You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by bu...@apache.org on 2019/09/20 10:06:44 UTC
[cxf] branch master updated: Return unautorized from the UserInfo
endpoint
This is an automated email from the ASF dual-hosted git repository.
buhhunyx pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git
The following commit(s) were added to refs/heads/master by this push:
new 85df406 Return unautorized from the UserInfo endpoint
85df406 is described below
commit 85df4062810b8b4e56c2a88656a8188bd5f5329d
Author: Alexey Markevich <bu...@gmail.com>
AuthorDate: Fri Sep 20 11:07:30 2019 +0300
Return unautorized from the UserInfo endpoint
---
.../main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
index 78e25f9..5112680 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/UserInfoService.java
@@ -26,6 +26,7 @@ import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
+import javax.ws.rs.core.Response.Status;
import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.rs.security.jose.jwt.JwtToken;
@@ -58,7 +59,7 @@ public class UserInfoService extends OAuthServerJoseJwtProducer {
if (!oauth.getPermissions().stream()
.map(OAuthPermission::getPermission)
.anyMatch(OidcUtils.OPENID_SCOPE::equals)) {
- Response.status(401);
+ return Response.status(Status.UNAUTHORIZED).build();
}
UserInfo userInfo = null;