cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [cxf] 01/03: CXF-7913 - NPE in OAuth 2.0 JCacheOAuthDataProvider with isStoreJwtTokenKeyOnly
Date Thu, 29 Nov 2018 11:09:12 GMT
This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch 3.2.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git

commit 97e33ca7f065eb2cd5342128ae5d7f9d43aec3e8
Author: Colm O hEigeartaigh <coheigea@apache.org>
AuthorDate: Thu Nov 29 10:12:01 2018 +0000

    CXF-7913 - NPE in OAuth 2.0 JCacheOAuthDataProvider with isStoreJwtTokenKeyOnly
    
    (cherry picked from commit fbbcf945ad9d10b4fb16c8722de77b1f4c62db44)
---
 .../cxf/rs/security/oauth2/provider/JCacheOAuthDataProvider.java    | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JCacheOAuthDataProvider.java
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JCacheOAuthDataProvider.java
index 07fc204..0b006b5 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JCacheOAuthDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JCacheOAuthDataProvider.java
@@ -151,7 +151,11 @@ public class JCacheOAuthDataProvider extends AbstractOAuthDataProvider
{
 
     @Override
     protected void doRevokeAccessToken(ServerAccessToken at) {
-        accessTokenCache.remove(at.getTokenKey());
+        if (isUseJwtFormatForAccessTokens() && isStoreJwtTokenKeyOnly()) {
+            jwtAccessTokenCache.remove(at.getTokenKey());
+        } else {
+            accessTokenCache.remove(at.getTokenKey());
+        }
     }
 
     @Override


Mime
View raw message