[
https://issues.apache.org/jira/browse/CXF-8121?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17143070#comment-17143070
]
Colm O hEigeartaigh commented on CXF-8121:
------------------------------------------
I added some feedback on the PR.
> Improve STS REST interface
> --------------------------
>
> Key: CXF-8121
> URL: https://issues.apache.org/jira/browse/CXF-8121
> Project: CXF
> Issue Type: Improvement
> Components: STS
> Affects Versions: 3.2.4
> Reporter: Dmitry
> Assignee: Colm O hEigeartaigh
> Priority: Major
> Time Spent: 10m
> Remaining Estimate: 0h
>
> I propose to improve STS REST interface in following points:
> 1. It is not possible to change path of the REST interface and could be issue
> with defining realm name
> In current implementation realm name is not defined implicitly as path
> parameter in @Path annotation, but usually calculated from URI in
> implementation of RealmParser. In our situation implementation of RealmParser
> work good for SOAP STS interface, but did not work for current REST
> implementation.
> Of course, it could be addapted again for REST case, but it looks more like
> workaround then a clean solution. It is more relaible to define all necessary
> path and query parameters in the interface then relay that somewhere inside
> STS it will be parsed properly.
> 2. There is no any flexibility with custom functionality
> We decided to provide endpoint that provide public key for verification
> "/jwk/keys", similar as Fediz OIDC provides. With current implementation I
> would need to create new jaxrs server, define similar configuration, etc.
> 3. There is no OpenAPI documentation
> It is necessary to add the documentation to new interface.
> I propose to provide the improvements as new module 'sts-rest' that will use
> 'sts-core' as dependency.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
