[JBoss JIRA] (ELY-658) OAuth2 Resource Owner Password Credentials CallbackHandler

Wednesday, 19 October 2016

     [
https://issues.jboss.org/browse/ELY-658?page=com.atlassian.jira.plugin.sy...
]

Pedro Igor updated ELY-658:
---------------------------
    Description: 
We must be able to allow OAuth2 SASL clients to obtain tokens on behalf of an user using
the Resource Owner Password Credentials Grant Type [1]. To do that we should provide a
{{CallbackHandler}} that could be used to handle all the necessary logic related with this
grant type.

This should also allow Elytron to support other grant types defined by OAuth2 in the
future.

Configuration wise, we must be able to obtain the necessary configuration to integrate
with an OAuth2/OpenID Connect identity provider. Where this configuration should be purely
based on standard options such as those specified by OpenID Connect Discovery [2].

In fact, maybe we should change our current OAuth2 SASL Client and Servers to refer to
OpenID Connect instead. As we are basically addressing authentication and that is what
OpenID Connect really provides, differently than OAuth2 that is basically a authorization
and delegation protocol.

[1] https://tools.ietf.org/html/rfc6749#page-9
[2] https://openid.net/specs/openid-connect-discovery-1_0.html

  was:
We must be able to allow OAuth2 SASL clients to obtain tokens on behalf of an user using
the Resource Owner Password Credentials Grant Type [1]. To do that we should provide a
{{Callback}} that could be used to handle all the necessary logic related with this grant
type.

This should also allow Elytron to support other grant types defined by OAuth2 in the
future.

Configuration wise, we must be able to obtain the necessary configuration to integrate
with an OAuth2/OpenID Connect identity provider. Where this configuration should be purely
based on standard options such as those specified by OpenID Connect Discovery [2].

In fact, maybe we should change our current OAuth2 SASL Client and Servers to refer to
OpenID Connect instead. As we are basically addressing authentication and that is what
OpenID Connect really provides, differently than OAuth2 that is basically a authorization
and delegation protocol.

[1] https://tools.ietf.org/html/rfc6749#page-9
[2] https://openid.net/specs/openid-connect-discovery-1_0.html

...
 OAuth2 Resource Owner Password Credentials CallbackHandler
 ----------------------------------------------------------

                 Key: ELY-658
                 URL: https://issues.jboss.org/browse/ELY-658
             Project: WildFly Elytron
          Issue Type: Feature Request
          Components: Callbacks
    Affects Versions: 1.1.0.Beta10
            Reporter: Pedro Igor
            Assignee: Pedro Igor

 We must be able to allow OAuth2 SASL clients to obtain tokens on behalf of an user using
the Resource Owner Password Credentials Grant Type [1]. To do that we should provide a
{{CallbackHandler}} that could be used to handle all the necessary logic related with this
grant type.
 This should also allow Elytron to support other grant types defined by OAuth2 in the
future.
 Configuration wise, we must be able to obtain the necessary configuration to integrate
with an OAuth2/OpenID Connect identity provider. Where this configuration should be purely
based on standard options such as those specified by OpenID Connect Discovery [2].
 In fact, maybe we should change our current OAuth2 SASL Client and Servers to refer to
OpenID Connect instead. As we are basically addressing authentication and that is what
OpenID Connect really provides, differently than OAuth2 that is basically a authorization
and delegation protocol.
 [1] https://tools.ietf.org/html/rfc6749#page-9
 [2] https://openid.net/specs/openid-connect-discovery-1_0.html 

--
This message was sent by Atlassian JIRA
(v6.4.11#64026)

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006