Commit 7e375120 authored by Matija Obreza's avatar Matija Obreza
Browse files

Use StringUtils to compare client_secret

parent 815a2cd4
......@@ -60,7 +60,7 @@ public class WebApiFilter extends OncePerRequestFilter {
throw new Exception("Invalid client_id, client_secret combination");
}
if (StringUtils.isNotBlank(clientDetails.getClientSecret()) && !clientDetails.getClientSecret().equals(clientSecret)) {
if (StringUtils.isNotBlank(clientDetails.getClientSecret()) && !StringUtils.equals(clientDetails.getClientSecret(), clientSecret)) {
throw new Exception("Invalid client secret");
}
if (StringUtils.isBlank(referrer)) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment