Hi All, We are planning of $subject.
In some use cases, it is desirable or necessary to allow OAuth clients to obtain authorization from an authorization server without the two parties having previously interacted. Therefore in order for the authorization server to accurately represent to end users which client is seeking authorization to access the end user’s resources, a method for automatic and unique registration of clients is needed. This is where the Dynamic Client Registration protocol comes into play. The RFC related to this feature can be found in [1] *Problem* Currently, we have implementations for DCR in products like WSO2 API Manager and WSO2 Enterprise Mobility Manager. This leads to a duplication of the functionality. Since this feature should ideally reside in the WSO2 Identity Server, we are trying to move it to their code base so that it will be available to the entire WSO2 platform. *Solution* We are trying to implement it so that the endpoint for registering and unregistering an OAuth client will be available through the oauth2 web app being deployed through the Identity Server. This feature is implemented as an OSGi service. The endpoint details will be as follows. Registering an OAuth 2.0 client application will take place through a POST request to the registration endpoint. For example see the following sample request, POST *oauth2/oauthdcr* HTTP/1.1 Content-Type: application/json { "callbackUrl": "www.google.lk", "clientName": "MyApp", //OAuth application name "tokenScope": "Production", "owner": "admin", //User name of application owner "grantType": "password refresh_token", //space separated grant-type list "saasApp" :true //indicates whether this is a SaaS app or not } Upon successful registration you'll receive a json payload including the client-name, client-id, client-secret and the callback-url. Similarly unregistering an OAuth 2.0 client application will take place through a DELETE request to the registration endpoint with the applicationName, userId(username of the application owner) and the consumerKey taken in as query parameters in the request. [1] https://tools.ietf.org/html/rfc7591 Tharika Madurapperuma Intern - Software Engineering WSO2, Inc. Mobile : +94777-875-624
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture