solved bug on user check
This commit is contained in:
parent
64c3f02996
commit
406016cd29
|
@ -91,7 +91,7 @@ public class RequestContextRetriever extends RequestHandler {
|
||||||
AuthorizationEntry authEntry = null;
|
AuthorizationEntry authEntry = null;
|
||||||
try{
|
try{
|
||||||
authEntry = authorizationService().get(token);
|
authEntry = authorizationService().get(token);
|
||||||
if (retrievedUser != null && authEntry.getClientInfo().getId().equals(retrievedUser))
|
if (retrievedUser != null && !authEntry.getClientInfo().getId().equals(retrievedUser))
|
||||||
throw new Exception("user and token owner are not the same");
|
throw new Exception("user and token owner are not the same");
|
||||||
}catch(ObjectNotFound onf){
|
}catch(ObjectNotFound onf){
|
||||||
log.warn("rejecting call to {}, invalid token {}",call.context().name(),token);
|
log.warn("rejecting call to {}, invalid token {}",call.context().name(),token);
|
||||||
|
|
|
@ -4,8 +4,6 @@ import static org.gcube.smartgears.handlers.application.request.RequestError.app
|
||||||
import static org.gcube.smartgears.handlers.application.request.RequestError.application_unavailable_error;
|
import static org.gcube.smartgears.handlers.application.request.RequestError.application_unavailable_error;
|
||||||
import static org.gcube.smartgears.handlers.application.request.RequestError.invalid_request_error;
|
import static org.gcube.smartgears.handlers.application.request.RequestError.invalid_request_error;
|
||||||
|
|
||||||
import java.io.IOException;
|
|
||||||
|
|
||||||
import javax.xml.bind.annotation.XmlAttribute;
|
import javax.xml.bind.annotation.XmlAttribute;
|
||||||
import javax.xml.bind.annotation.XmlRootElement;
|
import javax.xml.bind.annotation.XmlRootElement;
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue