cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Minor updates to the token introspection code
Date Fri, 22 Jan 2016 12:51:30 GMT
Repository: cxf
Updated Branches:
  refs/heads/master bc5776b27 -> 2b58d4804


Minor updates to the token introspection code


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/2b58d480
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/2b58d480
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/2b58d480

Branch: refs/heads/master
Commit: 2b58d48041837dfa7f954c58b003a6000895f7d0
Parents: bc5776b
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Fri Jan 22 12:51:14 2016 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Fri Jan 22 12:51:14 2016 +0000

----------------------------------------------------------------------
 .../cxf/rs/security/oauth2/provider/OAuthJSONProvider.java    | 2 +-
 .../security/oauth2/services/TokenIntrospectionService.java   | 7 ++++++-
 2 files changed, 7 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/2b58d480/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java
index 42f039a..1a3283b 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/OAuthJSONProvider.java
@@ -97,7 +97,7 @@ public class OAuthJSONProvider implements MessageBodyWriter<Object>,
             if (!StringUtils.isEmpty(obj.getAud())) {
                 sb.append(",");
                 if (obj.getAud().size() == 1) {
-                    appendJsonPair(sb, "aud", obj.getAud());
+                    appendJsonPair(sb, "aud", obj.getAud().get(0));
                 } else {
                     sb.append("[");
                     StringBuilder arr = new StringBuilder();

http://git-wip-us.apache.org/repos/asf/cxf/blob/2b58d480/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/TokenIntrospectionService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/TokenIntrospectionService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/TokenIntrospectionService.java
index 645e3a4..9dc4bf8 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/TokenIntrospectionService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/TokenIntrospectionService.java
@@ -36,6 +36,7 @@ import org.apache.cxf.jaxrs.ext.MessageContext;
 import org.apache.cxf.jaxrs.utils.ExceptionUtils;
 import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
 import org.apache.cxf.rs.security.oauth2.common.TokenIntrospection;
+import org.apache.cxf.rs.security.oauth2.common.UserSubject;
 import org.apache.cxf.rs.security.oauth2.provider.OAuthDataProvider;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
@@ -62,8 +63,12 @@ public class TokenIntrospectionService {
         if (!at.getScopes().isEmpty()) {
             response.setScope(OAuthUtils.convertPermissionsToScope(at.getScopes()));
         }
-        if (at.getSubject() != null) {
+        UserSubject userSubject = at.getSubject();
+        if (userSubject != null) {
             response.setUsername(at.getSubject().getLogin());
+            if (userSubject.getId() != null) {
+                response.setSub(userSubject.getId());
+            }
         }
         if (!StringUtils.isEmpty(at.getAudiences())) {
             response.setAud(at.getAudiences());


Mime
View raw message