Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id BDBC8200C3C for ; Mon, 3 Apr 2017 18:05:27 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id BC64E160B8F; Mon, 3 Apr 2017 16:05:27 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id CAB9C160B76 for ; Mon, 3 Apr 2017 18:05:26 +0200 (CEST) Received: (qmail 56917 invoked by uid 500); 3 Apr 2017 16:05:26 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 56908 invoked by uid 99); 3 Apr 2017 16:05:25 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 03 Apr 2017 16:05:25 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id CBCC2DFE34; Mon, 3 Apr 2017 16:05:25 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: sergeyb@apache.org To: commits@cxf.apache.org Message-Id: X-Mailer: ASF-Git Admin Mailer Subject: cxf git commit: [CXF-7297] Checking if scopesRequiringNoConsent includes all of the request scope values is enough Date: Mon, 3 Apr 2017 16:05:25 +0000 (UTC) archived-at: Mon, 03 Apr 2017 16:05:27 -0000 Repository: cxf Updated Branches: refs/heads/3.1.x-fixes aa5c4f9e5 -> a929d9b88 [CXF-7297] Checking if scopesRequiringNoConsent includes all of the request scope values is enough Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a929d9b8 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a929d9b8 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a929d9b8 Branch: refs/heads/3.1.x-fixes Commit: a929d9b8800b641ee7d9135ae40566892bfd0edd Parents: aa5c4f9 Author: Sergey Beryozkin Authored: Mon Apr 3 17:03:06 2017 +0100 Committer: Sergey Beryozkin Committed: Mon Apr 3 17:05:09 2017 +0100 ---------------------------------------------------------------------- .../rs/security/oauth2/services/RedirectionBasedGrantService.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/a929d9b8/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java index 1ab30b8..b708c71 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java @@ -247,8 +247,7 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService List permissions) { return scopesRequiringNoConsent != null && requestedScope != null - && requestedScope.size() == scopesRequiringNoConsent.size() - && requestedScope.containsAll(scopesRequiringNoConsent); + && scopesRequiringNoConsent.containsAll(requestedScope); } /**