You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cxf.apache.org by se...@apache.org on 2013/11/18 22:29:16 UTC

svn commit: r1543171 - in /cxf/branches/2.7.x-fixes: ./ rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java

Author: sergeyb
Date: Mon Nov 18 21:29:15 2013
New Revision: 1543171

URL: http://svn.apache.org/r1543171
Log:
Merged revisions 1543170 via svnmerge from 
https://svn.apache.org/repos/asf/cxf/trunk

........
  r1543170 | sergeyb | 2013-11-18 21:24:54 +0000 (Mon, 18 Nov 2013) | 1 line
  
  [CXF-5394] URL encoding the scope returned as a fragment
........

Modified:
    cxf/branches/2.7.x-fixes/   (props changed)
    cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java

Propchange: cxf/branches/2.7.x-fixes/
------------------------------------------------------------------------------
  Merged /cxf/trunk:r1543170

Propchange: cxf/branches/2.7.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.

Modified: cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java?rev=1543171&r1=1543170&r2=1543171&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java (original)
+++ cxf/branches/2.7.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java Mon Nov 18 21:29:15 2013
@@ -26,6 +26,7 @@ import javax.ws.rs.Path;
 import javax.ws.rs.core.MultivaluedMap;
 import javax.ws.rs.core.Response;
 
+import org.apache.cxf.jaxrs.utils.HttpUtils;
 import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;
 import org.apache.cxf.rs.security.oauth2.common.Client;
 import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
@@ -96,8 +97,9 @@ public class ImplicitGrantService extend
             // optional - otherwise; lets always report it for now if it is non-empty 
             List<OAuthPermission> perms = token.getScopes();
             if (!perms.isEmpty()) {
-                sb.append("&").append(OAuthConstants.SCOPE)
-                    .append("=").append(OAuthUtils.convertPermissionsToScope(perms));
+                String scope = OAuthUtils.convertPermissionsToScope(perms);
+                sb.append("&").append(OAuthConstants.SCOPE).append("=")
+                    .append(HttpUtils.queryEncode(scope));
             }
             //TODO: also report other token parameters if any if needed  
         }