Log:
Updating refresh grant handler not to enforce the refreshed token scope - up to the provider

Modified:
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrantHandler.java

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrantHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrantHandler.java?rev=1417400&r1=1417399&r2=1417400&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrantHandler.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/refresh/RefreshTokenGrantHandler.java
Wed Dec  5 13:05:54 2012
@@ -51,18 +51,6 @@ public class RefreshTokenGrantHandler im
         String refreshToken = params.getFirst(OAuthConstants.REFRESH_TOKEN);
         List<String> requestedScopes = OAuthUtils.parseScope(params.getFirst(OAuthConstants.SCOPE));
         
-        ServerAccessToken token = dataProvider.refreshAccessToken(client, 
-                                                                  refreshToken,
-                                                                  requestedScopes);
-        if (token == null) {
-            return null;
-        }
-        List<String> tokenScopes = OAuthUtils.convertPermissionsToScopeList(token.getScopes());
-        if (!tokenScopes.containsAll(requestedScopes)) {            
-            throw new OAuthServiceException(OAuthConstants.INVALID_SCOPE);
-        }
-        
-        
-        return token;
+        return dataProvider.refreshAccessToken(client, refreshToken, requestedScopes);
     }
 }



Mime
View raw message