[jira] [Work logged] (KNOX-3112) Add a specialized use API for CLIENT_ID and SECRET based on KNOXTOKEN API

Sun, 30 Mar 2025 11:38:11 -0700 


     [ 
https://issues.apache.org/jira/browse/KNOX-3112?focusedWorklogId=963933&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-963933
 ]

ASF GitHub Bot logged work on KNOX-3112:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 30/Mar/25 18:37
            Start Date: 30/Mar/25 18:37
    Worklog Time Spent: 10m 
      Work Description: lmccay opened a new pull request, #1011:
URL: https://github.com/apache/knox/pull/1011

   ## What changes were proposed in this pull request?
   
   This is a specialized extension of the KNOXTOKEN API to request CLIENT_ID 
and CLIENT_SECRET.
   This requires the use of Passcode tokens as the CLIENT_SECRET and the 
TokenID as the CLIENT_ID.
   
   One of the motivations for this is to provide this extension so that it can 
be deployed separately within the same topology as the KNOXTOKEN API. Another 
is to codify the conventions being used in order to use the pattern described 
above for CLIENT_ID and CLIENT_SECRET without having to leave it to the 
consumer to interpret how to do so.
   
   ## How was this patch tested?
   
   New unit tests were added for the API extension and run along with all 
existing unit tests.
   Manual testing of the use of CLIENT_ID and CLIENT_SECRET was done with the 
JWTProvider.




Issue Time Tracking
-------------------

            Worklog Id:     (was: 963933)
    Remaining Estimate: 0h
            Time Spent: 10m

> Add a specialized use API for CLIENT_ID and SECRET based on KNOXTOKEN API
> -------------------------------------------------------------------------
>
>                 Key: KNOX-3112
>                 URL: https://issues.apache.org/jira/browse/KNOX-3112
>             Project: Apache Knox
>          Issue Type: Improvement
>          Components: Server
>            Reporter: Larry McCay
>            Assignee: Larry McCay
>            Priority: Major
>             Fix For: 2.2.0
>
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> Given the ability to support the OAuth client credentials flow with a 
> specialized use of the tokenid and passcode token from the KNOXTOKEN API, we 
> should add a corresponding API for acquiring the CLIENT_ID and CLIENT_SECRET 
> without requiring consumers to understand this specialized use. We will 
> codify the conventions being used for that into the new API extension of 
> KNOXTOKEN which will make CLIENTID's first class concepts rather than an 
> interpretation of KNOXTOKEN API responses.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to