You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shindig.apache.org by li...@apache.org on 2010/06/09 02:18:01 UTC
svn commit: r952870 -
/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/UrlParameterAuthenticationHandler.java
Author: lindner
Date: Wed Jun 9 00:18:01 2010
New Revision: 952870
URL: http://svn.apache.org/viewvc?rev=952870&view=rev
Log:
SHINDIG-1361 | UrlParameterAuthenticationHandler fails for OAuth 2.
Modified:
shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/UrlParameterAuthenticationHandler.java
Modified: shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/UrlParameterAuthenticationHandler.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/UrlParameterAuthenticationHandler.java?rev=952870&r1=952869&r2=952870&view=diff
==============================================================================
--- shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/UrlParameterAuthenticationHandler.java (original)
+++ shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/UrlParameterAuthenticationHandler.java Wed Jun 9 00:18:01 2010
@@ -34,6 +34,8 @@ import javax.servlet.http.HttpServletReq
public class UrlParameterAuthenticationHandler implements AuthenticationHandler {
private static final String SECURITY_TOKEN_PARAM = "st";
private static final String OAUTH2_TOKEN_PARAM = "oauth_token";
+ private static final String OAUTH_VERSION_PARAM = "oauth_version";
+
private final SecurityTokenDecoder securityTokenDecoder;
private static final Pattern COMMAWHITESPACE = Pattern.compile("\\s*,\\s*");
@@ -81,8 +83,9 @@ public class UrlParameterAuthenticationH
token = request.getParameter(SECURITY_TOKEN_PARAM);
}
- // OAuth token as a param
- if (token == null && request.isSecure()) {
+ // OAuth2 token as a param
+ // NOTE: if oauth_version is present then we have a OAuth 1.0 request
+ if (token == null && request.isSecure() && request.getParameter(OAUTH_VERSION_PARAM) == null) {
token = request.getParameter(OAUTH2_TOKEN_PARAM);
}