cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: [CXF-7297] Checking if scopesRequiringNoConsent includes all of the request scope values is enough
Date Mon, 03 Apr 2017 16:03:21 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 20c759872 -> c704db9f6


[CXF-7297] Checking if scopesRequiringNoConsent includes all of the request scope values is
enough


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c704db9f
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c704db9f
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c704db9f

Branch: refs/heads/master
Commit: c704db9f67f5baef0fdbbe8dc583b8017dfb917f
Parents: 20c7598
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Mon Apr 3 17:03:06 2017 +0100
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Mon Apr 3 17:03:06 2017 +0100

----------------------------------------------------------------------
 .../rs/security/oauth2/services/RedirectionBasedGrantService.java | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/c704db9f/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
index 7646469..ca4b800 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
@@ -247,8 +247,7 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService
                                                   List<OAuthPermission> permissions)
{
         return scopesRequiringNoConsent != null
                && requestedScope != null
-               && requestedScope.size() == scopesRequiringNoConsent.size()
-               && requestedScope.containsAll(scopesRequiringNoConsent);
+               && scopesRequiringNoConsent.containsAll(requestedScope);
     }
 
     /**


Mime
View raw message