spring security - RequestEnhancer not used for AuthorizationCodeAccessTokenProvider during getRedirectForAuthorization -

- August 15, 2015

what i'm trying add parameter openid.realm authorization request.

my problem similar https://github.com/spring-projects/spring-security-oauth/issues/123 , tried follow outlined way solve it:

// create enhancer adds openid.realm defaultrequestenhancer enhancer = new defaultrequestenhancer(); enhancer.setparameterincludes(arrays.aslist("openid.realm"));  // create tokenprovider use enhancer authorizationcodeaccesstokenprovider tokenprovider =     new authorizationcodeaccesstokenprovider(); tokenprovider.setauthorizationrequestenhancer(enhancer);  // give tokenprovider rest template googleoauthresttemplate.setaccesstokenprovider(tokenprovider); googleoauthresttemplate.     getoauth2clientcontext().         getaccesstokenrequest().set("openid.realm", "http://localhost:8080/");  // try protected resource googleoauthresttemplate.     getforobject("https://www.googleapis.com/...", string.class);

now when user first hits code thrown out userredirectrequiredexception (originating @ getredirectforauthorization) , parameters there client_id, redirect_uri, response_type , scope, ok i'm missing openid.realm parameter though i've set.

shouldn't there during redirect well?

update:

here new testcase fails on last assert. (put in file: authorizationcodeaccesstokenprovidertests.java)

@test public void testenhancedredirecttoauthorizationendpoint() throws exception {     defaultrequestenhancer enhancer = new defaultrequestenhancer();     enhancer.setparameterincludes(arrays.aslist("openid.realm"));      provider.setauthorizationrequestenhancer(enhancer);      accesstokenrequest request = new defaultaccesstokenrequest();     request.set("openid.realm", "http://localhost:8080");     request.setcurrenturi("/come/back/soon");     resource.setuserauthorizationuri("http://localhost/oauth/authorize");      try {         provider.obtainaccesstoken(resource, request);         fail("expected userredirectrequiredexception");     }     catch (userredirectrequiredexception e) {         assertequals("http://localhost/oauth/authorize", e.getredirecturi());         assertequals("/come/back/soon", e.getstatetopreserve());         assertequals("code", e.getrequestparams().get("response_type"));         assertequals("http://localhost:8080", e.getrequestparams().get("openid.realm"));     } }

update 2: i've worked around problem extending token provider , adding params manually. maybe not right way seems work specific case @ least:

class enhancedauthorizationcodeaccesstokenprovider extends authorizationcodeaccesstokenprovider {     static string request_param_openid_realm = "openid.realm";      @override     public oauth2accesstoken obtainaccesstoken(oauth2protectedresourcedetails details, accesstokenrequest request) throws userredirectrequiredexception, userapprovalrequiredexception, accessdeniedexception, oauth2accessdeniedexception {         try {             return super.obtainaccesstoken(details, request);         } catch (userredirectrequiredexception e) {             map<string, string> requestparams = e.getrequestparams();             if (!requestparams.containskey(request_param_openid_realm) && request.containskey(request_param_openid_realm)) {                 requestparams.put(request_param_openid_realm, request.getfirst(request_param_openid_realm));             }              throw e;         }     } }

Search This Blog

CSS

spring security - RequestEnhancer not used for AuthorizationCodeAccessTokenProvider during getRedirectForAuthorization -

Comments

Post a Comment

Popular posts from this blog

google api - Incomplete response from Gmail API threads.list -

Installing Android SQLite Asset Helper -

Qt Creator - Searching files with Locator including folder -