community-app icon indicating copy to clipboard operation
community-app copied to clipboard
verified publisher icon openMF

/api/oauth/token must POST secrets as x-www-form-urlencoded body instead of in URL parameters

Open vorburger opened this issue 5 years ago • 5 comments

As per https://issues.apache.org/jira/browse/FINERACT-629,

though shall kindly change https://github.com/openMF/community-app/blob/develop/app/scripts/services/AuthenticationService.js#L69,

to instead of httpService.post( "/fineract-provider/api/oauth/token?username=" + credentials.username + "&password=" + credentials.password +"&client_id=community-app&grant_type=password&client_secret=123") pass all these arguments as x-www-form-urlencoded body instead of in URL parameters,

as shown in the example in https://issues.apache.org/jira/browse/FINERACT-1145.

@edcable will you make sure this gets done ASAP?

vorburger avatar Sep 10 '20 21:09 vorburger

https://github.com/apache/fineract/pull/1320/files probably illustrates best what actually needs to be changed how (I understand this proejct doesn't use JQuery to invoke the REST API, but you get the idea and should be able to do the equivalent).

vorburger avatar Sep 10 '20 22:09 vorburger

@vorburger is this issue still open for contribution? If yes, could you please assign it to me, I would like to work on it. Thanks!

sankha555 avatar Jan 18 '21 06:01 sankha555

@sankha555 I think so (but I'm not an active maintainer on this project myself). You should be able to self assign the issue? You can go ahead and raise a PR.

vorburger avatar Jan 18 '21 09:01 vorburger

@sankha555 I can't assign you the issue either, it looks like Assignee has to be a Committer.. doesn't matter, just go ahead.

vorburger avatar Jan 18 '21 09:01 vorburger

@vorburger sure, I'll start working on it. Thanks!

sankha555 avatar Jan 18 '21 09:01 sankha555