cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sergey Beryozkin (JIRA)" <>
Subject [jira] [Commented] (CXF-6573) AccessToken doesn't serialize with snake-case
Date Wed, 02 Sep 2015 09:47:46 GMT


Sergey Beryozkin commented on CXF-6573:

Hmm, I actually did not document that OAuthJsonProvider is supposed to be used, will do asap.

Usually I refer users to a demo which is linked to a Google page after a "CXF OAuth2" search.

I'm not sure about letting 3rd party JSON providers write the response. Let me ask, how does
Jackson writes
a Map 'parameters' field ? Does it introduce a 'parameters' key into a response (add a single
entry into this Map if it ignores the empty Map) ? The reason I ask is that the entries in
Map 'parameters'  have to be siblings of the main token properties, the actual 'parameters'
key can not be introduced. If Jackson can be controlled to block a 'parameters' key while
outputting the actual Map entries then we can consider adding Jaxb annotations to have it
working with a JacksonJaxb provider. 

Please also check, does it output 'expiresIn' if it is set to 0 ? The code sets it to -1 by
default but I guess it is fine to initialize it to 0 by default in case of 'never expires'.

Hmm... Actually, AccessToken also has an issuedAt property which can optionally be reported
but is otherwise a non-standard property that should not go out by default... 

> AccessToken doesn't serialize with snake-case
> ---------------------------------------------
>                 Key: CXF-6573
>                 URL:
>             Project: CXF
>          Issue Type: Wish
>          Components: JAX-RS Security
>    Affects Versions: 3.1.2
>            Reporter: Karl von Randow
>            Priority: Minor
> The class doesn't declare and JAXB
(or other) annotations to influence how it is serialized. So it uses the default serialization
style of the JAXB context.
> In my case this is camel case.
> This means that the AccessToken response from the AccessTokenService uses camel case.
The OAuth docs _appear_ (I'm not a scholar of them) to indicate that it should be snake case.
> Is that true? Is this a thing? Would it be something you'd consider, adding `@XmlElement(name
= "token_key")` annotations? That would be a breaking change for existing users...

This message was sent by Atlassian JIRA

View raw message