Permalink
Browse files

Remove vmc headers to prevent duplicates

  • Loading branch information...
1 parent d0b830e commit f1c5d3a8dfdc479f3bc5c297eb7ed7c38172aa43 @dsyer committed Mar 14, 2013
Showing with 10 additions and 0 deletions.
  1. +10 −0 src/main/java/org/cloudfoundry/identity/uaa/login/RemoteUaaController.java
@@ -74,6 +74,12 @@
private static final String CONTENT_LENGTH = "Content-Length";
+ private static final String CONTENT_TYPE = "Content-Type";
+
+ private static final String ACCEPT = "Accept";
+
+ private static final String AUTHORIZATION = "Authorization";
+
private static final String TRANSFER_ENCODING = "Transfer-Encoding";
private static final String HOST = "Host";
@@ -271,13 +277,17 @@ public ModelAndView startAuthorization(HttpServletRequest request, @RequestParam
if (principal != null) {
map.set("source", "login");
map.setAll(getLoginCredentials(principal));
+ map.remove("credentials"); // legacy vmc might break otherwise
}
else {
throw new BadCredentialsException("No principal found in authorize endpoint");
}
HttpHeaders requestHeaders = new HttpHeaders();
requestHeaders.putAll(getRequestHeaders(headers));
+ requestHeaders.remove(AUTHORIZATION.toLowerCase());
+ requestHeaders.remove(ACCEPT.toLowerCase());
+ requestHeaders.remove(CONTENT_TYPE.toLowerCase());
requestHeaders.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
requestHeaders.setAccept(Arrays.asList(MediaType.APPLICATION_JSON));
requestHeaders.remove(COOKIE);

0 comments on commit f1c5d3a

Please sign in to comment.