You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by re...@apache.org on 2016/07/11 00:14:19 UTC

[14/33] cxf git commit: Enforcing completeUri is not null only when it is a non-start OIDC request

Enforcing completeUri is not null only when it is a non-start OIDC request


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c06e570f
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c06e570f
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c06e570f

Branch: refs/heads/master-jaxrs-2.1
Commit: c06e570fbdadc18ff328c47a7c0865604d7a8ac8
Parents: 3358e04
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Thu Jul 7 15:51:12 2016 +0100
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Thu Jul 7 15:51:12 2016 +0100

----------------------------------------------------------------------
 .../security/oauth2/client/ClientCodeRequestFilter.java   | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/c06e570f/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
index cb233f4..963cd10 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java
@@ -91,11 +91,7 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter {
             if (referer != null && referer.startsWith(authorizationServiceUri)) {
                 completeUri = absoluteRequestUri;
                 sameUriRedirect = true;
-            } else {
-                LOG.warning("Complete URI is not initialized, authentication flow can not be completed");
-                rc.abortWith(Response.status(500).build());
-                return;
-            }
+            } 
         }
         
         if (!sameUriRedirect && isStartUriMatched(absoluteRequestUri)) {
@@ -109,6 +105,10 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter {
             }
             Response codeResponse = createCodeResponse(rc,  ui);
             rc.abortWith(codeResponse);
+        } else if (completeUri == null) {
+            LOG.warning("Complete URI is not initialized, authentication flow can not be completed");
+            rc.abortWith(Response.status(500).build());
+            return;
         } else if (absoluteRequestUri.endsWith(completeUri)) {
             MultivaluedMap<String, String> requestParams = toRequestState(rc, ui);
             processCodeResponse(rc, ui, requestParams);