Hi Tharindu, On Tue, Oct 29, 2019 at 2:43 PM Tharindu Bandara <[email protected]> wrote:
> Hi, Darshana/All, > > If we are doing any backend changes for this API, I suggest to do those in >> identity-user-account-association[1], not in UserProfileAdmin. > > > +1. I have initially planned to re-use UserProfileAdmin as it seemed to > serve all the requirements thus we would not do the backend changes. But > alongside with the concern raised by @Farasath Ahamed <[email protected]> in > [2], I will move the backend implementation to the > identity-user-account-association[1] as this would be a much cleaner > approach. > > To give an update on the progress, > > I have added two more APIs to create federated associations. > > - [POST] : /me/federated-associations > - Associate a federated user to the authenticated user. > > I think this API is not required. If this is supported, anyone can associate federated accounts without authentication. That can cause a security issue. Cheers, Isura. > > - [POST] : /{user-id}/federated-associations > - Associate Federated users > > Please find the swagger definition[3] of the improved API which will be > updated along the way. > > [1] https://github.com/wso2-extensions/identity-user-account-association > [2] > https://github.com/wso2/carbon-identity-framework/pull/2499#discussion_r339903378 > [3] https://app.swaggerhub.com/apis/WSO8/association/v1 > > Regards, > Tharindu. > > On Tue, Oct 29, 2019 at 11:52 AM Darshana Gunawardana <[email protected]> > wrote: > >> If we are doing any backend changes for this API, I suggest to do those >> in identity-user-account-association[1], not in UserProfileAdmin. >> >> [1] https://github.com/wso2-extensions/identity-user-account-association >> >> Thanks, >> >> On Tue, Oct 29, 2019 at 11:41 AM Tharindu Bandara <[email protected]> >> wrote: >> >>> Hi all, >>> >>> WSO2 Identity Server has REST APIs for user account associations[1]. As >>> of now these APIs provide the capability to work with local user account >>> associations and do not support federated user account associations. >>> >>> I have been working on this to support federated user account >>> associations with the User Account Associations API[1]. As planned, the >>> following APIs will be added with this effort. >>> >>> - [GET] : /me/federated-associations >>> - Retrieve the federated associations of the authenticated user. >>> - [GET] : /{user-id}/federated-associations >>> - Get user's federated associations >>> - [DELETE] : /me/federated-associations >>> - Delete all my federated user associations >>> - [DELETE] : /{user-id}/federated-associations >>> - Delete user's all user federated associations >>> >>> I am also evaluating the possibility of adding an API to create >>> federated associations. I will update this thread with the progress. >>> >>> The internal implementation for the above APIs will use the >>> UserProfileAdmin[2] underneath(The UserProfileAdmin[2] is used by the >>> UserProfileMgtService) through the OSGi framework. In the early >>> discussions, we have tested registering the UserProfileAdmin[2] directly as >>> an OSGi service, but we will discuss it further to find the optimum >>> approach. >>> >>> Please provide your valuable feedback on this. >>> >>> [1] https://is.docs.wso2.com/en/next/develop/association-rest-api/#/ >>> [2] >>> https://github.com/wso2/carbon-identity-framework/blob/master/components/user-mgt/org.wso2.carbon.identity.user.profile/src/main/java/org/wso2/carbon/identity/user/profile/mgt/UserProfileAdmin.java >>> >>> Regards, >>> -- >>> *Tharindu Bandara* >>> Senior Software Engineer | WSO2 >>> >>> Email : [email protected] >>> Mobile : +94 714221776 >>> web : http://wso2.com >>> <https://www.google.com/url?q=http://wso2.com&sa=D&ust=1517653383990000&usg=AFQjCNFggB4bSJTKmdqKcBV0VY9xx1ABKg> >>> >>> https://wso2.com/signature >>> >> >> >> -- >> Regards, >> >> >> *Darshana Gunawardana*Technical Lead >> WSO2 Inc.; http://wso2.com >> >> *E-mail: [email protected] <[email protected]>* >> *Mobile: +94718566859*Lean . Enterprise . Middleware >> > > > -- > *Tharindu Bandara* > Senior Software Engineer | WSO2 > > Email : [email protected] > Mobile : +94 714221776 > web : http://wso2.com > <https://www.google.com/url?q=http://wso2.com&sa=D&ust=1517653383990000&usg=AFQjCNFggB4bSJTKmdqKcBV0VY9xx1ABKg> > > https://wso2.com/signature > -- *Isura Dilhara Karunaratne* Technical Lead | WSO2 <http://wso2.com/> *lean.enterprise.middleware* Email: [email protected] Mob : +94 772 254 810 Blog : https://medium.com/@isurakarunaratne
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
