[
https://issues.apache.org/jira/browse/KNOX-3312?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Larry McCay updated KNOX-3312:
------------------------------
Description:
Current implementation can't get to the grant_type request param.
Unit tests mock out the requests and make it hard to tease this out as an issue.
When we know that there is an Authorization header and that it is Basic then we
need to check whether there is the hardcoded username of token or passcode and
if not, unwrap the request to check for a grant_type for OAuth
client_credentials and handle it appropriately.
Current implementation tries to check that but the params are hidden by the
wrappers.
was:
Current implementation can't get to the grant_type request param.
Unit tests mock out the requests and make it hard to tease this out as an issue.
> Client Credentials Flow with HTTP Basic needs Unwrapped Servlet Request
> -----------------------------------------------------------------------
>
> Key: KNOX-3312
> URL: https://issues.apache.org/jira/browse/KNOX-3312
> Project: Apache Knox
> Issue Type: Bug
> Components: JWT
> Reporter: Larry McCay
> Assignee: Larry McCay
> Priority: Major
> Fix For: 3.0.0
>
>
> Current implementation can't get to the grant_type request param.
> Unit tests mock out the requests and make it hard to tease this out as an
> issue.
> When we know that there is an Authorization header and that it is Basic then
> we need to check whether there is the hardcoded username of token or passcode
> and if not, unwrap the request to check for a grant_type for OAuth
> client_credentials and handle it appropriately.
> Current implementation tries to check that but the params are hidden by the
> wrappers.
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
