Return-Path: 
 <commits-return-39158-apmail-cxf-commits-archive=cxf.apache.org@cxf.apache.org>
X-Original-To: apmail-cxf-commits-archive@www.apache.org
Delivered-To: apmail-cxf-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 3E17818604
	for <apmail-cxf-commits-archive@www.apache.org>;
 Tue, 17 Nov 2015 16:12:17 +0000 (UTC)
Received: (qmail 11510 invoked by uid 500); 17 Nov 2015 16:12:14 -0000
Delivered-To: apmail-cxf-commits-archive@cxf.apache.org
Received: (qmail 11430 invoked by uid 500); 17 Nov 2015 16:12:14 -0000
Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@cxf.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@cxf.apache.org>
List-Post: <mailto:commits@cxf.apache.org>
List-Id: <commits.cxf.apache.org>
Reply-To: dev@cxf.apache.org
Delivered-To: mailing list commits@cxf.apache.org
Received: (qmail 11374 invoked by uid 99); 17 Nov 2015 16:12:14 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org)
 (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 17 Nov 2015 16:12:14 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at
 git1-us-west.apache.org, from userid 33)
	id 6198ADFF87; Tue, 17 Nov 2015 16:12:14 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: sergeyb@apache.org
To: commits@cxf.apache.org
Message-Id: <820df1a2deb4437ba5a6e4cfc18c6fc5@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: cxf git commit: More code verifier work
Date: Tue, 17 Nov 2015 16:12:14 +0000 (UTC)

Repository: cxf
Updated Branches:
  refs/heads/master e492a2227 -> 63a1088a9


More code verifier work


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/63a1088a
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/63a1088a
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/63a1088a

Branch: refs/heads/master
Commit: 63a1088a9253da0452497440e900d35a5415c3c9
Parents: e492a22
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Tue Nov 17 16:12:02 2015 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Tue Nov 17 16:12:02 2015 +0000

----------------------------------------------------------------------
 .../oauth2/client/ClientCodeRequestFilter.java  | 26 ++++++++++++++------
 1 file changed, 18 insertions(+), 8 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/63a1088a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
index ac09dfc..f69b3b9 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
@@ -155,8 +155,9 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter {
     }
     protected void setCodeVerifier(UriBuilder ub, MultivaluedMap<String, String> redirectState) {
         if (codeVerifierTransformer != null) {
+            String codeVerifier = redirectState.getFirst(OAuthConstants.AUTHORIZATION_CODE_VERIFIER);
             ub.queryParam(OAuthConstants.AUTHORIZATION_CODE_CHALLENGE, 
-                          redirectState.getFirst(OAuthConstants.AUTHORIZATION_CODE_VERIFIER));
+                          codeVerifierTransformer.transformCodeVerifier(codeVerifier));
             ub.queryParam(OAuthConstants.AUTHORIZATION_CODE_CHALLENGE_METHOD, 
                           codeVerifierTransformer.getChallengeMethod());
         }
@@ -220,17 +221,26 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter {
 
     protected MultivaluedMap<String, String> createRedirectState(ContainerRequestContext rc, UriInfo ui) {
         if (clientStateManager == null) {
-            return null;
+            return new MetadataMap<String, String>();
+        }
+        String codeVerifier = null;
+        MultivaluedMap<String, String> codeRequestState = toCodeRequestState(rc, ui);
+        if (codeVerifierTransformer != null) {
+            codeVerifier = Base64UrlUtility.encode(CryptoUtils.generateSecureRandomBytes(32));
+            codeRequestState.putSingle(OAuthConstants.AUTHORIZATION_CODE_VERIFIER, 
+                                       codeVerifier);
         }
-        return clientStateManager.toRedirectState(mc, 
-                                                  toCodeRequestState(rc, ui));
+        MultivaluedMap<String, String> redirectState = 
+            clientStateManager.toRedirectState(mc, codeRequestState);
+        if (codeVerifier != null) {
+            redirectState.putSingle(OAuthConstants.AUTHORIZATION_CODE_VERIFIER, codeVerifier);
+        }
+        return redirectState;
     }
     protected MultivaluedMap<String, String> toCodeRequestState(ContainerRequestContext rc, UriInfo ui) {
         MultivaluedMap<String, String> state = toRequestState(rc, ui);
-        if (codeVerifierTransformer != null) {
-            String codeVerifier = Base64UrlUtility.encode(CryptoUtils.generateSecureRandomBytes(32));
-            state.putSingle(OAuthConstants.AUTHORIZATION_CODE_VERIFIER, 
-                          codeVerifierTransformer.transformCodeVerifier(codeVerifier));
+        if (state == null) {
+            state = new MetadataMap<String, String>();
         }
         return state;
     }