cxf git commit: Fixing JoseSessionTokenProvider, with thanks to Romain

Mon, 16 Jan 2017 03:15:06 -0800 

Repository: cxf
Updated Branches:
  refs/heads/master ee8b85711 -> 4d57c0c29


Fixing JoseSessionTokenProvider, with thanks to Romain


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4d57c0c2
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4d57c0c2
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4d57c0c2

Branch: refs/heads/master
Commit: 4d57c0c29d1f93e0fa1c400a3e798495317dd893
Parents: ee8b857
Author: Sergey Beryozkin <sberyoz...@gmail.com>
Authored: Mon Jan 16 11:14:27 2017 +0000
Committer: Sergey Beryozkin <sberyoz...@gmail.com>
Committed: Mon Jan 16 11:14:27 2017 +0000

----------------------------------------------------------------------
 .../cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/4d57c0c2/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java
----------------------------------------------------------------------
diff --git 
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java
 
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java
index edd14a6..5901652 100644
--- 
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java
+++ 
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java
@@ -124,7 +124,7 @@ public class JoseSessionTokenProvider implements 
SessionAuthenticityTokenProvide
         String stateString = jwe.decrypt(sessionToken).getContentText();
         JwsSignatureVerifier jws = getInitializedSigVerifier();
         if (jws != null) {
-            stateString = JwsUtils.verify(jws, 
stateString).getUnsignedEncodedSequence();
+            stateString = JwsUtils.verify(jws, 
stateString).getDecodedJwsPayload();
         }
         return stateString;
     }

Reply via email to