Hi Isura, Ishara, During the perf test cycles, we have observed some test failures in OAuth2 flows with tocommonauth=true parameter and AFAIR Johan explained there was mail to revert it back use the commonauth endpoint.
Regards, Aparna. On Sat, Oct 28, 2017 at 10:45 AM, Ishara Karunarathna <isha...@wso2.com> wrote: > Hi Isura, > > > > On Fri, Oct 27, 2017 at 7:43 PM, Isura Karunaratne <is...@wso2.com> wrote: > >> Hi all, >> >> If the "tocommonauth" property value is true, the authentication response >> from the login page will forward to the commonauth endpoint through OAuth2 >> Authorize Endpoint. >> >> >> - IIRC, this was done to reduce the number of redirection in OAuth >> flow, but I think it is better to handle all the login response from the >> commonauth endpoint. >> >> This is used in SAML flow as well to reduce the redirections. > >> >> - Do we need to continue supporting this or shall we remove this? >> >> >> At the moment In IS components we are not setting this parameter, but > there are some other components Eg App manager using this (may be customers > might have implemented authenticators with this parameter). > Do you see any issues supporting this ? > If not I think its better to keep this. > > -Ishara > >> String isToCommonOauth = >> request.getParameter(FrameworkConstants.RequestParams.TO_COMMONAUTH); >> >> if ("true".equals(isToCommonOauth) && flowStatus == null) { >> try { >> return sendRequestToFramework(request, response); >> } catch (ServletException | IOException e) { >> log.error("Error occurred while sending request to authentication >> framework."); >> return >> Response.status(HttpServletResponse.SC_INTERNAL_SERVER_ERROR).build(); >> } >> } >> >> >> >> Thanks >> Isura. >> >> -- >> >> *Isura Dilhara Karunaratne* >> Associate Technical Lead | WSO2 >> Email: is...@wso2.com >> Mob : +94 772 254 810 <+94%2077%20225%204810> >> Blog : http://isurad.blogspot.com/ >> >> >> >> > > > -- > Ishara Karunarathna > Associate Technical Lead > WSO2 Inc. - lean . enterprise . middleware | wso2.com > > email: isha...@wso2.com, blog: isharaaruna.blogspot.com, mobile: > +94717996791 <071%20799%206791> > > > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- *Regards,* *Aparna Karunarathna.* *Associate Technical Lead - QAWSO2 Inc.Mobile: 0714002533* * <http://wso2.com/signature>*
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev