github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

added copy constructors because Dave likes to use unmodifiable sets for no apparent reason

pull/263/head
Justin Richer 2012-12-07 10:06:10 -05:00
parent 64ef752f08
commit 544e3d7b43
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2ProviderTokenService.java
View File

@ -19,6 +19,7 @@
package org.mitre.oauth2.service.impl;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
@ -171,9 +172,9 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi
OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();
// get the stored scopes from the authentication holder's authorization request; these are the scopes associated with the refresh token
Set<String> refreshScopes = refreshToken.getAuthenticationHolder().getAuthentication().getAuthorizationRequest().getScope();
Set<String> refreshScopes = new HashSet<String>(refreshToken.getAuthenticationHolder().getAuthentication().getAuthorizationRequest().getScope());
Set<String> scope = authRequest.getScope();
Set<String> scope = new HashSet<String>(authRequest.getScope());
if (scope != null && !scope.isEmpty()) {
// ensure a proper subset of scopes
if (refreshScopes != null && refreshScopes.containsAll(scope)) {