From 4144e295994a09ae211a4758e965b8d09a712943 Mon Sep 17 00:00:00 2001 From: Konstantin Schaper Date: Thu, 5 Nov 2020 11:27:11 +0100 Subject: [PATCH] fix scope check --- .../src/main/java/sonia/scm/security/JwtAccessTokenBuilder.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scm-webapp/src/main/java/sonia/scm/security/JwtAccessTokenBuilder.java b/scm-webapp/src/main/java/sonia/scm/security/JwtAccessTokenBuilder.java index 257aa10467..2455a01eba 100644 --- a/scm-webapp/src/main/java/sonia/scm/security/JwtAccessTokenBuilder.java +++ b/scm-webapp/src/main/java/sonia/scm/security/JwtAccessTokenBuilder.java @@ -153,7 +153,7 @@ public final class JwtAccessTokenBuilder implements AccessTokenBuilder { @Override public JwtAccessToken build() { final Scope principalScope = SecurityUtils.getSubject().getPrincipals().oneByType(Scope.class); - if (principalScope != null) { + if (principalScope != null && !principalScope.isEmpty()) { if (scope != null && !scope.isEmpty()) { throw new AuthorizationException(String.format("cannot merge builder scope (%s) with principal scope (%s)", scope, principalScope)); }