forked from gCubeSystem/common-smartgears-legacy
solved bug on user check
This commit is contained in:
parent
64c3f02996
commit
406016cd29
|
@ -91,7 +91,7 @@ public class RequestContextRetriever extends RequestHandler {
|
|||
AuthorizationEntry authEntry = null;
|
||||
try{
|
||||
authEntry = authorizationService().get(token);
|
||||
if (retrievedUser != null && authEntry.getClientInfo().getId().equals(retrievedUser))
|
||||
if (retrievedUser != null && !authEntry.getClientInfo().getId().equals(retrievedUser))
|
||||
throw new Exception("user and token owner are not the same");
|
||||
}catch(ObjectNotFound onf){
|
||||
log.warn("rejecting call to {}, invalid token {}",call.context().name(),token);
|
||||
|
|
|
@ -4,8 +4,6 @@ import static org.gcube.smartgears.handlers.application.request.RequestError.app
|
|||
import static org.gcube.smartgears.handlers.application.request.RequestError.application_unavailable_error;
|
||||
import static org.gcube.smartgears.handlers.application.request.RequestError.invalid_request_error;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import javax.xml.bind.annotation.XmlAttribute;
|
||||
import javax.xml.bind.annotation.XmlRootElement;
|
||||
|
||||
|
|
Loading…
Reference in New Issue