You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2016/01/26 16:45:07 UTC
cxf git commit: Moving the pre-authorized scopes check to Redirection
service for the incremental auth be supported next
Repository: cxf
Updated Branches:
refs/heads/master 7fa085a73 -> 1d93d1121
Moving the pre-authorized scopes check to Redirection service for the incremental auth be supported next
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/1d93d112
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/1d93d112
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/1d93d112
Branch: refs/heads/master
Commit: 1d93d1121bab3bc40900a18522d8a7f64fedb1fe
Parents: 7fa085a
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Tue Jan 26 15:44:51 2016 +0000
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Tue Jan 26 15:44:51 2016 +0000
----------------------------------------------------------------------
.../rs/security/oauth2/provider/AbstractOAuthDataProvider.java | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/1d93d112/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
index 5b67ca2..e27cf27 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/AbstractOAuthDataProvider.java
@@ -188,9 +188,7 @@ public abstract class AbstractOAuthDataProvider implements OAuthDataProvider, Cl
for (ServerAccessToken at : getAccessTokens(client, sub)) {
if (at.getClient().getClientId().equals(client.getClientId())
&& at.getGrantType().equals(grantType)
- && (sub == null || at.getSubject().getLogin().equals(sub.getLogin()))
- && OAuthUtils.convertPermissionsToScopeList(
- at.getScopes()).containsAll(requestedScopes)) {
+ && (sub == null || at.getSubject().getLogin().equals(sub.getLogin()))) {
token = at;
break;
}