[
https://issues.apache.org/jira/browse/AMBER-49?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13477723#comment-13477723
]
Stein Welberg commented on AMBER-49:
------------------------------------
I created a new patch including the comments you placed. (it replaces the
previous patch)
However I had to make two types of OAuthTokenRequests.. Because the spec states
that it is possible that unauthenticated clients should be able to request
tokens.. In order to support this I made two AuthorizationCodeValidators. One
for the authenticated requests and the other for unauthenticated requests. The
same goes for the OAuthTokenRequest class. One for the authenticated Requests
(OAuthAuthenticatedTokenRequest) and one for unauthenticated
(OAuthTokenRequest). Hope this suits your needs :-)
> AuthorizationCodeValidator needs to be updated to latest spec
> -------------------------------------------------------------
>
> Key: AMBER-49
> URL: https://issues.apache.org/jira/browse/AMBER-49
> Project: Amber
> Issue Type: Bug
> Components: OAuth 2.0 - Authorization Server
> Reporter: Antonio Sanso
> Assignee: Antonio Sanso
> Attachments: Patch_for_AMBER-49.patch
>
>
> The authorization code grant type it wrongly automatically validates that the
> client ID and secret are there.
> See also [0]
> [0] http://amber.markmail.org/message/b7q5lpe2ijh7lfrv
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
