There are two things: 1) As Suresh said we can do it as a complete OAuth tool which facilitates the existing OAuth functionalities provided by the IS + We can write a access token generation UI. This can be installable as what you said.
2) second option is as what senaka said, I just wanted to add one jsp file(access token generation UI) + 2 test fields + one more button to the existing OAuth component to make it complete. Both of the scenarios requires the same slot of work. Bz OAuth feature provides upto certain level of functionality. But we wanted to know whether the IS people will accept to improve the existing feature or they wants this to be a separate feature.? bz IS ship this with their product. some time they dont like to extend the feature by default ...! I will talk to prabath. I m available tuesday evening. If any body from Greg team have a chance to meet prabath pls ask him, and share it with this mail. On Sun, Jan 27, 2013 at 11:33 PM, Senaka Fernando <sen...@wso2.com> wrote: > Hi Suresh, > > That might work, but I was thinking about something else actually. There > is an OAuth UI that you get once you install the OAuth feature. This UI has > everything a typical user requires (I mean a user with necessary privileges > to see the details) to access an application secured with OAuth. However, > it does not provide a button to generate or refresh an access token. So, I > was thinking whether we could improve that UI to have this capability? > > Thanks, > Senaka. > > > On Sun, Jan 27, 2013 at 10:40 PM, Suresh Attanayaka <sur...@wso2.com>wrote: > >> Hi Senaka, >> >> On Sun, Jan 27, 2013 at 7:01 PM, Senaka Fernando <sen...@wso2.com> wrote: >> >>> Hi all, >>> >>> Two things. >>> >>> Ragu, first of all, for the moment, we should not block ourselves until >>> any UI is made available for this since the approach explained by Suresh >>> can be used to obtain the token. >>> >>> Suresh, though it is not a roadblock, we need some user interface to >>> obtain and/or refresh the OAuth token. AM has this, but it is not a generic >>> component. To test or to try out things, curl might be useful, but we need >>> something more usable so that users can make use of it. >>> >> >> You mean something like a developer tool ? +1 on the idea. We can make it >> a UI component which can be downloaded and installed from the P2 as a tool. >> >> >> Thanks, >> -Suresh >> >>> >>> Thanks, >>> Senaka. >>> >>> On Sat, Jan 26, 2013 at 6:03 PM, Suresh Attanayaka <sur...@wso2.com>wrote: >>> >>>> Hi, >>>> >>>> On Sat, Jan 26, 2013 at 4:13 PM, Sriragu Arudsothy <srir...@wso2.com>wrote: >>>> >>>>> Another approach: >>>>> >>>>> To avoid writing an addition UI components to generate the Access >>>>> token. >>>>> >>>>> We can just write a REST class to generate the access token and pass >>>>> the client id, client secret, access token endpoint, encoded username, >>>>> encoded password from the REST client. Inside the code I have to decode >>>>> the >>>>> username and password. >>>>> >>>> >>>> Yes, you can write a REST client to get the access token using the >>>> password grant type. >>>> >>>> >>>>> This will solve. WDYT? >>>>> >>>>> RAGU >>>>> >>>>> On Sat, Jan 26, 2013 at 4:01 PM, Sriragu Arudsothy >>>>> <srir...@wso2.com>wrote: >>>>> >>>>>> Yes you are right . >>>>>> >>>>>> The Greg' requirement is like this: >>>>>> >>>>>> Any REST client (ex: Chrome Advanced REST client) we just wanted to >>>>>> pass the Bearer token to get use of REST API. >>>>>> >>>>>> Currently we use the curl command to generate the access token. But >>>>>> we are not intended to have a REST web client with (Forms to enter the >>>>>> client id/ secret ...etc) and click a button to generate the access >>>>>> token) >>>>>> >>>>>> Very brief: Greg team finalized that the client want to see the >>>>>> Accesstoken value, who has to use it straight away with Authorization >>>>>> header. For that we need to do the Access token generation UI. So any >>>>>> product in future if needs they can use it. >>>>>> >>>>>> How can I approach? >>>>>> >>>>>> Ragu. >>>>>> >>>>>> >>>>>> >>>>>> On Sat, Jan 26, 2013 at 2:45 PM, Suresh Attanayaka >>>>>> <sur...@wso2.com>wrote: >>>>>> >>>>>>> Hi >>>>>>> >>>>>>> On Sat, Jan 26, 2013 at 2:00 PM, Sriragu Arudsothy <srir...@wso2.com >>>>>>> > wrote: >>>>>>> >>>>>>>> Hai All, >>>>>>>> >>>>>>>> Greg need the OAuth Access token to be produced in UI >>>>>>>> which should be a installable feature from Identity Server side >>>>>>>> feature. At >>>>>>>> the moment once we installed the OAuth feature that produces upto >>>>>>>> client >>>>>>>> id, client secret, auth endpoint, access endpoint details. But we need >>>>>>>> the >>>>>>>> access token generation also as a UI components under the IS. I have >>>>>>>> been >>>>>>>> given this task. >>>>>>>> >>>>>>> >>>>>>> Why do you need a UI to generate access tokens ? Theoretically the >>>>>>> access token is a secrete which should be delivered directly to the >>>>>>> client. >>>>>>> >>>>>>> Thanks, >>>>>>> -Suresh >>>>>>> >>>>>>> >>>>>>>> Currently the G-reg restapi cxf web app does not have any UI, we >>>>>>>> dont want any UIs in the webapp. We need some UI to generate the access >>>>>>>> token too from the IS side. This is our requirement. >>>>>>>> delieverddelieverd >>>>>>>> Also we want to know how to get the Tenant ID of the person who >>>>>>>> belongs to the given access token ??? >>>>>>>> >>>>>>>> Please provide the way to do? we dont want any UIs in our cxf >>>>>>>> webapp(REST API). >>>>>>>> >>>>>>>> Thanks! >>>>>>>> Sriragu >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Dev mailing list >>>>>>>> Dev@wso2.org >>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Suresh Attanayake >>>>>>> Software Engineer; WSO2 Inc. http://wso2.com/ >>>>>>> Blog : http://sureshatt.blogspot.com/ >>>>>>> Twitter : https://twitter.com/sureshatt >>>>>>> LinkedIn : http://lk.linkedin.com/in/sureshatt >>>>>>> Mobile : +94755012060,+94770419136,+94710467976 >>>>>>> >>>>>> >>>>>> >>>>> >>>> >>>> >>>> -- >>>> Suresh Attanayake >>>> Software Engineer; WSO2 Inc. http://wso2.com/ >>>> Blog : http://sureshatt.blogspot.com/ >>>> Twitter : https://twitter.com/sureshatt >>>> LinkedIn : http://lk.linkedin.com/in/sureshatt >>>> Mobile : +94755012060,+94770419136,+94710467976 >>>> >>> >>> >>> >>> -- >>> * <http://wso2con.com/> >>> * >>> * >>> >>> Senaka Fernando* >>> Member - Integration Technologies Management Committee; >>> Technical Lead; WSO2 Inc.; http://wso2.com* >>> Member; Apache Software Foundation; http://apache.org >>> >>> E-mail: senaka AT wso2.com >>> **P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818 >>> Linked-In: http://linkedin.com/in/senakafernando >>> >>> *Lean . Enterprise . Middleware >>> >> >> >> >> -- >> Suresh Attanayake >> Software Engineer; WSO2 Inc. http://wso2.com/ >> Blog : http://sureshatt.blogspot.com/ >> Twitter : https://twitter.com/sureshatt >> LinkedIn : http://lk.linkedin.com/in/sureshatt >> Mobile : +94755012060,+94770419136,+94710467976 >> > > > > -- > * <http://wso2con.com/> > * > * > > Senaka Fernando* > Member - Integration Technologies Management Committee; > Technical Lead; WSO2 Inc.; http://wso2.com* > Member; Apache Software Foundation; http://apache.org > > E-mail: senaka AT wso2.com > **P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818 > Linked-In: http://linkedin.com/in/senakafernando > > *Lean . Enterprise . Middleware >
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
