You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2012/12/04 17:48:40 UTC

svn commit: r1417027 - in /cxf/branches/2.6.x-fixes: ./ rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java

Author: sergeyb
Date: Tue Dec  4 16:48:40 2012
New Revision: 1417027

URL: http://svn.apache.org/viewvc?rev=1417027&view=rev
Log:
Merged revisions 1417025 via svnmerge from 
https://svn.apache.org/repos/asf/cxf/trunk

........
  r1417025 | sergeyb | 2012-12-04 16:45:34 +0000 (Tue, 04 Dec 2012) | 1 line
  
  Updating implicit grant service to report the scope if it is available
........

Modified:
    cxf/branches/2.6.x-fixes/   (props changed)
    cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java

Propchange: cxf/branches/2.6.x-fixes/
------------------------------------------------------------------------------
  Merged /cxf/trunk:r1417025

Propchange: cxf/branches/2.6.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.

Modified: cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java?rev=1417027&r1=1417026&r2=1417027&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java (original)
+++ cxf/branches/2.6.x-fixes/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.java Tue Dec  4 16:48:40 2012
@@ -28,9 +28,11 @@ import javax.ws.rs.core.Response;
 
 import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;
 import org.apache.cxf.rs.security.oauth2.common.Client;
+import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
 import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
 import org.apache.cxf.rs.security.oauth2.common.UserSubject;
 import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
+import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;
 
 
 /**
@@ -82,8 +84,16 @@ public class ImplicitGrantService extend
         if (isWriteOptionalParameters()) {
             sb.append("&").append(OAuthConstants.ACCESS_TOKEN_EXPIRES_IN)
                 .append("=").append(token.getExpiresIn());
-            //TODO: also report the approved scope and other parameters if any  
+            // Reporting scope is required if the approved scope is different and
+            // optional - otherwise; lets always report it for now if it is non-empty 
+            List<OAuthPermission> perms = token.getScopes();
+            if (!perms.isEmpty()) {
+                sb.append("&").append(OAuthConstants.SCOPE)
+                    .append("=").append(OAuthUtils.convertPermissionsToScope(perms));
+            }
+            //TODO: also report other token parameters if any if needed  
         }
+        
         return Response.seeOther(URI.create(sb.toString())).build();
     }