1 files changed, 5 insertions, 6 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
index 4879942ae..03b5d98f9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
@@ -30,7 +30,7 @@ import javax.servlet.http.HttpServletRequest;
 
 import org.opensaml.saml2.core.Attribute;
 
-import at.gv.egovernment.moa.id.commons.db.dao.config.OAOAUTH20;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
 import at.gv.egovernment.moa.id.config.ConfigurationException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
@@ -152,11 +152,10 @@ class OAuth20AuthRequest extends OAuth20BaseRequest {
 		// check if client id and redirect uri are ok
 		try {
 			// OAOAUTH20 cannot be null at this point. check was done in base request
-			OAOAUTH20 oAuthConfig = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getOAURL())
-					.getoAuth20Config();
-			
-			if (!this.getClientID().equals(oAuthConfig.getOAuthClientId())
-					|| !this.getRedirectUri().equals(oAuthConfig.getOAuthRedirectUri())) {
+			OAAuthParameter oAuthConfig = AuthConfigurationProviderFactory.getInstance().getOnlineApplicationParameter(this.getOAURL());
+						
+			if (!this.getClientID().equals(oAuthConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID))
+					|| !this.getRedirectUri().equals(oAuthConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_REDIRECTURL))) {
 				throw new OAuth20AccessDeniedException();
 			}
 		}