github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

createAuthorizationCode should be @Transactional 

An Authentication should not exist without its matching AuthorizationCode, but typically an AuthorizationCode will have a foreign key on an Authentication, meaning it can't be saved first. This block should be wrapped in a transaction so that other DB clients (say, for example, clearExpiredAuthorizationCodes) don't see an inconsistent snapshot and then misbehave.
pull/1079/merge
HeXetic 2016-07-15 11:06:45 -04:00 committed by Justin Richer
parent c3d0c18af5
commit 7725fcfa2b
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultOAuth2AuthorizationCodeService.java
View File

@ -66,6 +66,7 @@ public class DefaultOAuth2AuthorizationCodeService implements AuthorizationCodeS
* @return the authorization code * @return the authorization code
*/ */
@Override @Override
@Transactional(value="defaultTransactionManager")
public String createAuthorizationCode(OAuth2Authentication authentication) { public String createAuthorizationCode(OAuth2Authentication authentication) {
String code = generator.generate(); String code = generator.generate();