[jira] [Updated] (SHINDIG-1672) The HttpRequest object is not available to GrantRequestHandlers

Tue, 31 Jan 2012 10:46:36 -0800 

     [ 
https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Doug Davies updated SHINDIG-1672:
---------------------------------

    Attachment: SHINDIG-1672-2.patch

Proposed patch
                
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
>                 Key: SHINDIG-1672
>                 URL: https://issues.apache.org/jira/browse/SHINDIG-1672
>             Project: Shindig
>          Issue Type: Bug
>          Components: Java
>    Affects Versions: 3.0.0
>            Reporter: Doug Davies
>             Fix For: 3.0.0
>
>         Attachments: SHINDIG-1672-2.patch
>
>
> It would be nice if the GrantRequestHandler had access to the original 
> request object so that it could use values like the security token to pass 
> along additional params to the authorization code request.  In our 
> implementation we set values within the security token's trusted json field 
> that we'd like to pass along to our GrantRequestHandler implementation.
> NEW USECASE (1/31/12): 
> Allow additional parameters to be appended to both the auth code request 
> (query string) and access token request (body).  
> ** If the other 2 flows need to be updated that can be done as well, but I 
> don't know enough about those flows to know where to plug in.
> Remove these lines
> for (Map.Entry<String, String> entry : 
> accessor.getAdditionalRequestParams().entrySet()) {
>    request.setParam(entry.getKey(), entry.getValue());
> }
> From BasicAuthenticationHandler, ClientCredentialsGrantTypeHandler, and 
> StandardAuthenticationHandler.
> Leave the one in CodeGrantTypeHandler to support the additional parameters on 
> the auth code request.
> THEN...add these lines to 
> CodeAuthorizationResponseHandler:getAuthorizationBody to handle the access 
> token request
> (right after queryParams.put(OAuth2Message.CLIENT_SECRET, secret); )
> for (Map.Entry<String, String> entry : 
> accessor.getAdditionalRequestParams().entrySet()) {
>    queryParams.put(entry.getKey(), entry.getValue());
> }

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to