Re: [Dev] Error code unsupported_client_authentication_method in IS-5.4.1

2018-02-06 Thread Nilasini Thirunavukkarasu 
Hi,

Thanks. Sent the PR.

Thanks,
Nila.

On Wed, Feb 7, 2018 at 12:00 AM, Hasintha Indrajee 
wrote:

>
>
> On Tue, Feb 6, 2018 at 11:43 PM, Nilasini Thirunavukkarasu <
> nilas...@wso2.com> wrote:
>
>> Hi,
>>
>> Thank you for the reply.
>>
>> I have checked it in identity-inbound-auth-oauth 5.6.x branch which is
>> used for 5.5.0, the error code was changed from 
>> *unsupported_client_authentication_method
>> *but anyhow it has been changed to *invalid_request.*Shouldn't we
>> need to change the error code as *invalid_client*?
>>
>
> +1. Let's do this change.
>
>>
>> [1] https://github.com/wso2-extensions/identity-inbound-auth
>> -oauth/blob/5.6.x/components/org.wso2.carbon.identity.
>> oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/A
>> ccessTokenIssuer.java#L168-L170
>>
>>
>> Thanks,
>> Nila.
>>
>> On Tue, Feb 6, 2018 at 10:49 PM, Hasintha Indrajee 
>> wrote:
>>
>>>
>>>
>>> On Tue, Feb 6, 2018 at 10:32 PM, Maduranga Siriwardena <
>>> madura...@wso2.com> wrote:
>>>
 Hi Nilasini,

 Yes, unsupported_client_authentication_method is a incorrect error
 message. So we need to fix this.

 I think this should be already fixed in IS 5.5.0 branch. *@Hasintha*,
 can you confirm?

>>>
>>> IIRC this is already fixed in 5.5.0-snapshot
>>>

 Thanks,

 On Tue, Feb 6, 2018 at 5:07 PM, Nilasini Thirunavukkarasu <
 nilas...@wso2.com> wrote:

> Hi,
>
> In IS-5.4.1 if there is no client authentication in the token request,
> we are giving the error code
> *unsupported_client_authentication_method*. According to the spec[1],
> if there is no client authentication or unsupported client authentication,
> it will fall under "invalid_client".
>
> invalid_client
>Client authentication failed (e.g., unknown client, no
>client authentication included, or unsupported
>authentication method).  The authorization server MAY
>return an HTTP 401 (Unauthorized) status code to indicate
>which HTTP authentication schemes are supported.  If the
>client attempted to authenticate via the "Authorization"
>request header field, the authorization server MUST
>respond with an HTTP 401 (Unauthorized) status code and
>include the "WWW-Authenticate" response header field
>matching the authentication scheme used by the client.
>
>
>
>
> According to the spec, there is no standard error code like 
> *unsupported_client_authentication_method.
> *Is there any specific reason to introduce a new error code
> *unsupported_client_authentication_method *in IS5.4.1?.
>
> Example:-
>
> request:-
> curl -H  -k -d "grant_type=client_credentials" -H
> "Content-Type:application/x-www-form-urlencoded"
> https://localhost:9443/oauth2/token -k
>
> response:-
> {"error_description":"Unsupported Client Authentication
> Method!","error":"unsupported_client_authentication_method"}
>
> Please correct me if I'm wrong.
>
> [1] https://tools.ietf.org/html/rfc6749#section-5.2
>
>
> Thanks,
> Nila.
>
> --
> Nilasini Thirunavukkarasu
> Software Engineer - WSO2
>
> Email : nilas...@wso2.com
> Mobile : +94775241823 <+94%2077%20524%201823>
> Web : http://wso2.com/
>
>
> 
>



 --
 Maduranga Siriwardena
 Senior Software Engineer
 WSO2 Inc; http://wso2.com/

 Email: madura...@wso2.com
 Mobile: +94718990591 <071%20899%200591>
 Blog: *https://madurangasiriwardena.wordpress.com/
 *
 

>>>
>>>
>>>
>>> --
>>> Hasintha Indrajee
>>> WSO2, Inc.
>>> Mobile:+94 771892453 <+94%2077%20189%202453>
>>>
>>>
>>
>>
>> --
>> Nilasini Thirunavukkarasu
>> Software Engineer - WSO2
>>
>> Email : nilas...@wso2.com
>> Mobile : +94775241823 <077%20524%201823>
>> Web : http://wso2.com/
>>
>>
>> 
>>
>
>
>
> --
> Hasintha Indrajee
> WSO2, Inc.
> Mobile:+94 771892453 <+94%2077%20189%202453>
>
>


-- 
Nilasini Thirunavukkarasu
Software Engineer - WSO2

Email : nilas...@wso2.com
Mobile : +94775241823
Web : http://wso2.com/



___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Error code unsupported_client_authentication_method in IS-5.4.1

2018-02-06 Thread Hasintha Indrajee 
On Tue, Feb 6, 2018 at 11:43 PM, Nilasini Thirunavukkarasu <
nilas...@wso2.com> wrote:

> Hi,
>
> Thank you for the reply.
>
> I have checked it in identity-inbound-auth-oauth 5.6.x branch which is
> used for 5.5.0, the error code was changed from 
> *unsupported_client_authentication_method
> *but anyhow it has been changed to *invalid_request.*Shouldn't we need to
> change the error code as *invalid_client*?
>

+1. Let's do this change.

>
> [1] https://github.com/wso2-extensions/identity-inbound-
> auth-oauth/blob/5.6.x/components/org.wso2.carbon.
> identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/
> AccessTokenIssuer.java#L168-L170
>
>
> Thanks,
> Nila.
>
> On Tue, Feb 6, 2018 at 10:49 PM, Hasintha Indrajee 
> wrote:
>
>>
>>
>> On Tue, Feb 6, 2018 at 10:32 PM, Maduranga Siriwardena <
>> madura...@wso2.com> wrote:
>>
>>> Hi Nilasini,
>>>
>>> Yes, unsupported_client_authentication_method is a incorrect error
>>> message. So we need to fix this.
>>>
>>> I think this should be already fixed in IS 5.5.0 branch. *@Hasintha*,
>>> can you confirm?
>>>
>>
>> IIRC this is already fixed in 5.5.0-snapshot
>>
>>>
>>> Thanks,
>>>
>>> On Tue, Feb 6, 2018 at 5:07 PM, Nilasini Thirunavukkarasu <
>>> nilas...@wso2.com> wrote:
>>>
 Hi,

 In IS-5.4.1 if there is no client authentication in the token request,
 we are giving the error code *unsupported_client_authentication_method*.
 According to the spec[1], if there is no client authentication or
 unsupported client authentication, it will fall under "invalid_client".

 invalid_client
Client authentication failed (e.g., unknown client, no
client authentication included, or unsupported
authentication method).  The authorization server MAY
return an HTTP 401 (Unauthorized) status code to indicate
which HTTP authentication schemes are supported.  If the
client attempted to authenticate via the "Authorization"
request header field, the authorization server MUST
respond with an HTTP 401 (Unauthorized) status code and
include the "WWW-Authenticate" response header field
matching the authentication scheme used by the client.




 According to the spec, there is no standard error code like 
 *unsupported_client_authentication_method.
 *Is there any specific reason to introduce a new error code
 *unsupported_client_authentication_method *in IS5.4.1?.

 Example:-

 request:-
 curl -H  -k -d "grant_type=client_credentials" -H
 "Content-Type:application/x-www-form-urlencoded"
 https://localhost:9443/oauth2/token -k

 response:-
 {"error_description":"Unsupported Client Authentication
 Method!","error":"unsupported_client_authentication_method"}

 Please correct me if I'm wrong.

 [1] https://tools.ietf.org/html/rfc6749#section-5.2


 Thanks,
 Nila.

 --
 Nilasini Thirunavukkarasu
 Software Engineer - WSO2

 Email : nilas...@wso2.com
 Mobile : +94775241823 <+94%2077%20524%201823>
 Web : http://wso2.com/


 

>>>
>>>
>>>
>>> --
>>> Maduranga Siriwardena
>>> Senior Software Engineer
>>> WSO2 Inc; http://wso2.com/
>>>
>>> Email: madura...@wso2.com
>>> Mobile: +94718990591 <071%20899%200591>
>>> Blog: *https://madurangasiriwardena.wordpress.com/
>>> *
>>> 
>>>
>>
>>
>>
>> --
>> Hasintha Indrajee
>> WSO2, Inc.
>> Mobile:+94 771892453 <+94%2077%20189%202453>
>>
>>
>
>
> --
> Nilasini Thirunavukkarasu
> Software Engineer - WSO2
>
> Email : nilas...@wso2.com
> Mobile : +94775241823 <077%20524%201823>
> Web : http://wso2.com/
>
>
> 
>



-- 
Hasintha Indrajee
WSO2, Inc.
Mobile:+94 771892453
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Error code unsupported_client_authentication_method in IS-5.4.1

2018-02-06 Thread Nilasini Thirunavukkarasu 
Hi,

Thank you for the reply.

I have checked it in identity-inbound-auth-oauth 5.6.x branch which is used
for 5.5.0, the error code was changed from
*unsupported_client_authentication_method
*but anyhow it has been changed to *invalid_request.*Shouldn't we need to
change the error code as *invalid_client*?

[1]
https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/5.6.x/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/AccessTokenIssuer.java#L168-L170


Thanks,
Nila.

On Tue, Feb 6, 2018 at 10:49 PM, Hasintha Indrajee 
wrote:

>
>
> On Tue, Feb 6, 2018 at 10:32 PM, Maduranga Siriwardena  > wrote:
>
>> Hi Nilasini,
>>
>> Yes, unsupported_client_authentication_method is a incorrect error
>> message. So we need to fix this.
>>
>> I think this should be already fixed in IS 5.5.0 branch. *@Hasintha*,
>> can you confirm?
>>
>
> IIRC this is already fixed in 5.5.0-snapshot
>
>>
>> Thanks,
>>
>> On Tue, Feb 6, 2018 at 5:07 PM, Nilasini Thirunavukkarasu <
>> nilas...@wso2.com> wrote:
>>
>>> Hi,
>>>
>>> In IS-5.4.1 if there is no client authentication in the token request,
>>> we are giving the error code *unsupported_client_authentication_method*.
>>> According to the spec[1], if there is no client authentication or
>>> unsupported client authentication, it will fall under "invalid_client".
>>>
>>> invalid_client
>>>Client authentication failed (e.g., unknown client, no
>>>client authentication included, or unsupported
>>>authentication method).  The authorization server MAY
>>>return an HTTP 401 (Unauthorized) status code to indicate
>>>which HTTP authentication schemes are supported.  If the
>>>client attempted to authenticate via the "Authorization"
>>>request header field, the authorization server MUST
>>>respond with an HTTP 401 (Unauthorized) status code and
>>>include the "WWW-Authenticate" response header field
>>>matching the authentication scheme used by the client.
>>>
>>>
>>>
>>>
>>> According to the spec, there is no standard error code like 
>>> *unsupported_client_authentication_method.
>>> *Is there any specific reason to introduce a new error code
>>> *unsupported_client_authentication_method *in IS5.4.1?.
>>>
>>> Example:-
>>>
>>> request:-
>>> curl -H  -k -d "grant_type=client_credentials" -H
>>> "Content-Type:application/x-www-form-urlencoded"
>>> https://localhost:9443/oauth2/token -k
>>>
>>> response:-
>>> {"error_description":"Unsupported Client Authentication
>>> Method!","error":"unsupported_client_authentication_method"}
>>>
>>> Please correct me if I'm wrong.
>>>
>>> [1] https://tools.ietf.org/html/rfc6749#section-5.2
>>>
>>>
>>> Thanks,
>>> Nila.
>>>
>>> --
>>> Nilasini Thirunavukkarasu
>>> Software Engineer - WSO2
>>>
>>> Email : nilas...@wso2.com
>>> Mobile : +94775241823 <+94%2077%20524%201823>
>>> Web : http://wso2.com/
>>>
>>>
>>> 
>>>
>>
>>
>>
>> --
>> Maduranga Siriwardena
>> Senior Software Engineer
>> WSO2 Inc; http://wso2.com/
>>
>> Email: madura...@wso2.com
>> Mobile: +94718990591 <071%20899%200591>
>> Blog: *https://madurangasiriwardena.wordpress.com/
>> *
>> 
>>
>
>
>
> --
> Hasintha Indrajee
> WSO2, Inc.
> Mobile:+94 771892453 <+94%2077%20189%202453>
>
>


-- 
Nilasini Thirunavukkarasu
Software Engineer - WSO2

Email : nilas...@wso2.com
Mobile : +94775241823
Web : http://wso2.com/



___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Error code unsupported_client_authentication_method in IS-5.4.1

2018-02-06 Thread Hasintha Indrajee 
On Tue, Feb 6, 2018 at 10:32 PM, Maduranga Siriwardena 
wrote:

> Hi Nilasini,
>
> Yes, unsupported_client_authentication_method is a incorrect error
> message. So we need to fix this.
>
> I think this should be already fixed in IS 5.5.0 branch. *@Hasintha*, can
> you confirm?
>

IIRC this is already fixed in 5.5.0-snapshot

>
> Thanks,
>
> On Tue, Feb 6, 2018 at 5:07 PM, Nilasini Thirunavukkarasu <
> nilas...@wso2.com> wrote:
>
>> Hi,
>>
>> In IS-5.4.1 if there is no client authentication in the token request, we
>> are giving the error code *unsupported_client_authentication_method*.
>> According to the spec[1], if there is no client authentication or
>> unsupported client authentication, it will fall under "invalid_client".
>>
>> invalid_client
>>Client authentication failed (e.g., unknown client, no
>>client authentication included, or unsupported
>>authentication method).  The authorization server MAY
>>return an HTTP 401 (Unauthorized) status code to indicate
>>which HTTP authentication schemes are supported.  If the
>>client attempted to authenticate via the "Authorization"
>>request header field, the authorization server MUST
>>respond with an HTTP 401 (Unauthorized) status code and
>>include the "WWW-Authenticate" response header field
>>matching the authentication scheme used by the client.
>>
>>
>>
>>
>> According to the spec, there is no standard error code like 
>> *unsupported_client_authentication_method.
>> *Is there any specific reason to introduce a new error code
>> *unsupported_client_authentication_method *in IS5.4.1?.
>>
>> Example:-
>>
>> request:-
>> curl -H  -k -d "grant_type=client_credentials" -H
>> "Content-Type:application/x-www-form-urlencoded"
>> https://localhost:9443/oauth2/token -k
>>
>> response:-
>> {"error_description":"Unsupported Client Authentication
>> Method!","error":"unsupported_client_authentication_method"}
>>
>> Please correct me if I'm wrong.
>>
>> [1] https://tools.ietf.org/html/rfc6749#section-5.2
>>
>>
>> Thanks,
>> Nila.
>>
>> --
>> Nilasini Thirunavukkarasu
>> Software Engineer - WSO2
>>
>> Email : nilas...@wso2.com
>> Mobile : +94775241823 <+94%2077%20524%201823>
>> Web : http://wso2.com/
>>
>>
>> 
>>
>
>
>
> --
> Maduranga Siriwardena
> Senior Software Engineer
> WSO2 Inc; http://wso2.com/
>
> Email: madura...@wso2.com
> Mobile: +94718990591 <071%20899%200591>
> Blog: *https://madurangasiriwardena.wordpress.com/
> *
> 
>



-- 
Hasintha Indrajee
WSO2, Inc.
Mobile:+94 771892453
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Error code unsupported_client_authentication_method in IS-5.4.1

2018-02-06 Thread Maduranga Siriwardena 
Hi Nilasini,

Yes, unsupported_client_authentication_method is a incorrect error message.
So we need to fix this.

I think this should be already fixed in IS 5.5.0 branch. *@Hasintha*, can
you confirm?

Thanks,

On Tue, Feb 6, 2018 at 5:07 PM, Nilasini Thirunavukkarasu  wrote:

> Hi,
>
> In IS-5.4.1 if there is no client authentication in the token request, we
> are giving the error code *unsupported_client_authentication_method*.
> According to the spec[1], if there is no client authentication or
> unsupported client authentication, it will fall under "invalid_client".
>
> invalid_client
>Client authentication failed (e.g., unknown client, no
>client authentication included, or unsupported
>authentication method).  The authorization server MAY
>return an HTTP 401 (Unauthorized) status code to indicate
>which HTTP authentication schemes are supported.  If the
>client attempted to authenticate via the "Authorization"
>request header field, the authorization server MUST
>respond with an HTTP 401 (Unauthorized) status code and
>include the "WWW-Authenticate" response header field
>matching the authentication scheme used by the client.
>
>
>
>
> According to the spec, there is no standard error code like 
> *unsupported_client_authentication_method.
> *Is there any specific reason to introduce a new error code
> *unsupported_client_authentication_method *in IS5.4.1?.
>
> Example:-
>
> request:-
> curl -H  -k -d "grant_type=client_credentials" -H
> "Content-Type:application/x-www-form-urlencoded"
> https://localhost:9443/oauth2/token -k
>
> response:-
> {"error_description":"Unsupported Client Authentication
> Method!","error":"unsupported_client_authentication_method"}
>
> Please correct me if I'm wrong.
>
> [1] https://tools.ietf.org/html/rfc6749#section-5.2
>
>
> Thanks,
> Nila.
>
> --
> Nilasini Thirunavukkarasu
> Software Engineer - WSO2
>
> Email : nilas...@wso2.com
> Mobile : +94775241823 <+94%2077%20524%201823>
> Web : http://wso2.com/
>
>
> 
>



-- 
Maduranga Siriwardena
Senior Software Engineer
WSO2 Inc; http://wso2.com/

Email: madura...@wso2.com
Mobile: +94718990591
Blog: *https://madurangasiriwardena.wordpress.com/
*

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Error code unsupported_client_authentication_method in IS-5.4.1

2018-02-06 Thread Nilasini Thirunavukkarasu 
Hi,

In IS-5.4.1 if there is no client authentication in the token request, we
are giving the error code *unsupported_client_authentication_method*.
According to the spec[1], if there is no client authentication or
unsupported client authentication, it will fall under "invalid_client".

invalid_client
   Client authentication failed (e.g., unknown client, no
   client authentication included, or unsupported
   authentication method).  The authorization server MAY
   return an HTTP 401 (Unauthorized) status code to indicate
   which HTTP authentication schemes are supported.  If the
   client attempted to authenticate via the "Authorization"
   request header field, the authorization server MUST
   respond with an HTTP 401 (Unauthorized) status code and
   include the "WWW-Authenticate" response header field
   matching the authentication scheme used by the client.




According to the spec, there is no standard error code like
*unsupported_client_authentication_method.
*Is there any specific reason to introduce a new error code
*unsupported_client_authentication_method *in IS5.4.1?.

Example:-

request:-
curl -H  -k -d "grant_type=client_credentials" -H
"Content-Type:application/x-www-form-urlencoded"
https://localhost:9443/oauth2/token -k

response:-
{"error_description":"Unsupported Client Authentication
Method!","error":"unsupported_client_authentication_method"}

Please correct me if I'm wrong.

[1] https://tools.ietf.org/html/rfc6749#section-5.2


Thanks,
Nila.

-- 
Nilasini Thirunavukkarasu
Software Engineer - WSO2

Email : nilas...@wso2.com
Mobile : +94775241823
Web : http://wso2.com/



___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev