In general, no one should never change case of any string ... always asking for trouble.
On Fri, Oct 4, 2013 at 11:28 AM, Sumedha Rubasinghe <sume...@wso2.com>wrote: > > > > On Fri, Oct 4, 2013 at 11:21 AM, Prabath Siriwardena <prab...@wso2.com>wrote: > >> But why do we need to make those uppercase when we store ? What was the >> reason behind that... >> > > We check for upper case in Gateway routing logic. This is the only place > that comes to my mind as of now. So it might be simple as changing this in > gateway. > > >> >> > Thanks & regards, >> -Prabath >> >> >> On Fri, Oct 4, 2013 at 11:19 AM, Sumedha Rubasinghe <sume...@wso2.com>wrote: >> >>> Prabath, >>> AM's scope handling is not fully complaint with OAuth spec. The (valid) >>> scopes that will reach this particular block is either 'PRODUCTION' or >>> 'SANDBOX'. >>> >>> These two values have a special meaning in determining the endpoint >>> addresses in API gateway. >>> >>> We will fix this with proper scope handling implementation coming up. >>> But changing this now might break the existing functionality. >>> >>> >>> >>> On Fri, Oct 4, 2013 at 7:25 AM, Prabath Siriwardena <prab...@wso2.com>wrote: >>> >>>> This is done by the handler >>>> t/org.wso2.carbon.apimgt.keymgt/src/main/java/org/wso2/carbon/apimgt/keymgt/util/APIManagerOAuthCallbackHandler.java >>>> >>>> >>>> Scope is case sensitive - and when we issue a token against a provided >>>> scope by the client we cannot make it uppercase always and store it. It's >>>> spec violation. >>>> >>>> "The "scope" attribute is defined in Section 3.3 of [RFC6749]. >>>> The "scope" attribute is a space-delimited list of case-sensitive >>>> scope values indicating the required scope of the access token >>>> for accessing the requested resource." >>>> >>>> Thanks & Regards, >>>> Prabath >>>> >>>> Mobile : +94 71 809 6732 >>>> >>>> http://blog.facilelogin.com >>>> http://RampartFAQ.com >>>> >>> >>> >>> >>> -- >>> /sumedha >>> b : bit.ly/sumedha >>> >> >> >> >> -- >> Thanks & Regards, >> Prabath >> >> Mobile : +94 71 809 6732 >> >> http://blog.facilelogin.com >> http://RampartFAQ.com >> > > > > -- > /sumedha > m: +94 773017743 > b : bit.ly/sumedha > > _______________________________________________ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Sanjiva Weerawarana, Ph.D. Founder, Chairman & CEO; WSO2, Inc.; http://wso2.com/ email: sanj...@wso2.com; phone: +94 11 763 9614; cell: +94 77 787 6880 | +1 650 265 8311 blog: http://sanjiva.weerawarana.org/ Lean . Enterprise . Middleware
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture