Attaching a header to the Oauth Token endpoint responses

bandersen_hoodoo

28-07-2020

Hey there,

 

I'm trying to get AEM to append a content-type header to the response of /oauth/token, as the remote server posting a token is expecting the application/json type back. I'm currently trying to use filters to achieve this, and I can get a filter to activate on pretty much every request EXCEPT the /oauth/token endpoint. Is there a way I could get the filter to activate on that endpoint, or a better way to go about this? Thanks!

Accepted Solutions (1)

Accepted Solutions (1)

Jörg_Hoh

Employee

30-07-2020

Hi,

 

You should check if this /oauth/token request is handled by Sling or outside of Sling. If you already tried using a (Sling) Filter to modify the response, this servlet is probably registered outside of Sling. To check that please go to http://localhost:4502/system/console/httpservice and check if there's a servlet registered to /oauth/token. If yes, then you need to register you filter to the OSGI http whiteboard. And example for such a filter is https://github.com/apache/sling-org-apache-sling-i18n/blob/master/src/main/java/org/apache/sling/i18...

Answers (3)

Answers (3)

ChitraMadan

MVP

29-07-2020

Hi @bandersen_hoodoo,

 

I am not sure what is your end to end scenario, but I have used OAUTH in couple of integrations and we never had to modify the response of oauth/token endpoint for a successful communication.

 

You can go through couple of blogs below, these might help!!

https://labs.tadigital.com/index.php/2017/08/18/aem-as-oauth-server-part-1-setting-up-scopes/

https://labs.tadigital.com/index.php/2017/09/06/aem-as-oauth-server-part-2-testing-oauth/

 

If this doesn't help. Can you please explain your scenario in a bit detail.

 

Albin_Issac

MVP

31-07-2020

Another option to try if the request is routed via dispatcher(Apache) - Force the content-type from Apache

Enable the below configuration in your virtual host

<LocationMatch "^/oauth/token$">
   ForceType application/txt
</LocationMatch>

Arun_Patidar

MVP

30-07-2020

Yes, you can filter the request by using sling filters
e,g. filter will betriggered only for /libs/cq/i18n/dict.* paths.

 

@component(service = Filter.class, property = {
		Constants.SERVICE_DESCRIPTION + "= Filter incoming CRXDE requests and redirect to new home page",
		EngineConstants.SLING_FILTER_SCOPE + "=" + EngineConstants.FILTER_SCOPE_REQUEST,
		EngineConstants.SLING_FILTER_PATTERN + "=/libs/cq/i18n/dict.*",
		"sling.filter.methods=" + HttpConstants.METHOD_GET, //EngineConstants.SLING_FILTER_METHODS + "=" + HttpConstants.METHOD_GET,
		Constants.SERVICE_RANKING + "=-701"

})