[
https://issues.apache.org/jira/browse/SHINDIG-1672?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13198091#comment-13198091
]
[email protected] commented on SHINDIG-1672:
--------------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3064/#review4752
-----------------------------------------------------------
Ship it!
Looks good. Thanks. This is the better place to flow additional authorization
parameters into access token request.
Would you please send an Eclipse based patch? thanks.
- li
On 2012-02-01 14:54:12, Doug Davies wrote:
bq.
bq. -----------------------------------------------------------
bq. This is an automatically generated e-mail. To reply, visit:
bq. https://reviews.apache.org/r/3064/
bq. -----------------------------------------------------------
bq.
bq. (Updated 2012-02-01 14:54:12)
bq.
bq.
bq. Review request for shindig.
bq.
bq.
bq. Summary
bq. -------
bq.
bq. It would be nice if the GrantRequestHandler had access to the original
request object so that it could use values like the security token to pass
along additional params to the authorization code request. In our
implementation we set values within the security token's trusted json field
that we'd like to pass along to our GrantRequestHandler implementation.
bq.
bq.
bq. This addresses bug SHINDIG-1672.
bq. https://issues.apache.org/jira/browse/SHINDIG-1672
bq.
bq.
bq. Diffs
bq. -----
bq.
bq.
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/BasicAuthenticationHandler.java
1238728
bq.
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandler.java
1238728
bq.
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/CodeAuthorizationResponseHandler.java
1238728
bq.
/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/StandardAuthenticationHandler.java
1238728
bq.
bq. Diff: https://reviews.apache.org/r/3064/diff
bq.
bq.
bq. Testing
bq. -------
bq.
bq. Added unit test in CodeGrantTypeHandlerTest (testGetCompleteUrl_5). It
tests that the complete url sent to the authentication server has the parameter
set in the accessor.
bq.
bq.
bq. Thanks,
bq.
bq. Doug
bq.
bq.
> The HttpRequest object is not available to GrantRequestHandlers
> ---------------------------------------------------------------
>
> Key: SHINDIG-1672
> URL: https://issues.apache.org/jira/browse/SHINDIG-1672
> Project: Shindig
> Issue Type: Bug
> Components: Java
> Affects Versions: 3.0.0
> Reporter: Doug Davies
> Fix For: 3.0.0
>
> Attachments: SHINDIG-1672-2.patch
>
>
> It would be nice if the GrantRequestHandler had access to the original
> request object so that it could use values like the security token to pass
> along additional params to the authorization code request. In our
> implementation we set values within the security token's trusted json field
> that we'd like to pass along to our GrantRequestHandler implementation.
> NEW USECASE (1/31/12):
> Allow additional parameters to be appended to both the auth code request
> (query string) and access token request (body).
> ** If the other 2 flows need to be updated that can be done as well, but I
> don't know enough about those flows to know where to plug in.
> Remove these lines
> for (Map.Entry<String, String> entry :
> accessor.getAdditionalRequestParams().entrySet()) {
> request.setParam(entry.getKey(), entry.getValue());
> }
> From BasicAuthenticationHandler, ClientCredentialsGrantTypeHandler, and
> StandardAuthenticationHandler.
> Leave the one in CodeGrantTypeHandler to support the additional parameters on
> the auth code request.
> THEN...add these lines to
> CodeAuthorizationResponseHandler:getAuthorizationBody to handle the access
> token request
> (right after queryParams.put(OAuth2Message.CLIENT_SECRET, secret); )
> for (Map.Entry<String, String> entry :
> accessor.getAdditionalRequestParams().entrySet()) {
> queryParams.put(entry.getKey(), entry.getValue());
> }
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
