You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cxf.apache.org by se...@apache.org on 2015/08/27 18:28:30 UTC

[4/4] cxf git commit: [CXF-6561, CXF-6562] Checking a null subject in ResourceOwnerGrantHandler, patch from Karl von Randow applied with minor updates, This closes #83

[CXF-6561, CXF-6562] Checking a null subject in ResourceOwnerGrantHandler, patch from Karl von Randow applied with minor updates, This closes #83


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/8c5e1fb7
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/8c5e1fb7
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/8c5e1fb7

Branch: refs/heads/master
Commit: 8c5e1fb7c490e8231ea706ba0c5d6a4030053a25
Parents: d2756ee
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Thu Aug 27 17:28:04 2015 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Thu Aug 27 17:28:04 2015 +0100

----------------------------------------------------------------------
 .../grants/owner/ResourceOwnerGrantHandler.java     | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/8c5e1fb7/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
index d7f6c33..58718b8 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
@@ -47,13 +47,17 @@ public class ResourceOwnerGrantHandler extends AbstractGrantHandler {
             throw new OAuthServiceException(
                  new OAuthError(OAuthConstants.INVALID_REQUEST));
         }
-        
-        UserSubject subject = loginHandler.createSubject(ownerName, ownerPassword);
-        
-        if (subject == null) {
-            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
+        UserSubject subject = null;
+        try {
+            subject = loginHandler.createSubject(ownerName, ownerPassword);
+            if (subject == null) {
+                throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
+            }
+        } catch (OAuthServiceException ex) { 
+            throw ex;
+        } catch (Exception ex) { 
+            throw new OAuthServiceException(OAuthConstants.INVALID_GRANT, ex);
         }
-        
         return doCreateAccessToken(client, 
                                    subject,
                                    params);