cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [2/3] cxf git commit: Revert "Make sure the State is always returned to the client on an error"
Date Mon, 14 Dec 2015 11:26:53 GMT
Revert "Make sure the State is always returned to the client on an error"

This reverts commit 08068c8a6c784e866ba9bb9b2b16e5b35d569e1b.

Conflicts:
	rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/6a2cd429
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/6a2cd429
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/6a2cd429

Branch: refs/heads/3.0.x-fixes
Commit: 6a2cd429a8e5f0775e99282dcf213ec5a3b5a3f0
Parents: 20d4c14
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Mon Dec 14 11:17:14 2015 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Mon Dec 14 11:21:52 2015 +0000

----------------------------------------------------------------------
 .../services/RedirectionBasedGrantService.java  | 25 ++++++++++++++++++++
 1 file changed, 25 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/6a2cd429/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
index e260bbc..923b3b6 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
@@ -235,8 +235,15 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService
         //TODO: additionally we can check that the Principal that got authenticated
         // in startAuthorization is the same that got authenticated in completeAuthorization
         
+<<<<<<< HEAD
         Client client = getClient(params);
         String redirectUri = validateRedirectUri(client, params.getFirst(OAuthConstants.REDIRECT_URI));
+=======
+        OAuthRedirectionState state = 
+            recreateRedirectionStateFromSession(userSubject, params, sessionToken);
+        Client client = getClient(state.getClientId());
+        String redirectUri = validateRedirectUri(client, state.getRedirectUri());
+>>>>>>> f3646c6... Revert "Make sure the State is always returned to
the client on an error"
         
         // Get the end user decision value
         String decision = params.getFirst(OAuthConstants.AUTHORIZATION_DECISION_KEY);
@@ -325,7 +332,11 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService
         List<String> uris = client.getRedirectUris();
         if (redirectUri != null) {
             if (!uris.contains(redirectUri)) {
+<<<<<<< HEAD
                 redirectUri = null;
+=======
+                reportInvalidRequestError("Client Redirect Uri is invalid");
+>>>>>>> f3646c6... Revert "Make sure the State is always returned to
the client on an error"
             } 
         } else if (uris.size() == 1 && useRegisteredRedirectUriIfPossible) {
             redirectUri = uris.get(0);
@@ -387,11 +398,19 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService
      *         the error is returned directly to the end user without 
      *         following the redirect URI if any
      */
+<<<<<<< HEAD
     protected Client getClient(MultivaluedMap<String, String> params) {
         Client client = null;
         
         try {
             client = getValidClient(params);
+=======
+    protected Client getClient(String clientId) {
+        Client client = null;
+        
+        try {
+            client = getValidClient(clientId);
+>>>>>>> f3646c6... Revert "Make sure the State is always returned to
the client on an error"
         } catch (OAuthServiceException ex) {
             if (ex.getError() != null) {
                 reportInvalidRequestError(ex.getError(), null);
@@ -404,6 +423,12 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService
         return client;
         
     }
+<<<<<<< HEAD
+=======
+    protected Client getClient(MultivaluedMap<String, String> params) {
+        return this.getClient(params.getFirst(OAuthConstants.CLIENT_ID));
+    }
+>>>>>>> f3646c6... Revert "Make sure the State is always returned to
the client on an error"
     protected String getSupportedGrantType() {
         return this.supportedGrantType;
     }


Mime
View raw message