[
https://issues.apache.org/jira/browse/CAMEL-22645?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18034772#comment-18034772
]
Cameron Fitzwater edited comment on CAMEL-22645 at 11/3/25 1:53 PM:
--------------------------------------------------------------------
[~davsclaus] -- can you confirm if the comment above was also addressed in the
commit that was pushed? I believe this issue may only be present when the
`{*}oauth2CacheTokens{*}` option is being used with `{*}toD{*}` (which I failed
to mention above).-
-toD:-
-uri: "{{{}api.uri{}}}/api/v3/address"-
-parameters:-
-sslContextParameters: "#bean:sslContextParameters"-
-httpMethod: "GET"-
-bridgeEndpoint: true-
-skipControlHeaders: true-
-skipRequestHeaders: true-
-okStatusCodeRange: 200-
-# OAuth2 parameters-
-oauth2ClientId: "{{{}api.consumer.key{}}}"-
-oauth2ClientSecret: "{{{}api.consumer.secret{}}}"-
-oauth2TokenEndpoint: "{{{}api.uri{}}}/oauth2/v3/token"-
-*oauth2CacheTokens: true*-
-*oauth2BodyAuthentication: true*-
-oauth2Scope: "addresses"-
-If not, here is where I thought this issue might reside (it seems like the
{*}caching logic is coupled to the request URI{*}, which is too granular for
dynamic endpoints)?-
-[https://github.com/apache/camel/blob/2e0bc04e76bc4e16f6e285a68fc7e23581a349ac/components/camel-http/src/main/java/org/apache/camel/component/http/OAuth2ClientConfigurer.java#L75]-
was (Author: JIRAUSER310023):
[~davsclaus] - can you confirm if the comment above was also addressed in the
commit that was pushed? I believe this issue may only be present when the
`{*}oauth2CacheTokens{*}` option is being used with `{*}toD{*}` (which I failed
to mention above).
toD:
uri: "{{{}api.uri{}}}/api/v3/address"
parameters:
sslContextParameters: "#bean:sslContextParameters"
httpMethod: "GET"
bridgeEndpoint: true
skipControlHeaders: true
skipRequestHeaders: true
okStatusCodeRange: 200
# OAuth2 parameters
oauth2ClientId: "{{{}api.consumer.key{}}}"
oauth2ClientSecret: "{{{}api.consumer.secret{}}}"
oauth2TokenEndpoint: "{{{}api.uri{}}}/oauth2/v3/token"
*oauth2CacheTokens: true*
*oauth2BodyAuthentication: true*
oauth2Scope: "addresses"
If not, here is where I thought this issue might reside (it seems like the
{*}caching logic is coupled to the request URI{*}, which is too granular for
dynamic endpoints)?
https://github.com/apache/camel/blob/2e0bc04e76bc4e16f6e285a68fc7e23581a349ac/components/camel-http/src/main/java/org/apache/camel/component/http/OAuth2ClientConfigurer.java#L75
> http-component - oauth2BodyAuthentication not being stipped out of URI
> ----------------------------------------------------------------------
>
> Key: CAMEL-22645
> URL: https://issues.apache.org/jira/browse/CAMEL-22645
> Project: Camel
> Issue Type: Bug
> Components: camel-http
> Affects Versions: 4.14.0
> Reporter: Cameron Fitzwater
> Assignee: Claus Ibsen
> Priority: Minor
> Fix For: 4.14.3, 4.16.0
>
>
> The implementation of `oauth2BodyAuthentication` may be missing a step of
> removing the parameter from the calls URI (it is being populated forward in
> the URI – see example).
> This is not the case with other oauth2* parameters (they are not included in
> the URI).
> e.g.,
> - to:
> uri: "\{{api.uri}}/api/v3/address"
> parameters:
> sslContextParameters: "#bean:sslContextParameters"
> httpMethod: "GET"
> bridgeEndpoint: true
> skipControlHeaders: true
> skipRequestHeaders: true
> okStatusCodeRange: 200
> # OAuth2 parameters
> oauth2ClientId: "\{{api.consumer.key}}"
> oauth2ClientSecret: "\{{api.consumer.secret}}"
> oauth2TokenEndpoint: "\{{api.uri}}/oauth2/v3/token"
> oauth2BodyAuthentication: true
> oauth2Scope: "addresses"
>
> Reviewing the DEBUG logs, it is sending the request with:
> `GET /api/v3/address?oauth2BodyAuthentication=true&...`
>
> Expected:
> `GET /api/v3/address?...`
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
