github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

makes the grant types checker softer, closes #640

pull/653/head
Justin Richer 2014-07-19 23:54:02 -07:00
parent 2a2a86a14d
commit 8768188133
1 changed files with 1 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
View File

@ -397,14 +397,10 @@ public class ClientDynamicRegistrationEndpoint {
// filter out unknown grant types // filter out unknown grant types
// TODO: make this a pluggable service // TODO: make this a pluggable service
Set<String> requestedGrantTypes = new HashSet<String>(newClient.getGrantTypes()); Set<String> requestedGrantTypes = new HashSet<String>(newClient.getGrantTypes());
requestedGrantTypes.removeAll( requestedGrantTypes.retainAll(
ImmutableSet.of("authorization_code", "implicit", ImmutableSet.of("authorization_code", "implicit",
"password", "client_credentials", "refresh_token", "password", "client_credentials", "refresh_token",
"urn:ietf:params:oauth:grant_type:redelegate")); "urn:ietf:params:oauth:grant_type:redelegate"));
if (!requestedGrantTypes.isEmpty()) {
// return an error, there were unknown grant types requested
throw new ValidationException("invalid_client_metadata", "Unknown grant types requested: " + newClient.getGrantTypes(), HttpStatus.BAD_REQUEST);
}
// don't allow "password" grant type for dynamic registration // don't allow "password" grant type for dynamic registration
if (newClient.getGrantTypes().contains("password")) { if (newClient.getGrantTypes().contains("password")) {