Return-Path: 
 <commits-return-32519-apmail-cxf-commits-archive=cxf.apache.org@cxf.apache.org>
X-Original-To: apmail-cxf-commits-archive@www.apache.org
Delivered-To: apmail-cxf-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id BA0A6113BA
	for <apmail-cxf-commits-archive@www.apache.org>;
 Wed,  4 Jun 2014 13:21:14 +0000 (UTC)
Received: (qmail 93900 invoked by uid 500); 4 Jun 2014 13:21:14 -0000
Delivered-To: apmail-cxf-commits-archive@cxf.apache.org
Received: (qmail 93841 invoked by uid 500); 4 Jun 2014 13:21:14 -0000
Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@cxf.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@cxf.apache.org>
List-Post: <mailto:commits@cxf.apache.org>
List-Id: <commits.cxf.apache.org>
Reply-To: dev@cxf.apache.org
Delivered-To: mailing list commits@cxf.apache.org
Received: (qmail 93834 invoked by uid 99); 4 Jun 2014 13:21:14 -0000
Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org)
 (140.211.11.114)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 Jun 2014 13:21:14 +0000
Received: by tyr.zones.apache.org (Postfix, from userid 65534)
	id 51C558929E5; Wed,  4 Jun 2014 13:21:14 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: sergeyb@apache.org
To: commits@cxf.apache.org
Message-Id: <7f726edd89bb4bae8eab4a0d090dbef1@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: git commit: [CXF-5764] Checking ClientIdProvider too if Principal is
 null
Date: Wed,  4 Jun 2014 13:21:14 +0000 (UTC)

Repository: cxf
Updated Branches:
  refs/heads/master 8c138e035 -> 7012de652


[CXF-5764] Checking ClientIdProvider too if Principal is null


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7012de65
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7012de65
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7012de65

Branch: refs/heads/master
Commit: 7012de652898cd3a7ac9b2858bc6265a6e1054e0
Parents: 8c138e0
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Wed Jun 4 14:20:57 2014 +0100
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Wed Jun 4 14:20:57 2014 +0100

----------------------------------------------------------------------
 .../oauth2/services/AbstractTokenService.java   | 33 ++++++++++++--------
 1 file changed, 20 insertions(+), 13 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/7012de65/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractTokenService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractTokenService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractTokenService.java
index ad3cdda..7b50586 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractTokenService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractTokenService.java
@@ -55,24 +55,20 @@ public class AbstractTokenService extends AbstractOAuthService {
         Client client = null;
         SecurityContext sc = getMessageContext().getSecurityContext();
         Principal principal = sc.getUserPrincipal();
-        String clientIdParameter = params.getFirst(OAuthConstants.CLIENT_ID);
         
-        if (principal == null && clientIdParameter != null) {
-            // Both client_id and client_secret are expected in the form payload
-            client = getAndValidateClientFromIdAndSecret(clientIdParameter,
-                                          params.getFirst(OAuthConstants.CLIENT_SECRET));
-        } else if (principal != null) {
+        if (principal == null) {
+            String clientId = retrieveClientId(params);
+            if (clientId != null) {
+                client = getAndValidateClientFromIdAndSecret(clientId,
+                                              params.getFirst(OAuthConstants.CLIENT_SECRET));
+            }
+        } else {
             // Client has already been authenticated
             if (principal.getName() != null) {
                 client = getClient(principal.getName());
             } else {
-                String clientId = clientIdParameter != null ? clientIdParameter 
-                    : (String)getMessageContext().get(OAuthConstants.CLIENT_ID);
-                if (StringUtils.isEmpty(clientId) && clientIdProvider != null) {
-                    // Check Custom ClientIdProvider
-                    clientId = clientIdProvider.getClientId(getMessageContext());
-                }
-                if (!StringUtils.isEmpty(clientId)) {
+                String clientId = retrieveClientId(params);
+                if (clientId != null) {
                     client = getClient(clientId);
                 } 
             }
@@ -98,6 +94,17 @@ public class AbstractTokenService extends AbstractOAuthService {
         return client;
     }
     
+    protected String retrieveClientId(MultivaluedMap<String, String> params) {
+        String clientId = params.getFirst(OAuthConstants.CLIENT_ID);
+        if (clientId == null) {
+            clientId = (String)getMessageContext().get(OAuthConstants.CLIENT_ID);
+        }
+        if (clientId == null && clientIdProvider != null) {
+            clientId = clientIdProvider.getClientId(getMessageContext());
+        }
+        return clientId;
+    }
+    
     // Get the Client and check the id and secret
     protected Client getAndValidateClientFromIdAndSecret(String clientId, String clientSecret) {
         Client client = getClient(clientId);