[OLTU-13] Client defined HTTP headers in OAuthClientRequest - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: oauth2-0.31
Component/s: oauth2-client
Labels:
- newbie

Description

HTTP headers added to OAuthClientRequest are not sent with the HTTP request.

I would like to use HTTP Basic authentication at the token endpoint.
So on the client side I add "Authorization" HTTP header to OAuthClientRequest calling its setHeader() method.
But headers set on the OAuthClientRequest object are not processed by OAuthClient.accessToken() / URLConnectionClient.execute(), therefore they are not sent to the authorization server.

Or is there any other way to use HTTP Basic authentication between the client and the token endpoint of the authorization server?

The client code:

OAuthClientRequest tokenRequest = OAuthClientRequest
        .tokenLocation("https://...")
        .setGrantType(GrantType.AUTHORIZATION_CODE)
        .setClientId("...")
        .setClientSecret("...")
        .setRedirectURI("https://...")
        .setCode(authzCode)
        .buildBodyMessage();

if (tokenRequest.getHeaders() == null) {
    tokenRequest.setHeaders(new HashMap<String, String>()); // nice-to-have issue: it should be initialized inside OAuthClientRequest at creation time or at first call of setHeader()
}
tokenRequest.setHeader("Authorization", "..."); // main issue: header never used later

OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());

OAuthJSONAccessTokenResponse tokenResponse = oAuthClient.accessToken(tokenRequest);

Attachments

Activity

People

Assignee:: Antonio Sanso

Reporter:: Peter Turcsanyi

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 18/Sep/12 08:21

Updated:: 01/Apr/14 11:51

Resolved:: 29/Nov/12 11:56