Comments (8)
For endpoints that create data you need to provide an extra parameter when you create the client credentials of username=<valid nomis user>
.
from prison-api.
This one and these other two...
- Fix o.s.d.DataIntegrityViolationException in
/api/offenders/
- Fix the build/config so that running locally on Windows 'Just Works'
...Will be what I would like to pick your brains on @petergphillips @andymarke, whenever we get a chance to talk off line.
from prison-api.
Thank you @petergphillips,
"...For endpoints that create data you need to provide an extra parameter when you create the client credentials of
username=<valid nomis user>
..."
I will give that a shot in a few.
I guess that's an example of what they call "Implicit Knowledge" (aka, "Tribal Knowledge"). Right? Because I haven't seen that documented anywhere. And I've read a ton of stuff so far about several different HMPPS/MOJ/DPS projects.
Please correct me if I'm wrong though. Please point me to the documentation of that, that I overlooked? TIA.
from prison-api.
"...
<valid nomis user>
..."
I will proceed on the assumption that "ITAG_USER" is one such <valid nomis user>
.
Or can you share any shortcuts to getting a hold of a known <valid nomis user>
@petergphillips ? It might be valuable to share that here; on the off chance that other future non-DPS devs stumble across this same issue. TIA.
from prison-api.
"...
<valid nomis user>
..."I will proceed on the assumption that "ITAG_USER" is one such
<valid nomis user>
...
Dear "other future non-DPS devs",
I am pleased to report that "ITAG_USER" is, indeed, one such <valid nomis user>
:)
I confirmed that, @petergphillips, with two curl
calls from the command line...
- Appending
username=<valid nomis user>
to the token request tohmpps-auth
- Calling the
/api/offenders/{offenderId}/booking
endpoint with that access token
Now that leaves only the Spring Security OAuth 2.0 client credentials configuration so that it does those two things on my behalf, under the covers. Right @petergphillips?
If you could share any shortcuts for (or even better, links to documentation of) that configuration, that'd be so super deluxe! TIA.
from prison-api.
...Now that leaves only the Spring Security OAuth 2.0 client credentials configuration so that it does those two things on my behalf, under the covers. Right @petergphillips?...
The Customizing the Access Token Request section of the Spring Security OAuth 2.0 reference documentation offers some pretty decent guidance.
I'm reasonably certain as far as the "What" needs to be customized goes. My first stab at the specifics (i.e., the "How") still needs a little more work though.
In the meantime, any links to hints, tips or suggestions are welcome @petergphillips. TIA.
from prison-api.
...
...My first stab at the specifics (i.e., the "How") still needs a little more work though...
I've worked out a now-working configuration @petergphillips. I found the missing piece of the puzzle in the Spring Security JavaDoc...
...
Use OAuth2AuthorizedClientArgumentResolver(OAuth2AuthorizedClientManager) instead. Create an instance of ClientCredentialsOAuth2AuthorizedClientProvider configured with a DefaultClientCredentialsTokenResponseClient (or a custom one) and than supply it to DefaultOAuth2AuthorizedClientManager
...
The Spring Security OAuth 2.0 configuration I now have in place, now programmatically does the needful "...provide an extra parameter when you create the client credentials of username=<valid nomis user>
" step.
Thanks again for sharing that username=<valid nomis user>
clue 👍
from prison-api.
Sorry for the delay. An example of where we configure the web client to add the username
can be found in WebClientConfiguration and the code for the converter is CustomOAuth2ClientCredentialsGrantRequestEntityConverter
from prison-api.
Related Issues (8)
- A branch protection setting is not enabled: codeowners require reviews
- mahseen
- User access removed, access is now via a team
- User access removed, access is now via a team
- Where is hmpps-auth being set as the Authorization Server? HOT 1
- Explicitly define the prison-api project's Open Source Contribution policy HOT 3
- Fix o.s.d.DataIntegrityViolationException in /api/offenders/
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from prison-api.