Quickstart for Authorization Server (authzserver)

[Jerry George <je...@gmail.com>]

Hi,

I do see some examples as part of main revision from the SVN. Would anyone
have some extra samples or worked out code for full lifecycle of the
request and response (with issuer implementation)?


Thanks you.

Re: Quickstart for Authorization Server (authzserver)

[Antonio Sanso <as...@adobe.com>]

Hi Jerry,

I am afraid that diagram is a bit too generic and doesn't really show what is your uses case.

Regards

Antonio


On Mar 29, 2013, at 8:26 AM, Jerry George wrote:

Hi Antonio,

Thank you for your previous answer. Please find a simple scenario in the slides (link attached). Could you please tell me very briefly how I can realize this, and perhaps any additional advice?

[https://ssl.gstatic.com/docs/doclist/images/icon_10_generic_list.png] Broker-AuthProvider.pptx<https://docs.google.com/file/d/0BxDscS93ya4eMEF6Uk94VFlkR00/edit>

Thanks,
Jerry


On Mon, Mar 25, 2013 at 5:54 AM, Antonio Sanso <as...@adobe.com>> wrote:
Hi Jerry


On Mar 21, 2013, at 11:40 PM, Jerry George wrote:

Hi,

First of all, thanks to Stein and Antonio.

Could please provide me the auth registration from the life cycle flow "point of view" (RFC 6750). I would like a simple example to allow signed requests (for 2 legged auth) between app, the authorization server, and resource server (which contains say some profile information). Just to clarify as per the RFC 6750, could you please explain the roles involved in the request signing process and API to do this.

RFC 6750 (Bearer Token) comes without any signature and leverages TLS/SSL for this.
May you be more specific on what you are trying to do ?

Regards

Antonio


Also, I would like to know more about Token Endpoint's Validation for the authorization code, apart from building an access token and refresh token (https://cwiki.apache.org/confluence/display/OLTU/OAuth+2.0+Authorization+Server)

I see some examples here, https://github.com/hasanozgan/apache-oltu-oauth2-provider-demo/blob/master/src/main/java/com/bilyoner/api/endpoints/TokenEndpoint.java

Could anyone please clarify briefly?

Thanks,
Jerry

On Thu, Mar 21, 2013 at 5:14 AM, Stein Welberg <st...@innovation-district.com>> wrote:
Hi Jerry,

I have created an Authorization Server implementation based on Oltu. You can ask me questions about it.

I agree with Antonio that we should improve the examples and documentation. Personally I'm currently working on getting Oltu compliant with the OAuth spec. But as soon as that is finished I'll see what I can do.

Regards,
Stein


On 21 mrt. 2013, at 10:04, Antonio Sanso <as...@adobe.com>> wrote:

> Hi Jerry,
>
> I do agree it would be nice to have some deeper examples.
> As you might now we have been transitioning from Amber incubator to Apache Oltu.
> One of my personal goal is to improve the documentation and the java doc API.
> For the moment you might find something in [0].
>
> Regards
>
> Antonio
>
> [0] https://cwiki.apache.org/confluence/display/OLTU/Documentation
>
>
> On Mar 21, 2013, at 4:17 AM, Jerry George wrote:
>
>> Hi,
>>
>> I do see some examples as part of main revision from the SVN. Would anyone have some extra samples or worked out code for full lifecycle of the request and response (with issuer implementation)?
>>
>>
>> Thanks you.
>

Re: Quickstart for Authorization Server (authzserver)

[Jerry George <je...@gmail.com>]

Hi Antonio,

Thank you for your previous answer. Please find a simple scenario in the
slides *(link attached)*. Could you please tell me very briefly how I can
realize this, and perhaps any additional advice?

 Broker-AuthProvider.pptx<https://docs.google.com/file/d/0BxDscS93ya4eMEF6Uk94VFlkR00/edit>

Thanks,
Jerry


On Mon, Mar 25, 2013 at 5:54 AM, Antonio Sanso <as...@adobe.com> wrote:

> Hi Jerry
>
>
> On Mar 21, 2013, at 11:40 PM, Jerry George wrote:
>
> Hi,
>
> First of all, thanks to Stein and Antonio.
>
> Could please provide me the auth registration from the life cycle flow
> "point of view" (RFC 6750). I would like a simple example to allow signed
> requests (for 2 legged auth) between app, the authorization server, and
> resource server (which contains say some profile information). Just to
> clarify as per the RFC 6750, could you please explain the roles involved in
> the request signing process and API to do this.
>
>
> RFC 6750 (Bearer Token) comes without any signature and leverages TLS/SSL
> for this.
> May you be more specific on what you are trying to do ?
>
> Regards
>
> Antonio
>
>
> Also, I would like to know more about Token Endpoint's Validation for the
> authorization code, apart from building an access token and refresh token (
> https://cwiki.apache.org/confluence/display/OLTU/OAuth+2.0+Authorization+Server
> )
>
> I see some examples here,
> https://github.com/hasanozgan/apache-oltu-oauth2-provider-demo/blob/master/src/main/java/com/bilyoner/api/endpoints/TokenEndpoint.java
>
> Could anyone please clarify briefly?
>
> Thanks,
> Jerry
>
> On Thu, Mar 21, 2013 at 5:14 AM, Stein Welberg <
> stein@innovation-district.com> wrote:
>
>> Hi Jerry,
>>
>> I have created an Authorization Server implementation based on Oltu. You
>> can ask me questions about it.
>>
>> I agree with Antonio that we should improve the examples and
>> documentation. Personally I'm currently working on getting Oltu compliant
>> with the OAuth spec. But as soon as that is finished I'll see what I can do.
>>
>> Regards,
>> Stein
>>
>>
>> On 21 mrt. 2013, at 10:04, Antonio Sanso <as...@adobe.com> wrote:
>>
>> > Hi Jerry,
>> >
>> > I do agree it would be nice to have some deeper examples.
>> > As you might now we have been transitioning from Amber incubator to
>> Apache Oltu.
>> > One of my personal goal is to improve the documentation and the java
>> doc API.
>> > For the moment you might find something in [0].
>> >
>> > Regards
>> >
>> > Antonio
>> >
>> > [0] https://cwiki.apache.org/confluence/display/OLTU/Documentation
>> >
>> >
>> > On Mar 21, 2013, at 4:17 AM, Jerry George wrote:
>> >
>> >> Hi,
>> >>
>> >> I do see some examples as part of main revision from the SVN. Would
>> anyone have some extra samples or worked out code for full lifecycle of the
>> request and response (with issuer implementation)?
>> >>
>> >>
>> >> Thanks you.
>> >
>>
>>
>
>

Re: Quickstart for Authorization Server (authzserver)

[Antonio Sanso <as...@adobe.com>]

Hi Jerry


On Mar 21, 2013, at 11:40 PM, Jerry George wrote:

Hi,

First of all, thanks to Stein and Antonio.

Could please provide me the auth registration from the life cycle flow "point of view" (RFC 6750). I would like a simple example to allow signed requests (for 2 legged auth) between app, the authorization server, and resource server (which contains say some profile information). Just to clarify as per the RFC 6750, could you please explain the roles involved in the request signing process and API to do this.

RFC 6750 (Bearer Token) comes without any signature and leverages TLS/SSL for this.
May you be more specific on what you are trying to do ?

Regards

Antonio


Also, I would like to know more about Token Endpoint's Validation for the authorization code, apart from building an access token and refresh token (https://cwiki.apache.org/confluence/display/OLTU/OAuth+2.0+Authorization+Server)

I see some examples here, https://github.com/hasanozgan/apache-oltu-oauth2-provider-demo/blob/master/src/main/java/com/bilyoner/api/endpoints/TokenEndpoint.java

Could anyone please clarify briefly?

Thanks,
Jerry

On Thu, Mar 21, 2013 at 5:14 AM, Stein Welberg <st...@innovation-district.com>> wrote:
Hi Jerry,

I have created an Authorization Server implementation based on Oltu. You can ask me questions about it.

I agree with Antonio that we should improve the examples and documentation. Personally I'm currently working on getting Oltu compliant with the OAuth spec. But as soon as that is finished I'll see what I can do.

Regards,
Stein


On 21 mrt. 2013, at 10:04, Antonio Sanso <as...@adobe.com>> wrote:

> Hi Jerry,
>
> I do agree it would be nice to have some deeper examples.
> As you might now we have been transitioning from Amber incubator to Apache Oltu.
> One of my personal goal is to improve the documentation and the java doc API.
> For the moment you might find something in [0].
>
> Regards
>
> Antonio
>
> [0] https://cwiki.apache.org/confluence/display/OLTU/Documentation
>
>
> On Mar 21, 2013, at 4:17 AM, Jerry George wrote:
>
>> Hi,
>>
>> I do see some examples as part of main revision from the SVN. Would anyone have some extra samples or worked out code for full lifecycle of the request and response (with issuer implementation)?
>>
>>
>> Thanks you.
>

Re: Quickstart for Authorization Server (authzserver)

[Jerry George <je...@gmail.com>]

Hi,

First of all, thanks to Stein and Antonio.

Could please provide me the auth registration from the life cycle flow
"point of view" (RFC 6750). I would like a simple example to allow signed
requests (for 2 legged auth) between app, the authorization server, and
resource server (which contains say some profile information). Just to
clarify as per the RFC 6750, could you please explain the roles involved in
the request signing process and API to do this.

Also, I would like to know more about Token Endpoint's Validation for the
authorization code, apart from building an access token and refresh token (
https://cwiki.apache.org/confluence/display/OLTU/OAuth+2.0+Authorization+Server
)

I see some examples here,
https://github.com/hasanozgan/apache-oltu-oauth2-provider-demo/blob/master/src/main/java/com/bilyoner/api/endpoints/TokenEndpoint.java

Could anyone please clarify briefly?

Thanks,
Jerry

On Thu, Mar 21, 2013 at 5:14 AM, Stein Welberg <
stein@innovation-district.com> wrote:

> Hi Jerry,
>
> I have created an Authorization Server implementation based on Oltu. You
> can ask me questions about it.
>
> I agree with Antonio that we should improve the examples and
> documentation. Personally I'm currently working on getting Oltu compliant
> with the OAuth spec. But as soon as that is finished I'll see what I can do.
>
> Regards,
> Stein
>
>
> On 21 mrt. 2013, at 10:04, Antonio Sanso <as...@adobe.com> wrote:
>
> > Hi Jerry,
> >
> > I do agree it would be nice to have some deeper examples.
> > As you might now we have been transitioning from Amber incubator to
> Apache Oltu.
> > One of my personal goal is to improve the documentation and the java doc
> API.
> > For the moment you might find something in [0].
> >
> > Regards
> >
> > Antonio
> >
> > [0] https://cwiki.apache.org/confluence/display/OLTU/Documentation
> >
> >
> > On Mar 21, 2013, at 4:17 AM, Jerry George wrote:
> >
> >> Hi,
> >>
> >> I do see some examples as part of main revision from the SVN. Would
> anyone have some extra samples or worked out code for full lifecycle of the
> request and response (with issuer implementation)?
> >>
> >>
> >> Thanks you.
> >
>
>

Re: Quickstart for Authorization Server (authzserver)

[Stein Welberg <st...@innovation-district.com>]

Hi Jerry,

I have created an Authorization Server implementation based on Oltu. You can ask me questions about it.

I agree with Antonio that we should improve the examples and documentation. Personally I'm currently working on getting Oltu compliant with the OAuth spec. But as soon as that is finished I'll see what I can do.

Regards,
Stein


On 21 mrt. 2013, at 10:04, Antonio Sanso <as...@adobe.com> wrote:

> Hi Jerry,
> 
> I do agree it would be nice to have some deeper examples. 
> As you might now we have been transitioning from Amber incubator to Apache Oltu.
> One of my personal goal is to improve the documentation and the java doc API. 
> For the moment you might find something in [0].
> 
> Regards
> 
> Antonio
> 
> [0] https://cwiki.apache.org/confluence/display/OLTU/Documentation
> 
> 
> On Mar 21, 2013, at 4:17 AM, Jerry George wrote:
> 
>> Hi,
>> 
>> I do see some examples as part of main revision from the SVN. Would anyone have some extra samples or worked out code for full lifecycle of the request and response (with issuer implementation)?
>> 
>> 
>> Thanks you.
> 

Re: Quickstart for Authorization Server (authzserver)

[Antonio Sanso <as...@adobe.com>]

Hi Jerry,

I do agree it would be nice to have some deeper examples. 
As you might now we have been transitioning from Amber incubator to Apache Oltu.
One of my personal goal is to improve the documentation and the java doc API. 
For the moment you might find something in [0].

Regards

Antonio

[0] https://cwiki.apache.org/confluence/display/OLTU/Documentation


On Mar 21, 2013, at 4:17 AM, Jerry George wrote:

> Hi,
> 
> I do see some examples as part of main revision from the SVN. Would anyone have some extra samples or worked out code for full lifecycle of the request and response (with issuer implementation)?
> 
> 
> Thanks you.