Hi all, PR #69 <https://github.com/openid/AppAuth-JS/pull/69> was sent to OpenID Foundation's (OIDF) AppAuth-JS code to fix a bug and it was closed saying the PR code will be unnecessary because of the future intended code changes. But this bug is an blocking issue for the OIDC flow. Thus further discussion was carried out and CLA (Contribution License Agreement) was filled and sent to get our code fixes merged.
Further approach changes discussed internally is to have 3 libraries as extensions to the AppAuth-JS to have OIDC logout, PKCE and userInfo. This may be given to OIDF. Currently coding for these 3 libraries are done in the wso2is-client wrapper app, and in future we have to get that coding in to those 3 libraries. Once OIDF contributor membership is taken we will follow up on this. On Fri, Aug 10, 2018 at 10:47 AM, Chinthaka Senanayaka <[email protected]> wrote: > + Sagara, Ruwan and Rohan > > Sorry, your reply's text is not clear and it shows one line on top of > another line. May be a Gmail bug. > > Answer to your question: We will not continue editing AppAuth-JS lib. Thus > we will have an extension library to AppAuth-JS with logout, PKCE, userInfo > functionalities. But this is subjected to discussion because maintenance of > this extension library is also a concern. > > > On Fri, Aug 10, 2018 at 9:57 AM, Chinthaka Senanayaka <[email protected] > > wrote: > >> Hi Dakshika, >> >> Yes, as per them even logout and most of the other parts of OIDC spec are >> not in their architectural roadmap. >> >> On Thu, Aug 9, 2018 at 11:52 PM, Dakshika Jayathilaka <[email protected]> >> wrote: >> >>> Hi Chinthaka, >>> >>> Seems AppAuth-JS closed the PR without merging. >>> >>> https://github.com/openid/AppAuth-JS/pull/67#issuecomment-411537622 >>> >>> >>> >>> >>> >>> Is that possible to implement without forking the base lib? >>> >>> Regards, >>> >>> *Dakshika Jayathilaka* >>> PMC Member & Committer of Apache Stratos >>> Associate Technical Lead >>> WSO2, Inc. >>> lean.enterprise.middleware >>> 0771100911 >>> >>> >>> On Mon, Jul 30, 2018 at 2:29 PM Chinthaka Senanayaka < >>> [email protected]> wrote: >>> >>>> Hi all, >>>> >>>> I am writing a wrapper library (JS node module) to hide complexities of >>>> integrating public client apps with OIDC flows (implicit and auth with >>>> PKCE) with WSO2 IS. >>>> >>>> We selected AppAuth-JS library <https://github.com/openid/AppAuth-JS> >>>> as base OIDC library and will wrap this with our library (named as >>>> wso2is-client). And this is the only library we could find which supports >>>> implicit and PKCE flows in a maintainable way. >>>> >>>> Below sequence diagrams depict our approach. >>>> >>>> >>>> >>>> With this, we can give the public client app developer an easy way to >>>> integrate with WSO2 IS OIDC flows. >>>> >>>> Limitations of the AppAuth-Js library: >>>> 1. For now we will use browser redirection based authentication only >>>> since AppAuth-JS library supports only that (no popup and iframe >>>> approaches). >>>> 2. At the same time, AppAuth-JS library uses Jquery base Ajax requests. >>>> Thus we have to follow that as well. >>>> >>>> Besides, we will send a PR to Google's AppAuth-JS library >>>> <https://github.com/openid/AppAuth-JS> with some supporting features >>>> and our library code PR will also be available for review. And we welcome >>>> for any improvement points made by you in architecture level as well as >>>> coding level. >>>> >>>> Anyway, if you have any comments for us to improve, please reply. >>>> >>>> Furthermore, there will be some sample apps to show how to integrate >>>> wso2is-client node module library and documentations as well. >>>> >>>> -- >>>> Thanks, >>>> Chinthaka Senanayaka >>>> Technical Lead - Engineering | WSO2 >>>> >>>> Email: [email protected] >>>> Mobile: +94 77 11 99 603 >>>> Web: http://wso2.com >>>> >>>> [image: http://wso2.com/signature] <http://wso2.com/signature> >>>> >>> >> >> >> -- >> Thanks, >> Chinthaka Senanayaka >> Technical Lead - Engineering | WSO2 >> >> Email: [email protected] >> Mobile: +94 77 11 99 603 >> Web: http://wso2.com >> >> [image: http://wso2.com/signature] <http://wso2.com/signature> >> > > > > -- > Thanks, > Chinthaka Senanayaka > Mobile: +94 77 11 99 603 > -- Thanks, Chinthaka Senanayaka Technical Lead - Engineering | WSO2 Email: [email protected] Mobile: +94 77 11 99 603 Web: http://wso2.com [image: http://wso2.com/signature] <http://wso2.com/signature>
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
