You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2015/08/27 18:28:30 UTC
[4/4] cxf git commit: [CXF-6561,
CXF-6562] Checking a null subject in ResourceOwnerGrantHandler,
patch from Karl von Randow applied with minor updates, This closes #83
[CXF-6561, CXF-6562] Checking a null subject in ResourceOwnerGrantHandler, patch from Karl von Randow applied with minor updates, This closes #83
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/8c5e1fb7
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/8c5e1fb7
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/8c5e1fb7
Branch: refs/heads/master
Commit: 8c5e1fb7c490e8231ea706ba0c5d6a4030053a25
Parents: d2756ee
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Thu Aug 27 17:28:04 2015 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Thu Aug 27 17:28:04 2015 +0100
----------------------------------------------------------------------
.../grants/owner/ResourceOwnerGrantHandler.java | 16 ++++++++++------
1 file changed, 10 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/8c5e1fb7/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
index d7f6c33..58718b8 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ResourceOwnerGrantHandler.java
@@ -47,13 +47,17 @@ public class ResourceOwnerGrantHandler extends AbstractGrantHandler {
throw new OAuthServiceException(
new OAuthError(OAuthConstants.INVALID_REQUEST));
}
-
- UserSubject subject = loginHandler.createSubject(ownerName, ownerPassword);
-
- if (subject == null) {
- throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
+ UserSubject subject = null;
+ try {
+ subject = loginHandler.createSubject(ownerName, ownerPassword);
+ if (subject == null) {
+ throw new OAuthServiceException(OAuthConstants.INVALID_GRANT);
+ }
+ } catch (OAuthServiceException ex) {
+ throw ex;
+ } catch (Exception ex) {
+ throw new OAuthServiceException(OAuthConstants.INVALID_GRANT, ex);
}
-
return doCreateAccessToken(client,
subject,
params);