[jboss-jira] [JBoss JIRA] (ELY-658) OAuth2 Resource Owner Password Credentials Callback
Pedro Igor (JIRA)
issues at jboss.org
Wed Oct 12 07:38:00 EDT 2016
[ https://issues.jboss.org/browse/ELY-658?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pedro Igor updated ELY-658:
---------------------------
Description:
We must be able to allow OAuth2 SASL clients to obtain tokens on behalf of an user using the Resource Owner Password Credentials Grant Type [1]. To do that we should provide a {{Callback}} that could be used to handle all the necessary logic related with this grant type.
This should also allow Elytron to support other grant types defined by OAuth2 in the future.
Configuration wise, we must be able to obtain the necessary configuration to integrate with an OAuth2/OpenID Connect identity provider. Where this configuration should be purely based on standard options such as those specified by OpenID Connect Discovery [2].
In fact, maybe we should change our current OAuth2 SASL Client and Servers to refer to OpenID Connect instead. As we are basically addressing authentication and that is what OpenID Connect really provides, differently than OAuth2 that is basically a authorization and delegation protocol.
[1] https://tools.ietf.org/html/rfc6749#page-9
[2] https://openid.net/specs/openid-connect-discovery-1_0.html
was:
We must be able to allow OAuth2 SASL clients to obtain tokens on behalf of an user using the Resource Owner Password Credentials Grant Type [1]. To do that we should provide a {{Callback}} that could be used to handle all the necessary logic related with grant type.
This should also allow Elytron to support other grant types defined by OAuth2 in the future.
Configuration wise, we must be able to obtain the necessary configuration to integrate with an OAuth2/OpenID Connect identity provider. Where this configuration should be purely based on standard options such as those specified by OpenID Connect Discovery [2].
In fact, maybe we should change our current OAuth2 SASL Client and Servers to refer to OpenID Connect instead. As we are basically addressing authentication and that is what OpenID Connect really provides, differently than OAuth2 that is basically a authorization and delegation protocol.
[1] https://tools.ietf.org/html/rfc6749#page-9
[2] https://openid.net/specs/openid-connect-discovery-1_0.html
> OAuth2 Resource Owner Password Credentials Callback
> ---------------------------------------------------
>
> Key: ELY-658
> URL: https://issues.jboss.org/browse/ELY-658
> Project: WildFly Elytron
> Issue Type: Feature Request
> Components: Callbacks
> Affects Versions: 1.1.0.Beta10
> Reporter: Pedro Igor
> Assignee: Pedro Igor
>
> We must be able to allow OAuth2 SASL clients to obtain tokens on behalf of an user using the Resource Owner Password Credentials Grant Type [1]. To do that we should provide a {{Callback}} that could be used to handle all the necessary logic related with this grant type.
> This should also allow Elytron to support other grant types defined by OAuth2 in the future.
> Configuration wise, we must be able to obtain the necessary configuration to integrate with an OAuth2/OpenID Connect identity provider. Where this configuration should be purely based on standard options such as those specified by OpenID Connect Discovery [2].
> In fact, maybe we should change our current OAuth2 SASL Client and Servers to refer to OpenID Connect instead. As we are basically addressing authentication and that is what OpenID Connect really provides, differently than OAuth2 that is basically a authorization and delegation protocol.
> [1] https://tools.ietf.org/html/rfc6749#page-9
> [2] https://openid.net/specs/openid-connect-discovery-1_0.html
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list