svn commit: r1541340 - /shindig/trunk/java/server-resources/src/main/webapp/WEB-INF/authorize.jsp

Tue, 12 Nov 2013 16:47:02 -0800 

Author: rbaxter85
Date: Wed Nov 13 00:46:14 2013
New Revision: 1541340

URL: http://svn.apache.org/r1541340
Log:
Really check that the user gave his authorization
SHINDIG-1945
Committed for Andreas Kohn

Modified:
    shindig/trunk/java/server-resources/src/main/webapp/WEB-INF/authorize.jsp

Modified: 
shindig/trunk/java/server-resources/src/main/webapp/WEB-INF/authorize.jsp
URL: 
http://svn.apache.org/viewvc/shindig/trunk/java/server-resources/src/main/webapp/WEB-INF/authorize.jsp?rev=1541340&r1=1541339&r2=1541340&view=diff
==============================================================================
--- shindig/trunk/java/server-resources/src/main/webapp/WEB-INF/authorize.jsp 
(original)
+++ shindig/trunk/java/server-resources/src/main/webapp/WEB-INF/authorize.jsp 
Wed Nov 13 00:46:14 2013
@@ -40,14 +40,15 @@ under the License.
   // TODO - this is a bit hard since we cannot get at the jsondb here...
 
   // If user clicked on the Authorize button then we're good.
-  if (request.getParameter("Authorize") != null) {
+  String submitValue = request.getParameter("Authorize");
+  if ("Authorize".equals(submitValue)) {
     // If the user clicked the Authorize button we authorize the token and 
redirect back.
     dataStore.authorizeToken(entry, 
SecurityUtils.getSubject().getPrincipal().toString());
 
     // Bounce back to the servlet to handle redirecting to the callback URL
     request.getRequestDispatcher("/oauth/authorize?oauth_token=" + token + 
"&oauth_callback=" + callback)
             .forward(request,response);
-  } else if (request.getParameter("Deny") != null) {
+  } else if ("Deny".equals(submitValue)) {
     dataStore.removeToken(entry);
   }
   // Gather some data

Reply via email to