cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jason Wang (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (CXF-5396) AbstractGrant.toMap hardcode the grandType to Client_Credentials
Date Tue, 19 Nov 2013 10:59:21 GMT

     [ https://issues.apache.org/jira/browse/CXF-5396?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Jason Wang updated CXF-5396:
----------------------------

    Priority: Critical  (was: Major)

> AbstractGrant.toMap hardcode the grandType to Client_Credentials
> ----------------------------------------------------------------
>
>                 Key: CXF-5396
>                 URL: https://issues.apache.org/jira/browse/CXF-5396
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-RS Security
>    Affects Versions: 2.7.7
>            Reporter: Jason Wang
>            Priority: Critical
>
> AbstractGrant.toMap method has this line:
>         map.putSingle(OAuthConstants.GRANT_TYPE, OAuthConstants.CLIENT_CREDENTIALS_GRANT);
> When the subclass, ResourceOwnerGrant overides this toMap, it calls the super.toMap(),
which will cause this wrong value being added.
> So, I think we should fix this by calling map.putSingle(OAuthConstants.GRANT_TYPE, getType()).
> This way it will work for all 4 subclasses and will automatically work for future new
class. Another way is to fix the ResourceOwnerGrant by not calling super.toMap. 



--
This message was sent by Atlassian JIRA
(v6.1#6144)

Mime
View raw message