On Tue, May 2, 2017 at 10:44 AM, Dilan Udara Ariyaratne
wrote:
>
> In the meantime, could you elaborate on the method level details of the
> Session manager interface, too?
>
SessionManager:
https://github.com/wso2/carbon-uuf/pull/241/files#diff-
On Tue, May 2, 2017 at 9:55 AM, Manoj Gunawardena wrote:
> If permission check not provided, is it allow to all?
> Any reason for token and user info end points hasn't check permissions?
>
OAuth token endpoint, client has to authenticate using client_id ,
client_secret.
As for
If permission check not provided, is it allow to all?
Any reason for token and user info end points hasn't check permissions?
On Tue, May 2, 2017 at 3:02 AM, Farasath Ahamed wrote:
>
>
>
> On Tue, May 2, 2017 at 1:48 AM, Manoj Gunawardena wrote:
>
>> +1 for
On Tue, May 2, 2017 at 1:48 AM, Manoj Gunawardena wrote:
> +1 for handle authorization in consistent way for all end points.
> Such as
> "/oauth2/introspect"
> "oauth2/userinfo"
>
> According to IS 5.3 Authentication and Authorization of REST APIS
> mechanism [1], what are the
+1 for handle authorization in consistent way for all end points.
Such as
"/oauth2/introspect"
"oauth2/userinfo"
According to IS 5.3 Authentication and Authorization of REST APIS mechanism
[1], what are the permission strings assign for following end points.
"oauth2/token"
"oauth2/revoke"
It is beneficial to have this in the UUF.
Many frameworks (in particular web frameworks such as Django, CakePHP and
Ruby on Rails) support this kind of pluggable Session Management
capabilities.
On Fri, Apr 28, 2017 at 3:46 PM, Vidura Nanayakkara
wrote:
> Hi All,
>
> We are