You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@fineract.apache.org by "Petri Tuomola (Jira)" <ji...@apache.org> on 2021/12/28 03:01:00 UTC
[jira] [Resolved] (FINERACT-1261) support for external Oauth provider
[ https://issues.apache.org/jira/browse/FINERACT-1261?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Petri Tuomola resolved FINERACT-1261.
-------------------------------------
Resolution: Fixed
> support for external Oauth provider
> ------------------------------------
>
> Key: FINERACT-1261
> URL: https://issues.apache.org/jira/browse/FINERACT-1261
> Project: Apache Fineract
> Issue Type: Improvement
> Components: Security
> Affects Versions: 1.4.0
> Reporter: Vincent FUCHS
> Assignee: Petri Tuomola
> Priority: Major
> Fix For: 1.6.0
>
>
> Hi,
>
> I was looking at the couple of tickets open around OAuth2 support, mostly https://issues.apache.org/jira/browse/FINERACT-1142 (and its related issues) and https://issues.apache.org/jira/browse/FINERACT-1012 , and from what I understand, we currently have no way to configure an external OAuth provider. Is that correct ?
>
> A typical Oauth flow is to authenticate against a standard provider, using the provider login page and get an OAuth token and be redirected, then use that token in all the requests. The security layer then checks the token validity for all incoming requests.
>
> Spring has fairly standard support for this : [https://spring.io/guides/tutorials/spring-boot-oauth2/]
>
> Is it something that works but is not documented ? or is it sure that it doesn't currently work ?
> (I would assume that once https://issues.apache.org/jira/browse/FINERACT-1012 is completed, it will just be a matter of providing the right Spring properties values)
>
> Thanks
>
> --
> Vincent
>
>
--
This message was sent by Atlassian Jira
(v8.20.1#820001)