Repository: cxf Updated Branches: refs/heads/master ee8b85711 -> 4d57c0c29
Fixing JoseSessionTokenProvider, with thanks to Romain Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4d57c0c2 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4d57c0c2 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4d57c0c2 Branch: refs/heads/master Commit: 4d57c0c29d1f93e0fa1c400a3e798495317dd893 Parents: ee8b857 Author: Sergey Beryozkin <sberyoz...@gmail.com> Authored: Mon Jan 16 11:14:27 2017 +0000 Committer: Sergey Beryozkin <sberyoz...@gmail.com> Committed: Mon Jan 16 11:14:27 2017 +0000 ---------------------------------------------------------------------- .../cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/4d57c0c2/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java index edd14a6..5901652 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/provider/JoseSessionTokenProvider.java @@ -124,7 +124,7 @@ public class JoseSessionTokenProvider implements SessionAuthenticityTokenProvide String stateString = jwe.decrypt(sessionToken).getContentText(); JwsSignatureVerifier jws = getInitializedSigVerifier(); if (jws != null) { - stateString = JwsUtils.verify(jws, stateString).getUnsignedEncodedSequence(); + stateString = JwsUtils.verify(jws, stateString).getDecodedJwsPayload(); } return stateString; }