[jira] [Resolved] (OLTU-127) OAuthUnauthenticatedTokenRequest unnecessarily requires the "client_id" parameter

Antonio Sanso (JIRA) Mon, 14 Sep 2015 03:08:35 -0700

     [ 
https://issues.apache.org/jira/browse/OLTU-127?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Antonio Sanso resolved OLTU-127.
--------------------------------
    Resolution: Duplicate

duplicate of OLTU-179

> OAuthUnauthenticatedTokenRequest unnecessarily requires the "client_id" 
> parameter
> ---------------------------------------------------------------------------------
>
>                 Key: OLTU-127
>                 URL: https://issues.apache.org/jira/browse/OLTU-127
>             Project: Apache Oltu
>          Issue Type: Bug
>          Components: oauth2-authzserver
>    Affects Versions: oauth2-0.31
>         Environment: JBoss 7.1.1
>            Reporter: Christian
>
> The OAuthUnauthenticatedTokenRequest(HttpServletRequest) constructor will 
> inappropriately fail if the "client_id" parameter is missing. But it is 
> optional for "Resource Owner Password Credentials Grant". From the 
> specification (section 4.3.2):
>    If the client type is confidential or the client was issued client
>    credentials (or assigned other authentication requirements), the
>    client MUST authenticate with the authorization server as described
>    in Section 3.2.1.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Resolved] (OLTU-127) OAuthUnauthenticatedTokenRequest unnecessarily requires the "client_id" parameter

Reply via email to