Hi Farasath, Yes, it is working [1] with skipping the consent, Thanks! I hope this is a workaround and it needs to be fixed [2]? BTW I don't understand why the authentication not accepted the consent value which sent in authorize request as I tried on above reply. Please advice on this.
[1] < Location: https://curl-app/callback?code=e07765b9-d27f-30d8-b63d-63fe6e131fb6&session_state=a52d2de9ca4a6702b532c91df1356d9f02f048db88f641ae5f80531ab2e35c04.J9WOprGoq9RVx2VYXR5-1Q [2] [https://wso2.org/jira/browse/IDENTITY-7154] On Fri, Dec 15, 2017 at 11:55 AM, Kavitha Subramaniyam <[email protected]> wrote: > Hi Farasath, > Ok I will try with skipping consent and let you know the result. > Between I have tried requesting the code with appending the consent value > (consent=approve) in the request and it was given same response as above. > Any idea why the same behaviour? > > Thanks, > > On Fri, Dec 15, 2017 at 11:30 AM, Farasath Ahamed <[email protected]> > wrote: > >> Please ignore my previous reply. >> >> This look like the consent screen (the 302 you got in the response) which >> requires user interaction to either approve or deny. Can you try skipping >> consent using identity.xml configuration[1] and retry the scenario? >> >> [1] https://docs.wso2.com/plugins/servlet/mobile?contentId= >> 60493981#content/view/60493981 >> (Refer last Note) >> >> On Friday, December 15, 2017, Kavitha Subramaniyam <[email protected]> >> wrote: >> >>> Hi all, >>> >>> I have tried "oauth-bearer" Request path authentication scenario. In >>> case I need to generate an authorization code using an active access token >>> which should be recieved from the response. >>> Steps I followed are as per doc [1]: >>> >>> - Register a SP >>> - Configure OAuth/ OIDC with enbling password/code/refresh grant >>> types >>> - Configure "OAuthRequestPathAuthenticator" in local and outbound >>> authenticator section >>> - Generate access token using password type => recieved a valid >>> token >>> - Request for code using above token => Expected behaviour is to >>> recieve auth code in the response "Location" header. But I didn't see the >>> code in the response as per [2] >>> >>> Raised a jira for this in [3]. Appreciate any insight on this please. >>> >>> [1] https://docs.wso2.com/display/IS540/OAuth+Request+Path+Authenticator >>> [3] https://wso2.org/jira/browse/IDENTITY-7154 >>> [2] >>> >>> > POST /oauth2/authorize HTTP/1.1 >>> > Host: localhost:9444 >>> > User-Agent: curl/7.43.0 >>> > Accept: */* >>> > Authorization: Bearer 86c1f0ab-831e-3ae1-9a82-93a55a49bcdb >>> > Content-Type: application/x-www-form-urlencoded;charset=UTF-8 >>> > Content-Length: 109 >>> > >>> * upload completely sent off: 109 out of 109 bytes >>> < HTTP/1.1 302 Found >>> < X-Frame-Options: DENY >>> < X-Content-Type-Options: nosniff >>> < X-XSS-Protection: 1; mode=block >>> < Set-Cookie: commonAuthId=f8ace6c7-da84-4d0f-b3c6-4ae6ca40ac64; Path=/; >>> Secure; HttpOnly >>> < Date: Tue, 12 Dec 2017 12:48:31 GMT >>> < Location: >>> https://localhost:9444/authenticationendpoint/oauth2_consent.do?loggedInUser=admin&application=NewOauthSP&scope=openid&sessionDataKeyConsent=fd18c0f9-0151-420a-8389-49b955705722&spQueryParams=< >>> Content-Length: 0 >>> < Server: WSO2 Carbon Server >>> >>> >>> >>> Thanks, >>> >>> -- >>> Kavitha.S >>> *Software Engineer -QA* >>> email : [email protected] >>> Mobile : +94 (0) 771538811 <%2B94%20%280%29%20773%20451194> >>> >>> >> >> -- >> Farasath Ahamed >> Senior Software Engineer, WSO2 Inc.; http://wso2.com >> Mobile: +94777603866 >> Blog: blog.farazath.com >> Twitter: @farazath619 <https://twitter.com/farazath619> >> <http://wso2.com/signature> >> >> >> >> >> > > > -- > Kavitha.S > *Software Engineer -QA* > email : [email protected] > Mobile : +94 (0) 771538811 <%2B94%20%280%29%20773%20451194> > > -- Kavitha.S *Software Engineer -QA* email : [email protected] Mobile : +94 (0) 771538811 <%2B94%20%280%29%20773%20451194>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
