Skip to content
This repository has been archived by the owner on May 31, 2022. It is now read-only.

ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId); in wrong place #1966

Open
LazyMonkey1992 opened this issue May 25, 2022 · 0 comments
Open

ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId); in wrong place #1966

LazyMonkey1992 opened this issue May 25, 2022 · 0 comments
Labels
status: waiting-for-triage type: enhancement

Comments

@LazyMonkey1992
Copy link

private Set extractScopes(Map<String, String> requestParameters, String clientId) {
Set scopes = OAuth2Utils.parseParameterList(requestParameters.get(OAuth2Utils.SCOPE));
ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId);

	if ((scopes == null || scopes.isEmpty())) {
		// If no scopes are specified in the incoming data, use the default values registered with the client
		// (the spec allows us to choose between this option and rejecting the request completely, so we'll take the
		// least obnoxious choice as a default).
		scopes = clientDetails.getScope();
	}

	if (checkUserScopes) {
		scopes = checkUserScopes(scopes, clientDetails);
	}
	return scopes;
}
@jgrandja jgrandja transferred this issue from spring-projects/spring-security May 25, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
status: waiting-for-triage type: enhancement
Milestone
No milestone
Development

No branches or pull requests
1 participant
@LazyMonkey1992