You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2014/02/19 18:30:33 UTC
git commit: [CXF-5569] Allowing for the unrecognized parameters if
they came as a result of the form parameters making into HTTP parameters map
Repository: cxf
Updated Branches:
refs/heads/master f8ed98e68 -> 8a3219071
[CXF-5569] Allowing for the unrecognized parameters if they came as a result of the form parameters making into HTTP parameters map
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/8a321907
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/8a321907
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/8a321907
Branch: refs/heads/master
Commit: 8a3219071c9bf9e8ee5b46b7e95720e737908930
Parents: f8ed98e
Author: Sergey Beryozkin <sb...@talend.com>
Authored: Wed Feb 19 17:30:15 2014 +0000
Committer: Sergey Beryozkin <sb...@talend.com>
Committed: Wed Feb 19 17:30:15 2014 +0000
----------------------------------------------------------------------
.../oauth/filters/AbstractAuthFilter.java | 20 ++++++++++++++++++--
1 file changed, 18 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/8a321907/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java b/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java
index b48b367..69ccdff 100644
--- a/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java
+++ b/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/filters/AbstractAuthFilter.java
@@ -31,6 +31,7 @@ import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
+import javax.ws.rs.core.MediaType;
import net.oauth.OAuth;
import net.oauth.OAuthMessage;
@@ -77,6 +78,7 @@ public class AbstractAuthFilter {
ALLOWED_OAUTH_PARAMETERS.add(OAuthConstants.OAUTH_CONSUMER_SECRET);
}
+ private boolean ignoreUnknownParameters;
private boolean useUserSubject;
private OAuthDataProvider dataProvider;
private OAuthValidator validator = new DefaultOAuthValidator();
@@ -274,7 +276,15 @@ public class AbstractAuthFilter {
this.validator = validator;
}
- private static class CustomHttpServletWrapper extends HttpServletRequestWrapper {
+ public boolean isIgnoreUnknownParameters() {
+ return ignoreUnknownParameters;
+ }
+
+ public void setIgnoreUnknownParameters(boolean ignoreUnknownParameters) {
+ this.ignoreUnknownParameters = ignoreUnknownParameters;
+ }
+
+ private class CustomHttpServletWrapper extends HttpServletRequestWrapper {
public CustomHttpServletWrapper(HttpServletRequest req) {
super(req);
}
@@ -286,9 +296,15 @@ public class AbstractAuthFilter {
return params;
}
+ String contentType = super.getRequest().getContentType();
+ boolean formPayload = contentType != null && MediaType.APPLICATION_FORM_URLENCODED_TYPE.
+ isCompatible(MediaType.valueOf(contentType));
+
+
Map<String, String[]> newParams = new HashMap<String, String[]>();
for (Map.Entry<String, String[]> entry : params.entrySet()) {
- if (ALLOWED_OAUTH_PARAMETERS.contains(entry.getKey())) {
+ if (ALLOWED_OAUTH_PARAMETERS.contains(entry.getKey())
+ || formPayload && AbstractAuthFilter.this.isIgnoreUnknownParameters()) {
newParams.put(entry.getKey(), entry.getValue());
}
}