Hi Bhathiya, The above thing we will do beforehand the key manager implementation gets invoked. Therefore there was no issue with having different oauth providers.
Thanks On Wed, Apr 15, 2020 at 3:05 PM Bhathiya Jayasekara <[email protected]> wrote: > > > On Tue, Apr 14, 2020 at 10:12 PM Tharindu Dharmarathna <[email protected]> > wrote: > >> Hi All, >> >> We are going to implement Multiple Oauth provider support to WSO2 API >> Management. From this feature, dev portal users can create their Oauth >> Application on Pre-Defined OAuth providers. >> >> 1. Tenant Admin Create Oauth Provider from the Admin portal by providing >> OAuth provider details. >> >> - Client Registration endpoint >> - Introspection Endpoint >> - Scope Management Endpoint >> - Token Endpoint >> - Revoke Endpoint >> - Endpoint Security Details >> - Token Validation Regex. >> >> I hope we will have extension points for all these cases as request > bodies can be different from each oauth2 provider. (to support custom > provider which we do not support ootb) yes? > > Thanks, > Bhathiya > > >> 2. Application developer creates the application defining the Oauth >> Provider type. >> 3. Application developer Generates the keys from UI. >> >> - Checks for the Consumer Key Generation can be done in the Specific >> Oauth Provider. >> - Generate the Oauth App on Oauth Provider and retrieves the Oauth >> Application Details. >> >> 4. Application Developer Retrieves the Application details from the UI. >> >> - Check for the Oauth provider selected. >> - Retrieve the Oauth App details from the Respective OAuth Provider >> selected. >> >> 5. Generating Oauth Token >> >> - Token Generation call will directly proxy into the token endpoint >> of Respective Oauth Provider. >> >> 6. Validating the Token. >> >> - Generated Token from Oauth Providers contains a specific change >> related to the Token. >> - Before validating the token we checking the Token was resided to >> which Oauth provider by checking from the Token Validation Regex given. >> - Token get validate from elected Oauth Provider and then retrieve >> the information related to the Token. >> >> 7. Delete the Application >> >> - Oauth Application will remove from Respective Oauth Provider >> assigned. >> >> >> I appreciate any thoughts and feedback on this. >> >> >> Thanks >> >> *Tharindu Dharmarathna*Technical Lead >> WSO2 Inc.; http://wso2.com >> lean.enterprise.middleware >> mobile: *+94779109091* >> > > > -- > *Bhathiya Jayasekara* | Senior Technical Lead | WSO2 Inc. > (m) +94 71 547 8185 | (e) bhathiya-@t-wso2-d0t-com > > > -- *Tharindu Dharmarathna*Technical Lead WSO2 Inc.; http://wso2.com lean.enterprise.middleware mobile: *+94779109091*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
