We use cookies to ensure you get the best experience on our website
Home Esplora Aiuto
Registrati Accedi
0ct0pu5
/
fess
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Sfoglia il codice sorgente

fix #1475 #1474

Shinsuke Sugaya 7 anni fa
parent
00989598da
commit
201c834e5c
2 ha cambiato i file con 11 aggiunte e 16 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 11 4
      src/main/java/org/codelibs/fess/helper/AccessTokenHelper.java
  2. 0 12
      src/main/java/org/codelibs/fess/helper/RoleQueryHelper.java

+ 11 - 4
src/main/java/org/codelibs/fess/helper/AccessTokenHelper.java
Vedi File 

@@ -22,6 +22,7 @@ import javax.servlet.http.HttpServletRequest;
 
 
 import org.apache.commons.lang3.RandomStringUtils;
 
 import org.codelibs.core.lang.StringUtil;
 
+import org.codelibs.fess.exception.InvalidAccessTokenException;
 
 import org.codelibs.fess.util.ComponentUtil;
 
 
 public class AccessTokenHelper {
 
@@ -36,13 +37,19 @@ public class AccessTokenHelper {
 
     public String getAccessTokenFromRequest(final HttpServletRequest request) {
 
         final String token = request.getHeader("Authorization");
 
         if (token != null) {
 
-            return token;
 
+            final String[] values = token.trim().split(" ");
 
+            if (values.length == 2 && "Bearer".equals(values[0])) {
 
+                return values[1];
 
+            } else if (values.length == 1) {
 
+                return values[0];
 
+            }
 
+            throw new InvalidAccessTokenException("invalid_request", "Invalid format: " + token);
 
         }
 
         final String name = ComponentUtil.getFessConfig().getApiAccessTokenRequestParameter();
 
-        if (StringUtil.isBlank(name)) {
 
-            return null;
 
+        if (StringUtil.isNotBlank(name)) {
 
+            return request.getParameter(name);
 
         }
 
-        return request.getParameter(name);
 
+        return null;
 
     }
 
 
     public void setRandom(final Random random) {

+ 0 - 12
src/main/java/org/codelibs/fess/helper/RoleQueryHelper.java
Vedi File 

@@ -160,18 +160,6 @@ public class RoleQueryHelper {
 
         ComponentUtil.getComponent(AccessTokenService.class).getPermissions(request).ifPresent(p -> p.forEach(roleSet::add));
 
     }
 
 
-    protected String getAccessToken(final HttpServletRequest request) {
 
-        final String token = request.getHeader("Authorization");
 
-        if (token != null) {
 
-            final String[] values = token.trim().split(" ");
 
-            if (values.length == 2 && "Bearer".equals(values[0])) {
 
-                return values[1];
 
-            }
 
-            throw new InvalidAccessTokenException("invalid_request", "Invalid format: " + token);
 
-        }
 
-        return request.getParameter("access_token");
 
-    }
 
-
 
     protected void processParameter(final HttpServletRequest request, final Set<String> roleSet) {
 
         final String parameter = request.getParameter(parameterKey);
 
         if (logger.isDebugEnabled()) {

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5