cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1543170 - /cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
Date Mon, 18 Nov 2013 21:24:54 GMT
Author: sergeyb
Date: Mon Nov 18 21:24:54 2013
New Revision: 1543170

URL: http://svn.apache.org/r1543170
Log:
[CXF-5394] URL encoding the scope returned as a fragment

Modified:
    cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java

Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java?rev=1543170&r1=1543169&r2=1543170&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
(original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
Mon Nov 18 21:24:54 2013
@@ -26,6 +26,7 @@ import javax.ws.rs.Path;
 import javax.ws.rs.core.MultivaluedMap;
 import javax.ws.rs.core.Response;
 
+import org.apache.cxf.jaxrs.utils.HttpUtils;
 import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
@@ -96,8 +97,9 @@ public class ImplicitGrantService extend
             // optional - otherwise; lets always report it for now if it is non-empty 
             List<OAuthPermission> perms = token.getScopes();
             if (!perms.isEmpty()) {
-                sb.append("&").append(OAuthConstants.SCOPE)
-                    .append("=").append(OAuthUtils.convertPermissionsToScope(perms));
+                String scope = OAuthUtils.convertPermissionsToScope(perms);
+                sb.append("&").append(OAuthConstants.SCOPE).append("=")
+                    .append(HttpUtils.queryEncode(scope));
             }
             //TODO: also report other token parameters if any if needed  
         }



Mime
View raw message