AJAX call how to pass (-vu clientapp:123456)

Question

AJAX call how to pass (-vu clientapp:123456)

dkakollu opened this issue 9 years ago · comments

HI Roy,

Thank you for spring-rest-service-oauth.

I have small issue when I try to run with curl command its working fine no issues, but when we try to
run with AJAX call how to pass (-vu clientapp:123456), without -vu clientapp:123456 I am getting "Full authentication is required to access this resource", please could you suggest me on this.

I am trying with swagger also, for principal parameter I am passing clientapp:123456, but an getting the same error "Full authentication is required to access this resource".

Thank you

Regards
-Durga K

Karthik Srinivasan · Answer 1 · Wed Jun 17 2015 19:27:57 GMT+0800 (China Standard Time)

Instead of clientapp:123456, you should set Authorization header to your ajax call.

It will look something like this.
Authorization = Bearer

dkakollu · Answer 2 · Wed Jun 17 2015 23:23:04 GMT+0800 (China Standard Time)

Hi Karthik Srinivasan,

Thank you for response, but not working.

when I ran with curl command:

curl -X POST -vu clientapp:123456 http://localhost:8080/oauth/token -H "Accept: application/json" -d "password=admin&username=admin&grant_type=password&scope=read%20write&client_secret=123456&client_id=clientapp"

with out passing -vu clientapp:123456 on curl also I am getting same error "
"Full authentication is required to access this resource".

Thank you

Regards
-Durga K.

Roy Clarkson · Answer 3 · Thu Jun 18 2015 00:35:25 GMT+0800 (China Standard Time)

This is just standard OAuth 2 flows illustrating a password grant (based on HTTP Basic auth). There are different types of OAuth 2 flows. Regardless of the client technology and language, you'll need to construct the HTTP requests in a similar manner. See this test as an example.

Roy Clarkson · Answer 4 · Thu Jun 18 2015 00:40:44 GMT+0800 (China Standard Time)

the -u curl parameter is simply a shortcut for setting the auth header in the request

-u, --user <user:password>
              Specify the user name and password to use for server authentication. Overrides -n, --netrc and --netrc-optional.

              If you simply specify the user name, curl will prompt for a password.

              The  user  name  and  passwords are split up on the first colon, which makes it impossible to use a colon in the user name with
              this option. The password can, still.

              If you use an SSPI-enabled curl binary and perform NTLM authentication, you can force curl to select the user name and password
              from your environment by specifying a single colon with this option: "-u :".

              If this option is used several times, the last one will be used.

Karthik Srinivasan · Answer 5 · Thu Jun 18 2015 00:51:21 GMT+0800 (China Standard Time)

curl -X POST http://localhost:8080/oauth/token -H "Accept: application/json" -H "Authorization: Basic Y2xpZW50YXBwOjEyMzQ1Ng==" -d "password=admin&username=admin&grant_type=password&scope=read%20write&client_secret=123456&client_id=clientapp"

This may work

Hector Oliveros · Answer 6 · Wed Apr 20 2016 11:09:32 GMT+0800 (China Standard Time)

Hi, What does Y2xpZW50YXBwOjEyMzQ1Ng == ?

Bee · Answer 7 · Tue May 10 2016 12:46:24 GMT+0800 (China Standard Time)

Hi, What does Y2xpZW50YXBwOjEyMzQ1Ng == ?
=> This is String authorization = "Basic " + new String(Base64Utils.encode("clientapp:123456".getBytes()));

I have tried many way but unsucceed. I have problem with "-vu clientapp:123456". I run unit test "greetingAuthorized" is ok.
What is "clientapp:123456" and how to use? (I have read the " royclarkson commented on Jun 17, 2015" but not clearly)