Hi Udara, It would be better if you can send the list of API methods in Metadata service and sample requests.
I can see that we are invoking the SOAP based OAuth Admin Service to generate the Token in the application parser. Do we have a REST API for accessing the OAuth Admin Service? If so we might need to share the API methods for renewing the Token. Thanks On Sun, Feb 8, 2015 at 3:22 PM, Udara Liyanage <ud...@wso2.com> wrote: > > On 8 Feb 2015 15:19, "Gayan Gunarathne" <gay...@wso2.com> wrote: > > > > Hi All, > > > > AFAIU from the current code base following the way we have implemented > to handle the OAuth token authentication. > > > > 1. We will generate the OAuth token when the instance spawn and pass it > through the cartridge payload as launch param(TOKEN) to the cartridge. > > > > 2. From the cartridge payload we can get that OAuth token and pass it > through the rest request to the metadata service. > > We have to pass token through "Authorization: Bearer" in the rest call. > > Please confirm this > Yes > > 3. We are using the "OAuthHandler" to handle the authentication based on > the oAuth token.(As per cxf-servlet.xml) > > > > 4. Also currently we are still enable the basicAuthenticationFilter(I > think we can remove that filter once the token based authentication is > verified) > Yes. Other authentication handlers are not needed. I have removed them > locally. Didn't push yet. > > > > Please confirm the above steps as per our implementation. Also please > add anything that I have missed here. > > I will share a python scripts which publishes and fetch metadata. > > > > Thanks, > > Gayan > > > > > > -- > > > > Gayan Gunarathne > > Technical Lead > > WSO2 Inc. (http://wso2.com) > > email : gay...@wso2.com | mobile : +94 766819985 > > > -- Imesh Gunaratne Technical Lead, WSO2 Committer & PMC Member, Apache Stratos