Remove unused OAuthToken in authorisation URL

When the user needs to be redirected to the OAuth authentication URL for entering their credentials, the session is not active yet and there is no OAuthToken available. There is no value then in having a RequestToken parameter that will always be null anyway. Change-Id: I00fdbd32923a51e0c92e6bc0efff551936ec344f
2015-03-25 08:05:37 +00:00
parent 61074ca4fb
commit 3408d4deb8
2 changed files with 5 additions and 15 deletions
--- a/gerrit-extension-api/src/main/java/com/google/gerrit/extensions/auth/oauth/OAuthServiceProvider.java
+++ b/gerrit-extension-api/src/main/java/com/google/gerrit/extensions/auth/oauth/OAuthServiceProvider.java
@@ -22,30 +22,21 @@ import java.io.IOException;
@ExtensionPoint
 public interface OAuthServiceProvider {

-  /**
-   * Retrieve the request token.
-   *
-   * @return request token
-   */
-  OAuthToken getRequestToken();
-
  /**
   * Returns the URL where you should redirect your users to authenticate
   * your application.
   *
-   * @param requestToken the request token you need to authorize
-   * @return the URL where you should redirect your users
+   * @return the OAuth service URL to redirect your users for authentication
   */
-  String getAuthorizationUrl(OAuthToken requestToken);
+  String getAuthorizationUrl();

  /**
   * Retrieve the access token
   *
-   * @param requestToken request token (obtained previously)
   * @param verifier verifier code
   * @return access token
   */
-  OAuthToken getAccessToken(OAuthToken requestToken, OAuthVerifier verifier);
+  OAuthToken getAccessToken(OAuthVerifier verifier);

  /**
   * After establishing of secure communication channel, this method supossed to
--- a/gerrit-oauth/src/main/java/com/google/gerrit/httpd/auth/oauth/OAuthSession.java
+++ b/gerrit-oauth/src/main/java/com/google/gerrit/httpd/auth/oauth/OAuthSession.java
@@ -87,8 +87,7 @@ class OAuthSession {
      }

      log.debug("Login-Retrieve-User " + this);
-      token = oauth.getAccessToken(null,
-          new OAuthVerifier(request.getParameter("code")));
+      token = oauth.getAccessToken(new OAuthVerifier(request.getParameter("code")));

      user = oauth.getUserInfo(token);

@@ -103,7 +102,7 @@ class OAuthSession {
    } else {
      log.debug("Login-PHASE1 " + this);
      redirectUrl = request.getRequestURI();
-      response.sendRedirect(oauth.getAuthorizationUrl(null) +
+      response.sendRedirect(oauth.getAuthorizationUrl() +
          "&state=" + state);
      return false;
    }