cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sergey Beryozkin (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CXF-4478) [OAuth1.0] RequestTokenHandler doesn't support custom input parameters
Date Tue, 20 Nov 2012 18:12:58 GMT

    [ https://issues.apache.org/jira/browse/CXF-4478?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13501344#comment-13501344
] 

Sergey Beryozkin commented on CXF-4478:
---------------------------------------

OK, let me ask few questions.

How important it is for you to use OAuth 1.0 ? Would OAuth 2.0 work for you instead ?

Next, lets assume it has to be OAuth 1.0 in your case. 
I'd like to understand the flow better. Does it implies the use "oob" ?
Please prototype the example: basically I need to see when a custom parameter is reported
back, I'm assuming it has to be done after the user has authorized the client, but the question
is, does it have to reported back as part of "oob" response, or after the client requests
the access token.



                
> [OAuth1.0] RequestTokenHandler doesn't support custom input parameters
> ----------------------------------------------------------------------
>
>                 Key: CXF-4478
>                 URL: https://issues.apache.org/jira/browse/CXF-4478
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-RS Security
>    Affects Versions: 2.6.1
>            Reporter: Evgeni Kisel
>
> According to the spec custom parameters can be added but currnnelty it's impossible to
use them because:
> 1. there are no hooks in the handle class to be overridden.
> 2. RequestTokenRegistration object doesn't contain a map with custom parameters.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message