SylviaBABY commented on code in PR #1101: URL: https://github.com/apache/apisix-website/pull/1101#discussion_r876696899
########## website/blog/2022/05/19/weekly-report-0519.md: ########## @@ -0,0 +1,93 @@ +--- +title: Biweekly Report|Explore the weeks of May 1st - May 15th +keywords: +- Apache APISIX +- API Gateway +- Weekly Report +- Contributor +description: The Apache APISIX Community Weekly Report hopes to help community members better understand the weekly progress of the Apache APISIX community and and facilitate everyone to participate in the Apache APISIX community. +tags: [Events] +--- + +> From May 1st to May 15th, 35 contributors submitted 77 commits for Apache APISIX. Thank you all for your contributions to Apache APISIX. It is your selfless contribution to make the Apache APISIX project better! + +<!--truncate--> + +## Introduction + +Apache APISIX has grown as a community from the first day of open source and has quickly become the most active open source API gateway project in the world. These achievements cannot be achieved without the joint efforts of our community partners. + +"If you want to go fast, go alone.If you want to go far, go together." The Apache APISIX Community Weekly Report hopes to help community members better understand the weekly progress of the Apache APISIX community and and facilitate everyone to participate in the Apache APISIX community. + +We have also compiled some issues suitable for newcomers to the community to participate in! If you are interested, don't miss it! + +## Contributor Statistics + + + + + +## Good first issue + +### Issue #7052 + +**链接**: https://github.com/apache/apisix/issues/7052 + +**问题描述**:As a User, I want to use oAuth2 with [PKCE](https://oauth.net/2/pkce/) support, so that I can configure an oAuth2 connection without using client/secret. + +I am using an IDP. which has implemented the [Authorization Code Flow](https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth). + +From the docs of the IdP: +The IdP implements the Authorization Code Flow, preferably with PKCE. The PKCE flow is the recommended and most universal authorization flow that supports mobile apps, single page applications and traditional server-rendered applications and doesn't require the exchange of a shared secret. + +The Flow: + +user opens a web app (in my case an `APISIXROUTE`, using `openid` plugin) +code challenge using **SHA256** is created by the `openid` plugin +redirect to the idp authorization endpoint +login of the user +redirect to the `redirect_url` with `authcode` as URL Queryparameter +`openid` plugin uses the `authcode` to receive a JWT from the idp token endpoint +Could you implement this oAuth flow with pkce support? +Please add a section to the documentation as well, tkaning care on the configuration of the pkce and the redirect_url Review Comment: ```suggestion The Flow: - User opens a web app (in my case an `APISIXROUTE`, using `openid` plugin) - Code challenge using **SHA256** is created by the `openid` plugin - Redirect to the idp authorization endpoint - Login of the user - Redirect to the `redirect_url` with `authcode` as URL Queryparameter - `openid` plugin uses the `authcode` to receive a JWT from the idp token endpoint Could implement this OAuth flow with PKCE support? Please add a section to the documentation as well, taking care on the configuration of the PKCE and the redirect_url. ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
