Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 71206b61a -> 809080335
Preventing the possible cycle in OAuthInvoker if the refreshed talking keep getting rejected Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/80908033 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/80908033 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/80908033 Branch: refs/heads/3.1.x-fixes Commit: 809080335d2a63faa86de68a08d8de8f6eeefd21 Parents: 71206b6 Author: Sergey Beryozkin <[email protected]> Authored: Wed Feb 3 10:45:25 2016 +0000 Committer: Sergey Beryozkin <[email protected]> Committed: Wed Feb 3 10:47:33 2016 +0000 ---------------------------------------------------------------------- .../org/apache/cxf/rs/security/oauth2/client/OAuthInvoker.java | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/80908033/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthInvoker.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthInvoker.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthInvoker.java index 9a831a3..8a28099 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthInvoker.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/OAuthInvoker.java @@ -32,6 +32,7 @@ import org.apache.cxf.message.Message; import org.apache.cxf.rs.security.oauth2.common.ClientAccessToken; public class OAuthInvoker extends JAXRSInvoker { + private static final String OAUTH2_CALL_RETRIED = "oauth2.call.retried"; private WebClient accessTokenServiceClient; private ClientTokenContextManager clientTokenContextManager; private Consumer consumer; @@ -47,7 +48,9 @@ public class OAuthInvoker extends JAXRSInvoker { return super.performInvocation(exchange, serviceObject, m, paramArray); } catch (InvocationTargetException ex) { - if (tokenContext != null && ex.getCause() instanceof NotAuthorizedException) { + if (tokenContext != null + && ex.getCause() instanceof NotAuthorizedException + && !inMessage.containsKey(OAUTH2_CALL_RETRIED)) { ClientAccessToken accessToken = tokenContext.getToken(); String refreshToken = accessToken.getRefreshToken(); if (refreshToken != null) { @@ -59,6 +62,7 @@ public class OAuthInvoker extends JAXRSInvoker { clientTokenContextManager.setClientTokenContext(mc, tokenContext); //retry + inMessage.put(OAUTH2_CALL_RETRIED, true); return super.performInvocation(exchange, serviceObject, m, paramArray); } }
