Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
2.5.0-beta1
-
None
Description
It would be nice if the GrantRequestHandler had access to the original request object so that it could use values like the security token to pass along additional params to the authorization code request. In our implementation we set values within the security token's trusted json field that we'd like to pass along to our GrantRequestHandler implementation.
NEW USECASE (1/31/12):
Allow additional parameters to be appended to both the auth code request (query string) and access token request (body).
-
- If the other 2 flows need to be updated that can be done as well, but I don't know enough about those flows to know where to plug in.
Remove these lines
for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
request.setParam(entry.getKey(), entry.getValue());
}
From BasicAuthenticationHandler, ClientCredentialsGrantTypeHandler, and StandardAuthenticationHandler.
Leave the one in CodeGrantTypeHandler to support the additional parameters on the auth code request.
THEN...add these lines to CodeAuthorizationResponseHandler:getAuthorizationBody to handle the access token request
(right after queryParams.put(OAuth2Message.CLIENT_SECRET, secret); )
for (Map.Entry<String, String> entry : accessor.getAdditionalRequestParams().entrySet()) {
queryParams.put(entry.getKey(), entry.getValue());
}