github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fixed inadvertent consistency bug in granting offline_access to clients

Browse Source
pull/324/merge
Justin Richer 12 years ago
parent 7307b4b19d
commit d7689152b8
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File

6
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientDynamicRegistrationEndpoint.java
Unescape View File

@ -91,7 +91,11 @@ public class ClientDynamicRegistrationEndpoint {
// set default grant types if needed // set default grant types if needed
if (newClient.getGrantTypes() == null || newClient.getGrantTypes().isEmpty()) { if (newClient.getGrantTypes() == null || newClient.getGrantTypes().isEmpty()) {
newClient.setGrantTypes(Sets.newHashSet("authorization_code")); // allow authorization code grant type by default if (newClient.getScope().contains("offline_access")) { // client asked for offline access
newClient.setGrantTypes(Sets.newHashSet("authorization_code", "refresh_token")); // allow authorization code and refresh token grant types by default
} else {
newClient.setGrantTypes(Sets.newHashSet("authorization_code")); // allow authorization code grant type by default
}
} }
// set default response types if needed // set default response types if needed

Write Preview
Loading…
Cancel
Save