cxf-fediz git commit: [FEDIZ-172] Adding a comment

Thu, 28 Jul 2016 11:41:26 -0700 

Repository: cxf-fediz
Updated Branches:
  refs/heads/master 86f7a5eb6 -> b45b3b7b2


[FEDIZ-172] Adding a comment


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/b45b3b7b
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/b45b3b7b
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/b45b3b7b

Branch: refs/heads/master
Commit: b45b3b7b2cd57b5678eb0b982db93b61d97672e0
Parents: 86f7a5e
Author: Sergey Beryozkin <[email protected]>
Authored: Thu Jul 28 21:40:41 2016 +0300
Committer: Sergey Beryozkin <[email protected]>
Committed: Thu Jul 28 21:40:41 2016 +0300

----------------------------------------------------------------------
 .../org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java  | 3 +++
 1 file changed, 3 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/b45b3b7b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java
----------------------------------------------------------------------
diff --git 
a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java
 
b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java
index ff34955..16bd697 100644
--- 
a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java
+++ 
b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/OAuthDataProviderImpl.java
@@ -65,6 +65,9 @@ public class OAuthDataProviderImpl extends 
DefaultEHCacheCodeDataProvider {
     @Override
     public List<OAuthPermission> convertScopeToPermissions(Client client, 
List<String> requestedScopes) {
         //TODO: push this code into the abstract class
+        //NOTE: if OIDC-registered clients will be allowed to support not only 
code/implicit
+        // (as it is now) but also client credentials/etc then the check below 
will need to be more strict
+        // with the help of getMessageContext().get(OAuthConstants.GRANT_TYPE)
         if 
(!client.getAllowedGrantTypes().contains(OAuthConstants.CLIENT_CREDENTIALS_GRANT)
             && !requestedScopes.contains(OidcUtils.OPENID_SCOPE)) {
             throw new OAuthServiceException("Required scopes are missing");

Reply via email to