search

restlet / restlet-framework-java

The first REST API framework for Java
https://restlet.talend.com
Other
654 stars 284 forks source link

Redirect from oauth service striping headers & cookies #1368

Open ngigiwaithaka opened 4 years ago

ngigiwaithaka commented 4 years ago

Hi,

Is there a way to redirect the headers received from a callback originating from a OAuth Server?

I have tried basic redirection, and also using ReDirector + Extractor, but they all strip away the headers & cookies as they redirect....

I have resorted to encoding the same as query values. Is there a better and more secure way than below?

Redirector redirector = new Redirector(getContext(), "", Redirector.MODE_CLIENT_TEMPORARY) { 

            @Override
            public void handle(Request request, Response response) {
                final String identifier = request.getAttributes().get("identifier").toString();
                final String accessToken = request.getAttributes().get("accessToken").toString();

                //request.getCookies().add("identifier", identifier);
                final String redirectUri = request.getResourceRef().getQueryAsForm().getFirstValue("redirectUri");

                final Reference reference = new Reference(redirectUri);
                reference.addQueryParameter("identifier", identifier);
                reference.addQueryParameter("accessToken", accessToken);
                setTargetTemplate(reference.getIdentifier());

                super.handle(request, response);
            }
        };
cyberquarks commented 3 years ago

@ngigiwaithaka you may be interested in joining the "Unofficial Restlet Community" https://gitter.im/restlet-framework/community?utm_source=share-link&utm_medium=link&utm_campaign=share-link