This conversation has been locked due to inactivity. Please create a new post.
 
     
     
    
            
          
This conversation has been locked due to inactivity. Please create a new post.
          
        
Hey there,
I'm trying to get AEM to append a content-type header to the response of /oauth/token, as the remote server posting a token is expecting the application/json type back. I'm currently trying to use filters to achieve this, and I can get a filter to activate on pretty much every request EXCEPT the /oauth/token endpoint. Is there a way I could get the filter to activate on that endpoint, or a better way to go about this? Thanks!
Solved! Go to Solution.
Views
Replies
Total Likes
          
        
Hi,
You should check if this /oauth/token request is handled by Sling or outside of Sling. If you already tried using a (Sling) Filter to modify the response, this servlet is probably registered outside of Sling. To check that please go to http://localhost:4502/system/console/httpservice and check if there's a servlet registered to /oauth/token. If yes, then you need to register you filter to the OSGI http whiteboard. And example for such a filter is https://github.com/apache/sling-org-apache-sling-i18n/blob/master/src/main/java/org/apache/sling/i18...
          
        
I am not sure what is your end to end scenario, but I have used OAUTH in couple of integrations and we never had to modify the response of oauth/token endpoint for a successful communication.
You can go through couple of blogs below, these might help!!
https://labs.tadigital.com/index.php/2017/08/18/aem-as-oauth-server-part-1-setting-up-scopes/
https://labs.tadigital.com/index.php/2017/09/06/aem-as-oauth-server-part-2-testing-oauth/
If this doesn't help. Can you please explain your scenario in a bit detail.
          
        
Hi @ChitraMadan ,
I'm currently interfacing with a pre-built solution on the other side. When we send the final token response back in AEM after they POST to /oauth/token, we aren't sending any information on the response about the formatting, so the other side casts it to an octet-stream, which causes it to break as it is expecting application/json. I just need to add on that information so that the server on the other side reads the data correctly. If there's no good solution for this, we could ask our vendor to fix it, but that would be much more time consuming than filtering a header onto the response.
Views
Replies
Total Likes
          
        
Yes, you can filter the request by using sling filters
e,g. filter will betriggered only for /libs/cq/i18n/dict.* paths.
@component(service = Filter.class, property = {
		Constants.SERVICE_DESCRIPTION + "= Filter incoming CRXDE requests and redirect to new home page",
		EngineConstants.SLING_FILTER_SCOPE + "=" + EngineConstants.FILTER_SCOPE_REQUEST,
		EngineConstants.SLING_FILTER_PATTERN + "=/libs/cq/i18n/dict.*",
		"sling.filter.methods=" + HttpConstants.METHOD_GET, //EngineConstants.SLING_FILTER_METHODS + "=" + HttpConstants.METHOD_GET,
		Constants.SERVICE_RANKING + "=-701"
})
          
        
Hi,
You should check if this /oauth/token request is handled by Sling or outside of Sling. If you already tried using a (Sling) Filter to modify the response, this servlet is probably registered outside of Sling. To check that please go to http://localhost:4502/system/console/httpservice and check if there's a servlet registered to /oauth/token. If yes, then you need to register you filter to the OSGI http whiteboard. And example for such a filter is https://github.com/apache/sling-org-apache-sling-i18n/blob/master/src/main/java/org/apache/sling/i18...
          
        
Another option to try if the request is routed via dispatcher(Apache) - Force the content-type from Apache
Enable the below configuration in your virtual host
<LocationMatch "^/oauth/token$">
   ForceType application/txt
</LocationMatch>
 
					
				
				
			
		
Views
Likes
Replies
Views
Likes
Replies