Hi Devs, According to this doc [1], we can implement a new client authenticator by implementing this org.wso2.carbon.identity.oauth2.token.handlers.clientauth.ClientAuthenticationHandler interface. But this particular interface is in wso2-attic [2 ] now and is no longer used in OAuth component [3]. BasicAuthClientAuthenticator and PrivateKeyJWTClientAuthenticator implement AbstractIdentityHandler [4].
I have some concerns regarding this. 1. Are we still using org.wso2.carbon.identity.oauth2.token.handlers.clientauth.ClientAuthenticationHandler to register a Client Authenticator? If we are not using, then we can remove it from the IS 5.8.0 doc [1] and add the configuration for using AbstractIdentityHandler in the doc space. 2. For BasicAuthClientAuthenticator and other client authenticators, we are using AbstractIdentityHandler which is an event listener in identity.xml file. Is there any specific reason for registering as an event listener? Appreciate your input on this. [1] https://docs.wso2.com/display/IS580/Extension+Points+for+OAuth#ExtensionPointsforOAuth-ClientAuthenticationHandler [2] https://github.com/wso2-attic/carbon-identity/blob/master/components/oauth/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/clientauth/ClientAuthenticationHandler.java [3] https://github.com/wso2-extensions/identity-inbound-auth-oauth/tree/master/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/client/authentication [4] https://docs.wso2.com/display/IS580/Private+Key+JWT+Client+Authentication+for+OIDC Thanks, Piraveena *Piraveena Paralogarajah* Software Engineer | WSO2 Inc. *(m)* +94776099594 | *(e)* [email protected]
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
