fix(4.3): removed client_credentials token validation

#1567
GluuFederation · Sep 28, 2021 · f3ab227 · f3ab227
1 parent 7c7906c
commit f3ab227
Showing 1 changed file with 0 additions and 42 deletions.
diff --git a/Server/src/main/java/org/gluu/oxauth/register/ws/rs/RegisterRestWebServiceImpl.java b/Server/src/main/java/org/gluu/oxauth/register/ws/rs/RegisterRestWebServiceImpl.java
@@ -698,8 +698,6 @@ public Response requestClientUpdate(String requestParams, String clientId, @Head
             final String accessToken = tokenService.getToken(authorization);
 
             if (StringUtils.isNotBlank(accessToken) && StringUtils.isNotBlank(clientId) && StringUtils.isNotBlank(requestParams)) {
-                validateAuthorizationAccessToken(accessToken, clientId);
-
                 JSONObject requestObject = new JSONObject(requestParams);
                 final JSONObject softwareStatement = validateSoftwareStatement(httpRequest, requestObject);
                 if (softwareStatement != null) {
@@ -793,46 +791,6 @@ public Response requestClientUpdate(String requestParams, String clientId, @Head
         return internalErrorResponse("Unknown.").build();
     }
 
-    private void validateAuthorizationAccessToken(String accessToken, String clientId) {
-        if (StringUtils.isBlank(accessToken) || StringUtils.isBlank(clientId)) {
-            log.trace("Access Token or clientId is blank.");
-            throw new WebApplicationException(Response.
-                    status(Response.Status.BAD_REQUEST).
-                    type(MediaType.APPLICATION_JSON_TYPE).
-                    entity(errorResponseFactory.errorAsJson(RegisterErrorResponseType.INVALID_TOKEN, "The Access Token is not valid for the Client ID."))
-                    .build());
-        }
-
-        final AuthorizationGrant grant = authorizationGrantList.getAuthorizationGrantByAccessToken(accessToken);
-        if (grant == null) {
-            log.trace("Unable to find grant by access token: {}", accessToken);
-            throw new WebApplicationException(Response.
-                    status(Response.Status.BAD_REQUEST).
-                    type(MediaType.APPLICATION_JSON_TYPE).
-                    entity(errorResponseFactory.errorAsJson(RegisterErrorResponseType.INVALID_TOKEN, "The Access Token grant is not found."))
-                    .build());
-        }
-
-        final AbstractToken accessTokenObj = grant.getAccessToken(accessToken);
-        if (accessTokenObj == null || !accessTokenObj.isValid()) {
-            log.trace("Unable to find access token object or otherwise it's expired.");
-            throw new WebApplicationException(Response.
-                    status(Response.Status.BAD_REQUEST).
-                    type(MediaType.APPLICATION_JSON_TYPE).
-                    entity(errorResponseFactory.errorAsJson(RegisterErrorResponseType.INVALID_TOKEN, "The Access Token object is not found or otherwise expired."))
-                    .build());
-        }
-
-        if (!clientId.equals(grant.getClientId())) {
-            log.trace("ClientId from request does not match to access token's client id.");
-            throw new WebApplicationException(Response.
-                    status(Response.Status.BAD_REQUEST).
-                    type(MediaType.APPLICATION_JSON_TYPE).
-                    entity(errorResponseFactory.errorAsJson(RegisterErrorResponseType.INVALID_TOKEN, "The Access Token object is not found or otherwise expired."))
-                    .build());
-        }
-    }
-
     @Override
     public Response requestClientRead(String clientId, String authorization, HttpServletRequest httpRequest,
                                       SecurityContext securityContext) {