oltu-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Peter Turcsanyi (JIRA)" <j...@apache.org>
Subject [jira] [Created] (AMBER-61) Client defined HTTP headers in OAuthClientRequest
Date Tue, 18 Sep 2012 08:22:07 GMT
Peter Turcsanyi created AMBER-61:
------------------------------------

             Summary: Client defined HTTP headers in OAuthClientRequest
                 Key: AMBER-61
                 URL: https://issues.apache.org/jira/browse/AMBER-61
             Project: Amber
          Issue Type: Bug
          Components: OAuth 2.0 - Client
    Affects Versions: 0.22
            Reporter: Peter Turcsanyi


HTTP headers added to OAuthClientRequest are not sent with the HTTP request.

I would like to use HTTP Basic authentication at the token endpoint.
So on the client side I add "Authorization" HTTP header to OAuthClientRequest calling its
setHeader() method.
But headers set on the OAuthClientRequest object are not processed by OAuthClient.accessToken()
/ URLConnectionClient.execute(), therefore they are not sent to the authorization server.

Or is there any other way to use HTTP Basic authentication between the client and the token
endpoint of the authorization server?


The client code:

{code}
OAuthClientRequest tokenRequest = OAuthClientRequest
        .tokenLocation("https://...")
        .setGrantType(GrantType.AUTHORIZATION_CODE)
        .setClientId("...")
        .setClientSecret("...")
        .setRedirectURI("https://...")
        .setCode(authzCode)
        .buildBodyMessage();

if (tokenRequest.getHeaders() == null) {
    tokenRequest.setHeaders(new HashMap<String, String>()); // nice-to-have issue: it
should be initialized inside OAuthClientRequest at creation time or at first call of setHeader()
}
tokenRequest.setHeader("Authorization", "..."); // main issue: header never used later

OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());

OAuthJSONAccessTokenResponse tokenResponse = oAuthClient.accessToken(tokenRequest);
{code}

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message