You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shindig.apache.org by rb...@apache.org on 2013/11/13 01:46:15 UTC
svn commit: r1541340 -
/shindig/trunk/java/server-resources/src/main/webapp/WEB-INF/authorize.jsp
Author: rbaxter85
Date: Wed Nov 13 00:46:14 2013
New Revision: 1541340
URL: http://svn.apache.org/r1541340
Log:
Really check that the user gave his authorization
SHINDIG-1945
Committed for Andreas Kohn
Modified:
shindig/trunk/java/server-resources/src/main/webapp/WEB-INF/authorize.jsp
Modified: shindig/trunk/java/server-resources/src/main/webapp/WEB-INF/authorize.jsp
URL: http://svn.apache.org/viewvc/shindig/trunk/java/server-resources/src/main/webapp/WEB-INF/authorize.jsp?rev=1541340&r1=1541339&r2=1541340&view=diff
==============================================================================
--- shindig/trunk/java/server-resources/src/main/webapp/WEB-INF/authorize.jsp (original)
+++ shindig/trunk/java/server-resources/src/main/webapp/WEB-INF/authorize.jsp Wed Nov 13 00:46:14 2013
@@ -40,14 +40,15 @@ under the License.
// TODO - this is a bit hard since we cannot get at the jsondb here...
// If user clicked on the Authorize button then we're good.
- if (request.getParameter("Authorize") != null) {
+ String submitValue = request.getParameter("Authorize");
+ if ("Authorize".equals(submitValue)) {
// If the user clicked the Authorize button we authorize the token and redirect back.
dataStore.authorizeToken(entry, SecurityUtils.getSubject().getPrincipal().toString());
// Bounce back to the servlet to handle redirecting to the callback URL
request.getRequestDispatcher("/oauth/authorize?oauth_token=" + token + "&oauth_callback=" + callback)
.forward(request,response);
- } else if (request.getParameter("Deny") != null) {
+ } else if ("Deny".equals(submitValue)) {
dataStore.removeToken(entry);
}
// Gather some data