You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2012/05/02 16:28:11 UTC
svn commit: r1333058 -
/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenHandler.java
Author: sergeyb
Date: Wed May 2 14:28:10 2012
New Revision: 1333058
URL: http://svn.apache.org/viewvc?rev=1333058&view=rev
Log:
[CXF-4283] Checking OAuth10 preauthorized tokens for missing or empty verifiers, thanks to Jordi T.
Modified:
cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenHandler.java
Modified: cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenHandler.java?rev=1333058&r1=1333057&r2=1333058&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenHandler.java (original)
+++ cxf/trunk/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/services/AccessTokenHandler.java Wed May 2 14:28:10 2012
@@ -31,6 +31,7 @@ import net.oauth.OAuthMessage;
import net.oauth.OAuthProblemException;
import org.apache.cxf.common.logging.LogUtils;
+import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.rs.security.oauth.data.AccessToken;
import org.apache.cxf.rs.security.oauth.data.AccessTokenRegistration;
@@ -64,7 +65,7 @@ public class AccessTokenHandler {
}
String oauthVerifier = oAuthMessage.getParameter(OAuth.OAUTH_VERIFIER);
- if (oauthVerifier == null) {
+ if (StringUtils.isEmpty(oauthVerifier)) {
if (requestToken.getSubject() != null && requestToken.isPreAuthorized()) {
LOG.fine("Preauthorized request token");
} else {