fixed id token scopes (shouldn't inherit from parent token)

pull/263/head
Justin Richer 2012-12-10 10:11:02 -05:00
parent f072aba3f5
commit 54708fb0ac
1 changed files with 4 additions and 3 deletions

View File

@ -37,6 +37,7 @@ import org.springframework.security.oauth2.provider.token.TokenEnhancer;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import com.google.common.base.Strings; import com.google.common.base.Strings;
import com.google.common.collect.Sets;
@Service @Service
public class ConnectTokenEnhancer implements TokenEnhancer { public class ConnectTokenEnhancer implements TokenEnhancer {
@ -132,9 +133,9 @@ public class ConnectTokenEnhancer implements TokenEnhancer {
// TODO: might want to create a specialty authentication object here instead of copying // TODO: might want to create a specialty authentication object here instead of copying
idTokenEntity.setAuthenticationHolder(token.getAuthenticationHolder()); idTokenEntity.setAuthenticationHolder(token.getAuthenticationHolder());
// copy in the scopes from the parent token and add "id-token" to the list // create a scope set with just the special "id-token" scope
Set<String> idScopes = new HashSet<String>(token.getScope()); //Set<String> idScopes = new HashSet<String>(token.getScope()); // this would copy the original token's scopes in, we don't really want that
idScopes.add(OAuth2AccessTokenEntity.ID_TOKEN_SCOPE); Set<String> idScopes = Sets.newHashSet(OAuth2AccessTokenEntity.ID_TOKEN_SCOPE);
idTokenEntity.setScope(idScopes); idTokenEntity.setScope(idScopes);
idTokenEntity.setClient(token.getClient()); idTokenEntity.setClient(token.getClient());