Author: sergeyb
Date: Fri May 25 11:06:47 2012
New Revision: 1342573
URL: http://svn.apache.org/viewvc?rev=1342573&view=rev
Log:
[CXF-4341] Doing the case-insensitive comparison for the default Basic auth
scheme
Modified:
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
Modified:
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java?rev=1342573&r1=1342572&r2=1342573&view=diff
==============================================================================
---
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
(original)
+++
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AccessTokenService.java
Fri May 25 11:06:47 2012
@@ -132,14 +132,14 @@ public class AccessTokenService extends
// client has already authenticated
Principal p = sc.getUserPrincipal();
String scheme = sc.getAuthenticationScheme();
- if ("Basic".equals(scheme)) {
+ if (OAuthConstants.BASIC_SCHEME.equalsIgnoreCase(scheme)) {
// section 2.3.1
client = getClient(p.getName());
} else {
// section 2.3.2
// the client has authenticated itself using some other scheme
// in which case the mapping between the scheme and the
client_id
- // should've been done, in which case the client_id is expected
+ // should've been done and the client_id is expected
// on the current message
Object clientIdProp =
getMessageContext().get(OAuthConstants.CLIENT_ID);
if (clientIdProp != null) {
@@ -152,7 +152,7 @@ public class AccessTokenService extends
// the client id and secret are expected to be in the Basic scheme
data
String[] parts =
AuthorizationUtils.getAuthorizationParts(getMessageContext());
- if ("Basic".equals(parts[0])) {
+ if (OAuthConstants.BASIC_SCHEME.equalsIgnoreCase(parts[0])) {
String[] authInfo =
AuthorizationUtils.getBasicAuthParts(parts[1]);
client = getAndValidateClient(authInfo[0], authInfo[1]);
}
Modified:
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java?rev=1342573&r1=1342572&r2=1342573&view=diff
==============================================================================
---
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
(original)
+++
cxf/trunk/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthConstants.java
Fri May 25 11:06:47 2012
@@ -53,6 +53,8 @@ public final class OAuthConstants {
public static final String MAC_AUTHORIZATION_SCHEME = "Mac";
public static final String ALL_AUTH_SCHEMES = "*";
+ // Default Client Authentication Scheme
+ public static final String BASIC_SCHEME = "Basic";
// Authorization Code grant constants
public static final String AUTHORIZATION_CODE_VALUE = "code";
