Uploaded image for project: 'Help-Desk'
  1. Help-Desk
  2. HELP-6331

FIWARE.Request.Tech.Security.IDM-KeyRock.FIWARE IdM KeyRock - Help needed with Authorization Code Grant

        Details

        • HD-Chapter:
          Security
        • HD-Enabler:
          KeyRock

          Description

          I am integrating the KeyRock authentication to POI-DP. It seems that I cannot use available libraries, so, I have to directly use the REST API.

          In the document http://fiware-idm.readthedocs.org/en/latest/oauth2.html is the following entry:

          Access Token Request

          POST /oauth2/token HTTP/1.1
Host: account.lab.fiware.org
Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
Content-Type: application/x-www-form-urlencoded

grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA
&redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcallback_url

          The syntax is a little ambiguous, but I have guessed that the method should be POST,
          the URI should be 

          https://account.lab.fiware.org/oauth2/token

          the headers should be

          Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
Content-Type: application/x-www-form-urlencoded

          and the body should be

          grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA
&redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcallback_url

          I also guess that the code in the body should be the one received in the Authorization Response, and the redirect_uri should be the one registered in the authentication server. However, I have not found what value should be in the Authorization header. I have got responses 400, 404, and 500 to my hacking experiments, but my imagination has exhausted.

          How exactly to formulate the Access Token Request to get that token?

          Possibly the documentation can be improved to avoid this kind of problems.

          (This problem blocks my Blocker issue [WEB-900].)

            Activity

            Descending order - Click to sort in ascending order
            fla Fernando Lopez made changes -
            Fix Version/s 2021 [ 12600 ]
            backlogmanager Backlog Manager made changes -
            Summary FIWARE IdM KeyRock - Help needed with Authorization Code Grant FIWARE.Request.Tech.Security.IDM-KeyRock.FIWARE IdM KeyRock - Help needed with Authorization Code Grant
            aalonsog Alvaro Alonso made changes -
            Status Answered [ 10104 ] Closed [ 6 ]
            Resolution Done [ 10000 ]
            aalonsog Alvaro Alonso made changes -
            Status In Progress [ 3 ] Answered [ 10104 ]
            aalonsog Alvaro Alonso made changes -
            Status Open [ 1 ] In Progress [ 3 ]
            ariokkon Ari Okkonen made changes -
            Priority Blocker [ 1 ] Major [ 3 ]
            ariokkon Ari Okkonen made changes -
            Summary FIWARE IdM KeyRock - Help needed with Access Token Request FIWARE IdM KeyRock - Help needed with Authorization Code Grant
            ariokkon Ari Okkonen made changes -
            Link This issue blocks WEB-900 [ WEB-900 ]
            backlogmanager Backlog Manager made changes -
            Assignee Alvaro Alonso [ aalonsog ]
            backlogmanager Backlog Manager made changes -
            HD-Chapter Security [ 10841 ]
            mev Manuel Escriche made changes -
            Assignee Manuel Escriche [ mev ]
            mev Manuel Escriche made changes -
            HD-Enabler KeyRock [ 10889 ]
            ariokkon Ari Okkonen made changes -
            Description I am integrating the KeyRock authentication to POI-DP. It seems that I cannot use available libraries, so, I have to directly use the REST API. I

            In the document http://fiware-idm.readthedocs.org/en/latest/oauth2.html is the following entry:

            *Access Token Request*
            {code:java}
            POST /oauth2/token HTTP/1.1
            Host: account.lab.fiware.org
            Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
            Content-Type: application/x-www-form-urlencoded

            grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA
            &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcallback_url
            {code}
            The syntax is a little ambiguous, but I have guessed that the method should be *POST*,
            the URI should be
            {code:java}
            https://account.lab.fiware.org/oauth2/token
            {code}
            the headers should be
            {code:java}
            Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
            Content-Type: application/x-www-form-urlencoded
            {code}
            and the body should be
            {code:java}
            grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA
            &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcallback_url
            {code}
            I also guess that the code in the body should be the one received in the Authorization Response, and the redirect_uri should be the one registered in the authentication server. However, *I have not found what value should be in the Authorization header.* I have got responses 400, 404, and 500 to my hacking experiments, but my imagination has exhausted.

            How exactly to formulate the Access Token Request to get that token?

            Possibly the documentation can be improved to avoid this kind of problems.

            (This problem blocks my Blocker issue [WEB-900].)


            		 I am integrating the KeyRock authentication to POI-DP. It seems that I cannot use available libraries, so, I have to directly use the REST API.

            In the document http://fiware-idm.readthedocs.org/en/latest/oauth2.html is the following entry:

            *Access Token Request*
            {code:java}
            POST /oauth2/token HTTP/1.1
            Host: account.lab.fiware.org
            Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
            Content-Type: application/x-www-form-urlencoded

            grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA
            &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcallback_url
            {code}
            The syntax is a little ambiguous, but I have guessed that the method should be *POST*,
            the URI should be
            {code:java}
            https://account.lab.fiware.org/oauth2/token
            {code}
            the headers should be
            {code:java}
            Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
            Content-Type: application/x-www-form-urlencoded
            {code}
            and the body should be
            {code:java}
            grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA
            &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcallback_url
            {code}
            I also guess that the code in the body should be the one received in the Authorization Response, and the redirect_uri should be the one registered in the authentication server. However, *I have not found what value should be in the Authorization header.* I have got responses 400, 404, and 500 to my hacking experiments, but my imagination has exhausted.

            How exactly to formulate the Access Token Request to get that token?

            Possibly the documentation can be improved to avoid this kind of problems.

            (This problem blocks my Blocker issue [WEB-900].)
            ariokkon Ari Okkonen made changes -
            Link This issue blocks WEB-900 [ WEB-900 ]
            ariokkon Ari Okkonen made changes -
            Description I am integrating the KeyRock authentication to POI-DP. It seems that I cannot use available libraries, so, I have to directly use the REST API. I

            In the document http://fiware-idm.readthedocs.org/en/latest/oauth2.html is the following entry:

            *Access Token Request*
            {code:java}
            POST /oauth2/token HTTP/1.1
            Host: account.lab.fiware.org
            Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
            Content-Type: application/x-www-form-urlencoded

            grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA
            &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcallback_url
            {code}
            The syntax is a little ambiguous, but I have guessed that the method should be *POST*,
            the URI should be
            {code:java}
            https://account.lab.fiware.org/oauth2/token
            {code}
            the headers should be
            {code:java}
            Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
            Content-Type: application/x-www-form-urlencoded
            {code}
            and the body should be
            {code:java}
            grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA
            &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcallback_url
            {code}
            I also guess that the code in the body should be the one received in the Authorization Response, and the redirect_uri should be the one registered in the authentication server. However, I have not found what value should be in the Authorization header. I have got responses 400, 404, and 500 to my hacking experiments, but my imagination has exhausted.

            How exactly to formulate the Access Token Request to get that token?

            Possibly the documentation can be improved to avoid this kind of problems.

            (This problem blocks my Blocker issue [WEB-900].)


            		 I am integrating the KeyRock authentication to POI-DP. It seems that I cannot use available libraries, so, I have to directly use the REST API. I

            In the document http://fiware-idm.readthedocs.org/en/latest/oauth2.html is the following entry:

            *Access Token Request*
            {code:java}
            POST /oauth2/token HTTP/1.1
            Host: account.lab.fiware.org
            Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
            Content-Type: application/x-www-form-urlencoded

            grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA
            &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcallback_url
            {code}
            The syntax is a little ambiguous, but I have guessed that the method should be *POST*,
            the URI should be
            {code:java}
            https://account.lab.fiware.org/oauth2/token
            {code}
            the headers should be
            {code:java}
            Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
            Content-Type: application/x-www-form-urlencoded
            {code}
            and the body should be
            {code:java}
            grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA
            &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcallback_url
            {code}
            I also guess that the code in the body should be the one received in the Authorization Response, and the redirect_uri should be the one registered in the authentication server. However, *I have not found what value should be in the Authorization header.* I have got responses 400, 404, and 500 to my hacking experiments, but my imagination has exhausted.

            How exactly to formulate the Access Token Request to get that token?

            Possibly the documentation can be improved to avoid this kind of problems.

            (This problem blocks my Blocker issue [WEB-900].)
            ariokkon Ari Okkonen made changes -
            Description I am integrating the KeyRock authentication to POI-DP. It seems that I cannot use available libraries, so, I have to directly use the REST API. I

            In the document http://fiware-idm.readthedocs.org/en/latest/oauth2.html is the following entry:

            *Access Token Request*
            {code:java}
            POST /oauth2/token HTTP/1.1
            Host: account.lab.fiware.org
            Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
            Content-Type: application/x-www-form-urlencoded

            grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA
            &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcallback_url
            {code}
            The syntax is a little ambiguous, but I have guessed that the method should be *POST*,
            the URI should be
            {code:java}
            https://account.lab.fiware.org//oauth2/token
            {code}
            the headers should be
            {code:java}
            Authorization: Basic {color:red}czZCaGRSa3F0MzpnWDFmQmF0M2JW{color}
            Content-Type: application/x-www-form-urlencoded
            {code}
            and the body should be
            {code:java}
            grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA
            &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcallback_url
            {code}
            I also guess that the code in the body should be the one received in the Authorization Response, and the redirect_uri should be the one registered in the authentication server. However, I have not found what value should be in the Authorization header. I have got responses 400, 404, and 500 to my hacking experiments, but my imagination has exhausted.

            How exactly to formulate the Access Token Request to get that token?

            Possibly the documentation can be improved to avoid this kind of problems.

            (This problem blocks my Blocker issue [WEB-900].)


            		 I am integrating the KeyRock authentication to POI-DP. It seems that I cannot use available libraries, so, I have to directly use the REST API. I

            In the document http://fiware-idm.readthedocs.org/en/latest/oauth2.html is the following entry:

            *Access Token Request*
            {code:java}
            POST /oauth2/token HTTP/1.1
            Host: account.lab.fiware.org
            Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
            Content-Type: application/x-www-form-urlencoded

            grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA
            &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcallback_url
            {code}
            The syntax is a little ambiguous, but I have guessed that the method should be *POST*,
            the URI should be
            {code:java}
            https://account.lab.fiware.org/oauth2/token
            {code}
            the headers should be
            {code:java}
            Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
            Content-Type: application/x-www-form-urlencoded
            {code}
            and the body should be
            {code:java}
            grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA
            &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcallback_url
            {code}
            I also guess that the code in the body should be the one received in the Authorization Response, and the redirect_uri should be the one registered in the authentication server. However, I have not found what value should be in the Authorization header. I have got responses 400, 404, and 500 to my hacking experiments, but my imagination has exhausted.

            How exactly to formulate the Access Token Request to get that token?

            Possibly the documentation can be improved to avoid this kind of problems.

            (This problem blocks my Blocker issue [WEB-900].)
            ariokkon Ari Okkonen made changes -
            Field Original Value New Value
            Description I am integrating the KeyRock authentication to POI-DP. It seems that I cannot use available libraries, so, I have to directly use the REST API. I

            In the document http://fiware-idm.readthedocs.org/en/latest/oauth2.html is the following entry:

            *Access Token Request*
            {code:java}
            POST /oauth2/token HTTP/1.1
            Host: account.lab.fiware.org
            Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
            Content-Type: application/x-www-form-urlencoded

            grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA
            &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcallback_url
            {code}
            The syntax is a little ambiguous, but I have guessed that the method should be *POST*,
            the URI should be
            {code:java}
            https://account.lab.fiware.org//oauth2/token
            {code}
            the headers should be
            {code:java}
            Authorization: Basic {color:red}czZCaGRSa3F0MzpnWDFmQmF0M2JW{color}
            Content-Type: application/x-www-form-urlencoded
            {code}
            and the body should be
            {code:java}
            grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA
            &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcallback_url
            {code}
            I also guess that the code in the body should be the one received in the Authorization Response, and the redirect_uri should be the one registered in the authentication server. However, I have not found what value should be in the Authorization header. I have got responses 400, 404, and 500 to my hacking experiments, but my imagination has exhausted.

            How exactly to formulate the Access Token Request to get that token?

            Possibly the documentation can be improved to avoid this kind of problems.

            (This problem blocks my Blocker issue [WEB-900](https://jira.fiware.org/browse/WEB-900).)


            		 I am integrating the KeyRock authentication to POI-DP. It seems that I cannot use available libraries, so, I have to directly use the REST API. I

            In the document http://fiware-idm.readthedocs.org/en/latest/oauth2.html is the following entry:

            *Access Token Request*
            {code:java}
            POST /oauth2/token HTTP/1.1
            Host: account.lab.fiware.org
            Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
            Content-Type: application/x-www-form-urlencoded

            grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA
            &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcallback_url
            {code}
            The syntax is a little ambiguous, but I have guessed that the method should be *POST*,
            the URI should be
            {code:java}
            https://account.lab.fiware.org//oauth2/token
            {code}
            the headers should be
            {code:java}
            Authorization: Basic {color:red}czZCaGRSa3F0MzpnWDFmQmF0M2JW{color}
            Content-Type: application/x-www-form-urlencoded
            {code}
            and the body should be
            {code:java}
            grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA
            &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcallback_url
            {code}
            I also guess that the code in the body should be the one received in the Authorization Response, and the redirect_uri should be the one registered in the authentication server. However, I have not found what value should be in the Authorization header. I have got responses 400, 404, and 500 to my hacking experiments, but my imagination has exhausted.

            How exactly to formulate the Access Token Request to get that token?

            Possibly the documentation can be improved to avoid this kind of problems.

            (This problem blocks my Blocker issue [WEB-900].)
            ariokkon Ari Okkonen created issue -

              People

              • Assignee:
                aalonsog Alvaro Alonso
                Reporter:
                ariokkon Ari Okkonen
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: