users@jersey.java.net

[Jersey] Oauth1 Client API

From: Stefan Bienk <stefan.bienk_at_ur.de>
Date: Fri, 20 Mar 2015 18:38:53 +0100

Dear Jersey-Team,

for academic purposes I'm tring to implement a web app acting as Oauth1
consumer. To this aim, I'm trying to use the Jersey 2.17 oauth client
framework in the standard
fashion proposed in the user guide:

/ConsumerCredentials consumerCredentials = new
ConsumerCredentials(ckey,csecret);//
// OAuth1AuthorizationFlow authFlow =
OAuth1ClientSupport.builder(consumerCredentials)//
// .authorizationFlow(//
// requUrl,//
// accUrl,//
// authUrl)//
// .callbackUri(callbackUrl)//
// .build();//
////
// String redirUrl=authFlow.start();/

       etc,etc.,...

*My question: Is there a simple way to pass an additional parameter
(e.g. header entry in the request made in **/authFlow.start()/**) to the
PROVIDER service point**
**delivering request token/secrets?* The mentioned parameter serves for
specifying the access rights being requested; this should be a very
common issue, as one
usually wants more options then granting all rights or any rights at all
to an application.

Despite that, I have found hardly anything about this topic on the web.
There is one sugggestion using reflection to access private fields of
/OAuthAuthorizationFlowImpl/,
but this is certainly not a clean solution.
I could think of a rather complex solution using a shared look up table,
where request tokens are mapped to associated parameter/value pairs
before calling /authFlow.start()/ .
This table could then be assessed by a filter, which could add the
entries to headers of outgoing requests to the mentioned //PROVIDER
service point (delivering request token/secrets).

But this seems a little bit too complex for such a simple task and I
would therefore be very grateful for your support!


Best regards (and many thanks in advance)

Stefan Bienk