Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 2FB8017D45 for ; Tue, 26 Jan 2016 15:48:33 +0000 (UTC) Received: (qmail 45545 invoked by uid 500); 26 Jan 2016 15:48:33 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 45483 invoked by uid 500); 26 Jan 2016 15:48:33 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 45474 invoked by uid 99); 26 Jan 2016 15:48:33 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 26 Jan 2016 15:48:33 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id ECBD5E0092; Tue, 26 Jan 2016 15:48:32 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: sergeyb@apache.org To: commits@cxf.apache.org Message-Id: <5e1fa3d8c8f047d3a3161fab79d0b745@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: cxf git commit: Redirection service code was not saved... Date: Tue, 26 Jan 2016 15:48:32 +0000 (UTC) Repository: cxf Updated Branches: refs/heads/master 1d93d1121 -> fdfb80cfe Redirection service code was not saved... Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/fdfb80cf Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/fdfb80cf Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/fdfb80cf Branch: refs/heads/master Commit: fdfb80cfef02263a66a98ef43beeaa56b76dbd38 Parents: 1d93d11 Author: Sergey Beryozkin Authored: Tue Jan 26 15:48:17 2016 +0000 Committer: Sergey Beryozkin Committed: Tue Jan 26 15:48:17 2016 +0000 ---------------------------------------------------------------------- .../security/oauth2/services/RedirectionBasedGrantService.java | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/fdfb80cf/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java index be1bcc1..6c1a743 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java @@ -170,8 +170,9 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService // Request a new grant only if no pre-authorized token is available ServerAccessToken preAuthorizedToken = getDataProvider().getPreauthorizedToken( client, requestedScope, userSubject, supportedGrantType); - final boolean authorizationCanBeSkipped = - preAuthorizedToken != null + final boolean preAuthorizationComplete = preAuthorizedToken != null + && OAuthUtils.convertPermissionsToScopeList(preAuthorizedToken.getScopes()).containsAll(requestedScope); + final boolean authorizationCanBeSkipped = preAuthorizationComplete || canAuthorizationBeSkipped(client, userSubject, requestedScope, requestedPermissions); // Populate the authorization challenge data