You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
According to BOX provider documentation client_id and client_secret parameters should be included in body of the request when obtaining an access token, but in current implementation they are encoded as base64 and included in Authorization header. https://developer.box.com/reference/post-oauth2-token/
Solution is to override getClientAuthentication method in BoxApi20 class and return RequestBodyAuthenticationScheme.instance() from it.
Also BoxApi20 doesn't sign requests correctly. It should be switched to use BearerSignatureAuthorizationRequestHeaderField signature instead of using BearerSignatureURIQueryParameter. I guess for this, we just need to remove overriden getBearerSignature method from BoxApi20`.
According to BOX provider documentation
client_idandclient_secretparameters should be included in body of the request when obtaining an access token, but in current implementation they are encoded as base64 and included in Authorization header.https://developer.box.com/reference/post-oauth2-token/
Solution is to override
getClientAuthenticationmethod inBoxApi20class and returnRequestBodyAuthenticationScheme.instance()from it.Also BoxApi20 doesn't sign requests correctly. It should be switched to use
BearerSignatureAuthorizationRequestHeaderFieldsignature instead of usingBearerSignatureURIQueryParameter. I guess for this, we just need to remove overridengetBearerSignaturemethod from BoxApi20`.Look at the example of API call
https://developer.box.com/reference/get-metadata-templates-enterprise-securityClassification-6VMVochwUWo-schema/
The text was updated successfully, but these errors were encountered: