Hi Nuwan, On Tue, Jun 20, 2017 at 11:29 PM, Nuwan Dias <[email protected]> wrote:
> I am suggesting the user experience be as such that when you create the > Application it automatically creates the keys too (except the token). > I had thought about this too. But the problem with this is we have to send all following data in addition to default app information (i.e. App name, tier name, discription), with app creation request. Prod grant types + callback url Sandbox grant types + callback url With that it seems like we're complicating app creation call. WDYT? Even if we decide it's ok to do so, we can have the REST API as I suggested (i.e. 3 operations) and make the UI to do 2 calls (app + oauth app creation) when "create application" button is clicked. WDYT? > There should be a separate resource/action for generating the keys > however, so that one can separate that part if needed. > > On Tue, Jun 20, 2017 at 11:02 PM, Chamila Adhikarinayake < > [email protected]> wrote: > >> Hi Bhathiya, >> > @Chamila: > >> I have a small concern regarding this. Previously user only has to create >> application then create tokens, Now he has to create Application, then >> create Oauth application and then generate tokens. I think user might get >> confuced why he is creating two applications. >> > The 3 steps will be like this. 1) Create app 2) Generate/Provide consumer key/secret 3) Generate access token Hope this will not make any confusions. Thanks, Bhathiya > >> On Tue, Jun 20, 2017 at 2:17 AM, Bhathiya Jayasekara <[email protected]> >> wrote: >> >>> Hi all, >>> >>> In the current implementation of store REST API, we have a single >>> operation (aka. Generate Keys) to create OAuth application and generate >>> access tokens, which requires 2 calls to key manager. IMO, if we split this >>> operation into 2, the code becomes cleaner. On the other hand, the current >>> implementation makes the code of out of band client registation[1] a bit >>> complex as we don't have a way to only generate access tokens after >>> providing keys explicitly. >>> >>> so, to make the code cleaner, I'm suggesting to split this "Generate >>> Keys" operation into 2 as, >>> >>> 1) Create OAuth application (i.e. generate consumer key/secret) >>> 2) Generate access tokens. >>> >>> If we do this, in the case of out-of-band client provisioning we can >>> simply replace step 1 with "Provide Keys" call. >>> >>> In UI, there will be 2 buttons as "Generate Keys/Provide Keys" which >>> generates or allows to add consumer key/secret, and "Generate Access Token" >>> which generates application access token. >>> >>> Please let me know if you have any concerns about this. >>> >>> [1] https://docs.wso2.com/display/AM210/Provisioning+Out-of-Band >>> +OAuth+Clients >>> >>> Thanks, >>> -- >>> *Bhathiya Jayasekara* >>> *Associate Technical Lead,* >>> *WSO2 inc., http://wso2.com <http://wso2.com>* >>> >>> *Phone: +94715478185 <+94%2071%20547%208185>* >>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj >>> <http://www.linkedin.com/in/bhathiyaj>* >>> *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>* >>> *Blog: http://movingaheadblog.blogspot.com >>> <http://movingaheadblog.blogspot.com/>* >>> >> >> >> >> -- >> Regards, >> Chamila Adhikarinayake >> Senior Software Engineer >> WSO2, Inc. >> Mobile - +94712346437 <+94%2071%20234%206437> >> Email - [email protected] >> Blog - http://helpfromadhi.blogspot.com/ >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Nuwan Dias > > Software Architect - WSO2, Inc. http://wso2.com > email : [email protected] > Phone : +94 777 775 729 <077%20777%205729> > -- *Bhathiya Jayasekara* *Associate Technical Lead,* *WSO2 inc., http://wso2.com <http://wso2.com>* *Phone: +94715478185 <071%20547%208185>* *LinkedIn: http://www.linkedin.com/in/bhathiyaj <http://www.linkedin.com/in/bhathiyaj>* *Twitter: https://twitter.com/bhathiyax <https://twitter.com/bhathiyax>* *Blog: http://movingaheadblog.blogspot.com <http://movingaheadblog.blogspot.com/>*
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
