[ https://issues.apache.org/jira/browse/FINERACT-1261?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Aleksandar Vidakovic updated FINERACT-1261: ------------------------------------------- Fix Version/s: 1.6.0 > support for external Oauth provider > ------------------------------------ > > Key: FINERACT-1261 > URL: https://issues.apache.org/jira/browse/FINERACT-1261 > Project: Apache Fineract > Issue Type: Improvement > Components: Security > Affects Versions: 1.4.0 > Reporter: Vincent FUCHS > Assignee: Aleksandar Vidakovic > Priority: Major > Fix For: 1.6.0 > > > Hi, > > I was looking at the couple of tickets open around OAuth2 support, mostly > https://issues.apache.org/jira/browse/FINERACT-1142 (and its related issues) > and https://issues.apache.org/jira/browse/FINERACT-1012 , and from what I > understand, we currently have no way to configure an external OAuth provider. > Is that correct ? > > A typical Oauth flow is to authenticate against a standard provider, using > the provider login page and get an OAuth token and be redirected, then use > that token in all the requests. The security layer then checks the token > validity for all incoming requests. > > Spring has fairly standard support for this : > [https://spring.io/guides/tutorials/spring-boot-oauth2/] > > Is it something that works but is not documented ? or is it sure that it > doesn't currently work ? > (I would assume that once https://issues.apache.org/jira/browse/FINERACT-1012 > is completed, it will just be a matter of providing the right Spring > properties values) > > Thanks > > -- > Vincent > > -- This message was sent by Atlassian Jira (v8.3.4#803005)