Return-Path: <commits-return-43663-archive-asf-public=cust-asf.ponee.io@cxf.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 1BAC2200B92
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Wed, 28 Sep 2016 13:23:45 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id 1A585160AD4; Wed, 28 Sep 2016 11:23:45 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 613CF160AB4
	for <archive-asf-public@cust-asf.ponee.io>; Wed, 28 Sep 2016 13:23:44 +0200 (CEST)
Received: (qmail 18384 invoked by uid 500); 28 Sep 2016 11:23:43 -0000
Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@cxf.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@cxf.apache.org>
List-Post: <mailto:commits@cxf.apache.org>
List-Id: <commits.cxf.apache.org>
Reply-To: dev@cxf.apache.org
Delivered-To: mailing list commits@cxf.apache.org
Received: (qmail 18375 invoked by uid 99); 28 Sep 2016 11:23:43 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 28 Sep 2016 11:23:43 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33)
	id 2F3CFDFDEC; Wed, 28 Sep 2016 11:23:43 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: sergeyb@apache.org
To: commits@cxf.apache.org
Message-Id: <d45e6de620f64637a3a8e8fb74e261b2@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: cxf git commit: Updating OAuth2 dynamic reg service to not report the
 reg access token and URI if the client code does not need it, as per the spec
Date: Wed, 28 Sep 2016 11:23:43 +0000 (UTC)
archived-at: Wed, 28 Sep 2016 11:23:45 -0000

Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes bb3da5c5c -> 0e42bf2d5


Updating OAuth2 dynamic reg service to not report the reg access token and URI if the client code does not need it, as per the spec


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/0e42bf2d
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/0e42bf2d
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/0e42bf2d

Branch: refs/heads/3.1.x-fixes
Commit: 0e42bf2d533537be67d041da21b977124c98b23c
Parents: bb3da5c
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Wed Sep 28 12:21:57 2016 +0100
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Wed Sep 28 12:23:28 2016 +0100

----------------------------------------------------------------------
 .../oauth2/services/DynamicRegistrationService.java | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/0e42bf2d/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/DynamicRegistrationService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/DynamicRegistrationService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/DynamicRegistrationService.java
index 47ea3f0..7ad1c74 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/DynamicRegistrationService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/DynamicRegistrationService.java
@@ -53,6 +53,7 @@ public class DynamicRegistrationService {
     private String initialAccessToken;
     private int clientIdSizeInBytes = DEFAULT_CLIENT_ID_SIZE;
     private MessageContext mc;
+    private boolean supportRegistrationAccessTokens = true;
     
     @POST
     @Consumes("application/json")
@@ -129,10 +130,15 @@ public class DynamicRegistrationService {
         // TODO: consider making Client secret time limited
         response.setClientSecretExpiresAt(Long.valueOf(0));
         UriBuilder ub = getMessageContext().getUriInfo().getAbsolutePathBuilder();
-        response.setRegistrationClientUri(ub.path(client.getClientId()).build().toString());
         
-        response.setRegistrationAccessToken(client.getProperties()
-                                            .get(ClientRegistrationResponse.REG_ACCESS_TOKEN));
+        if (supportRegistrationAccessTokens) {
+            // both registration access token and uri are either included or excluded
+            response.setRegistrationClientUri(
+                ub.path(client.getClientId()).build().toString());
+        
+            response.setRegistrationAccessToken(
+                client.getProperties().get(ClientRegistrationResponse.REG_ACCESS_TOKEN));
+        }
         return response;
     }
     
@@ -294,4 +300,8 @@ public class DynamicRegistrationService {
     public MessageContext getMessageContext() {
         return mc;
     }
+
+    public void setSupportRegistrationAccessTokens(boolean supportRegistrationAccessTokens) {
+        this.supportRegistrationAccessTokens = supportRegistrationAccessTokens;
+    }
 }