You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
According to BOX provider documentation client_id and client_secret parameters should be included in body of the request when obtaining an access token, but in current implementation they are encoded as base64 and included in Authorization header. https://developer.box.com/reference/post-oauth2-token/
Solution is to override getClientAuthentication method in BoxApi20 class and return RequestBodyAuthenticationScheme.instance() from it.
Also BoxApi20 doesn't sign requests correctly. It should be switched to use BearerSignatureAuthorizationRequestHeaderField signature instead of using BearerSignatureURIQueryParameter. I guess for this, we just need to remove overriden getBearerSignature method from BoxApi20`.
According to BOX provider documentation
client_id
andclient_secret
parameters should be included in body of the request when obtaining an access token, but in current implementation they are encoded as base64 and included in Authorization header.https://developer.box.com/reference/post-oauth2-token/
Solution is to override
getClientAuthentication
method inBoxApi20
class and returnRequestBodyAuthenticationScheme.instance()
from it.Also BoxApi20 doesn't sign requests correctly. It should be switched to use
BearerSignatureAuthorizationRequestHeaderField
signature instead of usingBearerSignatureURIQueryParameter
. I guess for this, we just need to remove overridengetBearerSignature
method from BoxApi20`.Look at the example of API call
https://developer.box.com/reference/get-metadata-templates-enterprise-securityClassification-6VMVochwUWo-schema/
The text was updated successfully, but these errors were encountered: