[
https://issues.apache.org/jira/browse/CXF-5396?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jason Wang updated CXF-5396:
----------------------------
Priority: Critical (was: Major)
> AbstractGrant.toMap hardcode the grandType to Client_Credentials
> ----------------------------------------------------------------
>
> Key: CXF-5396
> URL: https://issues.apache.org/jira/browse/CXF-5396
> Project: CXF
> Issue Type: Bug
> Components: JAX-RS Security
> Affects Versions: 2.7.7
> Reporter: Jason Wang
> Priority: Critical
>
> AbstractGrant.toMap method has this line:
> map.putSingle(OAuthConstants.GRANT_TYPE,
> OAuthConstants.CLIENT_CREDENTIALS_GRANT);
> When the subclass, ResourceOwnerGrant overides this toMap, it calls the
> super.toMap(), which will cause this wrong value being added.
> So, I think we should fix this by calling
> map.putSingle(OAuthConstants.GRANT_TYPE, getType()).
> This way it will work for all 4 subclasses and will automatically work for
> future new class. Another way is to fix the ResourceOwnerGrant by not calling
> super.toMap.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
