From 406016cd29a0c2996db7a9a6d9894eba0c22e85e Mon Sep 17 00:00:00 2001
From: "lucio.lelii" <lucio.leliiisti.cnr.it>
Date: Tue, 15 Jun 2021 10:33:15 +0200
Subject: [PATCH] solved bug on user check

---
 .../handlers/application/request/RequestContextRetriever.java   | 2 +-
 .../handlers/application/request/RequestValidator.java          | 2 --
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/src/main/java/org/gcube/smartgears/handlers/application/request/RequestContextRetriever.java b/src/main/java/org/gcube/smartgears/handlers/application/request/RequestContextRetriever.java
index 52af00e..70e983d 100644
--- a/src/main/java/org/gcube/smartgears/handlers/application/request/RequestContextRetriever.java
+++ b/src/main/java/org/gcube/smartgears/handlers/application/request/RequestContextRetriever.java
@@ -91,7 +91,7 @@ public class RequestContextRetriever extends RequestHandler {
 		AuthorizationEntry authEntry = null;
 		try{
 			authEntry = authorizationService().get(token);	
-			if (retrievedUser != null && authEntry.getClientInfo().getId().equals(retrievedUser))
+			if (retrievedUser != null && !authEntry.getClientInfo().getId().equals(retrievedUser))
 				throw new Exception("user and token owner are not the same");
 		}catch(ObjectNotFound onf){
 			log.warn("rejecting call to {}, invalid token {}",call.context().name(),token);
diff --git a/src/main/java/org/gcube/smartgears/handlers/application/request/RequestValidator.java b/src/main/java/org/gcube/smartgears/handlers/application/request/RequestValidator.java
index 4ba8831..4466967 100644
--- a/src/main/java/org/gcube/smartgears/handlers/application/request/RequestValidator.java
+++ b/src/main/java/org/gcube/smartgears/handlers/application/request/RequestValidator.java
@@ -4,8 +4,6 @@ import static org.gcube.smartgears.handlers.application.request.RequestError.app
 import static org.gcube.smartgears.handlers.application.request.RequestError.application_unavailable_error;
 import static org.gcube.smartgears.handlers.application.request.RequestError.invalid_request_error;
 
-import java.io.IOException;
-
 import javax.xml.bind.annotation.XmlAttribute;
 import javax.xml.bind.annotation.XmlRootElement;