aeneasr
commented
4 years ago I guess this is a dupe of https://github.com/ory/sdk/issues/18
Closed chapitos closed 2 years ago
aeneasr
commented
4 years ago I guess this is a dupe of https://github.com/ory/sdk/issues/18
sshuliar
commented
3 years ago I have secured Hydra Admin API with Nginx and basic authentication. And I'm trying to set basic authentication for sh.ory.hydra.ApiClient and use it for AdminApi (sh.ory.hydra.api) I have created ApiClient and set username and password for that It look that it is not used during calls to the Hydra Admin API
Can you suggest how to configure ApiClient to use basic authentication
aeneasr
commented
3 years ago I'm not a Java expert so I don't really know unfortunately. Is there not an option to set this in a config or something?
During ApiClient initialization two authentications are created: basic and oauth2. One can initialize basic auth by providing username and password. Both authentications are ignored during API call method execution, except for introspectOAuth2Token. For example: I have created ApiClient and AdminApi instances and provided username and password for basic auth. My Hydra is running behind an Nginx server, which provides basic auth. I want to get a token, so I call getOAuth2Client(TOKEN_ID). From this method the call eventually reaches getOAuth2ClientCall where an localVarAuthNames variable is initialized as an empty array. This in turn causes prompt loop exit in updateParamsForAuth (called in buildRequest), which should add the "Authorization" header to the request. It seems to me that this is a bug, since all the mechanisms are in place to configure basic auth in the calls towards hydra (ApiClient initialization, HttpBasicAuth.applyToParams, etc.). The problem is that the localVarAuthNames is hard coded initialized to an empty array, and this variable controls further flow.
Since Java code is generated, please let me know if I should create issue in the Hydra github repo.