locked
changing OAuth2 response, is it possible? RRS feed

  • Question

  • User-1175692115 posted

    my current oauth response is like

    {
              "access_token": "S5wFR-HXr1MJF94Z9Yda67v4vMD4...",
              "token_type": "bearer",
              "expires_in": 31535999,
              "memNo": 100000004,
              "api_type": "POST auth/token"
    }

    How can I change it like 

    {

              "Result": {
                        "access_token": "S5wFR-HXr1MJF94Z9Yda67v4vMD4...",
                        "token_type": "bearer",
                        "expires_in": 31535999,
                        "memNo": 100000004,
                        "api_type": "POST auth/token"
              }

    }

    I really want to handle the response but I don't know how?

    and

    when failed 

    I would like to modify the response too.

    Thursday, November 9, 2017 7:38 AM

Answers

  • User1168443798 posted

    Hi Gichan,

    >> for our team ios developer wants the result has some value in it, from which he can know what it is.

    For this requirement, we could try TokenEndpoint to add more fields on token response.

    Code

        public class ApplicationOAuthProvider : OAuthAuthorizationServerProvider
        {
            //rest code        
            public override Task TokenEndpoint(OAuthTokenEndpointContext context)
            {
                foreach (KeyValuePair<string, string> property in context.Properties.Dictionary)
                {
                    context.AdditionalResponseParameters.Add(property.Key, property.Value);
                }
                context.AdditionalResponseParameters.Add("token description", "IOS");
                return Task.FromResult<object>(null);
            }
    	//rest code 
        }

    Result

    {
    	"access_token":"xxx",
            "token_type":"bearer",
            "expires_in":1209599,
            "userName":"test@outlook.com",
            ".issued":"Fri, 10 Nov 2017 07:36:18 GMT",
            ".expires":"Fri, 24 Nov 2017 07:36:18 GMT",
            "token description":"IOS"
    }

    Best Regards,

    Edward

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, November 10, 2017 7:42 AM

All replies

  • User1168443798 posted

    Hi Gichan,

    >> changing OAuth2 response, is it possible?

    It is impossible. We could only add claims to OAuth response, and we could not and should not change Response object format. Successful Response follows The OAuth 2.0 Authorization Framework standards.

    We should change the client instead of the server which is standard. If you insist on changing at server side, you will need to check the source code of OAuth, and implement your own standards which is much complex, and change the client to read such response is much easier.

    Best Regards,

    Edward

    Friday, November 10, 2017 2:55 AM
  • User-1175692115 posted

    Oh Thank you. It's a standard.

    then how about adding value to response header?

    Why I am insisting on modifying oauth standard is

    for our team ios developer wants the result has some value in it, from which he can know what it is.

    it maybe sort of async issue. which I don't know why it's happenning. 

    whatever, I just want to help him whatever he wants.

    Friday, November 10, 2017 6:29 AM
  • User1168443798 posted

    Hi Gichan,

    >> for our team ios developer wants the result has some value in it, from which he can know what it is.

    For this requirement, we could try TokenEndpoint to add more fields on token response.

    Code

        public class ApplicationOAuthProvider : OAuthAuthorizationServerProvider
        {
            //rest code        
            public override Task TokenEndpoint(OAuthTokenEndpointContext context)
            {
                foreach (KeyValuePair<string, string> property in context.Properties.Dictionary)
                {
                    context.AdditionalResponseParameters.Add(property.Key, property.Value);
                }
                context.AdditionalResponseParameters.Add("token description", "IOS");
                return Task.FromResult<object>(null);
            }
    	//rest code 
        }

    Result

    {
    	"access_token":"xxx",
            "token_type":"bearer",
            "expires_in":1209599,
            "userName":"test@outlook.com",
            ".issued":"Fri, 10 Nov 2017 07:36:18 GMT",
            ".expires":"Fri, 24 Nov 2017 07:36:18 GMT",
            "token description":"IOS"
    }

    Best Regards,

    Edward

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, November 10, 2017 7:42 AM
  • User1404573039 posted

    Hi Gichan,

    Is there any issue with this thread? If not, I would suggest you mark the helpful reply as answer to close this thread.

    If this is, please feel free to let us know.

    Regards,

    Tony

    Wednesday, November 15, 2017 8:46 AM