cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Enforcing completeUri is not null only when it is a non-start OIDC request
Date Thu, 07 Jul 2016 14:53:04 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 5bbd03f80 -> 83cc8bf11


Enforcing completeUri is not null only when it is a non-start OIDC request


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/83cc8bf1
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/83cc8bf1
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/83cc8bf1

Branch: refs/heads/3.1.x-fixes
Commit: 83cc8bf11f0ec98f7ef8aca3d3b775943ad05811
Parents: 5bbd03f
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Thu Jul 7 15:51:12 2016 +0100
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Thu Jul 7 15:52:51 2016 +0100

----------------------------------------------------------------------
 .../security/oauth2/client/ClientCodeRequestFilter.java   | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/83cc8bf1/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
index 8df02a8..8bf0111 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
@@ -91,11 +91,7 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter
{
             if (referer != null && referer.startsWith(authorizationServiceUri)) {
                 completeUri = absoluteRequestUri;
                 sameUriRedirect = true;
-            } else {
-                LOG.warning("Complete URI is not initialized, authentication flow can not
be completed");
-                rc.abortWith(Response.status(500).build());
-                return;
-            }
+            } 
         }
         
         if (!sameUriRedirect && isStartUriMatched(absoluteRequestUri)) {
@@ -109,6 +105,10 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter
{
             }
             Response codeResponse = createCodeResponse(rc,  ui);
             rc.abortWith(codeResponse);
+        } else if (completeUri == null) {
+            LOG.warning("Complete URI is not initialized, authentication flow can not be
completed");
+            rc.abortWith(Response.status(500).build());
+            return;
         } else if (absoluteRequestUri.endsWith(completeUri)) {
             MultivaluedMap<String, String> requestParams = toRequestState(rc, ui);
             processCodeResponse(rc, ui, requestParams);


Mime
View raw message