cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Minor update to the abstract grant handler
Date Thu, 09 Mar 2017 16:25:08 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 885b65d32 -> 4719a033d


Minor update to the abstract grant handler


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4719a033
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4719a033
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4719a033

Branch: refs/heads/master
Commit: 4719a033d54fd9fcd173be273e6c320d8353b631
Parents: 885b65d
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Thu Mar 9 16:24:39 2017 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Thu Mar 9 16:24:39 2017 +0000

----------------------------------------------------------------------
 .../cxf/rs/security/oauth2/grants/AbstractGrantHandler.java   | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/4719a033/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
index 43ca0ca..4410a56 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/AbstractGrantHandler.java
@@ -143,11 +143,16 @@ public abstract class AbstractGrantHandler implements AccessTokenGrantHandler
{
         reg.setGrantType(requestedGrant);
         reg.setSubject(subject);
         reg.setRequestedScope(requestedScopes);
-        reg.setApprovedScope(Collections.emptyList());
+        reg.setApprovedScope(getApprovedScopes(client, subject, requestedScopes));
         reg.setAudiences(audiences);
         return dataProvider.createAccessToken(reg);
     }
 
+    protected List<String> getApprovedScopes(Client client, UserSubject subject, List<String>
requestedScopes) {
+        // This method can be overridden if the down-scoping is required 
+        return Collections.emptyList();
+    }
+
     protected ServerAccessToken getPreAuthorizedToken(Client client,
                                                       UserSubject subject,
                                                       String requestedGrant,


Mime
View raw message