github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

shuffle authz endpoint

pull/708/merge
Justin Richer 2015-05-11 14:56:55 -04:00
parent 7951ff5086
commit 53d4f15923
1 changed files with 82 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
openid-connect-server/src/main/java/org/mitre/uma/web/AuthorizationRequestEndpoint.java
View File

@ -144,11 +144,14 @@ public class AuthorizationRequestEndpoint {
m.addAttribute(JsonErrorView.ERROR, "not_authorized");
m.addAttribute(JsonErrorView.ERROR_MESSAGE, "This resource set can not be accessed.");
m.addAttribute(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
}
return JsonErrorView.VIEWNAME;
} else {
// claims weren't empty or missing, we need to check against what we have
Collection<Claim> claimsUnmatched = claimsProcessingService.claimsAreSatisfied(rs.getClaimsRequired(), ticket.getClaimsSupplied());
if (claimsUnmatched.isEmpty()) {
// if the unmatched claims come back empty, by function contract that means we're happy and can issue a token
// TODO: move this whole mess to the OIDCTokenService (#797)
@ -226,6 +229,7 @@ public class AuthorizationRequestEndpoint {
}
}
} else {
// ticket wasn't found, return an error
m.addAttribute(HttpStatus.BAD_REQUEST);