svn commit: r952870 - /shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/UrlParameterAuthenticationHandler.java

[li...@apache.org]

Author: lindner
Date: Wed Jun  9 00:18:01 2010
New Revision: 952870

URL: http://svn.apache.org/viewvc?rev=952870&view=rev
Log:
SHINDIG-1361 | UrlParameterAuthenticationHandler fails for OAuth 2.

Modified:
    shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/UrlParameterAuthenticationHandler.java

Modified: shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/UrlParameterAuthenticationHandler.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/UrlParameterAuthenticationHandler.java?rev=952870&r1=952869&r2=952870&view=diff
==============================================================================
--- shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/UrlParameterAuthenticationHandler.java (original)
+++ shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/UrlParameterAuthenticationHandler.java Wed Jun  9 00:18:01 2010
@@ -34,6 +34,8 @@ import javax.servlet.http.HttpServletReq
 public class UrlParameterAuthenticationHandler implements AuthenticationHandler {
   private static final String SECURITY_TOKEN_PARAM = "st";
   private static final String OAUTH2_TOKEN_PARAM = "oauth_token";
+  private static final String OAUTH_VERSION_PARAM = "oauth_version";
+
   private final SecurityTokenDecoder securityTokenDecoder;
   private static final Pattern COMMAWHITESPACE = Pattern.compile("\\s*,\\s*");
 
@@ -81,8 +83,9 @@ public class UrlParameterAuthenticationH
       token = request.getParameter(SECURITY_TOKEN_PARAM);
     }
 
-    // OAuth token as a param
-    if (token == null && request.isSecure()) {
+    // OAuth2 token as a param
+    // NOTE: if oauth_version is present then we have a OAuth 1.0 request
+    if (token == null && request.isSecure() && request.getParameter(OAUTH_VERSION_PARAM) == null) {
       token = request.getParameter(OAUTH2_TOKEN_PARAM);
     }