stable
Clone or download
The redirect_uri parameter is mandatory when calling the authorize endpoint, as such it also must be provided when calling the token endpoint [0]. To test, you need to: 1. Create a new OAuth2 app in a project administration 2. Access the access token endpoint, '<client_id>', '<client_secret>', '<authorization_code>' and '<redirect_uri>' must be replaced: shell> curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' \ --user '<client_id>:<client_secret>' \ --data 'grant_type=authorization_code&code=<authorization_code>&redirect_uri=<redirect_uri>' \ https://tuleap.example.com/oauth2/token For now the only valid value for the authorization code is an hardcoded value: 'tlp-oauth2-ac1-1.6161616161616161616161616161616161616161616161616161616161616161'. This is part of story #14542: have OAuth2 flow [0] RFC6749 section 4.1.3: https://tools.ietf.org/html/rfc6749#section-4.1.3 Change-Id: Ie4182da29dc9d51a11d8922ce13864a9ca2ddd49
Modified Files
| Name | ||||
|---|---|---|---|---|
| M | plugins/oauth2_server/include/Grant/AuthCodeGrantController.php | +11 | −3 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/Grant/AuthCodeGrantControllerTest.php | +54 | −2 | Go to diff View file |