You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2016/01/26 16:48:32 UTC
cxf git commit: Redirection service code was not saved...
Repository: cxf
Updated Branches:
refs/heads/master 1d93d1121 -> fdfb80cfe
Redirection service code was not saved...
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/fdfb80cf
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/fdfb80cf
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/fdfb80cf
Branch: refs/heads/master
Commit: fdfb80cfef02263a66a98ef43beeaa56b76dbd38
Parents: 1d93d11
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Tue Jan 26 15:48:17 2016 +0000
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Tue Jan 26 15:48:17 2016 +0000
----------------------------------------------------------------------
.../security/oauth2/services/RedirectionBasedGrantService.java | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/fdfb80cf/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
index be1bcc1..6c1a743 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
@@ -170,8 +170,9 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService
// Request a new grant only if no pre-authorized token is available
ServerAccessToken preAuthorizedToken = getDataProvider().getPreauthorizedToken(
client, requestedScope, userSubject, supportedGrantType);
- final boolean authorizationCanBeSkipped =
- preAuthorizedToken != null
+ final boolean preAuthorizationComplete = preAuthorizedToken != null
+ && OAuthUtils.convertPermissionsToScopeList(preAuthorizedToken.getScopes()).containsAll(requestedScope);
+ final boolean authorizationCanBeSkipped = preAuthorizationComplete
|| canAuthorizationBeSkipped(client, userSubject, requestedScope, requestedPermissions);
// Populate the authorization challenge data