Repository: cxf Updated Branches: refs/heads/master 3358e04e0 -> c06e570fb
Enforcing completeUri is not null only when it is a non-start OIDC request Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c06e570f Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c06e570f Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c06e570f Branch: refs/heads/master Commit: c06e570fbdadc18ff328c47a7c0865604d7a8ac8 Parents: 3358e04 Author: Sergey Beryozkin <[email protected]> Authored: Thu Jul 7 15:51:12 2016 +0100 Committer: Sergey Beryozkin <[email protected]> Committed: Thu Jul 7 15:51:12 2016 +0100 ---------------------------------------------------------------------- .../security/oauth2/client/ClientCodeRequestFilter.java | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/c06e570f/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java index cb233f4..963cd10 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java @@ -91,11 +91,7 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter { if (referer != null && referer.startsWith(authorizationServiceUri)) { completeUri = absoluteRequestUri; sameUriRedirect = true; - } else { - LOG.warning("Complete URI is not initialized, authentication flow can not be completed"); - rc.abortWith(Response.status(500).build()); - return; - } + } } if (!sameUriRedirect && isStartUriMatched(absoluteRequestUri)) { @@ -109,6 +105,10 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter { } Response codeResponse = createCodeResponse(rc, ui); rc.abortWith(codeResponse); + } else if (completeUri == null) { + LOG.warning("Complete URI is not initialized, authentication flow can not be completed"); + rc.abortWith(Response.status(500).build()); + return; } else if (absoluteRequestUri.endsWith(completeUri)) { MultivaluedMap<String, String> requestParams = toRequestState(rc, ui); processCodeResponse(rc, ui, requestParams);
