Vincent FUCHS created FINERACT-1261:
---------------------------------------
Summary: support for external Oauth provider
Key: FINERACT-1261
URL: https://issues.apache.org/jira/browse/FINERACT-1261
Project: Apache Fineract
Issue Type: Improvement
Components: Security
Affects Versions: 1.4.0
Reporter: Vincent FUCHS
Hi,
I was looking at the couple of tickets open around OAuth2 support, mostly
https://issues.apache.org/jira/browse/FINERACT-1142 (and its related issues)
and https://issues.apache.org/jira/browse/FINERACT-1012 , and from what I
understand, we currently have no way to configure an external OAuth provider.
Is that correct ?
A typical Oauth flow is to authenticate against a standard provider, using the
provider login page and get an OAuth token and be redirected, then use that
token in all the requests. The security layer then checks the token validity
for all incoming requests.
Spring has fairly standard support for this :
[https://spring.io/guides/tutorials/spring-boot-oauth2/]
Is it something that works but is not documented ? or is it sure that it
doesn't currently work ?
(I would assume that once https://issues.apache.org/jira/browse/FINERACT-1012
is completed, it will just be a matter of providing the right Spring properties
values)
Thanks
--
Vincent
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
