Hi Romain,

that makes sense, supporting the authorization code can be optional, note the providers can support only all non-redirection based grants or the code grants too, ex, JCacheOAuthDataProvider and JCacheCodeDataProvider.

I suppose the real challenge is how to auth the users (OAuth2 clients) at the /token level. For ex, in Fediz OIDC we'd connect to Syncope via CXF STS, with Syncope covering all the possible user storages.

Cheers, Sergey

On 13/01/17 13:05, Romain Manni-Bucau wrote:
Hi Sergey

Le 13 janv. 2017 12:25, "Sergey Beryozkin" <sberyoz...@gmail.com> a écrit :

Hi Romain

Thanks for sharing the links, looks interesting.

How do you plan to support the authorization_code grants ?

Not yet checked but guess we ll add the endpoints and probably a flag to
activate it or not.

What do you see as more challenging then /token?

Cheers, Sergey

On 12/01/17 16:19, Romain Manni-Bucau wrote:

Hi guys,

Apache Meecrowave (sub project of OpenWebBeans) got some days ago an
experimental oauth2 module. It is "just" CXF oauth2 code setup as a runtime
and not a library.

I see it as an opportunity to make our both communities working more
closely, enhancing this feature to make it as close as possible as the
customers/users needs.

The snapshot doc (which is for now very light and mainly generated) is
available at

Don't heistate to let us know what you think about it.

PS: for people not reading docs here is the right url

Romain Manni-Bucau
@rmannibucau <https://twitter.com/rmannibucau> |  Blog
<https://blog-rmannibucau.rhcloud.com> | Old Blog
<http://rmannibucau.wordpress.com> | Github <https://github.com/rmannibuca
u> |
LinkedIn <https://www.linkedin.com/in/rmannibucau> | JavaEE Factory

Sergey Beryozkin

Talend Community Coders

Reply via email to