From: remillet <remillet@yahoo.com>
Date: Fri, 15 Dec 2017 17:12:58 +0000 (-0800)
Subject: DRYD-169: Password reset now takes token and password as form data rather than query... 
X-Git-Url: https://git.aero2k.de/?a=commitdiff_plain;h=e4c16753e48f8649a5531a2a3929e4372693bce2;p=tmp%2Fjakarta-migration.git

DRYD-169: Password reset now takes token and password as form data rather than query parameters.
---

diff --git a/services/account/service/src/main/java/org/collectionspace/services/account/AccountResource.java b/services/account/service/src/main/java/org/collectionspace/services/account/AccountResource.java
index be998abd9..8aaf5677e 100644
--- a/services/account/service/src/main/java/org/collectionspace/services/account/AccountResource.java
+++ b/services/account/service/src/main/java/org/collectionspace/services/account/AccountResource.java
@@ -67,6 +67,7 @@ import java.util.List;
 
 import javax.ws.rs.Consumes;
 import javax.ws.rs.DELETE;
+import javax.ws.rs.FormParam;
 import javax.ws.rs.GET;
 import javax.ws.rs.POST;
 import javax.ws.rs.PUT;
@@ -233,7 +234,10 @@ public class AccountResource extends SecurityResourceBase {
      */
     @POST
     @Path(PROCESS_PASSWORD_RESET_PATH)
-    synchronized public Response processPasswordReset(@Context UriInfo ui) throws UnsupportedEncodingException, DocumentNotFoundException {
+    @Consumes("application/x-www-form-urlencoded")
+    synchronized public Response processPasswordReset(@Context UriInfo ui, 
+    		@FormParam("token") String tokenId,
+    		@FormParam("password") String base64EncodedPassword) throws UnsupportedEncodingException, DocumentNotFoundException {
     	Response response = null;
 
     	//
@@ -245,14 +249,12 @@ public class AccountResource extends SecurityResourceBase {
         //
         // Get the 'token' and 'password' params
         //
-        String tokenId = queryParams.getFirst(AccountClient.PASSWORD_RESET_TOKEN_QP);
         if (tokenId == null || tokenId.trim().isEmpty()) {
         	response = Response.status(Response.Status.BAD_REQUEST).entity(
         			"The query parameter 'token' is missing or contains no value.").type("text/plain").build();
         	return response;
         }
 
-        String base64EncodedPassword = queryParams.getFirst(AccountClient.PASSWORD_RESET_PASSWORD_QP);
         if (base64EncodedPassword == null || base64EncodedPassword.trim().isEmpty()) {
         	response = Response.status(Response.Status.BAD_REQUEST).entity(
         			"The query parameter 'password' is missing or contains no value.").type("text/plain").build();