You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@shindig.apache.org by li...@apache.org on 2010/06/11 00:14:23 UTC

svn commit: r953478 - /shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/UrlParameterAuthenticationHandler.java

Author: lindner
Date: Thu Jun 10 22:14:23 2010
New Revision: 953478

URL: http://svn.apache.org/viewvc?rev=953478&view=rev
Log:
SHINDIG-1361 | Deal with OAuth 1.0 vs 2.0

Modified:
    shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/UrlParameterAuthenticationHandler.java

Modified: shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/UrlParameterAuthenticationHandler.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/UrlParameterAuthenticationHandler.java?rev=953478&r1=953477&r2=953478&view=diff
==============================================================================
--- shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/UrlParameterAuthenticationHandler.java (original)
+++ shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/UrlParameterAuthenticationHandler.java Thu Jun 10 22:14:23 2010
@@ -33,8 +33,6 @@ import javax.servlet.http.HttpServletReq
  */
 public class UrlParameterAuthenticationHandler implements AuthenticationHandler {
   private static final String SECURITY_TOKEN_PARAM = "st";
-  private static final String OAUTH2_TOKEN_PARAM = "oauth_token";
-  private static final String OAUTH_VERSION_PARAM = "oauth_version";
 
   private final SecurityTokenDecoder securityTokenDecoder;
   private static final Pattern COMMAWHITESPACE = Pattern.compile("\\s*,\\s*");
@@ -84,9 +82,9 @@ public class UrlParameterAuthenticationH
     }
 
     // OAuth2 token as a param
-    // NOTE: if oauth_version is present then we have a OAuth 1.0 request
-    if (token == null && request.isSecure() && request.getParameter(OAUTH_VERSION_PARAM) == null) {
-      token = request.getParameter(OAUTH2_TOKEN_PARAM);
+    // NOTE: if oauth_signature_method is present then we have a OAuth 1.0 request
+    if (token == null && request.isSecure() && request.getParameter(OAuth.OAUTH_SIGNATURE_METHOD) == null) {
+      token = request.getParameter(OAuth.OAUTH_TOKEN);
     }
 
     // token in authorization header