Hi Gottfried, I think your observation is correct. It is happening due to the following check[1] which sets the username and password params coming in grant request only to the OAuth2AccessTokenReqDTO object.
For the custom grant types, all the request parameters are set to the OAuth2AccessTokenReqDTO as seen in [2]. [1] https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/e9813da4110b819cfe563cdbd88d6a70064f45e0/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpoint.java#L273-L273 [2] https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/e9813da4110b819cfe563cdbd88d6a70064f45e0/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpoint.java#L284 Thanks, Farasath Farasath Ahamed Software Engineer, WSO2 Inc.; http://wso2.com Mobile: +94777603866 Blog: blog.farazath.com Twitter: @farazath619 <https://twitter.com/farazath619> <http://wso2.com/signature> On Thu, Mar 23, 2017 at 1:46 AM, Gottfried Szing <[email protected]> wrote: > Hi > > Target WSO2 product is the WSO2 IS 5.3 and/or API manager 2.1 > > I am currently implementing a set of custom grant types and one grant type > is based on the the existing PasswordGrantHandler. The goal is to check in > addition to the username, password and scope an additional, optional > request parameter. If this parameter exists, a special response header > should be added. So far, so good. > > But it does not work. I have extended the PasswordGrantHandler and check > the requestParamers in the DTO like here: > > public class MyPasswordGrantHandler extends PasswordGrantHandler { > > @Override > public boolean validateGrant(OAuthTokenReqMessageContext > oAuthTokenReqMessageContext) > throws IdentityOAuth2Exception { > // this returns null > oAuthTokenReqMessageContext.getOauth2AccessTokenReqDTO().get > RequestParameters() > > final boolean authStatus = super.validateGrant(oAuthToken > ReqMessageContext); > > if (authStatus) { > // .... > } > > return authStatus; > } > } > > This works perfectly for other, self-implemented grant handlers, but not > for this one as long as it is registered it in the identity.xml under the > GrantTypeName = password. If I choose a different name, the same > implementation works as expected. > > Any ideas, whats going on under the hood? In the sources I havent found > any hints. > > Br & Thanks > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
