Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 5bbd03f80 -> 83cc8bf11
Enforcing completeUri is not null only when it is a non-start OIDC request Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/83cc8bf1 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/83cc8bf1 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/83cc8bf1 Branch: refs/heads/3.1.x-fixes Commit: 83cc8bf11f0ec98f7ef8aca3d3b775943ad05811 Parents: 5bbd03f Author: Sergey Beryozkin <[email protected]> Authored: Thu Jul 7 15:51:12 2016 +0100 Committer: Sergey Beryozkin <[email protected]> Committed: Thu Jul 7 15:52:51 2016 +0100 ---------------------------------------------------------------------- .../security/oauth2/client/ClientCodeRequestFilter.java | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/83cc8bf1/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java index 8df02a8..8bf0111 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java @@ -91,11 +91,7 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter { if (referer != null && referer.startsWith(authorizationServiceUri)) { completeUri = absoluteRequestUri; sameUriRedirect = true; - } else { - LOG.warning("Complete URI is not initialized, authentication flow can not be completed"); - rc.abortWith(Response.status(500).build()); - return; - } + } } if (!sameUriRedirect && isStartUriMatched(absoluteRequestUri)) { @@ -109,6 +105,10 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter { } Response codeResponse = createCodeResponse(rc, ui); rc.abortWith(codeResponse); + } else if (completeUri == null) { + LOG.warning("Complete URI is not initialized, authentication flow can not be completed"); + rc.abortWith(Response.status(500).build()); + return; } else if (absoluteRequestUri.endsWith(completeUri)) { MultivaluedMap<String, String> requestParams = toRequestState(rc, ui); processCodeResponse(rc, ui, requestParams);
