Return-Path: <commits-return-42673-archive-asf-public=cust-asf.ponee.io@cxf.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 94DB6200B3C
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Wed, 13 Jul 2016 20:19:28 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id 9374D160A6A; Wed, 13 Jul 2016 18:19:28 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id D8E74160A62
	for <archive-asf-public@cust-asf.ponee.io>; Wed, 13 Jul 2016 20:19:27 +0200 (CEST)
Received: (qmail 11313 invoked by uid 500); 13 Jul 2016 18:19:27 -0000
Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@cxf.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@cxf.apache.org>
List-Post: <mailto:commits@cxf.apache.org>
List-Id: <commits.cxf.apache.org>
Reply-To: dev@cxf.apache.org
Delivered-To: mailing list commits@cxf.apache.org
Received: (qmail 11303 invoked by uid 99); 13 Jul 2016 18:19:27 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 13 Jul 2016 18:19:27 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33)
	id A27A3E04BE; Wed, 13 Jul 2016 18:19:26 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: sergeyb@apache.org
To: commits@cxf.apache.org
Message-Id: <7bef6060b3784ba9864a87952f336f57@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: cxf git commit: Updating ClientCodeRequestFilter to support the case
 where start and complete URIs are the same
Date: Wed, 13 Jul 2016 18:19:26 +0000 (UTC)
archived-at: Wed, 13 Jul 2016 18:19:28 -0000

Repository: cxf
Updated Branches:
  refs/heads/master 366a55621 -> ef4fe2d84


Updating ClientCodeRequestFilter to support the case where start and complete URIs are the same


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/ef4fe2d8
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/ef4fe2d8
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/ef4fe2d8

Branch: refs/heads/master
Commit: ef4fe2d84010a48b596908581e0c98b367b0ed92
Parents: 366a556
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Wed Jul 13 21:19:10 2016 +0300
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Wed Jul 13 21:19:10 2016 +0300

----------------------------------------------------------------------
 .../oauth2/client/ClientCodeRequestFilter.java  | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/ef4fe2d8/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
index c104cf1..85aa526 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
@@ -94,7 +94,7 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter {
             } 
         }
         
-        if (!sameUriRedirect && isStartUriMatched(absoluteRequestUri)) {
+        if (!sameUriRedirect && isStartUriMatched(ui, absoluteRequestUri)) {
             ClientTokenContext request = getClientTokenContext(rc);
             if (request != null) {
                 setClientCodeRequest(request);
@@ -118,9 +118,21 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter {
         }
     }
 
-    protected boolean isStartUriMatched(String absoluteRequestUri) {
-        return startUri.equals(WILDCARD) && (completeUri == null || !absoluteRequestUri.endsWith(completeUri))
-            || absoluteRequestUri.endsWith(startUri);
+    protected boolean isStartUriMatched(UriInfo ui, String absoluteRequestUri) {
+        if (startUri.equals(WILDCARD) && (completeUri == null || !absoluteRequestUri.endsWith(completeUri))) {
+            return true;
+        }
+        if (!absoluteRequestUri.endsWith(startUri)) {
+            return false;
+        }
+        if (startUri.equals(completeUri)) {
+            MultivaluedMap<String, String> queries = ui.getQueryParameters();
+            if (queries.containsKey(OAuthConstants.AUTHORIZATION_CODE_VALUE) 
+                || queries.containsKey(OAuthConstants.ERROR_KEY)) {
+                return false;
+            }
+        }
+        return true;
     }
 
     protected void checkSecurityContextStart(ContainerRequestContext rc) {