From b14dfa6458a7e30780d5102e7dd4ef1bca20a764 Mon Sep 17 00:00:00 2001
From: Justin Richer <jricher@mit.edu>
Date: Thu, 13 Nov 2014 11:23:54 -1000
Subject: [PATCH] approval page defaults to "ask again" when prompt=consent is
 passed, closes #669

---
 .../src/main/webapp/WEB-INF/views/approve.jsp                 | 4 ++--
 .../org/mitre/oauth2/web/OAuthConfirmationController.java     | 4 ++++
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approve.jsp b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approve.jsp
index a7a98d7bf..a3ee5133f 100644
--- a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approve.jsp
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approve.jsp
@@ -208,7 +208,7 @@
 					<fieldset style="text-align: left" class="well">
 						<legend style="margin-bottom: 0;">Remember this decision:</legend>
 						<label for="remember-forever" class="radio"> 
-						<input type="radio" name="remember" id="remember-forever" value="until-revoked" checked="checked"> 
+						<input type="radio" name="remember" id="remember-forever" value="until-revoked"  ${ !consent ? 'checked="checked"' : '' }> 
 							remember this decision until I revoke it
 						</label> 
 						<label for="remember-hour" class="radio"> 
@@ -216,7 +216,7 @@
 							remember this decision for one hour
 						</label> 
 						<label for="remember-not" class="radio"> 
-						<input type="radio" name="remember" id="remember-not" value="none">
+						<input type="radio" name="remember" id="remember-not" value="none" ${ consent ? 'checked="checked"' : '' }>
 							prompt me again next time
 						</label>
 					</fieldset>
diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java b/openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java
index 8c9451481..e1858202a 100644
--- a/openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/web/OAuthConfirmationController.java
@@ -102,6 +102,10 @@ public class OAuthConfirmationController {
 			model.put("code", HttpStatus.FORBIDDEN);
 			return HttpCodeView.VIEWNAME;
 		}
+		
+		if (prompts.contains("consent")) {
+			model.put("consent", true);
+		}
 
 		//AuthorizationRequest clientAuth = (AuthorizationRequest) model.remove("authorizationRequest");