[OLTU-28] End User Authorization Endpoint (namely OAuthAuthzRequest) needs to be updated to latest spec - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: oauth2-0.22
Component/s: oauth2-authzserver
Labels:
None

Description

As for [0] response_type MUST be set to "code".
At the moment OAuthAuthzRequest is still in line with the old spec (The requested response: an access token, an
authorization code, or both. ):

protected OAuthValidator initValidator() throws OAuthProblemException, OAuthSystemException {
.....
validators.put(ResponseType.CODE.toString(), CodeValidator.class);
validators.put(ResponseType.TOKEN.toString(), TokenValidator.class);
validators.put(ResponseType.CODE_AND_TOKEN.toString(), CodeTokenValidator.class);
String requestTypeValue = getParam(OAuth.OAUTH_RESPONSE_TYPE);
...
Class clazz = validators.get(requestTypeValue);

patch to follow.

[0] http://tools.ietf.org/html/draft-ietf-oauth-v2-22#section-4.1.1

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

AMBER-31-asanso-patch.txt
12/Oct/11 12:40
9 kB
Antonio Sanso

Activity

People

Assignee:: Tommaso Teofili

Reporter:: Antonio Sanso

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 09/Oct/11 12:41

Updated:: 26/Mar/13 12:41

Resolved:: 26/Mar/13 12:41