Merge pull request #187 from Viva-con-Agua/bug/186

bug fixed
Viva-con-Agua · Jan 26, 2018 · 1abae4d · 1abae4d
2 parents 041b1c5 + 76c5035
commit 1abae4d
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 15 deletions.
diff --git a/app/controllers/.OAuth2Controller.scala.swp b/app/controllers/.OAuth2Controller.scala.swp
diff --git a/app/controllers/OAuth2Controller.scala b/app/controllers/OAuth2Controller.scala
@@ -51,26 +51,15 @@ class OAuth2Controller @Inject() (
     * @param clientSecret secures the communication, if this method is configured.
     * @return
     */
-  def getCode(clientId : String, clientSecret : String) = SecuredAction.async { implicit request => {
+  def getCode(clientId : String) = SecuredAction.async { implicit request => {
 
-    def bodyWithSecret(secret : Option[String]) = oauthClientDao.find(clientId, secret, "authorization_code").flatMap(_ match {
+    oauthClientDao.find(clientId, None, "authorization_code").flatMap(_ match {
       case Some(client) => oauthCodeDao.save(OauthCode(request.identity, client)).map(
         code => code.client.redirectUri.map((uri) => Redirect(uri + code.code)).getOrElse(
           BadRequest(Messages("oauth2server.clientHasNoRedirectURI"))
         )
       )
       case _ => Future.successful(BadRequest(Messages("oauth2server.clientId.notFound")))
     })
-
-    configuration.getString("drops.ws.security").getOrElse("secret") match {
-      case "none" => bodyWithSecret(None)
-      case "secret" if clientSecret != "" => bodyWithSecret(Some(clientSecret))
-      case "sluice" => {
-        // TODO: Implement integration for using sluice in intra-microservice communication
-        Future.successful(BadRequest(Messages("oauth2server.security.method.notImplemented", "sluice")))
-      }
-      case _ => Future.successful(BadRequest(Messages("oauth2server.clientSecret.missing")))
-    }
-
   }}
 }
diff --git a/conf/routes b/conf/routes
@@ -40,8 +40,7 @@ POST    /rest/access                                        controllers.RestApi.
 
 # OAuth2 Rest API
 GET     /oauth2/rest/profile                                controllers.Oauth2RestApi.profile
-GET     /oauth2/code/get/:clientId                          controllers.OAuth2Controller.getCode(clientId : String, clientSecret = "")
-GET     /oauth2/code/get/:clientId/:clientSecret            controllers.OAuth2Controller.getCode(clientId : String, clientSecret : String)
+GET     /oauth2/code/get/:clientId                          controllers.OAuth2Controller.getCode(clientId : String)
 
 # Authentication
 GET     /auth/init                                          controllers.Auth.init