Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

Authenticate app accessing the token endpoint

Download Browse

When requesting an access token the client must send the client ID and client secret that have been assigned. Only Basic authentication is supported to authenticate the client since it is not recommended to pass the client credentials in the request body [0]. To test you need to register an app in the project administration, save the credentials and use them when calling the endpoint generating the access token: shell> curl -X POST \ -H 'Content-Type: application/x-www-form-urlencoded' \ --user '<client_id>:<client_secret>' \ --data 'grant_type=authorization_code' \ https://tuleap.example.com/plugins/oauth2_server/access_token This is part of story #14542: have OAuth2 flow [0] https://tools.ietf.org/html/rfc6749#section-2.3.1 Change-Id: Id304dd9e91ee537d6d0c71a5ee326fd0184e3230

+688 −3
Thomas Gerbet (tgerbet) 2020-02-26 12:27
Thomas Gerbet (tgerbet) 2020-02-26 22:11
d447c0b88024a87181861576dc6d932e986def89
1b7393d6969e2343779bfeb0e7c0a5257960e932
git #tuleap/stable/d447c0b88024a87181861576dc6d932e986def89

Modified Files

Side by side diff
Inline diff
Name
M plugins/oauth2_server/include/App/AppDao.php +10 −0 Go to diff View file
A plugins/oauth2_server/include/App/InvalidOAuth2AppSecretException.php +33 −0 Go to diff View file
A plugins/oauth2_server/include/App/OAuth2AppCredentialVerifier.php +75 −0 Go to diff View file
M plugins/oauth2_server/include/App/OAuth2AppNotFoundException.php +3 −1 Go to diff View file
A plugins/oauth2_server/include/App/OAuth2ClientIdentifierAndSecretMismatchException.php +35 −0 Go to diff View file
A plugins/oauth2_server/include/App/OAuth2MissingVerifierStringException.php +39 −0 Go to diff View file
M plugins/oauth2_server/include/Grant/AuthCodeGrantController.php +14 −1 Go to diff View file
A plugins/oauth2_server/include/Grant/OAuth2ClientAuthenticationMiddleware.php +112 −0 Go to diff View file
M plugins/oauth2_server/include/oauth2_serverPlugin.php +16 −1 Go to diff View file
A plugins/oauth2_server/phpunit/App/OAuth2AppCredentialVerifierTest.php +132 −0 Go to diff View file
M plugins/oauth2_server/phpunit/Grant/AuthCodeGrantControllerTest.php +22 −0 Go to diff View file
A plugins/oauth2_server/phpunit/Grant/OAuth2ClientAuthenticationMiddlewareTest.php +197 −0 Go to diff View file