github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fixed id token scopes (shouldn't inherit from parent token)

pull/263/head
Justin Richer 2012-12-10 10:11:02 -05:00
parent f072aba3f5
commit 54708fb0ac
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java
View File

@ -37,6 +37,7 @@ import org.springframework.security.oauth2.provider.token.TokenEnhancer;
import org.springframework.stereotype.Service;
import com.google.common.base.Strings;
import com.google.common.collect.Sets;
@Service
public class ConnectTokenEnhancer implements TokenEnhancer {
@ -132,9 +133,9 @@ public class ConnectTokenEnhancer implements TokenEnhancer {
// TODO: might want to create a specialty authentication object here instead of copying
idTokenEntity.setAuthenticationHolder(token.getAuthenticationHolder());
// copy in the scopes from the parent token and add "id-token" to the list
Set<String> idScopes = new HashSet<String>(token.getScope());
idScopes.add(OAuth2AccessTokenEntity.ID_TOKEN_SCOPE);
// create a scope set with just the special "id-token" scope
//Set<String> idScopes = new HashSet<String>(token.getScope()); // this would copy the original token's scopes in, we don't really want that
Set<String> idScopes = Sets.newHashSet(OAuth2AccessTokenEntity.ID_TOKEN_SCOPE);
idTokenEntity.setScope(idScopes);
idTokenEntity.setClient(token.getClient());