We should be able to get the DCR and Token Validation CFX interceptor from the APIM right ?
Regards, Dinusha. On Tue, Apr 5, 2016 at 12:35 PM, Rushmin Fernando <[email protected]> wrote: > Problem > ------------ > > The Store / Publisher ReST APIs in WSO2 App Manager are being re-written, > adopting Apache CXF. These APIs should be protected using OAuth > > Proposed Solution > ------------------------- > > (Please see the attached diagrams) > > *Dynamic Client Registration (DCR) and Token Management* > > There will be a web app (oauth-provide.war) which provides the following > functionalities. > > i) Dynamic client registration (DCR) > ii) Token management. (e.g. token generation, token revocation) > > > *Token Validation* > > A CFX interceptor will be engaged to the Store / Publisher ReST API > endpoints. This interceptor will handle token validation. > > > *Authorization* > > OAuth scopes will be used to manage authorization. The implementation will > be the same scopes implementation as the WSO2 API Manager ReST APIs [1] > > > Thanks > Rushmin > > [1] - > http://wso2.com/library/articles/2015/11/article-introducing-wso2-api-manager-new-rest-api-for-store-and-publisher-operations/ > > > > -- > *Rushmin Fernando* > *Technical Lead* > > WSO2 Inc. <http://wso2.com/> - Lean . Enterprise . Middleware > > email : [email protected] > mobile : +94772310855 > > > -- Dinusha Dilrukshi Associate Technical Lead WSO2 Inc.: http://wso2.com/ Mobile: +94725255071 Blog: http://dinushasblog.blogspot.com/
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
