Another update to ClientCodeRequestFilter
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/2d38ac06 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/2d38ac06 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/2d38ac06 Branch: refs/heads/master-jaxrs-2.1 Commit: 2d38ac06b2c0f8d4a3f35693aae6237ead27e35d Parents: 189756a Author: Sergey Beryozkin <sberyoz...@gmail.com> Authored: Tue Jul 19 12:37:22 2016 +0300 Committer: Sergey Beryozkin <sberyoz...@gmail.com> Committed: Tue Jul 19 12:37:22 2016 +0300 ---------------------------------------------------------------------- .../security/oauth2/client/ClientCodeRequestFilter.java | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/2d38ac06/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java index a0d82b3..b7a0c01 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/ClientCodeRequestFilter.java @@ -83,15 +83,16 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter { checkSecurityContextStart(rc); UriInfo ui = rc.getUriInfo(); String absoluteRequestUri = ui.getAbsolutePath().toString(); - + boolean sameRedirectUri = false; if (completeUri == null) { String referer = rc.getHeaderString("Referer"); if (referer != null && referer.startsWith(authorizationServiceUri)) { completeUri = absoluteRequestUri; + sameRedirectUri = true; } } - if (isStartUriMatched(ui, absoluteRequestUri)) { + if (isStartUriMatched(ui, absoluteRequestUri, sameRedirectUri)) { ClientTokenContext request = getClientTokenContext(rc); if (request != null) { setClientCodeRequest(request); @@ -120,10 +121,11 @@ public class ClientCodeRequestFilter implements ContainerRequestFilter { rc.abortWith(Response.status(401).build()); } - protected boolean isStartUriMatched(UriInfo ui, String absoluteRequestUri) { + protected boolean isStartUriMatched(UriInfo ui, String absoluteRequestUri, boolean sameRedirectUri) { // If all request URIs can initiate a code flow then it is a match // unless the current request URI matches a non-null completeUri - if (startUri == null && completeUri != null && !absoluteRequestUri.endsWith(completeUri)) { + if (startUri == null + && (completeUri != null && !absoluteRequestUri.endsWith(completeUri) || !sameRedirectUri)) { return true; } // If completeUri is null or startUri equals to it then check the code flow