login/logoff/enroll is not part of authz already
++
Corinne
On Jan 6, 2014, at 5:04 PM, Summers Pittman <supittma(a)redhat.com> wrote:
On 01/06/2014 10:48 AM, Corinne Krych wrote:
> Agreed. We could find a common way to treat both tokens and apply them.
> Make a proposal for android and I'll create a JIRA for iOS.
> this is at implementation level though and should not affect interfaces.
> Different interfaces still needed for auth and authz though.
True. But it may simplify both interfaces (like removing login/logoff/enroll from
authz)
>
> ++
> Corinne
> On Jan 6, 2014, at 4:39 PM, Summers Pittman <supittma(a)redhat.com> wrote:
>
>> On Mon 06 Jan 2014 10:36:32 AM EST, Corinne Krych wrote:
>>> Summers,
>>>
>>> Do you mean, should we refactor and treat authToken and accessTokens in a
similar way for the implementation of OAuth2?
>> Yes. That is what I am proposing.
>>
>>> ++
>>> Corinne
>>> On Jan 6, 2014, at 4:33 PM, Lucas Holmquist <lholmqui(a)redhat.com>
wrote:
>>>
>>>> On Jan 6, 2014, at 10:21 AM, Summers Pittman <supittma(a)redhat.com>
wrote:
>>>>
>>>>> So in JS land and iOS land we have or will soon have OAuth2
handling.
>>>>> To handle OAuth2 a new API was created, AGAuthorizationModule. I
>>>>> understand and agree with the separation of concerns between
>>>>> Authentication and Authorization, but I am worried that this
introduces
>>>>> two APIs now.
>>>>>
>>>>> Before Authz was added Authentication (login, logout, etc) and
>>>>> Authorization(here are my keys and permissions) were both handled by
>>>>> AGAuthenticationModules. With Authz now being a thing we should
>>>>> probably remove and deprecate the authz parts of the old
>>>>> AuthenticationModules.
>>>>>
>>>>> see iOS
>>>>>
https://github.com/aerogear/aerogear-ios/blob/master/AeroGear-iOS/AeroGea...
>>>>>
>>>>> see Android
>>>>>
https://github.com/aerogear/aerogear-android/blob/master/src/org/jboss/ae...
>>>>>
>>>>> see Javascript: I couldn't actually find this in javascript…
>>>> We didn't have authz in our auth stuff, so it made sense to create a
separate thing.
>>>>
>>>>> wdyt?
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> aerogear-dev mailing list
>>>>> aerogear-dev(a)lists.jboss.org
>>>>>
https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>>>
>>>> _______________________________________________
>>>> aerogear-dev mailing list
>>>> aerogear-dev(a)lists.jboss.org
>>>>
https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>>
>>> _______________________________________________
>>> aerogear-dev mailing list
>>> aerogear-dev(a)lists.jboss.org
>>>
https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>