[aerogear-dev] Auth Authz and OAuth
Christos Vasilakis
cvasilak at gmail.com
Wed Jan 15 08:21:26 EST 2014
On Jan 15, 2014, at 12:38 PM, Corinne Krych <corinnekrych at gmail.com> wrote:
> Hello Guys,
>
> Bringing back the subject of refactoring Auth and Authz
> I've actually refactor applyToken into on emethod which fits both authentication token and Oauth2 tokens
> See code in OAuth2 PR:
>
> https://github.com/corinnekrych/aerogear-ios/blob/e6d4a15daf172706199aa8f09b00cd31cce7712c/AeroGear-iOS/AeroGear-iOS/pipeline/AGRESTPipe.m#L307
>
> and when setting accessToken in exchange code for access token
> https://github.com/corinnekrych/aerogear-ios/blob/e6d4a15daf172706199aa8f09b00cd31cce7712c/AeroGear-iOS/AeroGear-iOS/security/Authorizer/AGRestAuthzModule.m#L128
>
> This way is less intrusive for AGRestPipe. wdyt?
makes perfectly sense +1
>
> ++
> Corinne
> On Jan 6, 2014, at 6:16 PM, Summers Pittman <supittma at redhat.com> wrote:
>
>> On Mon 06 Jan 2014 12:04:16 PM EST, Corinne Krych wrote:
>>> login/logoff/enroll is not part of authz already
>>
>> Oh, I misread your files this morning and this makes a lot more sense now. Note to self, don't review ObjC until I have had at least 3 cups of coffee.
>>
>>
>>
>>> ++
>>> Corinne
>>> On Jan 6, 2014, at 5:04 PM, Summers Pittman <supittma at redhat.com> wrote:
>>>
>>>> On 01/06/2014 10:48 AM, Corinne Krych wrote:
>>>>> Agreed. We could find a common way to treat both tokens and apply them.
>>>>> Make a proposal for android and I'll create a JIRA for iOS.
>>>>> this is at implementation level though and should not affect interfaces.
>>>>> Different interfaces still needed for auth and authz though.
>>>> True. But it may simplify both interfaces (like removing login/logoff/enroll from authz)
>>>>>
>>>>> ++
>>>>> Corinne
>>>>> On Jan 6, 2014, at 4:39 PM, Summers Pittman <supittma at redhat.com> wrote:
>>>>>
>>>>>> On Mon 06 Jan 2014 10:36:32 AM EST, Corinne Krych wrote:
>>>>>>> Summers,
>>>>>>>
>>>>>>> Do you mean, should we refactor and treat authToken and accessTokens in a similar way for the implementation of OAuth2?
>>>>>> Yes. That is what I am proposing.
>>>>>>
>>>>>>> ++
>>>>>>> Corinne
>>>>>>> On Jan 6, 2014, at 4:33 PM, Lucas Holmquist <lholmqui at redhat.com> wrote:
>>>>>>>
>>>>>>>> On Jan 6, 2014, at 10:21 AM, Summers Pittman <supittma at redhat.com> wrote:
>>>>>>>>
>>>>>>>>> So in JS land and iOS land we have or will soon have OAuth2 handling.
>>>>>>>>> To handle OAuth2 a new API was created, AGAuthorizationModule. I
>>>>>>>>> understand and agree with the separation of concerns between
>>>>>>>>> Authentication and Authorization, but I am worried that this introduces
>>>>>>>>> two APIs now.
>>>>>>>>>
>>>>>>>>> Before Authz was added Authentication (login, logout, etc) and
>>>>>>>>> Authorization(here are my keys and permissions) were both handled by
>>>>>>>>> AGAuthenticationModules. With Authz now being a thing we should
>>>>>>>>> probably remove and deprecate the authz parts of the old
>>>>>>>>> AuthenticationModules.
>>>>>>>>>
>>>>>>>>> see iOS
>>>>>>>>> https://github.com/aerogear/aerogear-ios/blob/master/AeroGear-iOS/AeroGear-iOS/pipeline/AGRESTPipe.m#L307
>>>>>>>>>
>>>>>>>>> see Android
>>>>>>>>> https://github.com/aerogear/aerogear-android/blob/master/src/org/jboss/aerogear/android/impl/pipeline/RestRunner.java#L319
>>>>>>>>>
>>>>>>>>> see Javascript: I couldn't actually find this in javascript…
>>>>>>>> We didn't have authz in our auth stuff, so it made sense to create a separate thing.
>>>>>>>>
>>>>>>>>> wdyt?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> aerogear-dev mailing list
>>>>>>>>> aerogear-dev at lists.jboss.org
>>>>>>>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> aerogear-dev mailing list
>>>>>>>> aerogear-dev at lists.jboss.org
>>>>>>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> aerogear-dev mailing list
>>>>>>> aerogear-dev at lists.jboss.org
>>>>>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>>>>>
>>>>
>>>
>>
>>
>
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
More information about the aerogear-dev
mailing list