From 458486ac9c414d2ae61a4112f743e504b06b4578 Mon Sep 17 00:00:00 2001 From: Samuel Sayer Date: Fri, 1 Feb 2013 11:16:54 -0500 Subject: [PATCH] fixed typos and dumbness in introspection endpoint filter thingy --- .../org/mitre/oauth2/filter/IntrospectingTokenService.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/openid-connect-client/src/main/java/org/mitre/oauth2/filter/IntrospectingTokenService.java b/openid-connect-client/src/main/java/org/mitre/oauth2/filter/IntrospectingTokenService.java index d43b8fdd8..1160bd2ba 100644 --- a/openid-connect-client/src/main/java/org/mitre/oauth2/filter/IntrospectingTokenService.java +++ b/openid-connect-client/src/main/java/org/mitre/oauth2/filter/IntrospectingTokenService.java @@ -94,7 +94,7 @@ public class IntrospectingTokenService implements ResourceServerTokenServices { // create a default authentication object with authority ROLE_API private Authentication createAuthentication(JsonObject token){ // TODO: user_id is going to go away. Will have to fix. - return new PreAuthenticatedAuthenticationToken(token.get("sub").getAsString(), null, AuthorityUtils.createAuthorityList("ROLE_API")); + return new PreAuthenticatedAuthenticationToken(token.get("subject").getAsString(), null, AuthorityUtils.createAuthorityList("ROLE_API")); } private OAuth2AccessToken createAccessToken(final JsonObject token, final String tokenString){ @@ -113,7 +113,7 @@ public class IntrospectingTokenService implements ResourceServerTokenServices { MultiValueMap form = new LinkedMultiValueMap(); form.add("token",accessToken); form.add("client_id", this.clientId); - form.add("client_scret", this.clientSecret); + form.add("client_secret", this.clientSecret); try { validatedToken = restTemplate.postForObject(introspectionUrl, form, String.class); @@ -140,7 +140,7 @@ public class IntrospectingTokenService implements ResourceServerTokenServices { return false; } // create an OAuth2Authentication - OAuth2Authentication auth = new OAuth2Authentication(createAuthRequest(tokenResponse), null); + OAuth2Authentication auth = new OAuth2Authentication(createAuthRequest(tokenResponse), createAuthentication(tokenResponse)); // create an OAuth2AccessToken OAuth2AccessToken token = createAccessToken(tokenResponse, accessToken);