Re: [lyo-dev] Problem with OpenId Login

["Jim Amsden" <jamsden@xxxxxxxxxx>]

I've added the fix,
thank you. 

For the new oslc4j-client,
you would configure the ClientBuilder to use BasicAuthenticator , not JEEFormAuthenticator.
oslc4j-client does not attempt to discover the authentication provided
by the server. This would need further development. It may be possible
to register multiple authenticators in the ClientBuilder, but I have not
tried this.


Jim Amsden, Senior
Technical Staff Member
OSLC and Linked Lifecycle
Data
919-525-6575




From:
       "Matthias
Buettgen" <Matthias.Buettgen@xxxxxxxxxx>
To:
       lyo-dev@xxxxxxxxxxx
Date:
       03/22/2019
04:38 PM
Subject:
       [lyo-dev]
Problem with OpenId Login
Sent
by:        lyo-dev-bounces@xxxxxxxxxxx

---

Hi developers,
 
I recently had to connect
to a Jazz.net environmet which uses the Jazz Authorization Service (JAS).
Unfortunately even though it should have been fixed (see this bug https://bugs.eclipse.org/bugs/show_bug.cgi?id=502182)
the authentication wasn't possible. After verifying the JazzFormAuthClient
I identified the error and fixed it on my own. Find below my fix to the
issue.
 
// Check to see if
the response is from a Jazz Authorization Server that supports OIDC.
// In CLM 6.x, the JAS supports Basic auth to be compatible with earlier
releases.
// If we're talking to a JAS that supports OIDC, re-do the request with
a Basic auth header to gain access.
if (HttpStatus.SC_UNAUTHORIZED == statusCode) { // this might be a JSA
server.
    if (true == handleJsaServer()) {
        // Re-do the original request using Basic auth,
starting at the last authorization redirect.
        authenticatedIdentity = new HttpGet(lastRedirectResponse.getFirstHeader(JAZZ_JSA_REDIRECT_HEADER).getValue()
+ "&prompt=none");
        String credentials = new String(user + ":"
+ password);
        authenticatedIdentity.setHeader("Authorization",
"Basic " + Base64.encode(credentials.getBytes("UTF-8")));
        resp = httpClient.execute(authenticatedIdentity);
        statusCode = resp.getStatusLine().getStatusCode();
        EntityUtils.consume(resp.getEntity());  
     
        statusCode = followRedirects(statusCode, getHeader(resp,"Location"));
        // add this statement to enable the usage
of JAS
        // otherwise the code proceed with the form-based
authentication which doesn't
        // work in a JAS environment
        return statusCode;        
       
    }
}
 
It would be great if
you could fix it for the existing Lyo Releases.
 
Thanks and best regards
Matthias
Mit freundlichen Grüßen
/ kind regards,
 
Mathias Buettgen
IT Specialist 
IBM Watson Internet
of Things
IBM Software Services
http://www.ibm.com/iot
-------------------------------------------
IBM Deutschland
Sittarder Straße 31
52078 Aachen 
Phone:
49-162-1065044
E-mail:
matthias.buettgen@xxxxxxxxxx
-------------------------------------------
IBM Deutschland GmbH / Vorsitzender des Aufsichtsrats: Martin Jetter
Geschäftsführung: Martina Koederitz (Vorsitzende), Dr. Christian Keller,
Ivo Koerner, Nicole Reimer, Gregor Pillen, Dieter Scholz
Sitz der Gesellschaft: Ehningen / Registergericht: Amtsgericht Stuttgart,
HRB 14562 / WEEE-Reg.-Nr. DE 99369940
_______________________________________________
lyo-dev mailing list
lyo-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe
from this list, visit
https://www.eclipse.org/mailman/listinfo/lyo-dev