oltu-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stein Welberg (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (OLTU-16) RefreshTokenValidator needs to be updated to the latest spec
Date Wed, 15 May 2013 20:37:17 GMT

     [ https://issues.apache.org/jira/browse/OLTU-16?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Stein Welberg resolved OLTU-16.
-------------------------------

    Resolution: Fixed

In the end it didn't seem possible (with the current setup of the validators) to do everything
(authenticated and unauthenticated requests) in one class. So another class is introduced
which enables you to also accept unauthenticated token requests. This class carries a different
name (UnauthenticatedTokenRequest) because we believe that by default you should enable client
authentication!

See OLTU-5 for more discussion.
                
> RefreshTokenValidator needs to be updated to the latest spec
> ------------------------------------------------------------
>
>                 Key: OLTU-16
>                 URL: https://issues.apache.org/jira/browse/OLTU-16
>             Project: Apache Oltu
>          Issue Type: Bug
>          Components: oauth2-authzserver
>            Reporter: Stein Welberg
>            Assignee: Stein Welberg
>
> Actually this issue is the same as AMBER-49. The refresh token validator cannot handle
when the client_id and client_secret are presented in the Authorization header.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message