This is an automated email from the ASF dual-hosted git repository. coheigea pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 39e32c4a3cf4b6dd35dae7cfccf47e2f23b8d253 Author: Colm O hEigeartaigh <cohei...@apache.org> AuthorDate: Wed Sep 11 01:08:19 2019 +0100 Fixing OAuth scope test --- .../cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java | 3 +-- .../jaxrs/security/oauth2/grants/AuthorizationGrantNegativeTest.java | 4 ++-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java index d6e16f2..e4af350 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java @@ -396,8 +396,7 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService approvedScope.add(rScope); } } - if (!requestedScope.containsAll(approvedScope) - || !OAuthUtils.validateScopes(requestedScope, client.getRegisteredScopes(), + if (!OAuthUtils.validateScopes(requestedScope, client.getRegisteredScopes(), partialMatchScopeValidation)) { return createErrorResponse(params, redirectUri, OAuthConstants.INVALID_SCOPE); } diff --git a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantNegativeTest.java b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantNegativeTest.java index 8bbb662..5b70662 100644 --- a/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantNegativeTest.java +++ b/systests/rs-security/src/test/java/org/apache/cxf/systest/jaxrs/security/oauth2/grants/AuthorizationGrantNegativeTest.java @@ -212,13 +212,13 @@ public class AuthorizationGrantNegativeTest extends AbstractBusClientServerTestB client.type("application/json").accept("application/json"); client.query("client_id", "consumer-id"); client.query("response_type", "code"); - client.query("redirect_uri", "http://www.blah.bad.apache.org"); + client.query("redirect_uri", "http://www.blah.apache.org"); client.query("scope", "unknown-scope"); client.path("authorize/"); // No redirect URI Response response = client.get(); - assertEquals(400, response.getStatus()); + assertEquals(303, response.getStatus()); } // Send the authorization code twice to get an access token