Details

    • Type: Sub-Task
    • Status: Closed
    • Priority: Minor
    • Resolution: Completed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None

      Description

      Developer Implementation Details

      The original implementation is using CXF OAuth2 ResourceOwnerGrantHandler, please see http://cxf.apache.org/docs/jax-rs-oauth2.html

      In case Resource Owner Password grant is enabled com.liferay.oauth2.provider.rest.internal.endpoint.access.token.grant.handler.LiferayResourceOwnerAccessTokenGrantHandler
      publishes org.apache.cxf.rs.security.oauth2.grants.owner.ResourceOwnerGrantHandler together with com.liferay.oauth2.provider.rest.internal.endpoint.liferay.LiferayResourceOwnerLoginHandler that implements authentication through Liferay's com.liferay.portal.kernel.service.UserLocalService#authenticateBy* methods.

      Developer Flow Usage

      Access token endpoint details:

      • HTTP Method: POST
      • URL: /o/oauth2/token
      • Parameters:
        • grant_type must be set to password
        • client_id ... required parameter, corresponds to OAuth2 Application clientId
        • client_secret ... required parameter, corresponds to OAuth2 Application clientSecret
        • username ... user login as configured for the particular portal instance (email, screen name or userId)
        • password ... user password
      • Returns access token, refresh token (if enabled) and other attributes

      Example

      Let's suppose there is "Test OAuth2 Application" created in portal with

      • Client ID: resourceOwnerPasswordClient
      • Client secret: secret-2379fcc3-48f2-2ad2-3871-1bd246a73a2d
      • Allowed Grants:
        • Resource Owner Password Credentials
        • Refresh Token

      Remote client request:

      curl 'http://localhost:8080/o/oauth2/token' --data 'grant_type=password&client_id=resourceOwnerPasswordClient&client_secret=secret-2379fcc3-48f2-2ad2-3871-1bd246a73a2d&username=test@liferay.com&password=test'

      Server returns JSON with the tokens content:

      {"access_token":"b23e946ad8e78e622e2dd734ebcd8a3c834633d12d95a7b4b02e7876a47b29be","token_type":"Bearer","expires_in":600,"refresh_token":"fc43f84b64a9aff55ed573474d69a2db97ce49a5857dbd901f4b46b069f7d"}

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Packages

                  Version Package