fix #563 - set the session store to JEESessionStore.INSTANCE

jdaugherty · jdaugherty · commit b935faf57150 · 2024-12-13T09:50:28.000-05:00
diff --git a/spring-security-rest/grails-app/services/grails/plugin/springsecurity/rest/RestOauthService.groovy b/spring-security-rest/grails-app/services/grails/plugin/springsecurity/rest/RestOauthService.groovy
@@ -31,6 +31,7 @@ import org.pac4j.core.client.IndirectClient
 import org.pac4j.core.context.WebContext
 import org.pac4j.core.credentials.Credentials
 import org.pac4j.core.profile.UserProfile
+import org.pac4j.jee.context.session.JEESessionStore
 import org.springframework.security.core.authority.SimpleGrantedAuthority
 import org.springframework.security.core.context.SecurityContextHolder
 
@@ -75,10 +76,10 @@ class RestOauthService {
 
     UserProfile getProfile(String provider, WebContext context) {
         IndirectClient client = getClient(provider)
-        Credentials credentials = client.getCredentials(context, null).orElse(null)
+        Credentials credentials = client.getCredentials(context, JEESessionStore.INSTANCE).orElse(null)
 
         log.debug "Querying provider to fetch User ID"
-        client.getUserProfile(credentials, context, null).orElse(null)
+        client.getUserProfile(credentials, context, JEESessionStore.INSTANCE).orElse(null)
     }
 
     OauthUser getOauthUser(String provider, UserProfile profile) {
