Attaching a header to the Oauth Token endpoint responses

Avatar

Avatar

bandersen_hoodoo

Avatar

bandersen_hoodoo

bandersen_hoodoo

28-07-2020

Hey there,

 

I'm trying to get AEM to append a content-type header to the response of /oauth/token, as the remote server posting a token is expecting the application/json type back. I'm currently trying to use filters to achieve this, and I can get a filter to activate on pretty much every request EXCEPT the /oauth/token endpoint. Is there a way I could get the filter to activate on that endpoint, or a better way to go about this? Thanks!

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar

Jörg_Hoh

Employee

Total Posts

3.0K

Likes

910

Correct Answer

1.0K

Avatar

Jörg_Hoh

Employee

Total Posts

3.0K

Likes

910

Correct Answer

1.0K
Jörg_Hoh
Employee

30-07-2020

Hi,

 

You should check if this /oauth/token request is handled by Sling or outside of Sling. If you already tried using a (Sling) Filter to modify the response, this servlet is probably registered outside of Sling. To check that please go to http://localhost:4502/system/console/httpservice and check if there's a servlet registered to /oauth/token. If yes, then you need to register you filter to the OSGI http whiteboard. And example for such a filter is https://github.com/apache/sling-org-apache-sling-i18n/blob/master/src/main/java/org/apache/sling/i18...

Answers (3)

Answers (3)

Avatar

Avatar

ChitraMadan

MVP

Avatar

ChitraMadan

MVP

ChitraMadan
MVP

29-07-2020

Hi @bandersen_hoodoo,

 

I am not sure what is your end to end scenario, but I have used OAUTH in couple of integrations and we never had to modify the response of oauth/token endpoint for a successful communication.

 

You can go through couple of blogs below, these might help!!

https://labs.tadigital.com/index.php/2017/08/18/aem-as-oauth-server-part-1-setting-up-scopes/

https://labs.tadigital.com/index.php/2017/09/06/aem-as-oauth-server-part-2-testing-oauth/

 

If this doesn't help. Can you please explain your scenario in a bit detail.

 

Avatar

Avatar

Albin_Issac

MVP

Avatar

Albin_Issac

MVP

Albin_Issac
MVP

31-07-2020

Another option to try if the request is routed via dispatcher(Apache) - Force the content-type from Apache

Enable the below configuration in your virtual host

<LocationMatch "^/oauth/token$">
   ForceType application/txt
</LocationMatch>

Avatar

Avatar

Arun_Patidar

MVP

Total Posts

2.9K

Likes

1.0K

Correct Answer

831

Avatar

Arun_Patidar

MVP

Total Posts

2.9K

Likes

1.0K

Correct Answer

831
Arun_Patidar
MVP

30-07-2020

Yes, you can filter the request by using sling filters
e,g. filter will betriggered only for /libs/cq/i18n/dict.* paths.

 

@component(service = Filter.class, property = {
		Constants.SERVICE_DESCRIPTION + "= Filter incoming CRXDE requests and redirect to new home page",
		EngineConstants.SLING_FILTER_SCOPE + "=" + EngineConstants.FILTER_SCOPE_REQUEST,
		EngineConstants.SLING_FILTER_PATTERN + "=/libs/cq/i18n/dict.*",
		"sling.filter.methods=" + HttpConstants.METHOD_GET, //EngineConstants.SLING_FILTER_METHODS + "=" + HttpConstants.METHOD_GET,
		Constants.SERVICE_RANKING + "=-701"

})