2017-01-13 15:06 GMT+01:00 Romain Manni-Bucau <rmannibu...@gmail.com>:
> > > Le 13 janv. 2017 14:44, "Sergey Beryozkin" <sberyoz...@gmail.com> a > écrit : > > Hi Romain, > > that makes sense, supporting the authorization code can be optional, note > the providers can support only all non-redirection based grants or the code > grants too, ex, JCacheOAuthDataProvider and JCacheCodeDataProvider. > > I suppose the real challenge is how to auth the users (OAuth2 clients) at > the /token level. For ex, in Fediz OIDC we'd connect to Syncope via CXF > STS, with Syncope covering all the possible user storages. > > > Wonder if being in tomcat we cant reuse the realm/principal to have a > local user repository/ies. Would make it easier to setup and allow to reuse > a lot of impl. > > That's what we have on trunk, and authorization_code is supported in gui-less mode. Since meecrowave-oauth2 can be embedded too it allows to use any ui if desired - or still a plain client if needed. > > > Cheers, Sergey > > > On 13/01/17 13:05, Romain Manni-Bucau wrote: > >> Hi Sergey >> >> Le 13 janv. 2017 12:25, "Sergey Beryozkin" <sberyoz...@gmail.com> a >> écrit : >> >> Hi Romain >> >> Thanks for sharing the links, looks interesting. >> >> How do you plan to support the authorization_code grants ? >> >> >> Not yet checked but guess we ll add the endpoints and probably a flag to >> activate it or not. >> >> What do you see as more challenging then /token? >> >> >> >> Cheers, Sergey >> >> >> On 12/01/17 16:19, Romain Manni-Bucau wrote: >> >> Hi guys, >>> >>> Apache Meecrowave (sub project of OpenWebBeans) got some days ago an >>> experimental oauth2 module. It is "just" CXF oauth2 code setup as a >>> runtime >>> and not a library. >>> >>> I see it as an opportunity to make our both communities working more >>> closely, enhancing this feature to make it as close as possible as the >>> customers/users needs. >>> >>> The snapshot doc (which is for now very light and mainly generated) is >>> available at >>> http://openwebbeans.staging.apache.org/meecrowave/meecrowave-oauth2/ >>> >>> Don't heistate to let us know what you think about it. >>> >>> PS: for people not reading docs here is the right url >>> http://svn.apache.org/repos/asf/openwebbeans/meecrowave/trun >>> k/meecrowave-oauth2/ >>> ;) >>> >>> Romain Manni-Bucau >>> @rmannibucau <https://twitter.com/rmannibucau> | Blog >>> <https://blog-rmannibucau.rhcloud.com> | Old Blog >>> <http://rmannibucau.wordpress.com> | Github < >>> https://github.com/rmannibuca >>> u> | >>> LinkedIn <https://www.linkedin.com/in/rmannibucau> | JavaEE Factory >>> <https://javaeefactory-rmannibucau.rhcloud.com> >>> >>> >>> >> > > -- > Sergey Beryozkin > > Talend Community Coders > http://coders.talend.com/ > > >
