8000 Initial OAuth Authorization Server Metadata RFC8414 by JonathanHuot · Pull Request #605 · oauthlib/oauthlib · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Initial OAuth Authorization Server Metadata RFC8414 #605

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Nov 23, 2018
Merged

Initial OAuth Authorization Server Metadata RFC8414 #605

merged 3 commits into from
Nov 23, 2018

Conversation

JonathanHuot
Copy link
Member
@JonathanHuot JonathanHuot commented Oct 25, 2018
edited
Loading

Before starting to implement OpenID Connect Discovery (#420) I would like to propose the lightweight OAuth2 Authorization Server Metadata see RFC8414.

This is currently Work In Progress, so don't hesitate to ask questions or challenge the design.

The current design is made to be adaptive. We are not (always) supposed to use pre_configured server or combined endpoints, the provider can be a combination of multiple pre_configured server/or Endpoints. So I decided to let the user decide which Endpoints he wanted to use. However it can be challenged.

Example of usage with bottle-oauthlib:

import bottle
from bottle_oauthlib.oauth2 import BottleOAuth2
from oauthlib import oauth2

app = bottle.Bottle()
app.authmetadata = BottleOAuth2(app)

oauthlib_server = oauth2.LegacyApplicationServer(oauth2.RequestValidator())
app.authmetadata.initialize(oauth2.MetadataEndpoint([oauthlib_server], claims={
    "issuer": "https://xx",
    "token_endpoint": "https://xx/token",
    "revocation_endpoint": "https://xx/revoke",
    "introspection_endpoint": "https://xx/tokeninfo"
}))


@app.get('/.well-known/oauth-authorization-server')
@app.authmetadata.create_metadata_response()
def metadata():
    pass


if __name__ == "__main__":
    app.run()  # pragma: no cover

Sample response:

$ curl -s http://localhost:8080/.well-known/oauth-authorization-server|jq .
{
  "issuer": "https://xx",
  "token_endpoint": "https://xx/token",
  "revocation_endpoint": "https://xx/revoke",
  "introspection_endpoint": "https://xx/tokeninfo",
  "grant_types_supported": [
    "password",
    "refresh_token"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_post",
    "client_secret_basic"
  ],
  "revocation_endpoint_auth_methods_supported": [
    "client_secret_post",
    "client_secret_basic"
  ],
  "introspection_endpoint_auth_methods_supported": [
    "client_se
8000
cret_post",
    "client_secret_basic"
  ]
}

@JonathanHuot JonathanHuot changed the title WIP: Initial OAuth Authorization Server Metadata RFC8414 Initial OAuth Authorization Server Metadata RFC8414 Nov 7, 2018
@JonathanHuot JonathanHuot requested a review from skion November 7, 2018 18:08
skion
skion reviewed Nov 18, 2018
View reviewed changes
Copy link
Member
@skion skion left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like it, added two minor comments. What further changes do you have in mind?

@JonathanHuot JonathanHuot merged commit cb6db1c into master Nov 23, 2018
@JonathanHuot JonathanHuot deleted the oauth-metadata branch November 23, 2018 08:19
@JonathanHuot JonathanHuot added this to the 3.0.0 milestone Dec 3, 2018
@JonathanHuot JonathanHuot added Feature OAuth2-Provider This impact the provider part of OAuth2 labels Dec 3, 2018
@JonathanHuot JonathanHuot mentioned this pull request Dec 3, 2018
Closed
23 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@skion skion skion approved these changes

Assignees
No one assigned
Labels
Feature OAuth2-Provider This impact the provider part of OAuth2
Projects
None yet
Milestone
3.0.0
Development

Successfully merging this pull request may close these issues.
2 participants
@JonathanHuot @skion
0