diff options
| author | Luca Milanesio <luca.milanesio@gmail.com> | 2015-03-25 08:05:37 +0000 |
|---|---|---|
| committer | Saša Živkov <zivkov@gmail.com> | 2015-03-25 13:19:14 +0000 |
| commit | 3408d4deb866a54580f836ff109f3ef6ba940d45 (patch) | |
| tree | 1040ef4fec6d852e77ec76e0af37bbf5119ed09a | |
| parent | 61074ca4fbe7881212c6a921fb843378ed4fb124 (diff) | |
Remove unused OAuthToken in authorisation URL
When the user needs to be redirected to the OAuth authentication URL
for entering their credentials, the session is not active yet and
there is no OAuthToken available. There is no value then in having
a RequestToken parameter that will always be null anyway.
Change-Id: I00fdbd32923a51e0c92e6bc0efff551936ec344f
2 files changed, 5 insertions, 15 deletions
diff --git a/gerrit-extension-api/src/main/java/com/google/gerrit/extensions/auth/oauth/OAuthServiceProvider.java b/gerrit-extension-api/src/main/java/com/google/gerrit/extensions/auth/oauth/OAuthServiceProvider.java index 8375e3179e..9be2630792 100644 --- a/gerrit-extension-api/src/main/java/com/google/gerrit/extensions/auth/oauth/OAuthServiceProvider.java +++ b/gerrit-extension-api/src/main/java/com/google/gerrit/extensions/auth/oauth/OAuthServiceProvider.java @@ -23,29 +23,20 @@ import java.io.IOException; public interface OAuthServiceProvider { /** - * Retrieve the request token. - * - * @return request token - */ - OAuthToken getRequestToken(); - - /** * Returns the URL where you should redirect your users to authenticate * your application. * - * @param requestToken the request token you need to authorize - * @return the URL where you should redirect your users + * @return the OAuth service URL to redirect your users for authentication */ - String getAuthorizationUrl(OAuthToken requestToken); + String getAuthorizationUrl(); /** * Retrieve the access token * - * @param requestToken request token (obtained previously) * @param verifier verifier code * @return access token */ - OAuthToken getAccessToken(OAuthToken requestToken, OAuthVerifier verifier); + OAuthToken getAccessToken(OAuthVerifier verifier); /** * After establishing of secure communication channel, this method supossed to diff --git a/gerrit-oauth/src/main/java/com/google/gerrit/httpd/auth/oauth/OAuthSession.java b/gerrit-oauth/src/main/java/com/google/gerrit/httpd/auth/oauth/OAuthSession.java index d625e02abd..3eba6d9492 100644 --- a/gerrit-oauth/src/main/java/com/google/gerrit/httpd/auth/oauth/OAuthSession.java +++ b/gerrit-oauth/src/main/java/com/google/gerrit/httpd/auth/oauth/OAuthSession.java @@ -87,8 +87,7 @@ class OAuthSession { } log.debug("Login-Retrieve-User " + this); - token = oauth.getAccessToken(null, - new OAuthVerifier(request.getParameter("code"))); + token = oauth.getAccessToken(new OAuthVerifier(request.getParameter("code"))); user = oauth.getUserInfo(token); @@ -103,7 +102,7 @@ class OAuthSession { } else { log.debug("Login-PHASE1 " + this); redirectUrl = request.getRequestURI(); - response.sendRedirect(oauth.getAuthorizationUrl(null) + + response.sendRedirect(oauth.getAuthorizationUrl() + "&state=" + state); return false; } |