This is what I was looking for. Thanks a lot
Andrea Messina Blue Reply Via Cardinal Massaia, 83 10147 - Torino - ITALY phone: +39 011 29100 [email protected] www.reply.it -----Original Message----- From: Sergey Beryozkin [mailto:[email protected]] Sent: venerdì 13 settembre 2013 14:24 To: Messina Andrea Cc: [email protected] Subject: Re: OAuth2 username-password flow with Apache CXF Should be OAuthClientUtils.getAccessToken(webClient, consumer, new ResourceOwnerGrant("resourceOwnerName", "resourceOwnerPassword"), false); where 'false' means no Authorization header is created Sergey On 13/09/13 13:22, Sergey Beryozkin wrote: > Hi, > > OAuthClientUtils has this method, > > public static ClientAccessToken getAccessToken(WebClient > accessTokenService, > Consumer consumer, > AccessTokenGrant grant, > boolean > setAuthorizationHeader) > > So, for example, > > OAuthClientUtils.getAccessToken(webClient, consumer, new > ResourceOwnerGrant("resourceOwnerName", "resourceOwnerPassword")); > > will do it, where 'consumer' represents Consumer initialized with a > client id & secret > > Cheers, Sergey > > On 13/09/13 13:12, Messina Andrea wrote: >> Hi Sergey. >> >> Thanks for reply. >> >> Unfortunately I am unable to construct a working cxf-tree-objects to >> perform a call for the 2-legged OAuth protocol. >> >> The classes I have located are: >> >> ·*WebClient* >> >> ·*OauthClientUtils* >> >> ·*AccessTokenService* >> >> ·*AccessTokenGrant* >> >> ·*Consumer* >> >> ·*ResourceOwnerGrantHandler* >> >> ·*ResourceOwnerLoginHandler*** >> >> Could you sent an example implementation that would be able to invoke >> a login endpoint supplying the following text in the body part of the >> HTTP POST request ? >> >> (PASSWORD GRANT so no user-direct authorization is required) >> >> *grant_type=password&client_id=*XXX*&client_secret=*YYY*&username=*ZZ >> Z*&password=*KKK >> >> >> This could be also helpful for many people looking for it >> (http://stackoverflow.com/questions/13793395/cxf-2-legged-oauth-example)! >> >> Thanks, >> >> Andrea >> >> >> >> Andrea Messina >> >> Blue Reply >> Via Cardinal Massaia, 83 >> 10147 - Torino - ITALY >> phone: +39 011 29100 >> [email protected] >> www.reply.it >> >> Blue Reply >> >> -----Original Message----- >> From: Sergey Beryozkin [mailto:[email protected]] >> Sent: giovedì 12 settembre 2013 22:21 >> To: [email protected] >> Cc: Messina Andrea >> Subject: Re: OAuth2 username-password flow with Apache CXF >> >> Hi >> >> Thanks for the query, forwarding to the users list, On 12/09/13 >> 18:37, Messina Andrea wrote: >> >> > >> >> > I'm looking for an example code written using Apache CXF WebClient >> API and requesting an access token using the "Password Access grant >> Type". >> >> > >> >> > The >> documentation(http://cxf.apache.org/docs/jax-rs-oauth2.html#JAX-RSOAuth2-ClientCredentials). >> >> is really very poor about this subject . >> >> > >> >> Right, looking at it now, agree a bit more info should go into it, >> Basically, the idea you just register an access token grant handler >> with AccessTokenService, the documentation focuses on the code flow >> and AccessTokenService tries to default to the code grant handler if >> no custom handlers have been registered, so I missed that no info is >> there at all on how the custom handlers can be added, it is really >> easy, >> >> AccessTokenService has >> >> public void setGrantHandlers(List<AccessTokenGrantHandler> handlers); >> and public void setGrantHandler(AccessTokenGrantHandler handler); >> >> methods. so you set ResourceOwnerGrantHandler (not ClientCredentials >> which you linked to) >> >> http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent >> /oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ >> ResourceOwnerGrantHandler.java >> >> >> Note AccessTokenService will authenticate the client itself (using >> client_id and client_secret) and the handler will authenticate the >> resource owner, using ResourceOwnerLoginHandler. >> >> Default ResourceOwnerLoginHandler implementation is JAAS based: >> >> http://svn.apache.org/repos/asf/cxf/trunk/rt/rs/security/oauth-parent >> /oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/grants/owner/ >> JAASResourceOwnerLoginHandler.java >> >> >> but you can implement your own logic. >> >> Hope it helps >> >> I'll work on improving the docs >> >> Sergey >> >> > The only input parameters are: >> >> > >> >> > 1) Login endpoint URI >> >> > 2) client_id and client_secret >> >> > 3) user_id and user_secret >> >> > >> >> > Thanks in advance, Andrea >> >> > >> >> > >> >> > Andrea Messina >> >> > >> >> > Blue Reply >> >> > Via Cardinal Massaia, 83 >> >> > 10147 - Torino - ITALY >> >> > phone: +39 011 29100 >> >> > [email protected] <mailto:[email protected]> >> >> > www.reply.it <http://www.reply.it> >> >> > >> >> > >> >> > >> >> > >> >> > ________________________________ >> >> > >> >> > -- >> >> > The information transmitted is intended for the person or entity >> to which it is addressed and may contain confidential and/or >> privileged material. Any review, retransmission, dissemination or >> other use of, or taking of any action in reliance upon, this >> information by persons or entities other than the intended recipient >> is prohibited. If you received this in error, please contact the >> sender and delete the material from any computer. >> >> > >> >> -- >> >> Sergey Beryozkin >> >> Talend Community Coders >> >> http://coders.talend.com/ >> >> Blog: http://sberyozkin.blogspot.com >> >> >> --------------------------------------------------------------------- >> --- >> >> -- >> The information transmitted is intended for the person or entity to >> which it is addressed and may contain confidential and/or privileged >> material. Any review, retransmission, dissemination or other use of, >> or taking of any action in reliance upon, this information by persons >> or entities other than the intended recipient is prohibited. If you >> received this in error, please contact the sender and delete the >> material from any computer. > > -- Sergey Beryozkin Talend Community Coders http://coders.talend.com/ Blog: http://sberyozkin.blogspot.com ________________________________ -- The information transmitted is intended for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.
