Repository: cxf Updated Branches: refs/heads/3.1.x-fixes db9b8a631 -> 7fb697a7f
A few minor changes to the JWT Bearer Handler Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7fb697a7 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7fb697a7 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7fb697a7 Branch: refs/heads/3.1.x-fixes Commit: 7fb697a7f54997138295a5f01c51f6640376f929 Parents: db9b8a6 Author: Colm O hEigeartaigh <[email protected]> Authored: Wed Dec 2 10:50:13 2015 +0000 Committer: Colm O hEigeartaigh <[email protected]> Committed: Wed Dec 2 11:11:48 2015 +0000 ---------------------------------------------------------------------- .../rs/security/oauth2/grants/jwt/AbstractJwtHandler.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/7fb697a7/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/jwt/AbstractJwtHandler.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/jwt/AbstractJwtHandler.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/jwt/AbstractJwtHandler.java index b8c6267..0177323 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/jwt/AbstractJwtHandler.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/jwt/AbstractJwtHandler.java @@ -47,7 +47,7 @@ public abstract class AbstractJwtHandler extends AbstractGrantHandler { } protected void validateSignature(JwsHeaders headers, String unsignedText, byte[] signature) { - JwsSignatureVerifier theSigVerifier = getInitializedSigVerifier(); + JwsSignatureVerifier theSigVerifier = getInitializedSigVerifier(headers); if (!theSigVerifier.verify(headers, unsignedText, signature)) { throw new OAuthServiceException(OAuthConstants.INVALID_GRANT); } @@ -67,7 +67,7 @@ public abstract class AbstractJwtHandler extends AbstractGrantHandler { } protected void validateIssuer(String issuer) { - if (issuer == null || !supportedIssuers.contains(issuer)) { + if (issuer == null || (supportedIssuers != null && !supportedIssuers.contains(issuer))) { throw new OAuthServiceException(OAuthConstants.INVALID_GRANT); } } @@ -87,11 +87,11 @@ public abstract class AbstractJwtHandler extends AbstractGrantHandler { public void setJwsVerifier(JwsSignatureVerifier jwsVerifier) { this.jwsVerifier = jwsVerifier; } - protected JwsSignatureVerifier getInitializedSigVerifier() { + protected JwsSignatureVerifier getInitializedSigVerifier(JwsHeaders headers) { if (jwsVerifier != null) { return jwsVerifier; } - return JwsUtils.loadSignatureVerifier(true); + return JwsUtils.loadSignatureVerifier(headers, true); } public int getTtl() {
