Hi Buddhima, Please see my answers in line
Best Regards, Vanji On Tue, Mar 3, 2015 at 8:34 PM, Buddhima Wijeweera <[email protected]> wrote: > Hi All, > > This is regarding OAuth token expiration and using Refresh Token for > updating the Access Token. > > *Problem:* > This problem currently emerged from ESB Connectors. After configuring a > connector according to documentation, it works fine for certain time and > become not usable. > > *Reason:* > Within the init of a connector we provide an Access Token. That Access > Token will have an expiration time. So after expiration time, the connector > will not be usable. > > *Explanation:* > After a successful OAuth flow we receive an Access Token & a Refresh Token > from the service. But within the current implementation of connectors the > Refresh Token is not being used. According to OAuth 2 Authorization > Framework Spec. (RFC 6749), at section "Refreshing an Access Token" > following type of request can be used to obtain a new Access Token. > > POST /token HTTP/1.1 > Host: server.example.com > Authorization: Basic czZCaGRSa3FppppnWDFmQmF0M2JW > Content-Type: application/x-www-form-urlencoded > > grant_type=refresh_token&refresh_token=tGzv3JOkF0XG5Qx2TlKWIA > > > > Also, it is noted that server MAY issue a new Refresh token in the > response and client should renew the Refresh Token too. > > Since refreshing Access Token implementation is not in connector > implementation, connectors will not be usable for long running production > environment. > Your concern is 100% correct and we have already taken this into consider after our first released of the connectors. The most of the connectors that are implemented in recent past contain the Oauth flow. If you can point out the connectors that need to be improve. That would be helpful us to prioritize development process. > > So, your thoughts on this would be highly appreciated. > > Thank you! > > -- > Buddhima Wijeweera > Software Engineer; WSO2 Inc.; http://wso2.com , > > Mobile: +94 71 427 9966 > Email: [email protected] > Blog: https://buddhimawijeweera.wordpress.com > GitHub Profile: https://github.com/Buddhima > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Sivajothy Vanjikumaran *Senior Software Engineer* *Integration Technologies Team* *WSO2 Inc. http://wso2.com <http://wso2.com/>* *Mobile:(+94)777219209* [image: Facebook] <https://www.facebook.com/vanjikumaran> [image: Twitter] <https://twitter.com/vanjikumaran> [image: LinkedIn] <http://www.linkedin.com/pub/vanjikumaran-sivajothy/25/b31/293> [image: Blogger] <http://vanjikumaran.blogspot.com/> [image: SlideShare] <http://www.slideshare.net/vanjikumaran> This communication may contain privileged or other confidential information and is intended exclusively for the addressee/s. If you are not the intended recipient/s, or believe that you may have received this communication in error, please reply to the sender indicating that fact and delete the copy you received and in addition, you should not print, copy, re-transmit, disseminate, or otherwise use the information contained in this communication. Internet communications cannot be guaranteed to be timely, secure, error or virus-free. The sender does not accept liability for any errors or omissions
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
