cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: [CXF-7297] Checking if scopesRequiringNoConsent includes all of the request scope values is enough
Date Mon, 03 Apr 2017 16:05:25 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes aa5c4f9e5 -> a929d9b88


[CXF-7297] Checking if scopesRequiringNoConsent includes all of the request scope values is
enough


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a929d9b8
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a929d9b8
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a929d9b8

Branch: refs/heads/3.1.x-fixes
Commit: a929d9b8800b641ee7d9135ae40566892bfd0edd
Parents: aa5c4f9
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Mon Apr 3 17:03:06 2017 +0100
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Mon Apr 3 17:05:09 2017 +0100

----------------------------------------------------------------------
 .../rs/security/oauth2/services/RedirectionBasedGrantService.java | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/a929d9b8/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
index 1ab30b8..b708c71 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
@@ -247,8 +247,7 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService
                                                   List<OAuthPermission> permissions)
{
         return scopesRequiringNoConsent != null 
                && requestedScope != null
-               && requestedScope.size() == scopesRequiringNoConsent.size()
-               && requestedScope.containsAll(scopesRequiringNoConsent);
+               && scopesRequiringNoConsent.containsAll(requestedScope);
     }
 
     /**


Mime
View raw message