Hi All, Please find the database diagram on Implementation. [image: db diagram.png]
let us know any feedback on this. Thanks & Regards On Thu, Apr 16, 2020 at 10:29 PM Tharindu Dharmarathna <[email protected]> wrote: > Hi Farasath, > > The authentication on those endpoints depends on the implementation > implemented for the specific oauth provider, there will be configuration > key value elements will be asked from user to retrieve those details. > > On Thu, Apr 16, 2020 at 6:34 PM Farasath Ahamed <[email protected]> > wrote: > >> >> >> On Tue, Apr 14, 2020 at 10:13 PM Tharindu Dharmarathna < >> [email protected]> wrote: >> >>> Hi All, >>> >>> We are going to implement Multiple Oauth provider support to WSO2 API >>> Management. From this feature, dev portal users can create their Oauth >>> Application on Pre-Defined OAuth providers. >>> >>> 1. Tenant Admin Create Oauth Provider from the Admin portal by providing >>> OAuth provider details. >>> >>> - Client Registration endpoint >>> - Introspection Endpoint >>> - Scope Management Endpoint >>> - Token Endpoint >>> - Revoke Endpoint >>> - Endpoint Security Details >>> - Token Validation Regex. >>> >>> Just a suggestion, most OAuth/OIDC providers expose a .wellknown >> configuration endpoint that gives some of these endpoints. For example, >> https://accounts.google.com/.well-known/openid-configuration >> Maybe we can support populating the URLs from using that endpoint as well >> in addition to configuring manually. >> >> 2. Application developer creates the application defining the Oauth >>> Provider type. >>> 3. Application developer Generates the keys from UI. >>> >>> - Checks for the Consumer Key Generation can be done in the Specific >>> Oauth Provider. >>> - Generate the Oauth App on Oauth Provider and retrieves the Oauth >>> Application Details. >>> >>> 4. Application Developer Retrieves the Application details from the UI. >>> >>> - Check for the Oauth provider selected. >>> - Retrieve the Oauth App details from the Respective OAuth Provider >>> selected. >>> >>> 5. Generating Oauth Token >>> >>> - Token Generation call will directly proxy into the token endpoint >>> of Respective Oauth Provider. >>> >>> 6. Validating the Token. >>> >>> - Generated Token from Oauth Providers contains a specific change >>> related to the Token. >>> - Before validating the token we checking the Token was resided to >>> which Oauth provider by checking from the Token Validation Regex given. >>> - Token get validate from elected Oauth Provider and then retrieve >>> the information related to the Token. >>> >>> 7. Delete the Application >>> >>> - Oauth Application will remove from Respective Oauth Provider >>> assigned. >>> >>> >>> I appreciate any thoughts and feedback on this. >>> >> >> Also, some of the endpoints exposed by OAuth providers will be protected >> with different auth mechanisms. How do we plan to handle this? >> >> >>> >>> >>> Thanks >>> >>> *Tharindu Dharmarathna*Technical Lead >>> WSO2 Inc.; http://wso2.com >>> lean.enterprise.middleware >>> mobile: *+94779109091* >>> _______________________________________________ >>> Architecture mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >> >> >> -- >> Farasath Ahamed >> Associate Technical Lead, WSO2 Inc.: http://wso2.com >> Mobile: +94777603866 >> Blog: https://farasath.blogspot.com / https://medium.com/@farasath >> Twitter: @farazath619 <https://twitter.com/farazath619> >> <http://wso2.com/signature> >> >> >> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> > > > -- > > *Tharindu Dharmarathna*Technical Lead > WSO2 Inc.; http://wso2.com > lean.enterprise.middleware > > mobile: *+94779109091* > -- *Tharindu Dharmarathna*Technical Lead WSO2 Inc.; http://wso2.com lean.enterprise.middleware mobile: *+94779109091*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
