Hi > > > > > > 3. Part of 2 (prioritize) : Please consider allocating time on ensuring > > that > > a CXF (programmatic) user can vouch for a consumer automatically. If > > Autonomous profile can help then it is fine but I'd appreciate you > thinking > > abut it more, looks like this issue has not been covered. > > > > OK > > In that handy diagram you linked to I'm assuming it is steps 3-4. There's some redirection going on there and a user is also presented with an authorization page. I hope this can be handled with the refactoring HttpConduit a bit and injecting a redirection handler. However, perhaps you might want to start with the assumption that a user uses a browser, so you'd just likely start from implementing OpenAuth authorization filters for the server keeping protected resources as well as from a consumer getting all the tokens it needs, but once it is done we can focus on the user auto vouching for the consumer/application - Dan and others can help there as well...
> > > > > > > in the client module: > > > - credentials data (i.e. client_id, client_secret) used for > > authentication > > > with the authorization server > > > - selection of used OAuth flow to authenticate with the authorization > > > server? > > > - additional parameters required in some flows i.e. callback_url > > > > > > > > I'm not quite clear how it will be implemented. This is the consumer > which > > will try to access protected resources on some other server on behalf of > > the > > owner. So it will need to act as a JAXRS server endpoint too, so that the > > ServiceProvider can contact it and tell it that an owner is willing to > let > > it access and say read and print some photos ? > > > > The client would work like a 'application' described in flow diagram: > http://developer.yahoo.com/oauth/guide/oauth-auth-flow.html > So, the client with given client_id and client_secret can automatically > obtain an access token and refresh token. > I hope I didn't ommit something:) > > Sure, I just mean that a client module will likely has to be implemented as a JAXRS server as well so that it can be contacted and then act as a client/consumer, as far as getting token is concerned, etc thanks, Sergey > > > > > > To assure code quality unit test should be written. > > > > > > OK > > > > > > > > > > *Project Schedule* > > > * > > > April 26 - May 24* > > > * > > > *Get more knowledge about Apache CXF - architecture guide, reading > books, > > > articles, tutorials, doing simple CXF applications. > > > Get more familiar with development process in Apache CXF project: > coding > > > guidelines, building project, configuring developer environment. > > > > > > *May 25 - June 19* > > > > > > Implementation of CXF-OAuth-server module - User Delegation Flows and > > > working with that client module. > > > > > > *June 20 - July 12* > > > > > > Implementation of support the End User Credentials Flows and Autonomous > > > Client Flows and working with that client module. > > > > > > *July 13 - July 16* > > > > > > Review a project progress done so far. > > > Documentation of work done. > > > > > > *July 17 - July 23* > > > > > > Implementation of *Accessing protected resources *part of OAuth > > > specification. > > > > > > *July 24 - August 5* > > > * > > > *Check if implementation fully covers OAuth specification. > > > > > > > As I said above please prioritize on the most basic flow first as well as > > consider implementing an older version. > > > > > > > Code adjustment. > > > > > > > Perhaps adding demo would be good and help users to start faster. > > > > > Yes, right. > > > > > > > > > > *August 5 - August 16* > > > Final documentation. More tests. More bug fixes > > > > > > > > > > > sounds good > > > > > > > > > > *Other obligations:* > > > *I do research work at university. > > > (http://tinyurl.com/uma-wg)*<http://tinyurl.com/uma-wg%29*> > < > > http://tinyurl.com/uma-wg%29*> > > > *Hovewer it is strictly connected with OAuth and RESTfull services, so > I > > > think it's rather beneficial. > > > * > > > > > > > agreed > > > > > > By the way, I'm proposing to add all the code to the package > > org.apache.cxf.jaxrs.security.oauth. > > Some changes may need to go HttpConduit (to do with the user auto > vouching > > for a consumer) > > Also, it will need to be another module. You can start with adding the > code > > to rt/frontenend/jaxrs initially but > > I think we may need to introduce > > > > rt/jaxrs/security/oauth, > > > > similarly to the way things are done for WS specs such as WS-Security. In > > fact rt/ws might have OAuth related module added too when SOAP gest > > supported. > > > > thanks, Sergey > > > > > Cheers, > Lukasz > > > > > > > > > > Cheers, > > > Lukasz > > > > > > 2010/4/10 Daniel Kulp <dk...@apache.org> > > > > > > > Lukasz, > > > > > > > > I or Sergey may end up being the mentor for this proposal so we need > to > > > > start > > > > looking at how to score and rank the proposal. Look at: > > > > > > > > http://community.apache.org/mentee-ranking-process.html > > > > > > > > Particularly the scoring areas. One of the things the proposal needs > > is > > > > some > > > > additional details around a timeline and goals to be achieved. For > > > > example, > > > > at mid terms, what is a good target to have achieved? When should > we > > > > start > > > > seeing patches or similar as steps along the way? Etc... > > > > > > > > Please take a look at the scoring stuff and start working on filling > in > > > > more > > > > details to the proposal. (I THINK you can still edit it, if not, at > > least > > > > respond here) > > > > > > > > Dan > > > > > > > > On Friday 09 April 2010 3:08:56 am Łukasz Moreń wrote: > > > > > My name is Lukasz Moren and I'm a student looking for an > interesting > > > > > project for this year Google > > > > > Summer of Code. > > > > > > > > > > I would like to propose a project idea: Provide an authentication > > > support > > > > > through OAuth for Apache CXF (JAXRS module). > > > > > Something similar to: [1], I mean the idea, not execution. > > > > > > > > > > As I am recently involved in RESTful services (mainly RESTEasy > > > framework, > > > > > but I've tried also CXF:)) and OAuth protocol, > > > > > it's area I feel good. > > > > > > > > > > The OAuth community works currently on: [2], which appeared after > > 1.0a. > > > > > and planning 2.0 release based on OAuth WRAP:[3]. > > > > > > > > > > I take part in GSoC 2009 in JBoss [4], and project finished > > > sucessfully. > > > > > I was mainly involved in two tasks: [5], [6], hovewer the second > one > > > > became > > > > > big > > > > > and development is continued here: [7]. > > > > > More info about me can be found: [8] > > > > > > > > > > > > > > > [1] > > > > > > > > > > > > > > > http://www.jboss.org/file-access/default/members/resteasy/freezone/docs/1.2 > > > > > .GA/userguide/html/Authentication.html [2] > > > > http://wiki.oauth.net/OAuth-WRAP > > > > > [3] http://hueniverse.com/2009/11/planning-for-oauth-2-0/ > > > > > [4] > > > > > > > > > > > > > > > http://socghop.appspot.com/gsoc/student_project/show/google/gsoc2009/redhat > > > > > /t124024692589 [5] > > > > > > > > > http://opensource.atlassian.com/projects/hibernate/browse/HSEARCH-392[6]<http://opensource.atlassian.com/projects/hibernate/browse/HSEARCH-392%5B6%5D> > < > http://opensource.atlassian.com/projects/hibernate/browse/HSEARCH-392%5B6%5D > > > > < > > > http://opensource.atlassian.com/projects/hibernate/browse/HSEARCH-392%5B6%5D > > > > > > > > > > > > http://opensource.atlassian.com/projects/hibernate/browse/HSEARCH-307[7]<http://opensource.atlassian.com/projects/hibernate/browse/HSEARCH-307%5B7%5D> > < > http://opensource.atlassian.com/projects/hibernate/browse/HSEARCH-307%5B7%5D > > > > < > > > http://opensource.atlassian.com/projects/hibernate/browse/HSEARCH-307%5B7%5D > > > > > > > > https://jira.jboss.org/jira/browse/ISPN/component/12312732 > > > > > [8] > > > > > > > > > > > > > > > http://www.linkedin.com/profile?viewProfile=&key=32578698&locale=en_US&trk= > > > > > tab_pro > > > > > > > > > > Sorry for so much links, but I would like to exaplain things > briefly. > > > > > > > > > > Please let me know what do you think about that idea. > > > > > > > > > > Thanks in advance for reply. > > > > > > > > > > Best Regards, > > > > > Lukasz Moren > > > > > > > > -- > > > > Daniel Kulp > > > > dk...@apache.org > > > > http://dankulp.com/blog > > > > > > > > > >
