Dear, Thank you for your interest. The work has been done until now regarding this feature is: •The authorization code flow is the flow that is used for and "Google" as an example for the OpenID Provider. •To configure the OpenID Provider metadata to apply this flow, there are two ways depends on what the OpenID Provider supports, in case of supporting the Discovery Document, requesting this document and process the response and stored the required values otherwise the user needs to insert these values. •The work used CXF OIDC dependency, and took benefits from the structure of SAML2.0 feature. •The work is still under progress, the core and the logic of the flow is done and tested, the user can have a session by logging successfully to his account in "Google" and by having a user in Apache Syncope.
I would really appreciate questions for more details and also more suggestions to enhance this work. Thank you in advance and best regards, Dima Ayash. ----- Original Message ----- From: "Dima Ayash" <dima.ay...@tirasa.net> To: dev@syncope.apache.org Sent: Tuesday, April 3, 2018 12:56:02 PM Subject: Re: SYNCOPE-1270 : OpenID Connect client feature Dear, Thank you for your interest. The work has been done until now regarding this feature is: The authorization code flow is the flow that is used for and "Google" as an example for the OpenID Provider. To configure the OpenID Provider metadata to apply this flow, there are two ways depends on what the OpenID Provider supports, in case of supporting the Discovery Document, requesting this document and process the response and stored the required values otherwise the user needs to insert this value. The work used CXF OIDC dependency, and took benefits from the structure of SAML2.0 feature. The work is still under progress, the core and the logic of the flow is done and tested, the user can have a session by logging successfully to his account in Google and by having a user in Apache Syncope. ----- Original Message ----- From: "Francesco Chicchiriccò" <ilgro...@apache.org> To: dev@syncope.apache.org Sent: Tuesday, April 3, 2018 8:54:00 AM Subject: Re: SYNCOPE-1270 : OpenID Connect client feature On 03/04/2018 06:39, Isuranga Perera wrote: > Hi All, > > I would like to contribute $subject. I have contributed to WSO2 Identity > server and have worked with OpenID Connect and its profiles. Appreciate if > someone can provide me guidance throughout this feature. > > Best Regards > Isuranga Perera Dear Isuranga, thanks for your interest in Apache Syncope. As far as we know, there is already someone at work on the topic: see https://lists.apache.org/thread.html/d36e9354a4a638c7afc76a3e6d69aaf24d7c4e2c6a377e2ccfefcabe@%3Cdev.syncope.apache.org%3E Maybe you can pick one of the other feature requests from JIRA, or propose a new one. @Dima: could it be possible to provide a status update about your work there? Regards. -- Francesco Chicchiriccò Tirasa - Open Source Excellence http://www.tirasa.net/ Member at The Apache Software Foundation Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail http://home.apache.org/~ilgrosso/
