You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cxf.apache.org by co...@apache.org on 2015/11/13 14:36:51 UTC

[1/2] cxf git commit: Use client id instead of principal name if it's available

Repository: cxf
Updated Branches:
  refs/heads/master 0b8ac3e0e -> 79f590ee8


Use client id instead of principal name if it's available


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/79f590ee
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/79f590ee
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/79f590ee

Branch: refs/heads/master
Commit: 79f590ee8f51943aa95a9e6e245f906be85d6fbb
Parents: c5413a8
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Nov 13 12:25:57 2015 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Nov 13 12:39:30 2015 +0000

----------------------------------------------------------------------
 .../cxf/rs/security/oauth2/services/AbstractTokenService.java    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/79f590ee/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractTokenService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractTokenService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractTokenService.java
index 29eadcb..61e3165 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractTokenService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AbstractTokenService.java
@@ -65,12 +65,12 @@ public class AbstractTokenService extends AbstractOAuthService {
                 client = getAndValidateClientFromIdAndSecret(clientId,
                                               params.getFirst(OAuthConstants.CLIENT_SECRET));
             }
-        } else if (principal.getName() != null) {
-            client = getClient(principal.getName());
         } else {
             String clientId = retrieveClientId(params);
             if (clientId != null) {
                 client = getClient(clientId);
+            } else if (principal.getName() != null) {
+                client = getClient(principal.getName());
             } 
         }
         if (client == null) {

[2/2] cxf git commit: NPE fix

Posted by co...@apache.org.

NPE fix


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c5413a80
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c5413a80
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c5413a80

Branch: refs/heads/master
Commit: c5413a80e67b9b9a319ab8e3112486f093892528
Parents: 0b8ac3e
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Nov 13 11:15:30 2015 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Nov 13 12:39:30 2015 +0000

----------------------------------------------------------------------
 .../rs/security/oauth2/services/RedirectionBasedGrantService.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/c5413a80/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
index 51ea97e..667de92 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
@@ -271,7 +271,7 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService
             sessionTokenParamName = OAuthConstants.SESSION_AUTHENTICITY_TOKEN;
         }
         String sessionToken = params.getFirst(sessionTokenParamName);
-        if (!compareRequestAndSessionTokens(sessionToken, params, userSubject)) {
+        if (sessionToken == null || !compareRequestAndSessionTokens(sessionToken, params, userSubject)) {
             throw ExceptionUtils.toBadRequestException(null, null);     
         }