Hi Isura, Ishara,
During the perf test cycles, we have observed some test failures in OAuth2
flows with tocommonauth=true parameter and AFAIR Johan explained there was
mail to revert it back use the commonauth endpoint.
Regards,
Aparna.
On Sat, Oct 28, 2017 at 10:45 AM, Ishara Karunarathna <isha...@wso2.com>
wrote:
> Hi Isura,
>
>
>
> On Fri, Oct 27, 2017 at 7:43 PM, Isura Karunaratne <is...@wso2.com> wrote:
>
>> Hi all,
>>
>> If the "tocommonauth" property value is true, the authentication response
>> from the login page will forward to the commonauth endpoint through OAuth2
>> Authorize Endpoint.
>>
>>
>> - IIRC, this was done to reduce the number of redirection in OAuth
>> flow, but I think it is better to handle all the login response from the
>> commonauth endpoint.
>>
>> This is used in SAML flow as well to reduce the redirections.
>
>>
>> - Do we need to continue supporting this or shall we remove this?
>>
>>
>> At the moment In IS components we are not setting this parameter, but
> there are some other components Eg App manager using this (may be customers
> might have implemented authenticators with this parameter).
> Do you see any issues supporting this ?
> If not I think its better to keep this.
>
> -Ishara
>
>> String isToCommonOauth =
>> request.getParameter(FrameworkConstants.RequestParams.TO_COMMONAUTH);
>>
>> if ("true".equals(isToCommonOauth) && flowStatus == null) {
>> try {
>> return sendRequestToFramework(request, response);
>> } catch (ServletException | IOException e) {
>> log.error("Error occurred while sending request to authentication
>> framework.");
>> return
>> Response.status(HttpServletResponse.SC_INTERNAL_SERVER_ERROR).build();
>> }
>> }
>>
>>
>>
>> Thanks
>> Isura.
>>
>> --
>>
>> *Isura Dilhara Karunaratne*
>> Associate Technical Lead | WSO2
>> Email: is...@wso2.com
>> Mob : +94 772 254 810 <+94%2077%20225%204810>
>> Blog : http://isurad.blogspot.com/
>>
>>
>>
>>
>
>
> --
> Ishara Karunarathna
> Associate Technical Lead
> WSO2 Inc. - lean . enterprise . middleware | wso2.com
>
> email: isha...@wso2.com, blog: isharaaruna.blogspot.com, mobile:
> +94717996791 <071%20799%206791>
>
>
>
> _______________________________________________
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
--
*Regards,*
*Aparna Karunarathna.*
*Associate Technical Lead - QAWSO2 Inc.Mobile: 0714002533*
* <http://wso2.com/signature>*
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
