hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Asankha C. Perera" <asan...@apache.org>
Subject Re: AuthScheme impl for OAuth
Date Thu, 09 Sep 2010 19:10:35 GMT
Hi Tom
> So I'm trying to implement an AuthScheme for OAuth (actually I'm trying to
> augment SignPost to work with HttpClient's AuthScheme, but anyway...)
> The problem I'm running up against is when AuthScheme.authenticate(
> Credentials, HttpRequest  ) is called.  The problem is, in order for the
> request to be signed in OAuth, I need to know the entire request URI.  The
> HttpRequest that's passed into authenticate() only has the path portion of
> the URI.
> Code snippet from OAuthScheme.java:
>      public Header authenticate( Credentials credentials, HttpRequest request
> ) throws AuthenticationException {
>          System.out.println( "AuthScheme request: " + request.getURI() );
>          // ... sign the request
>      }
> So, calling getURI on my original request shows:
> http://twitter.com/statuses/update.xml
> (get 401 response, authScheme handler kicks in...)
> from the authenicate method, I get printed:
> AuthScheme request: /statuses/update.xml
> I'm guessing this is because the request I'm getting is the 'new' request
> created after the initial 401 response is returned.  I know the HttpContext
> holds state information between multiple requests (like redirects and 401s)
> but I don't have access to that from my AuthScheme instance.  So how can my
> AuthScheme get the URI from the original request?
I think you are seeing the right request.. but you only see the request 
URI as your request went out that way. For example:

GET http://twitter.com/statuses/update.xml HTTP/1.1

you issued, got translated as:

GET /statuses/update.xml HTTP/1.1
Host: twitter.com

You should still be able to get the scheme, method etc from the request, 
as well as the 'Host' header. Can you check if this is correct?


Asankha C. Perera
AdroitLogic, http://adroitlogic.org


To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org

View raw message