Hi Udara,

It would be better if you can send the list of API methods in Metadata
service and sample requests.

I can see that we are invoking the SOAP based OAuth Admin Service to
generate the Token in the application parser. Do we have a REST API for
accessing the OAuth Admin Service? If so we might need to share the API
methods for renewing the Token.

Thanks

On Sun, Feb 8, 2015 at 3:22 PM, Udara Liyanage <ud...@wso2.com> wrote:

>
> On 8 Feb 2015 15:19, "Gayan Gunarathne" <gay...@wso2.com> wrote:
> >
> > Hi All,
> >
> > AFAIU from the current code base following the way we have implemented
> to handle the OAuth token authentication.
> >
> > 1. We will generate the OAuth token when the instance spawn and pass it
> through the cartridge payload as launch param(TOKEN) to the cartridge.
> >
> > 2. From the cartridge payload we can get that OAuth token and pass it
> through the rest request to the metadata service.
> > We have to pass token through "Authorization: Bearer" in the rest call.
> > Please confirm this
> Yes
> > 3. We are using the "OAuthHandler" to handle the authentication based on
> the oAuth token.(As per cxf-servlet.xml)
> >
> > 4. Also currently we are still enable the basicAuthenticationFilter(I
> think we can remove that filter once the token based authentication is
> verified)
> Yes. Other authentication handlers are not needed. I have removed them
> locally. Didn't push yet.
> >
> > Please confirm the above steps as per our implementation. Also please
> add anything that I have missed here.
>
> I will share a python scripts which publishes and fetch metadata.
> >
> > Thanks,
> > Gayan
> >
> >
> > --
> >
> > Gayan Gunarathne
> > Technical Lead
> > WSO2 Inc. (http://wso2.com)
> > email  : gay...@wso2.com  | mobile : +94 766819985
> >
>



-- 
Imesh Gunaratne

Technical Lead, WSO2
Committer & PMC Member, Apache Stratos

Reply via email to