Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 8a9952073 -> a1a16ca17
Some trivial fixes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a1a16ca1 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a1a16ca1 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a1a16ca1 Branch: refs/heads/3.1.x-fixes Commit: a1a16ca1719aef85aa038e6538d451808852bc97 Parents: 8a99520 Author: Colm O hEigeartaigh <[email protected]> Authored: Fri Dec 4 12:38:49 2015 +0000 Committer: Colm O hEigeartaigh <[email protected]> Committed: Fri Dec 4 12:45:43 2015 +0000 ---------------------------------------------------------------------- .../cxf/rs/security/oauth2/filters/OAuthRequestFilter.java | 2 +- .../security/oauth2/services/AuthorizationCodeGrantService.java | 4 ++-- .../java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/a1a16ca1/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java index d1a479c..ae34c58 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/filters/OAuthRequestFilter.java @@ -110,7 +110,7 @@ public class OAuthRequestFilter extends AbstractAccessTokenValidator } } - if (permissions.size() > 0 && matchingPermissions.isEmpty() + if (!permissions.isEmpty() && matchingPermissions.isEmpty() || allPermissionsMatch && (matchingPermissions.size() != permissions.size()) || !requiredScopes.isEmpty() && requiredScopes.size() != matchingPermissions.size()) { String message = "Client has no valid permissions"; http://git-wip-us.apache.org/repos/asf/cxf/blob/a1a16ca1/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java index 79559c7..b95eae7 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/AuthorizationCodeGrantService.java @@ -53,7 +53,7 @@ import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants; */ @Path("/authorize") public class AuthorizationCodeGrantService extends RedirectionBasedGrantService { - private static final Integer RECOMMENDED_CODE_EXPIRY_TIME_MINS = 10; + private static final long RECOMMENDED_CODE_EXPIRY_TIME_SECS = 10L * 60L; private boolean canSupportPublicClients; private boolean canSupportEmptyRedirectForPrivateClients; private OOBResponseDeliverer oobDeliverer; @@ -122,7 +122,7 @@ public class AuthorizationCodeGrantService extends RedirectionBasedGrantService } catch (OAuthServiceException ex) { return createErrorResponse(state.getState(), state.getRedirectUri(), OAuthConstants.ACCESS_DENIED); } - if (grant.getExpiresIn() / 60 > RECOMMENDED_CODE_EXPIRY_TIME_MINS) { + if (grant.getExpiresIn() > RECOMMENDED_CODE_EXPIRY_TIME_SECS) { LOG.warning("Code expiry time exceeds 10 minutes"); } String grantCode = processCodeGrant(client, grant.getCode(), grant.getSubject()); http://git-wip-us.apache.org/repos/asf/cxf/blob/a1a16ca1/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java index 65a01fa..5e8ed8a 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.java @@ -182,12 +182,12 @@ public final class OAuthUtils { } public static long getIssuedAt() { - return System.currentTimeMillis() / 1000; + return System.currentTimeMillis() / 1000L; } public static boolean isExpired(Long issuedAt, Long lifetime) { return lifetime != 0L - && issuedAt + lifetime < System.currentTimeMillis() / 1000; + && issuedAt + lifetime < System.currentTimeMillis() / 1000L; } public static boolean validateAudience(String audience, List<String> audiences) {
