Invalid X-Consumer-ID header value

Created on 22 February 2023, over 1 year ago

Updated 17 March 2023, over 1 year ago

Problem/Motivation

The SimpleOauthAuthenticationProvider sets the X-Consumer-ID header after a successful authentication.

However, the Provider uses the client id for the header value, but the Negotiator of the consumers module expects the X-Consumer-ID to be the UUID of the consumer entity.

This breaks implementations that rely on negotiating the current consumer from the current request after authenticating via simple_oauth.

Steps to reproduce

Successfully authenticate via simple_oauth and a consumer which is not marked as default
Negotiate the current consumer via the consumer.negotiator service
The negotiated consumer will always be the default consumer

This applies to the latest versions of simple_oauth (6.0.0-beta3) and consumers (1.16.0).

Proposed resolution

Use the consumer UUID for the X-Consumer-ID header value.

Remaining tasks

User interface changes

API changes

Data model changes

🐛 Bug report

Status

Closed: duplicate

Version

6.0

Component

Code

Created by

🇦🇹Austria chfoidl Salzburg

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @chfoidl
Comment over 1 year ago →
🇦🇹Austria chfoidl Salzburg
Comment over 1 year ago →
🇳🇱Netherlands bojan_dev
Thanks for sharing @chfoidl.

I do think we should move this issue to https://www.drupal.org/project/consumers → and address the negotiator to use the "client_id" instead of the "uuid". Otherwise we are moving backwards on the support for 3rd party clients on self hosted servers. For more info see:

https://www.drupal.org/project/consumers/issues/3310801 →

https://www.drupal.org/project/simple_oauth/issues/3167287 →
Status changed to Closed: duplicate over 1 year ago11:39am 17 March 2023
Comment over 1 year ago →
🇳🇱Netherlands bojan_dev
Moved issue to: https://www.drupal.org/project/consumers/issues/3348681 🐛 Invalid X-Consumer-ID header value Fixed

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024