cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [1/3] cxf git commit: NPE fix
Date Fri, 13 Nov 2015 13:41:09 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 3f240045b -> 1c4ffc8ee


NPE fix


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/1da85e32
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/1da85e32
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/1da85e32

Branch: refs/heads/3.0.x-fixes
Commit: 1da85e324276d380836fb7dcbff2d83526b3946f
Parents: 3f24004
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Fri Nov 13 11:15:30 2015 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Fri Nov 13 13:38:59 2015 +0000

----------------------------------------------------------------------
 .../rs/security/oauth2/services/RedirectionBasedGrantService.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/1da85e32/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
index a6260bd..e260bbc 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
@@ -229,7 +229,7 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService
             sessionTokenParamName = OAuthConstants.SESSION_AUTHENTICITY_TOKEN;
         }
         String sessionToken = params.getFirst(sessionTokenParamName);
-        if (!compareRequestAndSessionTokens(sessionToken, params, userSubject)) {
+        if (sessionToken == null || !compareRequestAndSessionTokens(sessionToken, params,
userSubject)) {
             throw ExceptionUtils.toBadRequestException(null, null);     
         }
         //TODO: additionally we can check that the Principal that got authenticated


Mime
View raw message