FAQ
Frequently Asked Questions
- You need to first instantiate a SOFA object with the authorization server and the authorization scope.
- The application then calls the appropriate
authenticateWithXxx()
method based on the desired OAuth 2.0 authentication method (grant type). - From then on, the application can get a valid access token anytime thru
getAccessToken()
or a ready-to-use HTTP authorization header withgetHttpAuthorizationHeader()
. If the access token has expired in the meantime, SOFA will transparently call the authorization server again for a refreshed or a new token based on the used grant type. - The HTTP authorization header with the access token must then be added to each HTTP request sent to the server holding the protected resource.
- Only one additional library (
org.json.JSONObject
) is used to parse the returned JSON data from the authorization server. The required class is included in the distribution package.
- No, SOFA uses the standard Java Logger class which was not affected by this vulnerability.
- Support is provided on best-effort basis. You may contact the author thru email at [email protected]. Please describe your problem as detailed as possible and include the debugging log whenever possible. Note that the log does not include any confidential data.
Last modified 1yr ago