Shared OAuth2Client Option
--------------------------
Key: SHINDIG-1731
URL: https://issues.apache.org/jira/browse/SHINDIG-1731
Project: Shindig
Issue Type: Improvement
Components: Java
Affects Versions: 2.5.0
Reporter: Adam Clarke
Currently the OAuth2 Consumer stores access/refresh tokens per gadget, per user.
I have received comments that it would be convenient to allow a set of Gadgets
to share a tokens per user. Improving the user experience for a group of
OAuth2 dependent gadgets by not triggering additional opt-ins.
Technically this is possible to implement with a custom OAuth2Store or
OAuth2Persister but it would be nice to formalize it in shindig and the sample
persistence plugin.
When an administrator creates an OAuth2Client they can specify that the client
is shared.
"shindig_client1" : {
"providerName" : "shindigOAuth2Provider",
"type" : "confidential",
"grant_type" : "code",
"client_id" : "shindigClient",
"client_secret" : "U78KJM98372AMGL87612993M",
"sharedToken" : "true"
},
(If the value is not specified the default will be "false", keeping the current
behavior.)
In this case any gadget bound to the "shindig_client1" client will use the same
access/refresh token for the user.
Administrators should take extra care when binding sharedToken clients.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
