You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2016/09/23 11:49:15 UTC
cxf git commit: Starting with a dynamic registration service test,
more to follow
Repository: cxf
Updated Branches:
refs/heads/master f24ad7978 -> 6b3ff95e2
Starting with a dynamic registration service test, more to follow
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/6b3ff95e
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/6b3ff95e
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/6b3ff95e
Branch: refs/heads/master
Commit: 6b3ff95e2ce646140d436dbaf020479ede748230
Parents: f24ad79
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Fri Sep 23 12:48:59 2016 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Fri Sep 23 12:48:59 2016 +0100
----------------------------------------------------------------------
.../rs/security/oauth2/services/DynamicRegistrationService.java | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/6b3ff95e/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/DynamicRegistrationService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/DynamicRegistrationService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/DynamicRegistrationService.java
index a0d6bc7..78b971d 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/DynamicRegistrationService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/DynamicRegistrationService.java
@@ -80,7 +80,7 @@ public class DynamicRegistrationService extends AbstractOAuthService {
String[] authParts = AuthorizationUtils.getAuthorizationParts(getMessageContext(),
Collections.singleton(OAuthConstants.BEARER_AUTHORIZATION_SCHEME));
if (authParts.length != 2 || !authParts[1].equals(accessToken)) {
- throw ExceptionUtils.toForbiddenException(null, null);
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
}
}
@@ -141,6 +141,9 @@ public class DynamicRegistrationService extends AbstractOAuthService {
protected Client readClient(String clientId) {
Client c = clientProvider.getClient(clientId);
+ if (c == null) {
+ throw ExceptionUtils.toNotAuthorizedException(null, null);
+ }
String regAccessToken = c.getProperties().get(ClientRegistrationResponse.REG_ACCESS_TOKEN);
// Or check OAuthDataProvider.getAccessToken
// if OAuthDataProvider.createAccessToken was used