OAuth 1.0 with CXF 2.7.5

[mayankeagle <ma...@yahoo.com>]

I have working code written for CXF 2.6.2, which I'm now trying to run on
2.7.5. My client is a background service, hence the callback URL is oob. For
it to work on 2.6.2, I had written a custom OOBResponseWriter. Now in 2.7.5,
I'm getting this error:

WARNING: No message body writer has been found for response class
OAuthAuthorizationData.

Does this mean I need to write another Writer for OAuthAuthorizationData
types?



--
View this message in context: http://cxf.547215.n5.nabble.com/OAuth-1-0-with-CXF-2-7-5-tp5731305.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: OAuth 1.0 with CXF 2.7.5

[mayankeagle <ma...@yahoo.com>]

Hi Sergey, 

If I understand, this has to be set as an HTTP header from the background
service (which is the client for the OAuth protected REST web-service). I'm
using HttpURLConnection so I'll add it as a request-property ("Accept",
"application/xml"). 



--
View this message in context: http://cxf.547215.n5.nabble.com/OAuth-1-0-with-CXF-2-7-5-tp5731305p5731408.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: OAuth 1.0 with CXF 2.7.5

[mayankeagle <ma...@yahoo.com>]

Hi Sergey, 

If I understand, this has to be set as an HTTP header from the background
service (which is the client for the OAuth protected REST web-service). I'm
using HttpURLConnection so I'll add it as a request-property ("Accept",
"application/xml"). 



--
View this message in context: http://cxf.547215.n5.nabble.com/OAuth-1-0-with-CXF-2-7-5-tp5731305p5731409.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: OAuth 1.0 with CXF 2.7.5

[Sergey Beryozkin <sb...@gmail.com>]

Hi
On 23/07/13 11:13, mayankeagle wrote:
> Hi Sergey,
>
> We don't bind it to an HTML as this is being invoked from a background
> service without a user-interface. I understand that this is happening one
> step before the OOBResponse comes, but do I need to write a custom HTML
> provider/ formatter to render this? Earlier I wasn't doing anything - I used
> to get the ns2 XML as a response to the authorize call and then I parsed it
> to get the session authenticity token.
>
Can you please make sure that this background service sets HTTP Accept: 
application/xml ? In CXF 2.7.5 the way the final response type is 
calculated has changed, what may be happening is that the client sets no 
Accept type, which becomes a wildcard after the intersection and as per 
JAX-RS rules this is defaulted to application/octet-stream - if your 
custom writer has @Produces(application/xml) then it won;t be chosen

FYI, I have just validated that a command-line client works OK in our 
OAuth1 demo (where it parses the authorization challenge manually)

Cheers, Sergey

>
>
> --
> View this message in context: http://cxf.547215.n5.nabble.com/OAuth-1-0-with-CXF-2-7-5-tp5731305p5731314.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>

Re: OAuth 1.0 with CXF 2.7.5

[mayankeagle <ma...@yahoo.com>]

Hi Sergey,

We don't bind it to an HTML as this is being invoked from a background
service without a user-interface. I understand that this is happening one
step before the OOBResponse comes, but do I need to write a custom HTML
provider/ formatter to render this? Earlier I wasn't doing anything - I used
to get the ns2 XML as a response to the authorize call and then I parsed it
to get the session authenticity token.



--
View this message in context: http://cxf.547215.n5.nabble.com/OAuth-1-0-with-CXF-2-7-5-tp5731305p5731314.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: OAuth 1.0 with CXF 2.7.5

[Sergey Beryozkin <sb...@gmail.com>]

Hi
On 23/07/13 09:39, mayankeagle wrote:
> I have working code written for CXF 2.6.2, which I'm now trying to run on
> 2.7.5. My client is a background service, hence the callback URL is oob. For
> it to work on 2.6.2, I had written a custom OOBResponseWriter. Now in 2.7.5,
> I'm getting this error:
>
> WARNING: No message body writer has been found for response class
> OAuthAuthorizationData.
>
> Does this mean I need to write another Writer for OAuthAuthorizationData
> types?
>
As far as I recall, OOBResponseWriter would only be optionally activated 
on the completion of the authorization process, where the runtime, 
instead of redirecting a user back to the client, returns OOBResponse.

The problem you see right now is happening earlier, at the moment when 
the user is about to be presented with the authorization challenge. How 
did you render OAuthAuthorizationData before, did you bind it to HTML 
(via the use of RequestDispatcherProvider) ?

Cheers, Sergey
>
>
> --
> View this message in context: http://cxf.547215.n5.nabble.com/OAuth-1-0-with-CXF-2-7-5-tp5731305.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>