Peter Turcsanyi created AMBER-61:
------------------------------------
Summary: Client defined HTTP headers in OAuthClientRequest
Key: AMBER-61
URL: https://issues.apache.org/jira/browse/AMBER-61
Project: Amber
Issue Type: Bug
Components: OAuth 2.0 - Client
Affects Versions: 0.22
Reporter: Peter Turcsanyi
HTTP headers added to OAuthClientRequest are not sent with the HTTP request.
I would like to use HTTP Basic authentication at the token endpoint.
So on the client side I add "Authorization" HTTP header to OAuthClientRequest
calling its setHeader() method.
But headers set on the OAuthClientRequest object are not processed by
OAuthClient.accessToken() / URLConnectionClient.execute(), therefore they are
not sent to the authorization server.
Or is there any other way to use HTTP Basic authentication between the client
and the token endpoint of the authorization server?
The client code:
{code}
OAuthClientRequest tokenRequest = OAuthClientRequest
.tokenLocation("https://...";)
.setGrantType(GrantType.AUTHORIZATION_CODE)
.setClientId("...")
.setClientSecret("...")
.setRedirectURI("https://...";)
.setCode(authzCode)
.buildBodyMessage();
if (tokenRequest.getHeaders() == null) {
tokenRequest.setHeaders(new HashMap<String, String>()); // nice-to-have
issue: it should be initialized inside OAuthClientRequest at creation time or
at first call of setHeader()
}
tokenRequest.setHeader("Authorization", "..."); // main issue: header never
used later
OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());
OAuthJSONAccessTokenResponse tokenResponse =
oAuthClient.accessToken(tokenRequest);
{code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
