shindig-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From daviesd <davi...@oclc.org>
Subject OAuth2RequestParameterGenerator
Date Fri, 27 Jan 2012 19:23:56 GMT
Back in December Li Xu helped me get a patch submitted that added the
OAuth2RequestParameterGenerator interface.  It is meant to be implemented if
you want to pass additional parameters along to the various oauth2 flow
requests.

I¹ve since noticed an issue with this.  The parameters I add get passed
along fine to a CodeGrantTypeHandler (when asking for the auth code).
However, when the access token is requested using the
StandardAuthenticationHandler, the parameters I generate do not get passed
along the subsequent BasicHttpFetcher.fetch.  I think probably because this
is a POST and it doesn¹t pass parameters sent in the HttpRequest object.  It
assumes only header values?  Is this correct or a bug?  Should I be passing
my additional parameters along in the header in this case?  If so, I
probably need to supply a patch for StandardAuthenticationHandler that adds
the params to the header in addition.

      request.setHeader(OAuth2Message.CLIENT_ID, clientId);
      request.setParam(OAuth2Message.CLIENT_ID, clientId);
      request.setHeader(OAuth2Message.CLIENT_SECRET, secret);
      request.setParam(OAuth2Message.CLIENT_SECRET, secret);

      // add any additional parameters
      for (Map.Entry<String, String> entry :
accessor.getAdditionalRequestParams().entrySet()) {
        request.setParam(entry.getKey(), entry.getValue());
      }

doug

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message