首頁 探索 說明
註冊 登入
github
/
spring-security
镜像来自 https://github.com/spring-projects/spring-security
2
0
複刻 0
檔案 問題管理 0 Wiki
瀏覽代碼

Don't Attempt to Generate Token Without Valid Token Request

Closes gh-18088

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
Josh Cummings 1 月之前
父節點
e0a71eb00e
當前提交
1c112005fa
共有 1 個文件被更改,包括 1 次插入1 次删除
統一視圖 顯示文件統計
  1. 1 1
      web/src/main/java/org/springframework/security/web/authentication/ott/GenerateOneTimeTokenFilter.java

+ 1 - 1
web/src/main/java/org/springframework/security/web/authentication/ott/GenerateOneTimeTokenFilter.java
查看文件 

@@ -68,11 +68,11 @@ public final class GenerateOneTimeTokenFilter extends OncePerRequestFilter {
 
 			return;
 
 			return;
 
 		}
 
 		}
 
 		GenerateOneTimeTokenRequest generateRequest = this.requestResolver.resolve(request);
 
 		GenerateOneTimeTokenRequest generateRequest = this.requestResolver.resolve(request);
 
-		OneTimeToken ott = this.tokenService.generate(generateRequest);
 
 		if (generateRequest == null) {
 
 		if (generateRequest == null) {
 
 			filterChain.doFilter(request, response);
 
 			filterChain.doFilter(request, response);
 
 			return;
 
 			return;
 
 		}
 
 		}
 
+		OneTimeToken ott = this.tokenService.generate(generateRequest);
 
 		this.tokenGenerationSuccessHandler.handle(request, response, ott);
 
 		this.tokenGenerationSuccessHandler.handle(request, response, ott);
 
 	}
 
 	}