You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@shindig.apache.org by "Doug Davies (Created) (JIRA)" <ji...@apache.org> on 2011/12/07 17:54:41 UTC
[jira] [Created] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
The HttpRequest object is not available to GrantRequestHandlers
---------------------------------------------------------------
Key: SHINDIG-1672
URL: https://issues.apache.org/jira/browse/SHINDIG-1672
Project: Shindig
Issue Type: Bug
Components: Java
Affects Versions: 3.0.0
Reporter: Doug Davies
It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13167817#comment-13167817 ]
jiraposter@reviews.apache.org commented on SHINDIG-1672:
--------------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3064/
-----------------------------------------------------------
(Updated 2011-12-12 21:22:49.348470)
Review request for shindig.
Changes
-------
Used google Maps implementation and used Eclipse code formatters. Add junit test for testing that new parameters get passed along.
Summary
-------
It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
This addresses bug SHINDIG-1672.
https://issues.apache.org/jira/browse/SHINDIG-1672
Diffs (updated)
-----
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/BasicOAuth2Accessor.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/BasicOAuth2Request.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/BasicOAuth2RequestParameterGenerator.java PRE-CREATION
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/OAuth2Accessor.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/OAuth2Module.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/OAuth2RequestParameterGenerator.java PRE-CREATION
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/BasicAuthenticationHandler.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandler.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/CodeGrantTypeHandler.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/StandardAuthenticationHandler.java 1212126
/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/http/DefaultRequestPipelineTest.java 1212126
/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth2/handler/CodeGrantTypeHandlerTest.java 1212126
Diff: https://reviews.apache.org/r/3064/diff
Testing (updated)
-------
Added unit test in CodeGrantTypeHandlerTest (testGetCompleteUrl_5). It tests that the complete url sent to the authentication server has the parameter set in the accessor.
Thanks,
Doug
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13198091#comment-13198091 ]
jiraposter@reviews.apache.org commented on SHINDIG-1672:
--------------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3064/#review4752
-----------------------------------------------------------
Ship it!
Looks good. Thanks. This is the better place to flow additional authorization parameters into access token request.
Would you please send an Eclipse based patch? thanks.
- li
On 2012-02-01 14:54:12, Doug Davies wrote:
bq.
bq. -----------------------------------------------------------
bq. This is an automatically generated e-mail. To reply, visit:
bq. https://reviews.apache.org/r/3064/
bq. -----------------------------------------------------------
bq.
bq. (Updated 2012-02-01 14:54:12)
bq.
bq.
bq. Review request for shindig.
bq.
bq.
bq. Summary
bq. -------
bq.
bq. It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
bq.
bq.
bq. This addresses bug SHINDIG-1672.
bq. https://issues.apache.org/jira/browse/SHINDIG-1672
bq.
bq.
bq. Diffs
bq. -----
bq.
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/BasicAuthenticationHandler.java 1238728
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandler.java 1238728
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/CodeAuthorizationResponseHandler.java 1238728
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/StandardAuthenticationHandler.java 1238728
bq.
bq. Diff: https://reviews.apache.org/r/3064/diff
bq.
bq.
bq. Testing
bq. -------
bq.
bq. Added unit test in CodeGrantTypeHandlerTest (testGetCompleteUrl_5). It tests that the complete url sent to the authentication server has the parameter set in the accessor.
bq.
bq.
bq. Thanks,
bq.
bq. Doug
bq.
bq.
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
> Fix For: 3.0.0
>
> Attachments: SHINDIG-1672-2.patch
>
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
> NEW USECASE (1/31/12):
> Allow additional parameters to be appended to both the auth code request (query string) and access token request (body).
> ** If the other 2 flows need to be updated that can be done as well, but I don't know enough about those flows to know where to plug in.
> Remove these lines
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> request.setParam(entry.getKey(), entry.getValue());
> }
> From BasicAuthenticationHandler, ClientCredentialsGrantTypeHandler, and StandardAuthenticationHandler.
> Leave the one in CodeGrantTypeHandler to support the additional parameters on the auth code request.
> THEN...add these lines to CodeAuthorizationResponseHandler:getAuthorizationBody to handle the access token request
> (right after queryParams.put(OAuth2Message.CLIENT_SECRET, secret); )
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> queryParams.put(entry.getKey(), entry.getValue());
> }
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "Doug Davies (Resolved) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Doug Davies resolved SHINDIG-1672.
----------------------------------
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 2.5.0
> Reporter: Doug Davies
> Fix For: 2.5.0
>
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
> NEW USECASE (1/31/12):
> Allow additional parameters to be appended to both the auth code request (query string) and access token request (body).
> ** If the other 2 flows need to be updated that can be done as well, but I don't know enough about those flows to know where to plug in.
> Remove these lines
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> request.setParam(entry.getKey(), entry.getValue());
> }
> From BasicAuthenticationHandler, ClientCredentialsGrantTypeHandler, and StandardAuthenticationHandler.
> Leave the one in CodeGrantTypeHandler to support the additional parameters on the auth code request.
> THEN...add these lines to CodeAuthorizationResponseHandler:getAuthorizationBody to handle the access token request
> (right after queryParams.put(OAuth2Message.CLIENT_SECRET, secret); )
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> queryParams.put(entry.getKey(), entry.getValue());
> }
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "Doug Davies (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Doug Davies updated SHINDIG-1672:
---------------------------------
Attachment: (was: SHINDIG-1672-2.patch)
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
> Fix For: 3.0.0
>
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
> NEW USECASE (1/31/12):
> Allow additional parameters to be appended to both the auth code request (query string) and access token request (body).
> ** If the other 2 flows need to be updated that can be done as well, but I don't know enough about those flows to know where to plug in.
> Remove these lines
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> request.setParam(entry.getKey(), entry.getValue());
> }
> From BasicAuthenticationHandler, ClientCredentialsGrantTypeHandler, and StandardAuthenticationHandler.
> Leave the one in CodeGrantTypeHandler to support the additional parameters on the auth code request.
> THEN...add these lines to CodeAuthorizationResponseHandler:getAuthorizationBody to handle the access token request
> (right after queryParams.put(OAuth2Message.CLIENT_SECRET, secret); )
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> queryParams.put(entry.getKey(), entry.getValue());
> }
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "Doug Davies (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Doug Davies updated SHINDIG-1672:
---------------------------------
Attachment: (was: grantrequesthandler_request.patch)
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "li xu (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13197319#comment-13197319 ]
li xu commented on SHINDIG-1672:
--------------------------------
can you please create a review request for the patch? thanks.
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
> Fix For: 3.0.0
>
> Attachments: SHINDIG-1672-2.patch
>
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
> NEW USECASE (1/31/12):
> Allow additional parameters to be appended to both the auth code request (query string) and access token request (body).
> ** If the other 2 flows need to be updated that can be done as well, but I don't know enough about those flows to know where to plug in.
> Remove these lines
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> request.setParam(entry.getKey(), entry.getValue());
> }
> From BasicAuthenticationHandler, ClientCredentialsGrantTypeHandler, and StandardAuthenticationHandler.
> Leave the one in CodeGrantTypeHandler to support the additional parameters on the auth code request.
> THEN...add these lines to CodeAuthorizationResponseHandler:getAuthorizationBody to handle the access token request
> (right after queryParams.put(OAuth2Message.CLIENT_SECRET, secret); )
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> queryParams.put(entry.getKey(), entry.getValue());
> }
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Closed] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "Doug Davies (Closed) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Doug Davies closed SHINDIG-1672.
--------------------------------
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
> Fix For: 3.0.0
>
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13167712#comment-13167712 ]
jiraposter@reviews.apache.org commented on SHINDIG-1672:
--------------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3064/#review3850
-----------------------------------------------------------
Ship it!
It looks pretty good to me, thanks for the patch! I can help you commit.
Please clean up following minor things.
1. please fill in the test field and indicate what tests you have done.
2. please clean up the use about Maps. please use com.google.common.collect.Maps.
3. please fix up the spacing in java, if you use Eclipse IDE, you can find all the coding style templates under Shindig-project/etc/eclipse
thanks!
li
- li
On 2011-12-12 16:48:18, Doug Davies wrote:
bq.
bq. -----------------------------------------------------------
bq. This is an automatically generated e-mail. To reply, visit:
bq. https://reviews.apache.org/r/3064/
bq. -----------------------------------------------------------
bq.
bq. (Updated 2011-12-12 16:48:18)
bq.
bq.
bq. Review request for shindig.
bq.
bq.
bq. Summary
bq. -------
bq.
bq. It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
bq.
bq.
bq. This addresses bug SHINDIG-1672.
bq. https://issues.apache.org/jira/browse/SHINDIG-1672
bq.
bq.
bq. Diffs
bq. -----
bq.
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/BasicOAuth2Accessor.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/BasicOAuth2Request.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/BasicOAuth2RequestParameterGenerator.java PRE-CREATION
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/OAuth2Accessor.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/OAuth2Module.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/OAuth2RequestParameterGenerator.java PRE-CREATION
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/BasicAuthenticationHandler.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandler.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/CodeGrantTypeHandler.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/StandardAuthenticationHandler.java 1212126
bq. /trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/http/DefaultRequestPipelineTest.java 1212126
bq.
bq. Diff: https://reviews.apache.org/r/3064/diff
bq.
bq.
bq. Testing
bq. -------
bq.
bq.
bq. Thanks,
bq.
bq. Doug
bq.
bq.
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13198795#comment-13198795 ]
jiraposter@reviews.apache.org commented on SHINDIG-1672:
--------------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3064/
-----------------------------------------------------------
(Updated 2012-02-02 13:42:11.546105)
Review request for shindig.
Changes
-------
Eclipse version of the patch file.
Summary
-------
It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
This addresses bug SHINDIG-1672.
https://issues.apache.org/jira/browse/SHINDIG-1672
Diffs (updated)
-----
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/BasicAuthenticationHandler.java 1238728
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandler.java 1238728
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/CodeAuthorizationResponseHandler.java 1238728
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/StandardAuthenticationHandler.java 1238728
Diff: https://reviews.apache.org/r/3064/diff
Testing
-------
Added unit test in CodeGrantTypeHandlerTest (testGetCompleteUrl_5). It tests that the complete url sent to the authentication server has the parameter set in the accessor.
Thanks,
Doug
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
> Fix For: 3.0.0
>
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
> NEW USECASE (1/31/12):
> Allow additional parameters to be appended to both the auth code request (query string) and access token request (body).
> ** If the other 2 flows need to be updated that can be done as well, but I don't know enough about those flows to know where to plug in.
> Remove these lines
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> request.setParam(entry.getKey(), entry.getValue());
> }
> From BasicAuthenticationHandler, ClientCredentialsGrantTypeHandler, and StandardAuthenticationHandler.
> Leave the one in CodeGrantTypeHandler to support the additional parameters on the auth code request.
> THEN...add these lines to CodeAuthorizationResponseHandler:getAuthorizationBody to handle the access token request
> (right after queryParams.put(OAuth2Message.CLIENT_SECRET, secret); )
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> queryParams.put(entry.getKey(), entry.getValue());
> }
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Closed] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "Doug Davies (Closed) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Doug Davies closed SHINDIG-1672.
--------------------------------
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 2.5.0
> Reporter: Doug Davies
> Fix For: 2.5.0
>
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
> NEW USECASE (1/31/12):
> Allow additional parameters to be appended to both the auth code request (query string) and access token request (body).
> ** If the other 2 flows need to be updated that can be done as well, but I don't know enough about those flows to know where to plug in.
> Remove these lines
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> request.setParam(entry.getKey(), entry.getValue());
> }
> From BasicAuthenticationHandler, ClientCredentialsGrantTypeHandler, and StandardAuthenticationHandler.
> Leave the one in CodeGrantTypeHandler to support the additional parameters on the auth code request.
> THEN...add these lines to CodeAuthorizationResponseHandler:getAuthorizationBody to handle the access token request
> (right after queryParams.put(OAuth2Message.CLIENT_SECRET, secret); )
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> queryParams.put(entry.getKey(), entry.getValue());
> }
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13167596#comment-13167596 ]
jiraposter@reviews.apache.org commented on SHINDIG-1672:
--------------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3064/
-----------------------------------------------------------
(Updated 2011-12-12 16:48:18.875271)
Review request for shindig.
Changes
-------
Trying this again. My 2 new files didn't get included.
Summary
-------
It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
This addresses bug SHINDIG-1672.
https://issues.apache.org/jira/browse/SHINDIG-1672
Diffs (updated)
-----
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/BasicOAuth2Accessor.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/BasicOAuth2Request.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/BasicOAuth2RequestParameterGenerator.java PRE-CREATION
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/OAuth2Accessor.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/OAuth2Module.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/OAuth2RequestParameterGenerator.java PRE-CREATION
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/BasicAuthenticationHandler.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandler.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/CodeGrantTypeHandler.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/StandardAuthenticationHandler.java 1212126
/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/http/DefaultRequestPipelineTest.java 1212126
Diff: https://reviews.apache.org/r/3064/diff
Testing
-------
Thanks,
Doug
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13167713#comment-13167713 ]
jiraposter@reviews.apache.org commented on SHINDIG-1672:
--------------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3064/#review3849
-----------------------------------------------------------
Ship it!
It looks pretty good to me, thanks for the patch! I can help you commit.
Please clean up following minor things.
1. please fill in the test field and indicate what tests you have done.
2. please clean up the use about Maps. please use com.google.common.collect.Maps.
3. please fix up the spacing in java, if you use Eclipse IDE, you can find all the coding style templates under Shindig-project/etc/eclipse
thanks!
li
- li
On 2011-12-12 16:48:18, Doug Davies wrote:
bq.
bq. -----------------------------------------------------------
bq. This is an automatically generated e-mail. To reply, visit:
bq. https://reviews.apache.org/r/3064/
bq. -----------------------------------------------------------
bq.
bq. (Updated 2011-12-12 16:48:18)
bq.
bq.
bq. Review request for shindig.
bq.
bq.
bq. Summary
bq. -------
bq.
bq. It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
bq.
bq.
bq. This addresses bug SHINDIG-1672.
bq. https://issues.apache.org/jira/browse/SHINDIG-1672
bq.
bq.
bq. Diffs
bq. -----
bq.
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/BasicOAuth2Accessor.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/BasicOAuth2Request.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/BasicOAuth2RequestParameterGenerator.java PRE-CREATION
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/OAuth2Accessor.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/OAuth2Module.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/OAuth2RequestParameterGenerator.java PRE-CREATION
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/BasicAuthenticationHandler.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandler.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/CodeGrantTypeHandler.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/StandardAuthenticationHandler.java 1212126
bq. /trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/http/DefaultRequestPipelineTest.java 1212126
bq.
bq. Diff: https://reviews.apache.org/r/3064/diff
bq.
bq.
bq. Testing
bq. -------
bq.
bq.
bq. Thanks,
bq.
bq. Doug
bq.
bq.
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13197883#comment-13197883 ]
jiraposter@reviews.apache.org commented on SHINDIG-1672:
--------------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3064/
-----------------------------------------------------------
(Updated 2012-02-01 14:54:12.796989)
Review request for shindig.
Changes
-------
Reimplemented to just focus on the auth flow (auth_code -> access_token). The previous implementation passed the parameters along fine for the auth code (browser url) but for the access code they were not passed along. Found a better plugin point for that flow.
Summary
-------
It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
This addresses bug SHINDIG-1672.
https://issues.apache.org/jira/browse/SHINDIG-1672
Diffs (updated)
-----
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/BasicAuthenticationHandler.java 1238728
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandler.java 1238728
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/CodeAuthorizationResponseHandler.java 1238728
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/StandardAuthenticationHandler.java 1238728
Diff: https://reviews.apache.org/r/3064/diff
Testing
-------
Added unit test in CodeGrantTypeHandlerTest (testGetCompleteUrl_5). It tests that the complete url sent to the authentication server has the parameter set in the accessor.
Thanks,
Doug
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
> Fix For: 3.0.0
>
> Attachments: SHINDIG-1672-2.patch
>
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
> NEW USECASE (1/31/12):
> Allow additional parameters to be appended to both the auth code request (query string) and access token request (body).
> ** If the other 2 flows need to be updated that can be done as well, but I don't know enough about those flows to know where to plug in.
> Remove these lines
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> request.setParam(entry.getKey(), entry.getValue());
> }
> From BasicAuthenticationHandler, ClientCredentialsGrantTypeHandler, and StandardAuthenticationHandler.
> Leave the one in CodeGrantTypeHandler to support the additional parameters on the auth code request.
> THEN...add these lines to CodeAuthorizationResponseHandler:getAuthorizationBody to handle the access token request
> (right after queryParams.put(OAuth2Message.CLIENT_SECRET, secret); )
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> queryParams.put(entry.getKey(), entry.getValue());
> }
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "Doug Davies (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Doug Davies updated SHINDIG-1672:
---------------------------------
Description:
It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
NEW USECASE (1/31/12):
Allow additional parameters to be appended to both the auth code request (query string) and access token request (body).
** If the other 2 flows need to be updated that can be done as well, but I don't know enough about those flows to know where to plug in.
Remove these lines
for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
request.setParam(entry.getKey(), entry.getValue());
}
>From BasicAuthenticationHandler, ClientCredentialsGrantTypeHandler, and StandardAuthenticationHandler.
Leave the one in CodeGrantTypeHandler to support the additional parameters on the auth code request.
THEN...add these lines to CodeAuthorizationResponseHandler:getAuthorizationBody to handle the access token request
(right after queryParams.put(OAuth2Message.CLIENT_SECRET, secret); )
for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
queryParams.put(entry.getKey(), entry.getValue());
}
was:It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
Please see updated use-case. I've discussed these changes with Li Xu and he is going to review.
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
> Fix For: 3.0.0
>
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
> NEW USECASE (1/31/12):
> Allow additional parameters to be appended to both the auth code request (query string) and access token request (body).
> ** If the other 2 flows need to be updated that can be done as well, but I don't know enough about those flows to know where to plug in.
> Remove these lines
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> request.setParam(entry.getKey(), entry.getValue());
> }
> From BasicAuthenticationHandler, ClientCredentialsGrantTypeHandler, and StandardAuthenticationHandler.
> Leave the one in CodeGrantTypeHandler to support the additional parameters on the auth code request.
> THEN...add these lines to CodeAuthorizationResponseHandler:getAuthorizationBody to handle the access token request
> (right after queryParams.put(OAuth2Message.CLIENT_SECRET, secret); )
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> queryParams.put(entry.getKey(), entry.getValue());
> }
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "Doug Davies (Resolved) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Doug Davies resolved SHINDIG-1672.
----------------------------------
Resolution: Fixed
Fix Version/s: 3.0.0
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
> Fix For: 3.0.0
>
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13197386#comment-13197386 ]
jiraposter@reviews.apache.org commented on SHINDIG-1672:
--------------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3064/#review4719
-----------------------------------------------------------
seems okay. I wish I had the time to use Request-Scoped guice injection instead of all this manual wiring...
- Paul
On 2011-12-12 21:22:49, Doug Davies wrote:
bq.
bq. -----------------------------------------------------------
bq. This is an automatically generated e-mail. To reply, visit:
bq. https://reviews.apache.org/r/3064/
bq. -----------------------------------------------------------
bq.
bq. (Updated 2011-12-12 21:22:49)
bq.
bq.
bq. Review request for shindig.
bq.
bq.
bq. Summary
bq. -------
bq.
bq. It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
bq.
bq.
bq. This addresses bug SHINDIG-1672.
bq. https://issues.apache.org/jira/browse/SHINDIG-1672
bq.
bq.
bq. Diffs
bq. -----
bq.
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/BasicOAuth2Accessor.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/BasicOAuth2Request.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/BasicOAuth2RequestParameterGenerator.java PRE-CREATION
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/OAuth2Accessor.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/OAuth2Module.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/OAuth2RequestParameterGenerator.java PRE-CREATION
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/BasicAuthenticationHandler.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandler.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/CodeGrantTypeHandler.java 1212126
bq. /trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/StandardAuthenticationHandler.java 1212126
bq. /trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/http/DefaultRequestPipelineTest.java 1212126
bq. /trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth2/handler/CodeGrantTypeHandlerTest.java 1212126
bq.
bq. Diff: https://reviews.apache.org/r/3064/diff
bq.
bq.
bq. Testing
bq. -------
bq.
bq. Added unit test in CodeGrantTypeHandlerTest (testGetCompleteUrl_5). It tests that the complete url sent to the authentication server has the parameter set in the accessor.
bq.
bq.
bq. Thanks,
bq.
bq. Doug
bq.
bq.
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
> Fix For: 3.0.0
>
> Attachments: SHINDIG-1672-2.patch
>
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
> NEW USECASE (1/31/12):
> Allow additional parameters to be appended to both the auth code request (query string) and access token request (body).
> ** If the other 2 flows need to be updated that can be done as well, but I don't know enough about those flows to know where to plug in.
> Remove these lines
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> request.setParam(entry.getKey(), entry.getValue());
> }
> From BasicAuthenticationHandler, ClientCredentialsGrantTypeHandler, and StandardAuthenticationHandler.
> Leave the one in CodeGrantTypeHandler to support the additional parameters on the auth code request.
> THEN...add these lines to CodeAuthorizationResponseHandler:getAuthorizationBody to handle the access token request
> (right after queryParams.put(OAuth2Message.CLIENT_SECRET, secret); )
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> queryParams.put(entry.getKey(), entry.getValue());
> }
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "Doug Davies (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Doug Davies updated SHINDIG-1672:
---------------------------------
Attachment: grantrequesthandler_request.patch
proposed changes
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
> Attachments: grantrequesthandler_request.patch
>
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "Doug Davies (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Doug Davies updated SHINDIG-1672:
---------------------------------
Attachment: SHINDIG-1672-2.patch
Proposed patch
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
> Fix For: 3.0.0
>
> Attachments: SHINDIG-1672-2.patch
>
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
> NEW USECASE (1/31/12):
> Allow additional parameters to be appended to both the auth code request (query string) and access token request (body).
> ** If the other 2 flows need to be updated that can be done as well, but I don't know enough about those flows to know where to plug in.
> Remove these lines
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> request.setParam(entry.getKey(), entry.getValue());
> }
> From BasicAuthenticationHandler, ClientCredentialsGrantTypeHandler, and StandardAuthenticationHandler.
> Leave the one in CodeGrantTypeHandler to support the additional parameters on the auth code request.
> THEN...add these lines to CodeAuthorizationResponseHandler:getAuthorizationBody to handle the access token request
> (right after queryParams.put(OAuth2Message.CLIENT_SECRET, secret); )
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> queryParams.put(entry.getKey(), entry.getValue());
> }
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "Doug Davies (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Doug Davies updated SHINDIG-1672:
---------------------------------
Comment: was deleted
(was: proposed changes)
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13164640#comment-13164640 ]
jiraposter@reviews.apache.org commented on SHINDIG-1672:
--------------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3064/
-----------------------------------------------------------
Review request for shindig.
Summary
-------
It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
This addresses bug SHINDIG-1672.
https://issues.apache.org/jira/browse/SHINDIG-1672
Diffs
-----
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandler.java 1211517
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/CodeGrantTypeHandler.java 1211517
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/GrantRequestHandler.java 1211517
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/BasicOAuth2Request.java 1211517
Diff: https://reviews.apache.org/r/3064/diff
Testing
-------
Thanks,
Doug
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "Doug Davies (Resolved) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Doug Davies resolved SHINDIG-1672.
----------------------------------
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
> Fix For: 3.0.0
>
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
> NEW USECASE (1/31/12):
> Allow additional parameters to be appended to both the auth code request (query string) and access token request (body).
> ** If the other 2 flows need to be updated that can be done as well, but I don't know enough about those flows to know where to plug in.
> Remove these lines
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> request.setParam(entry.getKey(), entry.getValue());
> }
> From BasicAuthenticationHandler, ClientCredentialsGrantTypeHandler, and StandardAuthenticationHandler.
> Leave the one in CodeGrantTypeHandler to support the additional parameters on the auth code request.
> THEN...add these lines to CodeAuthorizationResponseHandler:getAuthorizationBody to handle the access token request
> (right after queryParams.put(OAuth2Message.CLIENT_SECRET, secret); )
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> queryParams.put(entry.getKey(), entry.getValue());
> }
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13167574#comment-13167574 ]
jiraposter@reviews.apache.org commented on SHINDIG-1672:
--------------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3064/
-----------------------------------------------------------
(Updated 2011-12-12 16:14:04.550741)
Review request for shindig.
Changes
-------
Reimplemented this to be more generalized. Provides a new OAuth2RequestParameterGenerator class that implementors can override to add additional parameters to authorization server requests.
Summary
-------
It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
This addresses bug SHINDIG-1672.
https://issues.apache.org/jira/browse/SHINDIG-1672
Diffs (updated)
-----
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/BasicOAuth2Accessor.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/BasicOAuth2Request.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/OAuth2Accessor.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/OAuth2Module.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/BasicAuthenticationHandler.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandler.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/CodeGrantTypeHandler.java 1212126
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/StandardAuthenticationHandler.java 1212126
/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/http/DefaultRequestPipelineTest.java 1212126
Diff: https://reviews.apache.org/r/3064/diff
Testing
-------
Thanks,
Doug
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Closed] (SHINDIG-1672) The HttpRequest object is not
available to GrantRequestHandlers
Posted by "Doug Davies (Closed) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Doug Davies closed SHINDIG-1672.
--------------------------------
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
> Fix For: 3.0.0
>
>
> It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
> NEW USECASE (1/31/12):
> Allow additional parameters to be appended to both the auth code request (query string) and access token request (body).
> ** If the other 2 flows need to be updated that can be done as well, but I don't know enough about those flows to know where to plug in.
> Remove these lines
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> request.setParam(entry.getKey(), entry.getValue());
> }
> From BasicAuthenticationHandler, ClientCredentialsGrantTypeHandler, and StandardAuthenticationHandler.
> Leave the one in CodeGrantTypeHandler to support the additional parameters on the auth code request.
> THEN...add these lines to CodeAuthorizationResponseHandler:getAuthorizationBody to handle the access token request
> (right after queryParams.put(OAuth2Message.CLIENT_SECRET, secret); )
> for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
> queryParams.put(entry.getKey(), entry.getValue());
> }
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira