You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@oltu.apache.org by "Antonio Sanso (JIRA)" <ji...@apache.org> on 2012/09/18 16:11:08 UTC
[jira] [Commented] (AMBER-61) Client defined HTTP headers in
OAuthClientRequest
[ https://issues.apache.org/jira/browse/AMBER-61?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13457842#comment-13457842 ]
Antonio Sanso commented on AMBER-61:
------------------------------------
Hi Peter,
thanks for reporting. I Could reproduce... and I agree on the nice to have as well...
> Client defined HTTP headers in OAuthClientRequest
> -------------------------------------------------
>
> Key: AMBER-61
> URL: https://issues.apache.org/jira/browse/AMBER-61
> Project: Amber
> Issue Type: Bug
> Components: OAuth 2.0 - Client
> Affects Versions: 0.22
> Reporter: Peter Turcsanyi
>
> HTTP headers added to OAuthClientRequest are not sent with the HTTP request.
> I would like to use HTTP Basic authentication at the token endpoint.
> So on the client side I add "Authorization" HTTP header to OAuthClientRequest calling its setHeader() method.
> But headers set on the OAuthClientRequest object are not processed by OAuthClient.accessToken() / URLConnectionClient.execute(), therefore they are not sent to the authorization server.
> Or is there any other way to use HTTP Basic authentication between the client and the token endpoint of the authorization server?
> The client code:
> {code}
> OAuthClientRequest tokenRequest = OAuthClientRequest
> .tokenLocation("https://...")
> .setGrantType(GrantType.AUTHORIZATION_CODE)
> .setClientId("...")
> .setClientSecret("...")
> .setRedirectURI("https://...")
> .setCode(authzCode)
> .buildBodyMessage();
> if (tokenRequest.getHeaders() == null) {
> tokenRequest.setHeaders(new HashMap<String, String>()); // nice-to-have issue: it should be initialized inside OAuthClientRequest at creation time or at first call of setHeader()
> }
> tokenRequest.setHeader("Authorization", "..."); // main issue: header never used later
> OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());
> OAuthJSONAccessTokenResponse tokenResponse = oAuthClient.accessToken(tokenRequest);
> {code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira