cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Updating ClientCodeRequestFilter to support the case where start and complete URIs are the same
Date Wed, 13 Jul 2016 18:21:42 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 05e838902 -> caae5fb26


Updating ClientCodeRequestFilter to support the case where start and complete URIs are the
same


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/caae5fb2
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/caae5fb2
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/caae5fb2

Branch: refs/heads/3.1.x-fixes
Commit: caae5fb26da8cb211bf2a84fb0116d22400826e0
Parents: 05e8389
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Wed Jul 13 21:19:10 2016 +0300
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Wed Jul 13 21:21:21 2016 +0300

----------------------------------------------------------------------
 .../oauth2/client/ClientCodeRequestFilter.java  | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/caae5fb2/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
index 5f9addd..ae32ed7 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
@@ -94,7 +94,7 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter {
             } 
         }
         
-        if (!sameUriRedirect && isStartUriMatched(absoluteRequestUri)) {
+        if (!sameUriRedirect && isStartUriMatched(ui, absoluteRequestUri)) {
             ClientTokenContext request = getClientTokenContext(rc);
             if (request != null) {
                 setClientCodeRequest(request);
@@ -118,9 +118,21 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter
{
         }
     }
 
-    protected boolean isStartUriMatched(String absoluteRequestUri) {
-        return startUri.equals(WILDCARD) && (completeUri == null || !absoluteRequestUri.endsWith(completeUri))
-            || absoluteRequestUri.endsWith(startUri);
+    protected boolean isStartUriMatched(UriInfo ui, String absoluteRequestUri) {
+        if (startUri.equals(WILDCARD) && (completeUri == null || !absoluteRequestUri.endsWith(completeUri)))
{
+            return true;
+        }
+        if (!absoluteRequestUri.endsWith(startUri)) {
+            return false;
+        }
+        if (startUri.equals(completeUri)) {
+            MultivaluedMap<String, String> queries = ui.getQueryParameters();
+            if (queries.containsKey(OAuthConstants.AUTHORIZATION_CODE_VALUE) 
+                || queries.containsKey(OAuthConstants.ERROR_KEY)) {
+                return false;
+            }
+        }
+        return true;
     }
 
     protected void checkSecurityContextStart(ContainerRequestContext rc) {


Mime
View raw message