Hi, Thanks. Sent the PR.
Thanks, Nila. On Wed, Feb 7, 2018 at 12:00 AM, Hasintha Indrajee <[email protected]> wrote: > > > On Tue, Feb 6, 2018 at 11:43 PM, Nilasini Thirunavukkarasu < > [email protected]> wrote: > >> Hi, >> >> Thank you for the reply. >> >> I have checked it in identity-inbound-auth-oauth 5.6.x branch which is >> used for 5.5.0, the error code was changed from >> *unsupported_client_authentication_method >> *but anyhow it has been changed to *invalid_request.*Shouldn't we >> need to change the error code as *invalid_client*? >> > > +1. Let's do this change. > >> >> [1] https://github.com/wso2-extensions/identity-inbound-auth >> -oauth/blob/5.6.x/components/org.wso2.carbon.identity. >> oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/A >> ccessTokenIssuer.java#L168-L170 >> >> >> Thanks, >> Nila. >> >> On Tue, Feb 6, 2018 at 10:49 PM, Hasintha Indrajee <[email protected]> >> wrote: >> >>> >>> >>> On Tue, Feb 6, 2018 at 10:32 PM, Maduranga Siriwardena < >>> [email protected]> wrote: >>> >>>> Hi Nilasini, >>>> >>>> Yes, unsupported_client_authentication_method is a incorrect error >>>> message. So we need to fix this. >>>> >>>> I think this should be already fixed in IS 5.5.0 branch. *@Hasintha*, >>>> can you confirm? >>>> >>> >>> IIRC this is already fixed in 5.5.0-snapshot >>> >>>> >>>> Thanks, >>>> >>>> On Tue, Feb 6, 2018 at 5:07 PM, Nilasini Thirunavukkarasu < >>>> [email protected]> wrote: >>>> >>>>> Hi, >>>>> >>>>> In IS-5.4.1 if there is no client authentication in the token request, >>>>> we are giving the error code >>>>> *unsupported_client_authentication_method*. According to the spec[1], >>>>> if there is no client authentication or unsupported client authentication, >>>>> it will fall under "invalid_client". >>>>> >>>>> invalid_client >>>>> Client authentication failed (e.g., unknown client, no >>>>> client authentication included, or unsupported >>>>> authentication method). The authorization server MAY >>>>> return an HTTP 401 (Unauthorized) status code to indicate >>>>> which HTTP authentication schemes are supported. If the >>>>> client attempted to authenticate via the "Authorization" >>>>> request header field, the authorization server MUST >>>>> respond with an HTTP 401 (Unauthorized) status code and >>>>> include the "WWW-Authenticate" response header field >>>>> matching the authentication scheme used by the client. >>>>> >>>>> >>>>> >>>>> >>>>> According to the spec, there is no standard error code like >>>>> *unsupported_client_authentication_method. >>>>> *Is there any specific reason to introduce a new error code >>>>> *unsupported_client_authentication_method *in IS5.4.1?. >>>>> >>>>> Example:- >>>>> >>>>> request:- >>>>> curl -H -k -d "grant_type=client_credentials" -H >>>>> "Content-Type:application/x-www-form-urlencoded" >>>>> https://localhost:9443/oauth2/token -k >>>>> >>>>> response:- >>>>> {"error_description":"Unsupported Client Authentication >>>>> Method!","error":"unsupported_client_authentication_method"} >>>>> >>>>> Please correct me if I'm wrong. >>>>> >>>>> [1] https://tools.ietf.org/html/rfc6749#section-5.2 >>>>> >>>>> >>>>> Thanks, >>>>> Nila. >>>>> >>>>> -- >>>>> Nilasini Thirunavukkarasu >>>>> Software Engineer - WSO2 >>>>> >>>>> Email : [email protected] >>>>> Mobile : +94775241823 <+94%2077%20524%201823> >>>>> Web : http://wso2.com/ >>>>> >>>>> >>>>> <http://wso2.com/signature> >>>>> >>>> >>>> >>>> >>>> -- >>>> Maduranga Siriwardena >>>> Senior Software Engineer >>>> WSO2 Inc; http://wso2.com/ >>>> >>>> Email: [email protected] >>>> Mobile: +94718990591 <071%20899%200591> >>>> Blog: *https://madurangasiriwardena.wordpress.com/ >>>> <https://madurangasiriwardena.wordpress.com/>* >>>> <http://wso2.com/signature> >>>> >>> >>> >>> >>> -- >>> Hasintha Indrajee >>> WSO2, Inc. >>> Mobile:+94 771892453 <+94%2077%20189%202453> >>> >>> >> >> >> -- >> Nilasini Thirunavukkarasu >> Software Engineer - WSO2 >> >> Email : [email protected] >> Mobile : +94775241823 <077%20524%201823> >> Web : http://wso2.com/ >> >> >> <http://wso2.com/signature> >> > > > > -- > Hasintha Indrajee > WSO2, Inc. > Mobile:+94 771892453 <+94%2077%20189%202453> > > -- Nilasini Thirunavukkarasu Software Engineer - WSO2 Email : [email protected] Mobile : +94775241823 Web : http://wso2.com/ <http://wso2.com/signature>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
