cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Moving the pre-authorized scopes check to Redirection service for the incremental auth be supported next
Date Tue, 26 Jan 2016 15:53:08 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes ffef2eacf -> d4f3d8880


Moving the pre-authorized scopes check to Redirection service for the incremental auth be
supported next


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/d4f3d888
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/d4f3d888
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/d4f3d888

Branch: refs/heads/3.1.x-fixes
Commit: d4f3d88802137d285cc3290884c2683ba5e74d33
Parents: ffef2ea
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Tue Jan 26 15:44:51 2016 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Tue Jan 26 15:52:49 2016 +0000

----------------------------------------------------------------------
 .../rs/security/oauth2/provider/AbstractOAuthDataProvider.java   | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/d4f3d888/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
index 53ccc63..3143186 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
@@ -193,9 +193,7 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider,
Cl
         for (ServerAccessToken at : getAccessTokens(client, sub)) {
             if (at.getClient().getClientId().equals(client.getClientId())
                 && at.getGrantType().equals(grantType)
-                && (sub == null || at.getSubject().getLogin().equals(sub.getLogin()))
-                && OAuthUtils.convertPermissionsToScopeList(
-                    at.getScopes()).containsAll(requestedScopes)) {
+                && (sub == null || at.getSubject().getLogin().equals(sub.getLogin())))
{
                 token = at;
                 break;
             }


Mime
View raw message