[jira] [Comment Edited] (AMBER-49) AuthorizationCodeValidator needs to be updated to latest spec

Wed, 17 Oct 2012 02:24:10 -0700 

    [ 
https://issues.apache.org/jira/browse/AMBER-49?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13477723#comment-13477723
 ] 

Stein Welberg edited comment on AMBER-49 at 10/17/12 9:22 AM:
--------------------------------------------------------------

I created a new patch including the comments you placed. (it replaces the 
previous patch)

However I had to make two types of OAuthTokenRequests.. Because the spec states 
that it is possible that unauthenticated clients should be able to request 
tokens.. In order to support this I made two AuthorizationCodeValidators. One 
for the authenticated requests and the other for unauthenticated requests. The 
same goes for the OAuthTokenRequest class. One for the authenticated Requests 
(OAuthAuthenticatedTokenRequest) and one for unauthenticated 
(OAuthTokenRequest). Hope this suits your needs :-)

See attachment: Patch_for_AMBER-49.patch
                
      was (Author: steinwelberg):
    I created a new patch including the comments you placed. (it replaces the 
previous patch)

However I had to make two types of OAuthTokenRequests.. Because the spec states 
that it is possible that unauthenticated clients should be able to request 
tokens.. In order to support this I made two AuthorizationCodeValidators. One 
for the authenticated requests and the other for unauthenticated requests. The 
same goes for the OAuthTokenRequest class. One for the authenticated Requests 
(OAuthAuthenticatedTokenRequest) and one for unauthenticated 
(OAuthTokenRequest). Hope this suits your needs :-)
                  
> AuthorizationCodeValidator needs to be updated to latest spec
> -------------------------------------------------------------
>
>                 Key: AMBER-49
>                 URL: https://issues.apache.org/jira/browse/AMBER-49
>             Project: Amber
>          Issue Type: Bug
>          Components: OAuth 2.0 - Authorization Server
>            Reporter: Antonio Sanso
>            Assignee: Antonio Sanso
>         Attachments: Patch_for_AMBER-49.patch
>
>
> The authorization code grant type it wrongly automatically validates that the 
> client ID and secret are there.
> See also [0]
> [0] http://amber.markmail.org/message/b7q5lpe2ijh7lfrv

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to