github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

yes, allow default scoping if the client doesn't ask for any.

pull/419/merge
William Kim 2013-07-12 15:05:17 -04:00
parent 3d312b7eb5
commit 9a6f345e15
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectAuthorizationRequestManager.java
View File

@ -114,7 +114,7 @@ public class ConnectAuthorizationRequestManager implements AuthorizationRequestM
Set<String> scopes = OAuth2Utils.parseParameterList(parameters.get("scope")); Set<String> scopes = OAuth2Utils.parseParameterList(parameters.get("scope"));
if ((scopes == null || scopes.isEmpty())) { if ((scopes == null || scopes.isEmpty())) {
//TODO: do we want to allow default scoping at all? // default scoping
Set<String> clientScopes = client.getScope(); Set<String> clientScopes = client.getScope();
scopes = clientScopes; scopes = clientScopes;
} }