github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

more reasonable check for whether or not a user auth is present, addresses #602

pull/604/head
Justin Richer 2014-05-23 11:49:51 -04:00
parent 4e890a4d7d
commit df9c9747ce
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
openid-connect-server/src/main/java/org/mitre/openid/connect/token/ConnectTokenEnhancer.java
View File

@ -104,9 +104,12 @@ public class ConnectTokenEnhancer implements TokenEnhancer {
* may or may not include the scope parameter. As long as the AuthorizationRequest * may or may not include the scope parameter. As long as the AuthorizationRequest
* has the proper scope, we can consider this a valid OpenID Connect request. Otherwise, * has the proper scope, we can consider this a valid OpenID Connect request. Otherwise,
* we consider it to be a vanilla OAuth2 request. * we consider it to be a vanilla OAuth2 request.
*
* Also, there must be a user authentication involved in the request for it to be considered
* OIDC and not OAuth, so we check for that as well.
*/ */
if (originalAuthRequest.getScope().contains("openid") if (originalAuthRequest.getScope().contains("openid")
&& originalAuthRequest.getAuthorities().contains(new SimpleGrantedAuthority("ROLE_USER"))) { && !authentication.isClientOnly()) {
String username = authentication.getName(); String username = authentication.getName();
UserInfo userInfo = userInfoService.getByUsernameAndClientId(username, clientId); UserInfo userInfo = userInfoService.getByUsernameAndClientId(username, clientId);