[ https://issues.apache.org/jira/browse/SHIRO-119?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12994017#comment-12994017 ]
Kalle Korhonen commented on SHIRO-119: -------------------------------------- Took an initial look at it. Thanks Jared, good job putting together a complete draft implementation. There's a lot of leeway in implementing an Oauth realm for a resource server and undoubtedly some new interfaces, like OAuthTokenInfoSource is needed. Several iterations are probably needed to make really reusable and generically useful. The IniOauthRealm is more of an example than production code, I might just use it in an integration test rather than package it up into a distributable jar. I'd also like to see end-to-end integration tests for this, but several other pieces are needed. Currently there are not tests at all so there's no way we can just drop it into Shiro source tree as is. Usage of Shiro interfaces is fairly limited, so it doesn't need to be building together with latest Shiro trunk either. I'm thinking that right place for this is therefore http://www.apache-extras.org. That would also make it easier for Jared to directly commit improvements and additions. I can create a project for this there. I'm certainly interested in this topic as a whole but I don't have a direct use case for Oauth resource and authorization server right now (though I'm currently implementing and using other aspects of Oauth) so might be a bit slow from my part, at least initially. What do you think Jared? > Oauth support > ------------- > > Key: SHIRO-119 > URL: https://issues.apache.org/jira/browse/SHIRO-119 > Project: Shiro > Issue Type: New Feature > Reporter: Jason Eacott > Assignee: Kalle Korhonen > Attachments: shiro-oauth.patch > > > Create support for OAuth provider support 'out of the box'. > This could involve a standalone provider webapp with some flexible mechanism > for data storage, and/or remote data retrieval & management, > and a customisable way to integrate application/transport specific OAuth > based authentication with Shiro (HTTP/XMPP etc). -- This message is automatically generated by JIRA. - For more information on JIRA, see: http://www.atlassian.com/software/jira